For this exam, you should be able to identify and address several concerns as they relate to prohibited content being accessed, along with privacy, licensing, and policies in place.
You should adhere to the following order of operations when responding to any incident occurring on your computer network.
first response: The first step is the proper confirmation that an incident has happened, or is taking place. You should gather as much information as possible on the event, and report it through the proper authorized channels at the organization. These items will be outlined in a sound security policy.
documentation: The next step is to document as much as possible. You can make use of pictures, scratch notes, or event logs to collect and assemble this information.
chain of custody: Lastly, you want to make sure the information you have is preserved, especially in the event that information changes. Maintaining the integrity of the information is the most important step from this point forward. Any unaccounted changes could call into question the reliability of the information, making any work done since the first step useless.
For this exam, you should be very comfortable with the many types of licensing arrangements available today, including digital rights management (DRM) and end user licensing agreements (EULA) that stipulate how the software can be used.
open source vs. commercial license: An open source license means that the software’s source code is freely available to the public. This means the software can be modified and recreated if desired by the end user. A commercial license is usually closed source, meaning the source code is not available to the general public.
personal license vs. enterprise licenses: A personal license is granted only to one end user for recreational purposes. At times, costly commercial software will license its product for non-commercial use to an individual or student, and this is intended for personal use only. Enterprise licenses are intended for business use, typically by larger organizations, and are a form of paid commercial software licensed to the company for a certain number of users.
This is information that can be used as a means to identify employees within an organization, such as social security numbers and addresses. This information should remain very secure, and there should be clearly defined policies stating who can access it.
Most of these policies, including end user policies, were created in order to best protect the network of the organization. Many items that a company may disallow or restrict can pose significant security risks to the computer infrastructure. This makes it very important that all policies are followed, and that all employees from the entry level to the CEO are educated on security best practices.
It is very important in the IT industry to present yourself in the most professional manner possible. Often, customers will trust you with their most important asset, their data, and they will be unlikely to do so if you speak unprofessionally or seem to have a negative appearance or demeanor.
You should always use proper language when speaking with a customer or client. The majority of end users are not very technology-oriented, so you should avoid tech slang and acronyms, breaking down the meaning of all terms used in a constructive manner.
You should display a great attitude when dealing with technical issues that may be complex. Use all cases as learning lessons to acquire more knowledge about technology. Also, be confident when discussing technical issues with end users. Be aware that it is more about being able to find the right answer than having all the answers memorized. Customers know that you don’t know everything, but you should avoid giving the impression that you are unsure of the procedure to find a solution.
When discussing issues with a customer, actively listen and take notes, when appropriate. Customers should never have to repeat themselves because you did not write down key details. Additionally, never interrupt customers while they are giving you information. Let them tell you their story in full and then you can respond with follow-up questions, if needed.
You should always greet users with respect and use their proper professional titles when addressing them. If someone is a director, don’t refer to them as a manager—not in person, in support documentation, or on the phone with one of your colleagues. This is an easy way to offend someone quickly.
Punctuality is extremely important as an IT professional. Often, end users have meetings or their own work to complete and you are seen as the piece that is holding them up. Always arrive on time for pre-scheduled appointments and always contact clients if there will be any delay relating to the service.
While working with clients, be sure to avoid all types of distraction. This includes a text message, phone call, or simply having conversations with other colleagues. You never want to give the impression that the end user does not have 100% of your attention. Their technical problem must appear to be the number 1 priority when you are in their presence, even though that may not be the case.
In the IT world, there will always be an angry customer or perhaps a customer who is very skeptical about IT support, based on past support contacts. As a professional, it is essential that you know how to deal with these difficult situations. Follow these steps as a rule of thumb:
Proper Response: You should never argue with a customer or be defensive. Never downplay customer issues or overlook problems they want to address. Never judge a customer’s response, as they could have other pressure and deadlines that are producing stress. Always put yourself in the customer’s shoes.
Clarification: Ask questions to ascertain the root of the problem. When a customer tells you his or her story, restate what you believe the problem to be to confirm an understanding through verification process.
Privacy: Never use social media as an outlet to vent about a particular customer or experience. Things on the Internet typically stay there forever and this could expose you or your company in a bad light.
When working on a client issue, always be prepared to set initial expectations with the promise of action to follow. Keep them informed of any changes, but make sure all promises are kept in a timely manner.
offer options: If possible, always give the customer multiple options and alternatives. Even if you prefer one way, remember this is the end user’s equipment and they should be given the opportunity to weigh their options.
documentation: Keep up-to-date documentation and provide this to the customer when the service is complete. Customers will feel more at home if they can review what work was performed on their PC, as they will know exactly how their money was spent on the repair.
follow-up: When the device has been returned to the customer after service, follow up at a later time to verify satisfaction. This is one of the most important steps in having repeat customers, as they will feel like you genuinely care about the service.
When working on a customer’s issue, use best practices in handling their data. This is the customer’s private information and directly accessing this data is usually not required to complete a repair. It is your duty to keep that information safe and secure for as long as it’s in your possession.