Documentation Best Practices Flashcards

1
Q

Internal operating procedures

A
  • Organizations have different business objectives
  • Processes and procedures
  • Operational procedures
  • Downtime notifications
  • Facilities issues
  • Software upgrades
  • Testing, change control
  • Documentation is the key
  • Everyone can review and understand the policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Knowledge base and articles

A
  • External sources
  • Manufacturer knowledge base
  • Internet communities
  • Internal documentation
  • Institutional knowledge
  • Usually part of help desk software
  • Find the solution quickly
  • Searchable archive
  • Automatic searches with helpdesk ticket keywords
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Network topology diagrams

A
  • Describes the network layout
  • May be a logical diagram
  • Can include physical rack locations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Incident response: Documentation

A
  • Security policy
  • An ongoing challenge
  • Documentation must be available
  • No questions
  • Documentation always changes
  • Constant updating
  • Have a process in place
  • Use the wiki model
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Compliance

A

• Meeting the standards of laws, policies, and
regulations

  • A healthy catalog of rules
  • Across many aspects of business and life
  • Many are industry-specific or situational
  • Penalties
  • Fines
  • Loss of employment
  • Incarceration
  • Scope
  • Domestic and international requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Regulatory

A

• Sarbanes-Oxley Act (SOX)
• The Public Company Accounting Reform and
Investor Protection Act of 2002

• The Health Insurance Portability and
Accountability Act (HIPAA)
• Extensive healthcare standards for storage, use, and
transmission of health care information

• The Gramm-Leach-Bliley Act of 1999 (GLBA)
• Disclosure of privacy information from
financial institutions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Acceptable use policies (AUP)

A
  • What is acceptable use of company assets?
  • Detailed documentation
  • May be documented in the Rules of Behavior

• Covers many topics
• Internet use, telephones, computers,
mobile devices, etc.

• Used by an organization to limit legal liability
• If someone is dismissed, these are
the well-documented reasons why

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Password policy

A

• Passwords should be complex, and
all passwords should expire
• Change every 30 days, 60 days, 90 days

  • Critical systems might change more frequently
  • Every 15 days or every week
  • The recovery process should not be trivial!
  • Some organizations have a very formal process
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Account lockout and disablement

A
  • Too many bad passwords will cause a lockout
  • This should be normal for most users
  • This can cause big issues for service accounts
  • You might want this
  • Disable accounts
  • Part of the normal change process
  • You don’t want to delete accounts
  • At least not initially
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Inventory managemen

A
  • A record of every asset
  • Routers, switches, cables, fiber modules, etc.
  • Financial records, audits, depreciation
  • Make/model, configuration, purchase date, etc.
  • Tag the asset
  • Barcode, RFID, visible tracking number
How well did you know this?
1
Not at all
2
3
4
5
Perfectly