# OPS-6 Quiz: Policy, Privacy, and Licensing

Take this after studying `notes/OPS-6-policy-privacy-licensing.md`.

Reply with answers like:
`1B 2A 3D 4C 5B`

## Questions

1. What does chain of custody document?

A. Evidence handling and transfer history  
B. Screen brightness  
C. Toner density  
D. Wi-Fi channel width  

2. What does order of volatility help decide?

A. Which monitor to replace first  
B. Which evidence to collect first  
C. Which font to use  
D. Which wallpaper to deploy  

3. What is an EULA?

A. Emergency user login account  
B. Ethernet uplink layer adapter  
C. End-user license agreement  
D. External USB logging app  

4. What does an acceptable use policy define?

A. Rules for appropriate use of company systems  
B. Backup cable length  
C. Printer tray order  
D. Screen resolution  

5. Which statement about open-source software is correct?

A. It never has license terms  
B. It may still have license requirements  
C. It cannot be used by businesses  
D. It disables compliance  

6. A technician finds company data on a personal device. What should happen first?

A. Immediately wipe the device  
B. Follow the AUP and report to the appropriate team per incident policy  
C. Ignore it  
D. Post a help-desk ticket with the data attached  

7. Which law type governs how personally identifiable information (PII) must be handled?

A. Criminal law  
B. Privacy regulation (e.g., GDPR, HIPAA, state privacy laws)  
C. Zoning regulation  
D. EULA  

8. Which license type allows unlimited installations across an organization for a flat fee?

A. Per-seat  
B. OEM  
C. Enterprise or site license  
D. Trial  

9. In digital forensics, what does the order of volatility principle mean?

A. Collect the most permanent evidence first  
B. Collect the most volatile evidence (RAM, running processes) before less volatile evidence  
C. Always start with hard drive imaging  
D. Only cloud evidence is valid  

10. A technician is asked to image a suspect drive. What must be used to preserve forensic integrity?

A. A regular copy-paste operation  
B. A write-blocker to prevent modifying the original  
C. Disk Cleanup first  
D. Delete temporary files before imaging  

11. Which describes a regulatory compliance issue for an IT technician?

A. Using the wrong font in a ticket  
B. Storing health data on an unencrypted laptop without authorization  
C. Using two monitors  
D. Setting a dark screen theme  

12. What does the phrase "right to be forgotten" refer to in privacy regulations?

A. Deleting browser favorites  
B. A user's right to request deletion of their personal data  
C. Clearing event logs  
D. Removing device drivers  

13. An employee uses company equipment to run a personal business after hours. Which policy does this violate?

A. SLA  
B. GFS rotation  
C. Acceptable Use Policy (AUP)  
D. 3-2-1 backup rule  

14. What is the purpose of a non-disclosure agreement (NDA) for IT staff?

A. To define software licensing terms  
B. To legally obligate them to keep sensitive company information confidential  
C. To establish ticket escalation paths  
D. To describe the chain of custody  

15. An organization discovers unauthorized software installed on a work PC. What is the first concern?

A. Screen resolution  
B. Licensing compliance and potential malware risk  
C. Font settings  
D. Display refresh rate  

## Answer Key For Instructor

1. A
2. B
3. C
4. A
5. B
6. B
7. B
8. C
9. B
10. B
11. B
12. B
13. C
14. B
15. B