1.2 KiB
1.2 KiB
OPS-6: Policy, Privacy, and Licensing
Status: not started
Domain:
- 4.0 Operational Procedures
Objective alignment:
- 4.6 Policy, privacy, licensing, and incident handling
What You Need To Know
Policies tell technicians what they are allowed to do and what must be protected.
Incident response concepts:
- Chain of custody
- Informing management or law enforcement when required
- Drive copies for integrity and preservation
- Documentation
- Order of volatility
Policy and privacy concepts:
- Valid licenses
- DRM
- EULA
- Perpetual licensing
- Personal vs. corporate licensing
- Open-source licensing
- NDA and MNDA
- Regulated data
- Data retention
- Acceptable use policy
- Compliance
- Splash screens and login banners
Memory Trick
Use C-D-P-L:
- Chain of custody
- Data privacy
- Policies
- Licensing
Shortcut:
- Policy decides what you can touch, copy, disclose, and install.
Exam Clues
- Chain of custody tracks evidence handling.
- Order of volatility means collect the most temporary evidence first.
- EULAs define software use terms.
- Open-source does not mean no license.
- Regulated data may require special handling and retention.