CompTIA A+ 1102 Privacy, Licensing, and Policies

GDPR

- European union regulation - data protection and privacy for individuals in the EU - gives users control of their personal data - right of erasure

PCI DSS

- a standard for protecting credit card information - six control objectives

Incident Response : Chain of Custody

- control evidence and maintain integrity - documents everybody who comes into contact with the evidence - avoid tampering - use hashes - label and catalog everything - use digital signatures

Software Licenses

- included with most software - per-seat or concurrent - may expire or may be perpetual

Corporate Use Software Licenses

- per-seat/per-site - the software may be installed everywhere - annual renewals

Incident Response : First Response (steps)

1. identify the issue - logs, monitoring data 2. report to proper channels 3. collect and protect evidence

End User License Agreement (acronym)

EULA

Free and Open Source (acronym)

FOSS

General Data Protection Regulation (acronym)

GDPR

Payment Card Industry Data Security Standard (acronym)

PCI DSS

Protected Health Information (acronym)

PHI

EULA

determines how software can be used

Personal Software Licenses

perpetual

PHI

regulated with HIPAA