4) Safety, Environment, & Policy

Question 1

Safety: Equipment Grounding

Answer 1

Most computer products connect to ground.
Also applies to equipment racks.
Don’t remove the ground connection.

Never connect yourself to an electrical ground.
(Not a way to prevent ESD)

Question 2

Safety: Proper Component Handling/Storage

Answer 2

ESD Straps
ESD Mats
Antistatic Bags
Self-grounding

Question 3

Safety: Toxic Waste Handling

Answer 3

Batteries - Dispose @ hazardous waste facility
Toner - Recycle! Manufacturer return box
CRT - Dispose @ hazardous waste facility (lead in glass)
Cell Phones/Tablets - Wipe data; manufacturer recycling program. Do not throw in trash.

Question 4

Personal Safety: Disconnect Power, Remove Jewelry

Answer 4

Disconnect power before operating on any electronic.

Remove jewelry & name badge neck straps
Use breakaway lanyards.

Question 5

Personal Safety: Lifting Techniques, Weight Limitations

Answer 5

Lift with your legs, keep your back straight.
Don’t carry overweight items.
You can get equipment to lift.

Question 6

Personal Safety: Electrical Fire Safety, Cable Management

Answer 6

Use a class C fire extinguisher.
Don’t use water/foam.
Use carbon dioxide, FM-200, or other dry chemicals.
Remove the power source.

Avoid trip hazards. Use cable ties/velcro

Question 7

Personal Safety: Safety Goggles, Air Filter Mask

Answer 7

Goggles:
Useful when working with batteries/chemicals
Good for printer repair & toner

Air Filter Mask:
Dusty computers
Printer toner

Question 8

Safety: Compliance with Government Regulations

Answer 8

Health & safety laws vary widely depending on location.
Keep workplace hazard-free.

Ex: Building Codes (fire prevention, electrical codes)
Environmental Regulation (high-tech waste disposal)

Question 9

Environment: MSDS Documentation

Answer 9

Material Safety Data Sheets (sometimes SDS)
US Dept of Labor, Occupational Safety & Health Admin
www.osha.gov or manufacturer website

Provides info for all hazardous chemicals:
Product/company info
Hazard info
Composition/ingredients
Fire-fighting measures
Accidental release/leaking
Handling/storage
Etc

Question 10

Environment: Temperature, Humidity, Awareness, Proper Ventilation

Answer 10

Temperature - Devices need constant cooling (so do humans)

Humidity - 50% is a good number
High humidity (condensation)
Low humidity (static discharges)

Proper ventilation - computers generate heat\
Don’t put everything in a closet

Question 11

Environment: Power Surges, Brownouts, Blackouts

Answer 11

UPS (Uninterruptible Power Supply)
Backup power
Protects from brownouts/blackouts/surges

Surge Suppressor - Surge absorption in joules
200 (good), 400 (better), 600 (ideal)
Not all power is clean
Self-inflicted power spikes & noise, storms, power grid changes
Spikes are diverted to ground.
Noise filters remove line noise (higher dB, better)

Question 12

Environment: Airborne Particles

Answer 12

Enclosures
Protect computers on a manufacturing floor
Protect from dust/oil/smoke

Air filters/mask
Protest yourself against the same airborne particles
Dust in cases/laser printer toner

Question 13

Environment: Dust & Debris

Answer 13

Use a neutral detergent
No ammonia-based cleaning liquids (avoid isopopyl)

Compressed air

Vacuums
Use a “computer” vacuum (anti-static)

Question 14

Environment: Compliance with Government Regulations

Answer 14

Environment regulations may have specific controls.

Hazardous waste, batteries, computer components, paper

Question 15

Incident Response: First Response

Answer 15

Identify the issue (logs, in person, monitoring data)

Report through proper channels - don’t delay

Collect/protect info relating to an event
Data/device preservation

Question 16

Incident Response: Documentation

Answer 16

Documentation must be available

Gather as much info as possible (notes, pictures, etc)

Documentation always changes (constant updating)
Use a wiki model

Question 17

Incident Response: Chain of Custody (CoC)

Answer 17

Control evidence (maintain integrity)

Everyone who contacts the evidence (avoid tampering)
Use hashes to verify any changes

Label/catalog everything (seal/store/protect)
Digital signatures

Question 18

Licensing/DRM/EULA: Open-Source vs. Commercial License

Answer 18

Closed source/Commercial - source code is private
End user gets compiled executable

FOSS (Free & Open Source)
Source code is freely available
End user can compile their own executable

EULA (End User Licensing Agreement)
Determines how software can be used

DRM (Digital Rights Management)
Used to manage the use of software

Question 19

Licensing/DRM/EULA: Personal vs. Enterprise LIcense

Answer 19

Personal License
Designed for the home user
Usually associated with a single device (single user)
Perpetual (one time) purchase

Enterprise License
Per-seat purchase / Site license
The software may be installed everywhere
Annual renewals

Question 20

Regulated Data (PII, PCI, GDPR, PHI)

Answer 20

PII - Personally Identifiable Information
Handling PII usually documented in Privacy Policy

PCI DSS - Payment Card Industry Data Security Standard
Standard for protecting credit cards

GDPR - General Data Protection Regulation
Created by European Union
Data protection/privacy for individuals in the EU
Name/address/photo/email/bank/social media/medical
Controls export of personal data

PHI - Protected Health Information
Health info associated with an invididual
Health status, records, payments, & more
HIPAA Regulations

Question 21

Follow All Policies & Security Best Practices

Answer 21

Policies
General IT guidelines
Determines how tech should be used
Processes for handling important tech decisions

Security Best Practices
Some security techniques are accepted standards
Covers processes & technologies
What happens if there’s a breach?