Operational Procedures Flashcards
Includes the name, contact info, department, and role of the person submitting the ticket—helps identify the impact and priority level.
User Information
Details about the affected system: device type, hostname, asset ID, OS version—helps technicians troubleshoot efficiently.
Device Information
A clear explanation of the issue the user is experiencing, including error messages, symptoms, or when the issue began.
Description of Problems
Used to sort and organize issues based on type, such as hardware, software, network, or user account.
Categories
Indicates how critical the issue is—used to prioritize responses. Often ranked as low, medium, high, or critical.
Severity
Defines when and how to pass the ticket to someone with more expertise or authority based on complexity or urgency.
Escalation Levels
Clearly stated overview of the issue from the user’s perspective—essential for understanding and documenting the problem.
Problem Description (Communication)
Ongoing documentation of steps taken, observations made, or changes implemented while troubleshooting the issue.
Progress Notes
Detailed explanation of how the issue was resolved, including steps taken, fixes applied, and any user education.
Problem Resolution
A centralized collection of known issues, troubleshooting steps, and solutions that technicians can reference to resolve problems faster and more consistently.
Knowledge Base
The process of tracking, organizing, and managing IT resources (hardware, software, and related info) throughout their lifecycle—from procurement to disposal. Ensures accountability, security, and cost-efficiency.
Asset Management
A regularly updated record of hardware, software, and other company-owned technology resources.
Inventory Lists
A structured system used to store, track, and manage IT assets, including fields for location, status, user, and warranty.
Database System
Physical labels or digital IDs attached to assets to help track and manage devices throughout their lifecycle.
Asset Tags and IDs
The full lifecycle of acquiring, deploying, maintaining, and retiring hardware/software assets.
Procurement Life Cycle
Tracking of support coverage and software licensing to ensure compliance and reduce cost of ownership.
Warranty and Licensing
Documentation showing which employees are assigned which devices, aiding accountability and inventory tracking.
Assigned Users
A policy outlining how employees may (and may not) use company-owned devices, internet, and services.
Acceptable Use Policy (AUP)
A visual representation of network layout, including devices, segments, and connections—used for planning and troubleshooting.
Network Topology Diagram
Documents or notices that ensure systems and procedures meet legal or industry-specific regulations (e.g., HIPAA, GDPR).
Regulatory Compliance Requirements
A brief warning or agreement screen shown on login that may serve legal or security purposes.
Splash Screens
Detailed logs of security breaches, accidents, or unexpected events to support analysis and remediation.
Incident Reports
Step-by-step written instructions that standardize how IT tasks and processes should be carried out.
Standard Operating Procedures (SOPs)
A documented procedure for configuring and deploying specific software packages per company standards.
Procedures for Custom Installation of Software Package
A checklist of IT-related tasks to complete when onboarding a new employee, such as account creation and hardware assignment.
New-User Setup Checklist
A checklist for properly offboarding an employee, including account deactivation, asset collection, and data protection.
End-User Termination Checklist
The formal process of planning, approving, and documenting changes to IT systems and services in order to reduce risk and maintain stability.
Change Management
Step-by-step procedures used to guide the change process and ensure consistency and repeatability across IT operations.
Documented Business Processes
A tested plan to revert a system to its previous state if the change causes unexpected problems or failures.
Rollback Plan
Testing changes in a safe, isolated environment before applying them to live production systems.
Sandbox Testing
The individual who is accountable for implementing the change and monitoring its outcome.
Responsible Staff Member
A standardized document used to propose a change and include necessary details for approval.
Change Request Form
A brief description that explains why the change is needed and what it aims to improve or fix.
Purpose of the Change
Outlines how large or complex the change is, including the number of systems, users, or departments involved.
Scope of the Change
The scheduled moment when the change will be made—should minimize user disruption and align with low-usage periods.
Date and Time of the Change
Lists which systems, users, or services will be directly or indirectly affected by the change.
Affected Systems / Impact
The process of evaluating the likelihood and severity of problems that could result from the change.
Risk Analysis
A classification based on how serious the potential risks are (e.g., low, medium, high) to help prioritize change approval.
Risk Level
Approval by a formal committee that evaluates proposed changes for risk, impact, and timing before implementation.
Change Board Approval
Identify a need or issue that justifies a change—could be a problem, upgrade, or efficiency improvement.
Step 1: Identify the Need for Change
Submit a formal request that documents what the change is, why it’s needed, scope, risk, impact, and timeline.
Step 2: Submit a Change Request
Assess the change’s risk level, possible impact on systems/users, and determine any needed approvals or escalations.
Step 3: Risk and Impact Analysis
Review the proposed change for approval, often involving a change advisory board (CAB) or management.
Step 4: Review and Approval
Create a step-by-step plan to implement the change, including who is responsible, timing, and a rollback plan.
Step 5: Change Planning
Test the change in a controlled or sandbox environment to verify it works without affecting live systems.
Step 6: Testing the Change
Apply the change according to the plan during the scheduled time—often during low-impact hours.
Step 7: Implementation
If something goes wrong, execute a predefined process to revert to the previous stable state.
Step 8: Rollback (if needed)
Monitor system performance and confirm that the change achieved its intended goal without causing new issues.
Step 9: Validation and Review
Document the change, outcomes, lessons learned, and update configuration management databases if needed.
Step 10: Documentation and Closure
A backup type that copies all data every time it runs, regardless of changes. It’s the most comprehensive and simplest to restore.
Full Backup
A backup that only saves data changed since the last full backup—efficient for daily backups, but restores can be slower.
Incremental Backup
A backup that saves all data changed since the last full backup, regardless of any other backups in between—restores faster than incremental.
Differential Backup
A backup type created by combining the full backup with all subsequent incrementals into one synthetic full backup—reduces backup load.
Synthetic Backup
The process of restoring backed-up data to verify that the backups work and can be reliably restored in a real scenario.
Backup Testing
How often backups and tests should be performed—depends on how frequently data changes and how critical it is.
Backup Frequency
Refers to whether backups are stored at the primary location or at a secondary physical or cloud location for disaster recovery.
On-Site vs. Off-Site Backup
A traditional backup rotation strategy involving daily (son), weekly (father), and monthly (grandfather) backup cycles.
Grandfather-Father-Son (GFS)
Backup strategy that states you should keep 3 copies of your data, on 2 different media types, with 1 stored off-site.
3-2-1 Backup Rule
Provides safety information for hazardous substances like toner or batteries; explains storage, handling, and disposal procedures.
Material Safety Data Sheet (MSDS)
Batteries, especially lithium-ion, should be recycled through proper channels to avoid fire and environmental harm. Never throw them in regular trash.
Proper Battery Disposal
Toner cartridges should be returned to the manufacturer or taken to a recycling facility—never incinerated or landfilled.
Proper Toner Disposal
Electronics contain hazardous materials and should be disposed of through certified e-waste or recycling programs.
Proper Disposal of Other Devices and Assets
Monitoring these factors ensures IT hardware remains cool and dry—avoiding overheating, corrosion, or condensation damage.
Temperature, Humidity-Level Awareness, and Proper Ventilation
IT equipment should be placed away from direct heat, windows, or vents to prevent environmental wear or malfunction.
Location / Equipment Placement
Dust buildup can block airflow and cause overheating—should be removed regularly as part of hardware maintenance.
Dust Cleanup
Safe ways to remove dust and debris without damaging internal components or spreading harmful particles.
Compressed Air / Vacuums
Unexpected spikes in power can damage sensitive electronics—this device diverts excess voltage away from connected equipment.
Surge Suppressor
Provides emergency power to computers and networking equipment during outages—prevents data loss and hardware damage.
Battery Backup (UPS)
The structured approach to handling and documenting security incidents, including containment, investigation, and recovery.
Incident Response
A documented timeline that accounts for every person who accessed or handled evidence, used to maintain credibility in investigations.
Chain of Custody
When appropriate, higher-level personnel and/or authorities must be alerted to ensure proper handling and legal compliance.
Inform Management / Law Enforcement as Necessary
A full bit-for-bit image of a storage device to preserve digital evidence for analysis without altering the original.
Copy of Drive (Data Integrity and Preservation)
Accurate, time-stamped records of the incident, including what occurred, who was involved, and how it was handled.
Documentation of Incident
Proof that software has been lawfully purchased and used within the terms set by the software vendor.
Valid Licenses
Software licenses must still be active or within their time limits to remain compliant and functional.
Non-Expired Licenses
Licenses that restrict usage to an individual versus those that allow enterprise-wide or multi-user deployment.
Personal Use License vs. Corporate Use License
A license that allows users to modify and redistribute software under specified terms (e.g., GNU GPL, MIT License).
Open-Source License
Financial transactions involving credit card information must be secured per PCI-DSS standards to prevent fraud.
Credit Card Transactions
Government-issued data like Social Security numbers or driver’s license info that requires protection under various laws.
Personal Government-Issued Information
Data that can identify a specific individual, such as name, email, or biometric identifiers—must be protected by law.
PII (Personally Identifiable Information)
Medical data regulated under laws such as HIPAA; includes diagnoses, treatments, and patient histories.
Healthcare Data
Legal or organizational rules that specify how long data must be stored before being deleted or archived.
Data Retention Requirements
Wear clothing that fits the environment—whether formal, business casual, or field-appropriate—to build trust and show professionalism.
Professional Appearance and Attire
In formal settings, wear a suit or similarly appropriate outfit that reflects high-level professionalism.
Formal Attire
Dress neatly but less formally, typically a collared shirt or blouse and slacks; often expected in office environments.
Business Casual Attire
Use respectful and professional language, avoiding acronyms, tech jargon, or slang unless the customer clearly understands them.
Use Proper Language (Avoid Jargon, Acronyms, and Slang)
Stay upbeat and assured to reassure customers and create a more productive support experience.
Maintain a Positive Attitude / Project Confidence
Focus fully on the customer, take notes if needed, and wait until they finish speaking before responding.
Actively Listen, Take Notes, Avoid Interrupting
Respect cultural differences and use formal titles when appropriate to show respect across diverse environments.
Be Culturally Sensitive / Use Professional Titles
Show up on time for appointments or support calls. If you’re delayed, contact the customer as soon as possible.
Be on Time / Contact if Late
Refrain from personal calls, texts, or browsing social media during work to maintain focus and professionalism.
Avoid Distractions (Calls, Texting, Social Media)
Remain calm and respectful even if the customer becomes upset or confrontational.
Do Not Argue or Be Defensive
Take all concerns seriously; never brush off or belittle the customer’s problems.
Avoid Dismissing Customer Problems
Stay neutral and helpful—don’t make assumptions or personal judgments about the customer’s situation.
Avoid Being Judgmental
Ask open-ended questions, restate what the customer said, and confirm your understanding of the issue.
Clarify Statements / Ask Questions / Verify Understanding
Keep your experiences and customer interactions private—never post about them on social media.
Do Not Disclose Customer Info on Social Media
Let the customer know what to expect, offer solutions when appropriate, and check back to confirm satisfaction.
Set & Meet Expectations / Communicate Status / Follow-Up
Offer choices when applicable and help the customer decide whether repair or replacement is the better option.
Offer Repair/Replacement Options
Give a detailed summary of what was done, including time, services, or parts used.
Provide Proper Documentation
Be respectful and cautious with sensitive materials you might come across—such as documents, photos, or files.
Handle Confidential / Private Customer Materials Appropriately
You arrive at a client’s office where everyone is wearing business casual attire. You’re wearing a hoodie and jeans. What should you have done differently?
A) Worn a branded company t-shirt
B) Matched your attire to the environment
C) Worn whatever is most comfortable
D) Avoided the visit and offered remote help
Answer: B – Matched your attire to the environment
Professional appearance means dressing appropriately for the client’s setting. Business casual would have been more suitable.
While explaining a fix to a non-technical customer, you say: “The NIC was failing to negotiate at 1 Gbps, likely due to a bad SFP.” The customer looks confused. What’s the best response?
A) Keep explaining using the same terms
B) Avoid further explanation to save time
C) Ask if they’d like a simpler explanation
D) Tell them to Google it
Answer: C – Ask if they’d like a simpler explanation
Always avoid jargon when speaking with non-technical users. Offering clarity shows professionalism and customer care.
A customer begins raising their voice and accusing you of making their problem worse. What should you do?
A) Match their tone to take control
B) Defend yourself and point out they’re wrong
C) Calmly listen and avoid interrupting
D) Leave and report them to management
Answer: C – Calmly listen and avoid interrupting
In tense situations, remain calm, listen actively, and don’t escalate. Professionalism includes managing difficult conversations gracefully.
You’re working on a client’s PC and find personal financial documents open on the desktop. What’s the correct action?
A) Skim through them to assess risk
B) Close them and continue working
C) Screenshot them to document a potential issue
D) Open them later to verify contents
Answer: B – Close them and continue working
Respect customer privacy. Never open or review confidential material unless requested to do so.
A customer reports a printer issue. You’re unsure of the cause. What’s the most professional next step?
A) Tell them you don’t know and leave
B) Blame the printer model
C) Ask questions to narrow the scope of the problem
D) Guess and apply the first fix that comes to mind
Answer: C – Ask questions to narrow the scope of the problem
Use open-ended questions to clarify issues and avoid assumptions. It shows problem-solving and communication skill.
You’re 15 minutes late to an appointment due to traffic. What should you have done?
A) Texted the customer while driving
B) Waited until you arrived to apologize
C) Called ahead to inform them you’d be late
D) Canceled the appointment without explanation
Answer: C – Called ahead to inform them you’d be late
Timeliness is key to professionalism. If a delay is unavoidable, notify the customer as soon as possible.
During a repair, your phone rings. It’s a personal call. What’s the best action?
A) Take the call quickly—it’s fine
B) Step outside and finish the call
C) Ignore it and focus on the repair
D) Ask the customer for a break
Answer: C – Ignore it and focus on the repair
Personal distractions should be avoided during customer interactions. Focus entirely on the job.
A customer asks if they should repair or replace a failing laptop. What’s the best way to handle this?
A) Say, “It’s your call.”
B) Offer pros and cons of both options
C) Tell them to always replace
D) Refer them to the internet
Answer: B – Offer pros and cons of both options
Professionalism includes helping the customer make informed decisions by explaining repair/replacement options.
A batch script file used primarily in Windows to run a sequence of commands in Command Prompt (CMD).
.bat
A PowerShell script used in Windows environments for task automation and configuration management.
.ps1
A Visual Basic Script file used to automate tasks in Windows; often embedded in Office macros or logon scripts.
.vbs
A shell script file used in Linux/macOS to execute command-line tasks and automate system operations.
.sh
A JavaScript file, typically used in web development to control dynamic content and interactivity on websites.
.js
A Python script used for a wide variety of automation, data processing, and development tasks.
.py
Scripts can be used to perform repetitive tasks automatically, reducing manual effort and error.
Basic automation
Scripts can be used to schedule or trigger computer restarts across multiple systems.
Restarting machines
A script can automatically assign or reconnect mapped drives for users at login or on-demand.
Remapping network drives
Scripts can streamline the deployment of software across multiple systems simultaneously.
Installation of applications
Scripts can be scheduled to back up files or directories at regular intervals without user intervention.
Automated backups
Used to collect system logs, hardware specs, or usage statistics from local or remote machines.
Gathering of information/data
Scripts can trigger or schedule operating system or software updates on local or networked systems.
Initiating updates
Unintentionally introducing malware
Can allow harmful software to run if not properly checked
Inadvertently changing system settings
May change important settings unintentionally
Browser or system crashes due to mishandling of resources
May consume too much memory or CPU and cause crashes
Microsoft protocol allowing full graphical remote control of a Windows computer over a network connection.
RDP (Remote Desktop Protocol)
Creates a secure, encrypted tunnel for private access to a remote network as if the user were local.
VPN (Virtual Private Network)
Cross-platform tool that allows remote desktop access by sending screen updates and mouse/keyboard inputs over the network.
VNC (Virtual Network Computing)
Secure, command-line-based remote access used primarily in Linux/UNIX environments; supports file transfers and tunneling.
SSH (Secure Shell)
IT management software used by MSPs to monitor, manage, and update remote systems proactively.
RMM (Remote Monitoring and Management)
Allows a trusted person to view or control a Windows user’s desktop for troubleshooting with the user’s permission.
Microsoft Remote Assistance (MSRA)
Enables others to view or control your screen in real time (e.g., Zoom share, TeamViewer, Chrome Remote Desktop).
Screen-sharing software
Provides audio/video communication and sometimes includes remote desktop or screen-sharing features (e.g., Zoom, Teams).
Video-conferencing software
Allows secure or direct transfer of files between local and remote systems (e.g., SFTP, FileZilla, WeTransfer).
File transfer software
Centralized tools for IT admins to install updates, manage software, and enforce policies remotely (e.g., Intune, JAMF).
Desktop management software
Vulnerable to brute-force and man-in-the-middle attacks if not secured with VPN, strong passwords, or network restrictions.
RDP Security Concern
If compromised, attackers could gain full access to the internal network; requires strong authentication and monitoring.
VPN Security Concern
Often lacks encryption by default; should be tunneled through SSH or VPN and protected with strong passwords.
VNC Security Concern
Secure if properly configured, but susceptible to brute-force attacks if using weak credentials or default ports.
SSH Security Concern
Can be a high-value target for attackers—requires hardened access, 2FA, and close monitoring.
RMM Security Concern
Only works with user permission, but could be exploited if social engineering tricks users into accepting remote control.
Remote Assistance Security Concern
What is the proper way to dispose of a lithium battery? (Set 125)
A) Trash can
B) Recycle facility
C) Shredder
D) Burn it
Answer: B) Recycle facility
Why is documentation important when making changes to systems? (Set 790)
A) For legal reasons
B) To confuse users
C) To keep printers busy
D) To entertain staff
Answer: A) For legal reasons
What is the proper way to dispose of a lithium battery? (Set 546)
A) Trash can
B) Recycle facility
C) Shredder
D) Burn it
Answer: B) Recycle facility
Put the correct documentation steps in order:
1) Identify issue
2) Record actions taken
3) Record resolution
4) Close ticket
- Identify issue
- Record actions taken
- Record resolution
- Close ticket
Put the steps for setting up a new user in order:
1) Create user account
2) Assign permissions
3) Provide documentation
4) Verify access
- Create user account
- Assign permissions
- Provide documentation
- Verify access
Put the data disposal process in correct order:
1) Backup if needed
2) Wipe drive
3) Verify wipe
4) Recycle hardware
- Backup if needed
- Wipe drive
- Verify wipe
- Recycle hardware
Arrange the steps of change management:
1) Submit change request
2) Evaluate risk
3) Approve change
4) Implement change
- Submit change request
- Evaluate risk
- Approve change
- Implement change
Put the incident response steps in order:
1) Identify incident
2) Contain impact
3) Document
4) Notify stakeholders
- Identify incident
- Contain impact
- Notify stakeholders
- Document