Key Objectives
-
4.1 Incident Response
Follow proper procedures for security incidents, evidence handling, and chain of custody
-
4.2 Change Management
Document changes, plan rollbacks, assess risks, and follow approval processes
-
4.3 Documentation
Create and maintain ticketing systems, knowledge bases, and standard procedures
-
4.4 Professionalism
Demonstrate proper communication, customer service, and workplace ethics
-
4.5 Safety Procedures
Follow electrical safety, ESD prevention, and proper disposal methods
-
4.6 Environmental Concerns
Handle batteries, toner, CRTs, and other materials safely and according to regulations
Chapters in This Domain
Key Operational Processes
Incident Response Process
- Identify the incident
- Report through proper channels
- Preserve evidence (chain of custody)
- Document everything
- Isolate affected systems
- Remediate and recover
- Conduct lessons learned
Change Management Process
- Submit change request
- Document scope and purpose
- Perform risk assessment
- Obtain approval (CAB)
- Create rollback plan
- Test in sandbox
- Implement and verify
Documentation Types to Know
Exam Tips for Domain 4
This domain tests "soft skills" alongside procedures. Know the order of incident response steps (identify, report, preserve evidence BEFORE fixing). Understand change management concepts like CAB (Change Advisory Board) and why rollback plans matter. Communication questions often ask about dealing with difficult customers - answer with professionalism and empathy.
