The OSI (Open Systems Interconnection) model is a conceptual framework that

standardizes the functions of a communication system into seven layers. Here are the
OSI model layers in short:
1. Physical Layer: The physical layer deals with the physical transmission of data
over the network. It defines the electrical, mechanical, and physical
specifications for network connectivity, including cables, connectors, and
signaling.
2. Data Link Layer: The data link layer provides reliable point-to-point or point-
to-multipoint data transmission within a network. It handles error detection and
correction and establishes and terminates connections between network
devices.
3. Network Layer: The network layer manages the addressing and routing of
data packets across different networks. It determines the optimal path for data
transmission, ensuring that packets reach their intended destinations.
4. Transport Layer: The transport layer ensures reliable communication between
end systems. It breaks data into smaller segments, manages data flow control,
and provides error recovery mechanisms.
5. Session Layer: The session layer establishes, manages, and terminates
communication sessions between applications. It enables synchronization and
checkpointing of data exchanges.
6. Presentation Layer: The presentation layer handles the syntax and semantics
of data exchanged between applications. It ensures that data is presented in a
format that can be understood by the receiving application.
7. Application Layer: The application layer provides a user interface and services
for end-user applications. It includes protocols for various applications, such as
email (SMTP), file transfer (FTP), and web browsing (HTTP).
- What is IP addressing (IPV4 and IPV6)?
Answer: IP addressing is used to uniquely identify devices on a network. IPv4 is the
most widely used IP addressing scheme and consists of a 32-bit address and there's
IPv6 which uses a 128-bit address expressed in hexadecimal form.
IPv4 addresses are divided into classes (A, B, C, D, E). Public addresses are globally
unique and routable, while private addresses are reserved for internal networks.
Subnetting allows for dividing networks into smaller subnetworks. IPv4 addresses are
limited, which led to the introduction of IPv6.
1. Class A: 10.0.0.0 to 10.255.255.255. Class A addresses have the first bit set to
0. The network portion occupies the first octet (8 bits), while the remaining
three octets (24 bits) are reserved for the host portion.
2. Class B: 172.16.0.0 to 172.31.255.255. Class B addresses have the first two
bits set to 10. The network portion occupies the first two octets (16 bits), while
the remaining two octets (16 bits) are reserved for the host portion.
3. Class C: 192.168.0.0 to 192.168.255.255. Class C addresses have the first
three bits set to 110. The network portion occupies the first three octets (24
bits), while the last octet (8 bits) is reserved for the host portion.
 4. Class D: Class D addresses have the first four bits set to 1110. These addresses
are reserved for multicast groups and are not used for host addressing.
5. Class E: Class E addresses have the first four bits set to 1111. These addresses
are reserved for experimental purposes and are not used for host addressing.
Subnetting: IPv4 addressing allows for subnetting, which involves dividing a network
into smaller subnetworks. Subnetting enables efficient utilization of IP addresses and
allows for better network management and organization. Subnet masks are used to
determine the network and host portions of an IP address and define the boundaries
of subnets.
- What is a subnet mask?
Answer: A subnet mask is used in conjunction with an IP address to determine the
network and host portions of an IP address. It helps identify devices within the same
network and differentiates them from devices on other networks.
- What is ARP?
Stands for Address Resolution Protocol. It is a networking protocol used to map an IP
address to a physical (MAC) address on a local network. When a device wants to send
data to another device on the same network, it needs to know the MAC address of the
destination device. ARP helps in this process by sending out an ARP request, which
asks "Who has this IP address?" The device with the corresponding IP address
responds with its MAC address, allowing the requesting device to create an ARP table
entry, associating the IP address with the MAC address.
- Here are some commonly used networking commands:

» Ping: Tests connectivity between two network devices by sending ICMP echo
requests and receiving ICMP echo replies.
» Traceroute (or tracert): Traces the route packets take from your device to a
destination by showing the IP addresses of each intermediate hop.
» Ipconfig (Windows) / ifconfig (Linux): Displays network configuration
information, including IP address, subnet mask, and default gateway.
» nslookup: Performs DNS (Domain Name System) lookups to retrieve
information about domain names, such as IP addresses and domain ownership.
» netstat: Displays active network connections, listening ports, and routing
tables.
» route (Windows) / ip route (Linux): Shows and manages the IP routing table.
» arp: Displays and manages the ARP (Address Resolution Protocol) cache, which
maps IP addresses to MAC addresses.
» Nmap: Network mapping tool that scans and discovers hosts, services, and
open ports on a network.
» Dig: DNS lookup utility for querying DNS servers to retrieve DNS records and
information.
» Telnet: Establishes a command-line connection to a remote device or server
using the Telnet protocol.
 » SSH: Secure Shell protocol for secure remote access and management of
devices over the network.
» ifup (Linux) / ipconfig /renew (Windows): Renews the IP address lease from a
DHCP (Dynamic Host Configuration Protocol) server.
» netsh: Command-line tool for configuring and managing network settings on
Windows.
» mtr: Combines the functionality of ping and traceroute to provide continuous
network monitoring with detailed statistics.

- What is Crosstalk?
is the interference or coupling of unwanted signals between adjacent wires or
conductors, resulting in signal degradation and potential errors. It occurs when
multiple communication channels or circuits are in close proximity.
- Collision domain?
A network segment where only one device can communicate at a time. Otherwise, it
can cause interference. Systems have to wait before sending data again.
- Hyper-Text Transfer Protocol (HTTP)?
Commonly referred to as the protocol of the internet that allows communication
between a server and browser.
- Transmission Control Protocol (TCP)?
A reliable, connection-oriented protocol that helps in the sequential transmission of
data packets to ensure data reaches the destination on time without duplication.
- User Datagram Protocol (UDP)?
Unlike TCP, UDP is a connectionless protocol that doesn’t ensure a connection
between the application and server before transmitting a message. It’s effective for
use cases such as broadcasts or multicast connections.
- File Transfer Protocol (FTP)?
Allows file sharing between servers by establishing two TCP connections, one for data
transfer and the other for control. The data transfer connection transfers the actual
files while the control connection transfers control information such as passwords to
ensure data retrieval in case of data loss.
- Secure Socket Layer (SSL) and (TLS)?
Primarily helps secure internet connections and safeguard sensitive data using
encryption. SSL protocol enables both server-client communication and server-server
communication.
TLS (Transport Layer Security) is a cryptographic protocol that secures data
transmission over networks by providing encryption, data integrity, and
authentication.
- Simple Network Management Protocol (SNMP)?
A networking protocol used for the management and monitoring of network-
connected devices in Internet Protocol networks.
- Internet Control Message Protocol (ICMP)?
Helps diagnose network connectivity issues. Network devices employ ICMP for
sending error messages, highlighting congestion and timeouts, and transmitting other
operational information to assist in network troubleshooting.
- What is a MAC address?
Answer: A MAC address (Media Access Control address) is a unique identifier assigned
to a network interface card (NIC). It is a 48-bit hexadecimal number used for
identifying devices on a network.
- What is DNS?
Answer: DNS (Domain Name System) translates domain names into IP addresses,
allowing users to access websites using human-readable addresses.
- What is DHCP?
Answer: DHCP (Dynamic Host Configuration Protocol) automatically assigns IP
addresses to devices on a network.
- APIPA Automatic Private IP Addressing?
APIPA is a feature in computer networking that allows devices to automatically assign
themselves an IP address in the absence of a DHCP server.
- Alternate IP Address?
The Alternate Configuration tab provides an option for setting up a Static IP
Address. This is used when a DHCP server is not available. The Static IP Address
needs to be a Private or Internal IP Address.
- What is the difference between a router and a switch?
Answer: A router connects multiple networks and operates at the network layer (Layer
3), while a switch connects devices within a network and operates at the data link
layer (Layer 2).
- Managed and Unmanaged Switch?
Unmanaged switches are simple, plug-and-play devices best suited for basic network
connectivity without advanced configuration, making them cost-effective options for
small networks. In contrast, managed switches offer advanced control and features
such as VLAN support, Quality of Service (QoS), remote management, and security
capabilities, making them ideal for larger and more complex networks where precise
control, monitoring, and security are essential.
- What is a LAN?
A LAN refers to a network that covers a small geographic area, such as a home, office,
or school.
- What is a WAN?
A WAN, on the other hand, covers a larger geographical area, often spanning multiple
locations or cities. It connects LANs together over long distances.
- What is a VLAN?
Answer: A VLAN (Virtual Local Area Network) is a logical network created within a
physical network infrastructure. It allows for the segmentation and isolation of
network traffic based on factors such as department, function, or security
requirements.
- ADSL (Asymmetric Digital Subscriber Line) and SDSL?
ADSL provides faster download speeds compared to upload speeds, while SDSL
(Symmetric Digital Subscriber Line) offers equal upload and download speeds.
- FTTX (Fiber to the X)?
FTTX is a general term that encompasses various fiber optic network architectures,
including FTTH (Fiber to the Home), FTTB (Fiber to the Building), FTTC (Fiber to the
Curb), and FTTP (Fiber to the Premises), each indicating different points of fiber optic
connectivity deployment in relation to end-user locations. With FTTH or FTTP being the
most expensive.
- Single-mode and multimode fiber?
Single-mode fiber designed to carry a single ray of light over long distances with high
speed and low attenuation, while multimode fiber is capable of carrying multiple rays
of light simultaneously over shorter distances but can experience more signal
degradation.
- What is NAT?
Answer: NAT (Network Address Translation) is a technique used to translate private IP
addresses to public IP addresses and vice versa. It enables devices on a private
network to communicate with devices on the internet.
- Destination Network Address Translation (DNAT)?
DNAT is commonly used to redirect incoming network traffic from one IP address to
another IP address within a private network.
- Port forwarding?
Port forwarding is a network configuration method that redirects incoming
connections from a specific external port to a corresponding internal port, allowing
remote access to services hosted within a private network.
- What is a proxy server?
Answer: A proxy server acts as an intermediary between clients and servers,
forwarding requests and responses. It can enhance security, improve performance,
and provide caching and content filtering capabilities.
- What is VPN?
Answer: VPN (Virtual Private Network) is a secure connection that allows users to
access a private network over a public network, such as the internet.
- What is a firewall?
Answer: A firewall is a security device or software that monitors and controls incoming
and outgoing network traffic to protect against unauthorized access and threats.
- What is a patch?
Answer: A patch is a piece of software that updates or fixes issues in an existing
program to improve its functionality or security.
- What is RAID?
Answer: RAID (Redundant Array of Independent Disks) is a data storage technology
that combines multiple physical disks into a single logical unit for improved
performance, reliability, or both.
1. RAID 0: Striping - Data is split across multiple drives.
2. RAID 1: Mirroring - Data is duplicated on multiple drives.
3. RAID 5: Block-level Striping with Parity - Data and parity information are
distributed across multiple drives.
4. RAID 6: Block-level Striping with Double Parity - Similar to RAID 5.
5. RAID 10: Mirrored Striping - Data is both striped across multiple drives.
- What is a virtual machine?
Answer: A virtual machine (VM) is a software emulation of a physical computer
system. It allows multiple operating systems to run simultaneously on a single
physical machine, providing isolation and flexibility.
- What is a BIOS?
Answer: BIOS (Basic Input/Output System) is firmware embedded in a computer's
motherboard. It provides the initial instructions for the hardware components to start
up and load the operating system.
- CPU sockets?
ZIF (Zero Insertion Force) socket > PGA (Pin Grid Array) and LGA (Land Grid Array).
 - UEFI (Unified Extensible Firmware Interface)?
UEFI is a modern firmware interface that replaces BIOS, providing advanced features,
improved security (Secureboot), and greater flexibility in system configuration and
booting (GPT disks and larger than 2.2TB).
- What is PowerShell?
Answer: PowerShell is a command-line shell and scripting language developed by
Microsoft. It is used for automation, configuration management, and task automation
in Windows Server environments.
- What is a ticketing system?
Answer: A ticketing system is a software application used by IT support teams to
track, manage, and resolve customer or user issues. It allows for efficient handling of
support requests and facilitates communication between support staff and users.
- What is IRC?
Internet Relay Chat is a protocol used for chat messages.

- Email Protocols?

1. SMTP (Simple Mail Transfer Protocol): Used for sending email messages from a
client to a mail server.
2. IMAP (Internet Message Access Protocol): Retrieves email messages from a
mail server to a client device while keeping the messages synchronized with the
server, allowing for management of emails on multiple devices.
3. MIME (Multipurpose Internet Mail Extensions): An extension of SMTP that
enables the inclusion of non-text attachments, such as images, audio, and
video, in email messages.
4. POP3 (Post Office Protocol version 3): provides access to an inbox stored in an
email server. It executes the download and deletes operations for messages.
5. Exchange ActiveSync: A protocol used for synchronizing email, contacts,
calendars, and other data between an email server and a mobile device.
- What is Windows Server?
Answer: Windows Server is a server operating system developed by Microsoft. It is
designed to provide a reliable and secure platform for running server applications and
services in a networked environment.
- What is Active Directory?
Answer: Active Directory is a directory service provided by Windows Server. It stores
information about network resources such as users, computers, groups, and
permissions. It enables centralized management and authentication within a Windows
domain network.
 - What is a domain controller?
Answer: A domain controller is a server that hosts Active Directory and authenticates
users, computers, and other network resources in a Windows domain. It provides
services such as user authentication, group policy management, and directory
services.
- Organizational Units?
Provide a way of dividing a domain up to different administrative realms. You might
create responsibility for administrating different company departments or locations
- RSOP Resultant Set of Policy?
RSOP is a feature in Microsoft Windows that allows administrators to determine the
effective Group Policy settings applied to a user or computer within an Active
Directory domain.
- What is Group Policy?
Answer: Group Policy is a feature of Windows Server that allows administrators to
manage and configure settings for multiple computers and users in a centralized
manner. It provides control over various aspects of the operating system, applications,
and security settings.
- Home Folder and Folder Redirection?
Home folders are personal storage spaces for users on a network file server, while
folder redirection redirects specific user folders to a network location for centralized
management and easy access.
- What is Remote Desktop Services (RDS)?
Answer: Remote Desktop Services is a component of Windows Server that enables
users to access applications and desktops on a remote server. It allows for remote
access and virtualization of desktop environments, providing a centralized and
scalable solution.
- NLA, RDPRA and RCG?
 Network Level Authentication (NLA) is a security feature in the Remote
Desktop Services (RDS) protocol used by Microsoft Windows operating systems.
It enhances the security of remote desktop connections by requiring user
authentication before establishing a remote session.
 RDP Restricted Admin is a feature that limits the administrative privileges of
a user during a remote desktop session, reducing the risk of credential theft or
misuse.
 Remote Credential Guard is an additional security measure that protects
against credential theft attacks by securely storing user credentials on the local
device during remote desktop sessions.
- What is Windows Server Update Services (WSUS)?
Answer: WSUS is a Microsoft tool that allows administrators to manage the
distribution of updates released through Microsoft Update to computers in a network.
It provides a centralized location for downloading, approving, and deploying updates
to Windows-based systems.
- Slipstreaming?
A method in which you integrate software updates with the original installation media
ISO.
- Answer File (XML)?
Text file that contains all of the instructions that the windows setup will need to install
and configure the OS.
- Windows System Image Manager (WSIM)?
Packaged with the windows Assessment and Deployment Kit ADK it is used to
configure answer files.
- Deployment Image Servicing and Management (DISM)?
DISM tool is used to duplicate/read the disk contents of a drive and writes the output
to a .WIM format file (Windows Image File). However, this method repeats the Security
ID or SID.
Microsoft System Preparation Tool (SysPrep) utility should be run before
imaging the disk to side-step the problem of SID.
- Windows Deployment Services WDS?
Is a windows server component used to implement network installs more effectively
for .WIM images and answer files. [clients must have PXE].
- What is Hyper-V?
Answer: Hyper-V is a virtualization technology provided by Windows Server. It allows
the creation and management of virtual machines, enabling multiple operating
systems to run on a single physical server.

- Type 1 and 2 Hypervisor?

Bare metal hypervisor (type 1), installed directly onto the computer and manages
access to the host hardware without going through a host OS (VMware ESX Server, MS
Hyper-V…).
Host-Based hypervisor (type 2), in a guest OS (Oracle VirtualBox…)
- What are the different editions of Windows Server?
Answer: Windows Server comes in various editions, including Windows Server
Standard, Datacenter, Essentials, and Hyper-V Server. Each edition has different
features and licensing options.
- Cloud computing?
Cloud computing refers to the delivery of computing services, such as storage,
processing power, and software applications, over the internet on a pay-as-you-go
basis, allowing users to access and utilize these resources remotely without the need
for on-premises infrastructure. It provides scalability, flexibility, and cost-efficiency by
leveraging shared resources and virtualization technologies,
1. Infrastructure as a Service (IaaS): Virtualized computing resources,
including servers, storage, and networking, provided over the internet.
2. Platform as a Service (PaaS): Development platform and tools for building,
testing, and deploying applications without worrying about infrastructure
management.
3. Software as a Service (SaaS): Software applications accessible over the
internet on a subscription basis, eliminating the need for local installation and
maintenance.

- PXE (Preboot Execution Environment)?

PXE is a network protocol that allows a computer to boot and load an operating
system from a network server instead of a local storage device.
- NFS Network File System?
NFS a protocol that enables files to be shared over a network
- SSH?
Secure Shell is a secure network protocol that uses encryption to allow access to a
network service over an unsecured network.
- IPsec (Internet Protocol Security)?
IPsec is a [VPN] network protocol suite that provides secure communication by
authenticating and encrypting IP packets.
- L2TP (Layer 2 Tunneling Protocol)?
L2TP is a network protocol that facilitates the creation of virtual private networks
(VPNs) by encapsulating data packets and establishing secure tunnels over an
existing IP network.

- PGP (Pretty Good Privacy)?

PGP is a cryptographic software that provides email encryption and digital signature
capabilities to ensure the privacy and authenticity of electronic communications.
 - TPM (Trusted Platform Module)?
TPM is a hardware-based security component that provides a secure environment for
storing cryptographic keys, performing secure computations, and protecting sensitive
data on a computer or other device.
- FDE (Full Disk Encryption)?
FDE is a security measure that encrypts the entire contents of a storage device. Its
encryption options include; PGP, BitLocker, Filevault, dm-crypt.
- LDAP (Lightweight Directory Access Protocol)
LDAP is a network protocol used for accessing and managing directory services,
providing a standardized way to interact with directory servers and perform
operations such as authentication and data retrieval.
- RADIUS (Remote Authentication Dial-In User Service)?
RADIUS is a networking protocol that enables centralized authentication,
authorization, and accounting for remote access services, typically used in scenarios
such as dial-up and virtual private network (VPN) connections.
- TACACS+ (Terminal Access Controller Access Control System Plus)?
TACACS+ (Terminal Access Controller Access Control System Plus) is a network
protocol that provides centralized authentication, authorization, and accounting
services with enhanced security and extensive command-level control.
TACACS+ separates authentication, authorization, and accounting functions, provides
stronger encryption, and offers more extensive command-level control, while RADIUS
combines authentication and authorization, has broader device support, and is
simpler to implement.
- SSO (Single Sign-On)?
SSO is a mechanism that allows users to authenticate once and gain access to
multiple applications and systems.
- ACL (Access Control List)?
ACL is a set of rules or permissions that defines what actions or operations are
allowed or denied for a specific user, group, or entity in a system or network, helping
to control access to resources and ensure security.
- IPS and IDS (Intrusion Prevention System/Intrusion Detection System)?
IPS and IDS are security technologies used to monitor and protect computer
networks from unauthorized access, malicious activities, and potential threats. IDS
detects and alerts on potential intrusions or suspicious activities, while IPS goes a
step further by actively blocking or preventing those intrusions in real-time.
- UTM (Unified Threat Management)?
Enforces a variety of security-related measures. Combining the work of a firewall,
malware scanner, and IPS/IDS. It centralizes the threat management service,
providing simpler configuration and reporting. UTM products: (Sophos, Cisco
Meraki…).
- SMB (Server Message Block)?
SMB is a network protocol used by Microsoft Windows for file sharing, printer sharing,
and interprocess communication between devices in a network, also called CIFS.
- Endpoint management server?
An endpoint management server is a centralized system that enables the
administration, monitoring, and control of network-connected devices within an
organization.
- App/Sys Crashes?
BSOD:
 System Restore/Safe Mode, Rollback Drivers.
 Remove hardware/software
 Seating of Hardware
 Run chkdsk, and scan malware
 Search stop error code
SFC: Verify system files and restore them if corrupted
» Sfc /scannow
» Sfc /scanonce
» Sfc /scanboot
No OS found or missing: use diskpart to ensure sys partition is active
» Bootrec /fixmbr
» Bootrec /fixboot
» Bootrec /rebuildbcd
GUI fails/Black screen: Malware or corruption of drivers, sys files
 Replace graphics adapter driver or Repair/recover from backup.
 Win+Ctrl+Shift+B to test responsiveness.
Slow Boot/Profile:
If Sys logon slow issue could be caused by loading drivers and services.
If desktop slow to load, the issue could be corrupt user profile (NTUSER.dat)
 Create new account, but exclude NTUSER.dat, NTUSER.dat.log, NTUSER.ini
- Data Protection Policies?
Information Content Management (ICM):
I. Unclassified: no restrictions
II. Classified: internal/official use only [owner + 3rd party NDA]
III. Confidential: highly sensitive [owner + 3rd party NDA]
IV. Secret: too valuable/restricted
V. Top Secret: the highest level.
 Personally Identifiable Information (PII): Data used to identify, contact,
locate an individual (SSN)
 Protected Health Information (PHI): Medical and insurance records
hospital/lab test results.
 Payment Card Industry Data Security Standard (PCIDSS)
 Data Loss Prevention (DLP): is a set of tools, policies, and practices used in
information security to prevent the unauthorized access, sharing, or leakage of
sensitive or confidential data within an organization. DLP solutions typically
include a combination of software (Policy server, Endpoint Agents, and Network
Agents) and hardware components that monitor, detect, and take action to
prevent data breaches.
- Different types of Licenses?
 OEM: Pre-installed, non-transferable
 Retail: subdivided into Full/Upgrade versions only one PC
 Volume: Enterprise – simplify license admin
 Server: Client Access Licenses (CAL) are required.
Dealing with Malware?
 Worms: Self-replicating computer programs that spread across networks or
systems without user intervention.
 Trojan: Malicious software disguised as legitimate programs to gain
unauthorized access or control over a computer.
 Spyware/Keylogger: Software that secretly monitors and records a user's
activities, often including keystrokes, without their knowledge or consent.
 Rootkit: A type of malware designed to conceal its presence and provide
unauthorized, deep-level access to a computer or system.
 Ransomware: Malicious software that encrypts a victim's files or system,
demanding a ransom for the decryption key to restore access.
Best practices for malware removal:
1. Identify and research malware symptoms.
2. Quarantine infected systems.
3. Disable System Restore and auto-backup such as (File History).
4. Remediate infected systems
 Update AV/AMs
 Scan and use removal techniques (Safe Mode, Pre-installed environment).
5. Schedule scans and run updates
6. Enable System Restore and create restore point.
7. Educate end user.
 Backup and Recovery Plan?
Backup levels:
 File level – backup user-generated files stored in local profile folders or network
shares
 Image level – backup a whole OS with everything.
 Critical apps – network apps often depend on some sort of database for
storage.

Backup types:
 Full– All selected data (files and directories). [archive attribute: cleared]
 Only one tape set is required to restore the system.
 Incremental– New files and files modified since last backup [Archive attribute:
cleared]
 Takes less time to backup, but several tape sets may need to be restored.
 Differential– All data modified since the last Full backup. [Archive attribute: not
cleared]
 The balance of time for both restoring and backing up.
*Don’t combine differential and incremental backups.

- Printer Troubleshooting?
Common Issues:
- Printer logs – check for failed jobs in the print server’s log. Use Event Viewer
- Is the printer ON/online and loader with paper
- Is the connection good, connectors secure and network/WIFI config correct.
- Check overheating, check space around printer for air.
- No image on the printer > verify Power-saving sleep cycle > power down and
unplug power for 1 min > if doesn’t work > hardware fault.
- Check print queue (low memory errors >> cycle power and clear queue)
- If can’t delete a job >> stop and restart print spooler service.
- Print slow/garbage > RAW to EMF > low memory > clear queue or cycle power
> update driver
- Empty or low ink/toner levels, incompatible cartridges, or faulty cartridges.
- Paper Jams caused by wrinkled or torn paper, overloading the paper tray, or
incorrect paper alignment.
 - ITIL Change Management?

Change Management: means putting policies in place to reduce the risk that
changes to these components could cause service disruption.
ITIL Config Management Model:
 Service assets
 Config Item (CI) – stored in a Config Management Database (CMDB)
 Baseline “the way it was”
 Config Management System (CMS)
Change Control: a formal process for managing change - avoid downtime, confusion,
mistakes.
Nothing changes without the process:
 determine the scope of the change
 Analyze the risk associated with it
 Create a plan
 Get end-user approval
 Present the proposal to the change control board
 Have a backout plan
 Document the changes
SOPs and Work Instructions: Formal config management models often distinguish
between two types of procedural documentation.
 Standard Operating Procedure (SOP): a written document that provides
clear instructions and guidelines for carrying out specific tasks or processes
within an organization, ensuring consistency, efficiency, and adherence to
established standards.
 Work Instruction: step-by-step instruction for performing an
installation/configuring a task using a specific product or technology and
credentials.
Request for Change (RFC) documentation:
 The purpose of change
 The scope of change
 A risk analysis of not/performing the change
 A documented plan for carrying out the change
 A method to acquire end-user acceptance that change was performed to their
satisfaction and was properly implemented
 A backout plan in case unforeseen problems arise when the change is made
 Document all changes that were made.
Change Board Approval: a change board is a committee of stakeholders who can
approve the planned change.