Unit 12: IT Technical Support
and Management
C: Develop a plan to support
and manage a new IT system
using industry standards and
methods
, 1 of 11
Introduction
I have been employed as an IT technician for a PC repair business. My manager is expanding into the
IT management and support industry by offering local businesses outsourced IT support. For one of
the companies that has enrolled in outsourced support, I have been requested to create a support
plan. The company for which I must create a support strategy is a start-up that operates an online
business. In addition to the 25 to 30 employees who will all have desktop PCs, the senior staff will
also have tablet computers that are Wi-Fi-connected to the company LAN, enabling data sharing and
Internet access.
Incident Response
Incident response teams are specialised teams within businesses tasked with managing and
resolving a range of occurrences that may impact the operations, security, or reputation of the
business. They are typically composed of experts in communications, risk management,
cybersecurity, and information technology. CSIRT usually supports and operates their businesses by:
In reaction, incident response teams establish the procedures, rules, and equipment needed to
handle circumstances effectively. This could entail creating incident response plans, conducting
regular training sessions and exercises, and ensuring that the appropriate tools and technology are
available.
Recognition: The first step in incident response is to determine the precise moment of an incident.
This could involve monitoring systems for anomalous activity, receiving reports from users or
automated alerts, or identifying patterns that suggest a potential problem.
The limitation: After an incident is discovered, the primary objective is to lessen its impact and
prevent it from spreading. This may entail implementing temporary fixes, isolating impacted systems
or networks, or suspending compromised services to prevent further damage.
Eradication: Reducing the cause of the problem is the next step after isolating the incidence. This can
entail removing malware, patching vulnerabilities, restoring from backups, or implementing long-
term solutions to prevent such incidents in the future.
Recovery time: Resuming normal business operations and retrieving any possibly compromised data
or services take precedence after the issue has been resolved. Rebuilding hacked systems,
recovering from backups, or implementing additional security measures may be necessary to
prevent such circumstances in the future.
Lessons Learnt: Finally, incident response teams will conduct a post-event review to determine what
went wrong, why it happened, and potential preventative measures. This frequently entails
documenting lessons learnt, updating incident response procedures, and informing company
stakeholders.
For instance, if a cyberattack targeted the company's systems. The group will get ready, find the
breach, isolate it, and eliminate it. They will carry out a post-event study to find vulnerabilities and
fixes following data restoration and the installation of extra security measures.
and Management
C: Develop a plan to support
and manage a new IT system
using industry standards and
methods
, 1 of 11
Introduction
I have been employed as an IT technician for a PC repair business. My manager is expanding into the
IT management and support industry by offering local businesses outsourced IT support. For one of
the companies that has enrolled in outsourced support, I have been requested to create a support
plan. The company for which I must create a support strategy is a start-up that operates an online
business. In addition to the 25 to 30 employees who will all have desktop PCs, the senior staff will
also have tablet computers that are Wi-Fi-connected to the company LAN, enabling data sharing and
Internet access.
Incident Response
Incident response teams are specialised teams within businesses tasked with managing and
resolving a range of occurrences that may impact the operations, security, or reputation of the
business. They are typically composed of experts in communications, risk management,
cybersecurity, and information technology. CSIRT usually supports and operates their businesses by:
In reaction, incident response teams establish the procedures, rules, and equipment needed to
handle circumstances effectively. This could entail creating incident response plans, conducting
regular training sessions and exercises, and ensuring that the appropriate tools and technology are
available.
Recognition: The first step in incident response is to determine the precise moment of an incident.
This could involve monitoring systems for anomalous activity, receiving reports from users or
automated alerts, or identifying patterns that suggest a potential problem.
The limitation: After an incident is discovered, the primary objective is to lessen its impact and
prevent it from spreading. This may entail implementing temporary fixes, isolating impacted systems
or networks, or suspending compromised services to prevent further damage.
Eradication: Reducing the cause of the problem is the next step after isolating the incidence. This can
entail removing malware, patching vulnerabilities, restoring from backups, or implementing long-
term solutions to prevent such incidents in the future.
Recovery time: Resuming normal business operations and retrieving any possibly compromised data
or services take precedence after the issue has been resolved. Rebuilding hacked systems,
recovering from backups, or implementing additional security measures may be necessary to
prevent such circumstances in the future.
Lessons Learnt: Finally, incident response teams will conduct a post-event review to determine what
went wrong, why it happened, and potential preventative measures. This frequently entails
documenting lessons learnt, updating incident response procedures, and informing company
stakeholders.
For instance, if a cyberattack targeted the company's systems. The group will get ready, find the
breach, isolate it, and eliminate it. They will carry out a post-event study to find vulnerabilities and
fixes following data restoration and the installation of extra security measures.
