- If you were Mr. Barton, how would you explain the situation in Chapter 10 to your CEO, Mr. Carl Williams, in English?
- If you were Mr. Barton, how would you explain the situation in Chapter 10 to Wall Street analysts you’re scheduled to meet today?
- Did an attacker or attackers intrude inside of IVK’s systems?
- How would you explain the difference between a distributed denial of service (DDoS) attack and an intrusion?
- How would you explain “transaction is jammed up” or “the database is corrupted” (p. 164-165)?
- What does it mean by “Apparently a database index file had been somehow renamed, and another substituted in its place”? (p. 167)
- Why can’t IVK figure out whether an intrusion occurred or something else happened?
- What is the “rush-a-change-into-production” thing? (p. 166)
- For Cho to find evidence of an intrusion, what does he need?
- What would be the ramifications of this crash? (Imagine the worst.)
- Why did Mr. Wells, IVK VP of Legal, demand to pull the plugs?
- How would you explain “wipe production servers clean, and rebuild the production configuration” (p. 170) to Mr. Williams?
- Among the three options in Ch 11, What is the least costly option? What is the most costly option?
- What is the most conservative option? What is the most risky option?
- What are the reasons to disclose the security incidents? What would be the reasons not to disclose?
