We will discuss these questions on Fri, Apr 3. Do not pose comments on this.

• Among the three options in Ch 11, What is the least costly option? What is the most costly option?
• What is the most conservative option? What is the most risky option?
• What are the reasons to disclose the security incidents?
• What would be the reasons not to disclose?

We will discuss these questions on Wed, Apr 1. Do not pose comments on this.

• Why can’t IVK figure out whether an intrusion occurred or something else happened?
• What is the “rush-a-change-into-production” thing? (p. 166)
• For Cho to find evidence of an intrusion, what does he need?
• What would be the ramifications of this crash? (Imagine the worst.)
• Why did Mr. Wells, IVK VP of Legal, demand to pull the plugs?
• How would you explain “wipe production servers clean, and rebuild the production configuration” (p. 170) to Mr. Williams?

We will discuss these questions on Mon, Mar 30. Do not pose comments on this.

• If you were Mr. Barton, how would you explain the situation in Chapter 10 to your CEO, Mr. Carl Williams, in English?
• If you were Mr. Barton, how would you explain the situation in Chapter 10 to Wall Street analysts you’re scheduled to meet today?
• Did an attacker or attackers intrude inside of IVK’s systems?
• How would you explain the difference between a distributed denial of service (DDoS) attack and an intrusion?
• How would you explain “transaction is jammed up” or “the database is corrupted” (p. 164-165)?
• What does it mean by “Apparently a database index file had been somehow renamed, and another substituted in its place”? (p. 167)
• Why can’t IVK figure out whether an intrusion occurred or something else happened?