Topic 1:

Discussion Question

Search “” for a company, school, or person that has been the target of a network
or system intrusion? What information was targeted? Was the attack successful? If so, what changes
were made to ensure that this vulnerability was controlled? If not, what mechanisms were in-place to protect against the intrusion.

Topic 2:

Search “” for a company or school that has defined the role of end-users in the creation of a contingency plan. Discuss why it is (or is not) important to include end users in the process of creating the contingency plan? What are the possible pitfalls of end user inclusion?

Topic 3:

Search “” for a company or school that has reported issues, problems, concerns about their backup procedures. Discuss the issue of securing backups. There have been several incidents lately in which backup media containing personal customer information were lost or stolen. How should backup media be secured? What about off-site storage of backups?  

Topic 4:

Search “” or your textbook. Discuss the technical skills required to have a CSIRT response team consisting of employees with other job duties (i.e., not a full-time CSIRT job category)? Why or why not? What factors will influence their decision?

Topic 5:

Search “” or your textbook. Discuss what role end-users typically play in incident reporting? Should end users be encouraged to report suspicious occurrences? If so, why; if not, why not. What factors typically influence the end-user decision to report (or not report) a potential incident?

Topic 6:

Search “” or your textbook. Include at least 250 words in your reply.  Indicate at least one source or reference in your original post.  Discuss ways organizations have built a CSIRT. What are the components to building an effective and successful CSIRT team?

Topic 7:

Search “” or your textbook. Discuss how organizations have faced the challenges that incident handlers are challenged with in identifying incidents when resources have been moved to a cloud environment.

Topic 8:

Search “” or your textbook. Discuss the issues organization’s face with regards to the protection of its customer information. How might an organization notify its users that all communications are being monitored and preserved? How will end users typically respond to such announcements? 


Follow the attached guide line for discussion.

800 words for each topic.