1. Secure Backups Why do you think it is important to include end users in the process of creating the contingency plan? What are the possible pitfalls of end user inclusion? There have been several incidents lately in which backup media containing personal customer information were lost or stolen. How should backup media be secured? What about off-site storage of backups? 2. Noise What kind of user training should be conducted to deal with the issue of ‘noise’? How do you strike a balance between being overwhelmed with false positives and the danger of ignoring true incidents? 3. CSIRT How would you build a CSIRT? What are the components to building an effective team? Visit the Web site http://www.first.com. Summarize the goals of the organization and the benefits of becoming a member. 4. Freezing Evidence Do you think these issues play a significant part in the decision to involve law enforcement? Why or why not? Can you name some situations in which you believe that large organizations have decided not to involve law enforcement? 5. Key Execution What will happen if a network administrator leaves? What customers or contacts would the company lose if a sales representative leaves? What other positions can you name where a loss would have a potentially significant negative effect on the company? 6. Availability vs. Confidentiality Discuss the issues of availability versus confidentiality of the DR and BC plans. The recommendation is for all DR team members to have several copies of these plans, at the office and at home, and perhaps even in their vehicles to ensure that the plans are available for a sudden onset disaster. Consider the confidential nature of these plans, and the financial damage that could occur if competitors obtained these documents. How can an organization meet this objective and also protect this sensitive information? Consider accidental loss, employee resignation, theft, etc