Академический Документы
Профессиональный Документы
Культура Документы
a) cause-and-effect diagram
Shoulder surfing: This is one of the Non-electronic attacks. Attackers though looking victim's
keyboard or screen to get victim's password. So this situation always happens when victim
forgets to pay attention to surrounding during they log in.
Dumpster diving: Dumpster diving attack is one of the Non-electronic attacks. This kind of
attack though search victim's trash-bins, printer trash bins, and sticky notes on victim's desk to
achieve information gathering.
Brute forcing attack: Brute forcing attack belongs to one of the active online attacks. The
attacker tries every possible combination of characters until victim's password is broken. Brute
forcing attack doesn't require skills and training.
Password guessing: This attack is kind of active online attack. the attacker needs to list all of the
possible passwords and try those password from high probability level to low-level one by one.
Password guessing attack needs the attacker knows some information such as birthday, name
and age about victim.
Replay: The error is one of the passive online attacks. Hackers or attackers use the sniffer to
steal victims' individual information. Sniffer is used on packets and authentication to relevant
information. This kind of attack relates to skills and tools.
Man-in-the-Middle: This attack is one of the passive online attacks. The definition of this attack
is attackers are able to get the victim's personal information by access to communication
channels between victim and server.
a) I2 Chart
<In the 2D chart, likelihood to occur and effort to remediate are the two measurements that
used to measure the root causes of password compromising. The shoulder surfing attack is the
most frequent attack. It doesn't relate to any skills and training of the students, staffs, and
faculty member. To avoid this most frequently error, pay attention to people around you. For
example, if a colleague who sits next to you want to know your password, the most effective
way is shoulder surfing shoulder. So, pay attention to surroundings is necessary. Man-in-the-
middle attack and replay attack always relate to the skills of the students, staffs, and the faculty
members. If attackers able to access communication channel between victim and server, it's
difficult to avoid. >
a) Cross-functional Diagram
a) Question 4A - Report
<From task 1, we can know that there is three type of attacks include non-electronic attack,
active online attack, and passive online attack. Those three tasks also provide some possible
ways to teach students, staffs, and faculty members what they should do to protect their
accounts and personal information. Task 1 recommend students always change their password,
selecting a complex password and better to get some training about how to avoid online
attacks. Those ways can provide better network security. Though task 2, students can find which
kind of online attacks are most frequently. They know how to prevent those frequently attacks.
Task 3 provides some strategies that students should use to protect their accounts and
individual information. For example, they can use both DUO Mobile App, U of A’s VPN, and
NETID+ to prevent the online attack. >
287
450
457
460
638
739
761
1233
2046
0 500 1000 1500 2000 2500
< >
b) Question 5B – Report
<Since Eller students always travel to other counties, the connections had been increased.
However, the first week of December in the year of 2014 should be a school week. Most of the
students are staying in the US. According to a large number of the international VPN
connections, some of the students' accounts might be compromised. To protect student's NetID
and password, step 1 they should change their passwords frequently. Step 2 use reliable APP
and website such as DUO Mobile APP and NETID+ are necessary to avoid being the compromise.
Step 3 Always remember to log out the account when they finish using. Those three 3 steps can
help students protect their accounts and passwords. University should provide better network
security education to students, to remember students stay alert. >