ECEN 602 Homework 1 F 2018.pdf - ECEN 602 Fall 2018...

This preview shows page 1 - 3 out of 4 pages.

ECEN 602 Fall 2018: Homework 1 Due: Sept. 5 8:00 am 1 Homework 1 ECEN 602 Due Sept. 5, 2018 @ 8:00 am 1. Peterson and Davie 5 th Edition (P&D) 1.3 (Chapter 1, Problem 3) (14%) 2. P&D 1.13 (14%) 3. P&D 1.16 (14%) 4. P&D 1.30 (14%) 5. P&D 1.31 (14%) 6. Two Factor Authentication (14%) Two-factor authentication is available for logins to both the TAMU CAS-enabled web services (e.g., Howdy Student System, TAMU Gmail, Gateway, SSO, TAMU VPN Cisco AnyConnect, Maestro, Library EZProxy, Research.gov, etc.) and the TAMUS SSO services (e.g., Workday Cloud HR/Payroll, Concur Travel, Maestro Research Admin, TrainTraq Training, etc.). Enable Duo two-factor authentication for your TAMU NetID, and turn in a screen capture of your smartphone/tablet Duo app Login Request screen or the Duo web page (the latter if you are not using a smartphone/tablet app). The basic idea of two-factor authentication is that it takes two things to login to your account: (1) something you know, typically a password, and (2) something you have, e.g., cell phone (text message), smartphone (app), hardware token, fingerprint, etc. If you accidentally type your password into a fake web site in response to a phishing attack (e.g., John D. Podesta, Hillary Clinton’s campaign chairman, clicked on a link in a phishing email in March 2016, and 60,000 email messages from his Gmail account were accessed after a clueless campaign aide indicated that the phishing email was a “legitimate email”) , or you use the same password at many sites and the bad guys hack one of those sites (e.g., Yahoo disclosed in Dec. 2016 that 1 Billion user accounts were hacked in 2013, and in October 2017 they updated this number to 3 Billion, basically all the Yahoo accounts), enabling two-factor will protect you in most cases. Almost all data breaches start with compromising employee or customer accounts to get access. The Verizon Enterprise 2015 Data Breach Report notes that over 95% of Web application attacks involve harvesting credentials from a customer or a customer's device and then logging into a web site. In 2013, we
ECEN 602 Fall 2018: Homework 1 Due: Sept. 5 8:00 am 2 had nine A&M System employees give up their SSO credentials in response to a phishing attack. The hackers changed the direct deposit account numbers in an effort to steal paychecks. With two-factor authentication, even if your password is compromised, the hackers will not be able to login to your account in most cases (I say most cases because there was a clever attack on certain

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture