Social Engineering in IT Security: Tools, Tactics, and Techniques
- 5h 55m
- Sharon Conheady
- McGraw-Hill/Osborne
- 2014
Conduct ethical social engineering tests to identify an organization's susceptibility to attack. Written by a global expert on the topic, Social Engineering in IT Security discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results. Specific measures you can take to defend against weaknesses a social engineer may exploit are discussed in detail. This practical guide also addresses the impact of new and emerging technologies on future trends in social engineering.
- Explore the evolution of social engineering, from the classic con artist to the modern social engineer
- Understand the legal and ethical aspects of performing a social engineering test
- Find out why social engineering works from a victim's point of view
- Plan a social engineering test--perform a threat assessment, scope the test, set goals, implement project planning, and define the rules of engagement
- Gather information through research and reconnaissance
- Create a credible social engineering scenario
- Execute both on-site and remote social engineering tests
- Write an effective social engineering report
- Learn about various tools, including software, hardware, and on-site tools
- Defend your organization against social engineering attacks
About the Author
Sharon Conheady is a director at First Defence Information Security in the UK where she specializes in social engineering. She has presented on the topic at security conferences worldwide and regularly leads training seminars on how to perform ethical social engineering tests and defend against social engineers.
In this Book
-
Introduction to Social Engineering
-
The Legal and Ethical Aspects of Social Engineering Tests
-
Why Social Engineering Works
-
Planning Your Social Engineering Test
-
Research and Reconnaissance
-
Creating the Scenario
-
Executing the Social Engineering Test
-
Writing the Social Engineering Report
-
Tools of the Trade
-
Defense Against the Dark Arts
-
Social Engineering: Past, Present, and Future