Unit 3.1 Social Engineering Defense Issues

Unit 3.1 Social Engineering Defense Issues







Information Technology Infrastructure Security




























Social engineering, once mastered, can be used to gain access on any system despite the platform or the quality of the hardware and software present. It’s the hardest form of attack to defend against because hardware and software alone won’t stop it. Social engineering has been around as long as man. One way to define it is tricking personnel into aiding unlawful acts such as supplying proprietary information or allowing inappropriate access. They target the weakest link in a security system – the human being. Social engineers are con artists who exploit human vulnerabilities such as ignorance, the lack of experience, wisdom, or judgment: mixed with an individual’s natural desire to be liked and helpful. Or as defined from the techtarget.com site. Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures Rouse(2014).
There is all plenty of information that can be found on social al engineering, and the threat that can be caused from it. There are a couple of techniques that helps an attacker can gather information. These techniques are for example; Phishing, Reconnaissance, Public Information, Social Networking Sites, Dumpster Diving, and Cold calling. There is also the threat that the attacker is an employee, IT-staff or a vender that has the ability to just move around with no restrictions. Then we must realize that one of the biggest risk comes from the users. A system administrator must guard their network’s confidentiality, integrity, and availability. In order to do this, he/she must determine what the threats and vulnerabilities of a specific network really are. This will help determine the network’s risks. Along with this understanding, a determination must be made and agreed upon regarding the...

Similar Essays