Cutting-edge social engineering testing techniques
"Provides all of the core areas and nearly everything [you] need to know about the fundamentals of the topic."--Slashdot Conduct ethical social engineering tests to identify an organization's susceptibility to attack. Written by a global expert on the topic, Social Engineering in IT Security discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results. Specific measures you can take to defend against weaknesses a social engineer may exploit are discussed in detail. This practical guide also addresses the impact of new and emerging technologies on future trends in social engineering.
- Explore the evolution of social engineering, from the classic con artist to the modern social engineer
- Understand the legal and ethical aspects of performing a social engineering test
- Find out why social engineering works from a victim's point of view
- Plan a social engineering test--perform a threat assessment, scope the test, set goals, implement project planning, and define the rules of engagement
- Gather information through research and reconnaissance
- Create a credible social engineering scenario
- Execute both on-site and remote social engineering tests
- Write an effective social engineering report
- Learn about various tools, including software, hardware, and on-site tools
- Defend your organization against social engineering attacks
