Mitigating Security Risks: Managing Social Engineering Risks


Overview/Description
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Social engineering is a security attack method that takes advantage of the social aspect of human nature, which includes trust and interactivity. All members of an organization need to recognize how these subtle and manipulative techniques work and what they can do to avoid falling prey to them. In this course, you'll explore what's meant by social engineering, examining standard social engineering techniques, the basic principles of these kinds of attacks, their intended outcomes, who and what they target, and the risks they pose for your organization. Moving along, you'll investigate how social engineering is used to launch a cyberattack, study different types of spoofing attacks, and specify best practices to safeguard against social engineering. At the end of the course, you'll recognize the objectives of social engineering attacks, how they're carried out, and how to implement security measures to prevent them.

Prerequisites
none

Expected Duration (hours)
1.2

Lesson Objectives

Mitigating Security Risks: Managing Social Engineering Risks

  • discover the key concepts covered in this course
  • describe what is meant by social engineering and give examples
  • describe the key intent of social engineering
  • list the principles of social engineering attacks (authority, intimidation, consensus, scarcity, urgency, familiarity, and trust)
  • describe using examples how social engineering is used as a medium to launch cyber attacks
  • list some types of social engineering attacks
  • list some types of spoofing attacks
  • identify the possible targets in social engineering
  • describe the best practices for protecting against social engineering
  • summarize the key concepts covered in this course

    • Course Number:
    it_smmsrdj_04_enus

    Expertise Level
    Intermediate