Social Engineering Fundamentals: Awareness and Defense (1 day)
- SKU: N/A
€ 990.00 excl. VAT
In this course, managers and employees learn to understand, identify and respond to social engineering attacks. The program provides the knowledge necessary to recognize the most typical and frequently used types of attacks, and the appropriate response strategies for deterring and defending against potential threats.
About the Course
In this course, managers and employees learn to understand, identify and respond to social engineering attacks. The program provides the knowledge necessary to recognize the most typical and frequently used types of attacks, and the appropriate response strategies for deterring and defending against potential threats. During the course, attendees learn when security should supersede convenience, and why policy needs to be followed. Defense mechanisms and countermeasures are included in each section, along with real life examples. The material will be presented in an engaging and entertaining fashion with the use of case studies rather than dry theory for better understanding and retention of the knowledge provided.
All managers and employees of a company or organization. No previous knowledge is required.
Duration & Delivery
1 day (09:00 – 17:00). Language: English
- Security is not a technical issue alone
- The importance of cultivating and maintaining security habits
- Non-technical means that protect your cybersecurity infrastructure
- Having multiple layers of security
- What is social engineering
- Why social engineering is a primary attack vector – and why it is likely you will encounter it, too.
- How does social engineering work?
- What do attackers prey upon?
- The numbers game VS highly tailored and targeted attacks
Who is the Attacker?
- Possible adversaries: competitors, employees, individuals, small groups, insiders, service providers, criminal organizations, nation states
- Social Engineering is a business, and a full-time profession
The Social Engineering Kill-chain – The attacker’s perspective
- Reconnaissance: The research phase used to identify and select targets
- Targeting: Who is the most vulnerable person to attack? What is the biggest vulnerability of thetarget? Target ROI?
- Pretexting: The attacker’s cover story
- Establishing trust with the target
- Manipulating, exploiting and victimizing
- Case studies
Remote Attack Methods
- Phishing Emails
- Spear Phishing
- Cat Phishing
- Emotional triggers that will make you want to respond- but shouldn’t
- Case studies
In- Person Attacks and Manipulation Techniques
- USB traps
- Emotional elicitation & exploitation
- Time pressure
- Pity & Helpfulness
- Commitment & Consistency
- Reverse Social Engineering
- Examples & Case studies
- Why social engineers will try to enter your establishment
- Gaining unauthorized access to physical spaces
- Tailgating and bypassing physical security measures
- Locked does NOT mean secure- Lockpicking capabilities
- Case Study
- Defense – suspicious activity & when to report
Identifying & Mitigating Social Engineering Attacks
- Phone calls
- In-Person attacks
- Verifying intentions- subtly
- Maintaining helpfulness without compromising security
- Establishing & maintaining secure boundaries in communication
- Using & applying policy to your advantage: escaping manipulation and uncomfortable situations
24 Apr 2019
- Store Name: Cyber Risk GmbH
- Vendor: Cyber Risk GmbH
- No ratings found yet!
€ 990.00 excl. VAT€ 990.00 excl. VAT
€ 1,990.00 excl. VAT€ 1,990.00 excl. VAT