Question 1: Social Engineering

Verified

Added on 2023/04/24

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: SOCIAL ENGINEERING
SOCIAL ENGINEERING
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1SOCIAL ENGINEERING
Response to Question 1:
In context of information security, the act of extracting confidential information by
manipulating people psychologically is referred to as Social engineering. It is a kind of
confidential trick in which information is gathered with fraudulent motive. It is also termed as
attack vector, which majorly depends on the interaction with human element in a business
setting (Krombholz et al., 2015, pp.113). It involves the techniques of manipulation to
acquire access of the systems or networks by altering the security procedures. The person
involved with social engineering portrays himself/herself as a source of information and
utilize the factor of human interaction and trust for extracting privileged information of an
organization (Mann, 2017). It utilizes an employee’s nature to achieve the objective. For
instance, it will be easier for a manipulator or hacker to utilize weaknesses of a user rather
than a software’s vulnerability.
Response to Question 2:
It is becoming difficult to combat social engineering in large organizations. The first
step in the process of social engineering involves exhaustive research of the target individual
or an organization, which helps the source to gain trust and understand vulnerability. In
today’s digital age, the information about a large organization like the organizational
structure, number of employees, departmental divisions and nature of work environment is
easily available in the web. For instance, LinkedIn can help connecting to the professional
networks of a specific target and social media platforms are a key source of data for the act
(Ghafir et al., 2016, pp.145). Another reason can be the impersonating a key official to
extract confidential data. Social engineering can also be disguised in the form of a customer
complaint email. The large organizations can protect their operations from social engineering
by the implementation of ‘data classification regime’, where the false positives of an email or
information can be assessed (Ghafir et al., 2016, pp.145).

2SOCIAL ENGINEERING
References:
Ghafir, I., Prenosil, V., Alhejailan, A., & Hammoudeh, M. (2016, August). Social
engineering attack strategies and defence approaches. In 2016 IEEE 4th International
Conference on Future Internet of Things and Cloud (FiCloud) (pp. 145-149). IEEE.
Krombholz, K., Hobel, H., Huber, M., & Weippl, E. (2015). Advanced social engineering
attacks. Journal of Information Security and applications, 22, 113-122.
Mann, I. (2017). Hacking the human: social engineering techniques and security
countermeasures. Routledge.

1 out of 3

+13062052269

info@desklib.com

Question 1: Social Engineering

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

Social Engineering Attacks and Its Awareness

SOCIAL ENGINEERING.

Social Engineering Threats and Mitigation

Telecommunications and Network Security

Social Engineering Phishing Attacks Paper

Social Engineering Attacks: Phishing Attacks