Social Engineering Training: Deceptions and Defenses
Level: Intermediate
Course #: 2012
Key Features of this Social Engineering Training:
After-course instructor coaching benefit
You Will Learn How To:
Defend against social engineering deceptions that threaten organizational security
Plan and evaluate security assessments for human weaknesses
Promote vigilance and implement procedures to defeat deceptions
Mitigate personnel vulnerabilities with security awareness
Measure your organization’s preparedness for attacks
Bring this or any training to your organization
Full – scale program development
Delivered when, where, and how you want it
Blended learning models
Tailored content
Expert team coaching
Important Social Engineering Course Information
Course Description
In this social engineering prevention training course, you gain the skills to defend against social engineering attacks that threaten organizational security. You learn the technical and psychological methods of manipulation, impersonation and persuasion used by social engineers. Further, this course incorporates hands-on activities designed to understand the motivations and methods used by social engineers, to better protect your organization and prevent data breaches.
Social Engineering Course Outline
Introduction to Social Engineering
Evaluating the organizational risks
Assessing social engineering threats
Analyzing classic case studies
Thinking like a social engineer
Considering attack frameworks
Reviewing the methods of manipulation Examining legal issues and social concerns
Gathering Information and Intelligence
Identifying information sources
Gathering information passively and actively
Leveraging social media
Exploiting Google hacking
Collecting target information
Ripping information from sites with the Harvester
Dumpster diving for secrets and intelligence
Profiling users for weaknesses
Minimizing information leaks
Securing information leaks
Implementing secure disposal policies
Pinpointing reconnaissance probes
Identifying Communication Models
Profiling an information architecture
Implementing the Berlo communication model
Source
Message
Channel
Receiver
Determining communication weaknesses
Addressing communication flaws
Verifying the source Securing the information channel
Assessing Elicitation Methods
Drawing out information
Soliciting information
Interview techniques
Identifying elicitation tactics and goals
Mitigating information leaks
Maintaining situational awareness
Implementing scripted responses
Gaining Physical Access
Circumventing physical security
Identifying weak types of locks
Bypassing electronic access controls
Securing the environment
Implementing high security locks
Preventing lock bumping
Impersonating Authorized Personnel
Gaining access with a disguise
Identifying spoofing techniques
Discovering change blindness deception
Assessing Internet impersonation techniques
Defending against impersonation and forgery
Implementing techniques to verify identity
Avoiding skimmers and hidden technology threats
Employing Psychology for Persuasion
Examining human weaknesses
Leveraging Cialdini’s motivation factors
Identifying mindlessness dangers
Exploring commitment and consistency vulnerability
Compelling behavior
Exploiting social proofing
Taking advantage of implied authority
Demanding action with “quid pro quo”
Bolstering resistance to persuasion
Adhering to policy and rules
Recognizing risky situations
Learning to interpret and then recognize
Implementing Management Countermeasures
Assessing social engineering vulnerabilities
Conducting a penetration test
Creating a scope of work
Mitigating legal issues and embarrassment
Creating comprehensive policies
Establishing verification policies
Regulating the use of social networks
Delivering effective security awareness training
Course info - Prices, Enrollment