Social Engineering Training: Deceptions and Defenses

Level: Intermediate
Course #: 2012

Course info - Prices, Enrollment

Key Features of this Social Engineering Training:

After-course instructor coaching benefit

You Will Learn How To:

Defend against social engineering deceptions that threaten organizational security

Plan and evaluate security assessments for human weaknesses

Promote vigilance and implement procedures to defeat deceptions

Mitigate personnel vulnerabilities with security awareness

Measure your organization’s preparedness for attacks

Bring this or any training to your organization

Full – scale program development

Delivered when, where, and how you want it

Blended learning models

Tailored content

Expert team coaching

Important Social Engineering Course Information

Course Description

In this social engineering prevention training course, you gain the skills to defend against social engineering attacks that threaten organizational security. You learn the technical and psychological methods of manipulation, impersonation and persuasion used by social engineers. Further, this course incorporates hands-on activities designed to understand the motivations and methods used by social engineers, to better protect your organization and prevent data breaches.

Social Engineering Course Outline

Introduction to Social Engineering

Evaluating the organizational risks

Assessing social engineering threats

Analyzing classic case studies

Thinking like a social engineer

Considering attack frameworks

Reviewing the methods of manipulation Examining legal issues and social concerns

Gathering Information and Intelligence

Identifying information sources

Gathering information passively and actively

Leveraging social media

Exploiting Google hacking

Collecting target information

Ripping information from sites with the Harvester

Dumpster diving for secrets and intelligence

Profiling users for weaknesses

Minimizing information leaks

Securing information leaks

Implementing secure disposal policies

Pinpointing reconnaissance probes

Identifying Communication Models

Profiling an information architecture

Implementing the Berlo communication model





Determining communication weaknesses

Addressing communication flaws

Verifying the source Securing the information channel

Assessing Elicitation Methods

Drawing out information

Soliciting information

Interview techniques

Identifying elicitation tactics and goals

Mitigating information leaks

Maintaining situational awareness

Implementing scripted responses

Gaining Physical Access

Circumventing physical security

Identifying weak types of locks

Bypassing electronic access controls

Securing the environment

Implementing high security locks

Preventing lock bumping

Impersonating Authorized Personnel

Gaining access with a disguise

Identifying spoofing techniques

Discovering change blindness deception

Assessing Internet impersonation techniques

Defending against impersonation and forgery

Implementing techniques to verify identity

Avoiding skimmers and hidden technology threats

Employing Psychology for Persuasion

Examining human weaknesses

Leveraging Cialdini’s motivation factors

Identifying mindlessness dangers

Exploring commitment and consistency vulnerability

Compelling behavior

Exploiting social proofing

Taking advantage of implied authority

Demanding action with “quid pro quo”

Bolstering resistance to persuasion

Adhering to policy and rules

Recognizing risky situations

Learning to interpret and then recognize

Implementing Management Countermeasures

Assessing social engineering vulnerabilities

Conducting a penetration test

Creating a scope of work

Mitigating legal issues and embarrassment

Creating comprehensive policies

Establishing verification policies

Regulating the use of social networks

Delivering effective security awareness training

Course info - Prices, Enrollment