- Bring this or any training to your organization
- Full - scale program development
- Delivered when, where, and how you want it
- Blended learning models
- Tailored content
- Expert team coaching
Social Engineering Training: Deceptions and Defenses
Course 2012
- Duration: 3 days
- Labs: Yes
- Language: English
-
17 CompTIA CEUs
-
17 NASBA CPE Credits (live, in-class training only)
-
17 PMI PDUs
- Level: Intermediate
In this Social Engineering course you gain the knowledge to defend against social engineering deceptions that threaten organizational security. You will gain the social engineering awareness to learn what is a social engineering attack. You will learn to prevent data breaches by learning the motivations and methods used by social engineers to access sensitive data and exploit organizational vulnerabilities. Gain the skills to implement procedures to defeat deceptions, and mitigate personnel vulnerabilities with this social engineering awareness course.
In this social engineering prevention training course, you gain the skills to defend against social engineering attacks that threaten organizational security. You learn the technical and psychological methods of manipulation, impersonation and persuasion used by social engineers. Further, this course incorporates hands-on activities designed to understand the motivations and methods used by social engineers, to better protect your organization and prevent data breaches.
Social Engineering Training: Deceptions and Defenses Delivery Methods
- After-course instructor coaching benefit
- Learning Tree end-of-course exam included
Social Engineering Training: Deceptions and Defenses Course Benefits
Defend against social engineering deceptions that threaten organizational securityPlan and evaluate security assessments for human weaknessesPromote vigilance and implement procedures to defeat deceptionsMitigate personnel vulnerabilities with security awarenessMeasure your organization’s preparedness for attacksSocial Engineering Course Outline
Evaluating the organizational risks
- Assessing social engineering threats
- Analyzing classic case studies
Thinking like a social engineer
- Considering attack frameworks
- Reviewing the methods of manipulation
- Examining legal issues and social concerns
Identifying information sources
- Gathering information passively and actively
- Leveraging social media
- Exploiting Google hacking
Collecting target information
- Ripping information from sites with theHarvester
- Dumpster diving for secrets and intelligence
- Profiling users for weaknesses
Minimizing information leaks
- Securing information leaks
- Implementing secure disposal policies
- Pinpointing reconnaissance probes
Profiling an information architecture
- Implementing the Berlo communication model
- Source
- Message
- Channel
- Receiver
- Determining communication weaknesses
Addressing communication flaws
- Verifying the source
- Securing the information channel
Drawing out information
- Soliciting information
- Interview techniques
- Identifying elicitation tactics and goals
Mitigating information leaks
- Maintaining situational awareness
- Implementing scripted responses
Circumventing physical security
- Identifying weak types of locks
- Bypassing electronic access controls
Securing the environment
- Implementing high security locks
- Preventing lock bumping
Gaining access with a disguise
- Identifying spoofing techniques
- Discovering change blindness deception
- Assessing Internet impersonation techniques
Defending against impersonation and forgery
- Implementing techniques to verify identity
- Avoiding skimmers and hidden technology threats
Examining human weaknesses
- Leveraging Cialdini’s motivation factors
- Identifying mindlessness dangers
- Exploring commitment and consistency vulnerability
Compelling behavior
- Exploiting social proofing
- Taking advantage of implied authority
- Demanding action with "quid pro quo"
Bolstering resistance to persuasion
- Adhering to policy and rules
- Recognizing risky situations
- Learning to interpret and then recognize
Assessing social engineering vulnerabilities
- Conducting a penetration test
- Creating a scope of work
- Mitigating legal issues and embarrassment
Creating comprehensive policies
- Establishing verification policies
- Regulating the use of social networks
- Delivering effective security awareness training
Need Help Finding The Right Training Solution?
Our training advisors are here for you.
Course FAQs
Social engineering is what it is called when hackers manipulate people to give up confidential information. There are many forms of social engineering.
It is an attack that relies heavily on human interaction and uses manipulation to have people break normal security procedures and practices.
Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available as Private Team Training.