Question

In: Computer Science

As you analyze any modern corporate setup, you will see that companies want to ensure that...

As you analyze any modern corporate setup, you will see that companies want to ensure that all users are aware of their own individual responsibility to help protect the enterprise. Social engineering (SE) is becoming a more prevalent threat at all levels of business. To combat it, you first need to understand it. Therefore, you must complete the following: Describe what social engineering is and explain its existence and prevalence. Explain why SE is an important part of an information technology security course. Discuss employee and management responsibilities with regard to information security and combating SE. Make sure your work clarifies your opinion as to who carries more responsibility for preventing SE-the employees or management. Provide examples to back up your statements. Prepare a 1-2 page Word document that covers the above areas.

Solutions

Expert Solution

Describe what social engineering is and explain its existence and prevalence?

Social engineering is a hacking technique to trick people or victim to reveal their sesitive,confidential,important or secret information to an attacker. Types of attacks perform by attacker are phishing mail, sms,pretexting, baiting, tailgating etc.

If we talk about existance and prevalence of social engineering it existance is very common you can easily observe that you have already attacked by these type of social engineering attacks very often like you recieving fraud calls that they are asked you to give your credit/debit card details , fake job vacancy emails/sms , some type of lottery sms or prize winning sms, phising page links via mail or sms these all are the social engineering attacks.

Explain why SE is an important part of an information technology security course.

Socail engineering is an important part of an imformation technology security course because when any attack is perfomed by an attacker it always starts from the social engineering like attacker first finds the loopholes of the organisation by manipulate the employee or management to reveal their organisation security infrastructure or what level of security system they are using by physically meet them. He will easily get those imformation from these type of employee or management staff who are unaware of social engineering because they don't know what imformation to reveal or what to not that's why social engineering is an important part of an information security course.

Discuss employee and management responsibilities with regard to information security and combating SE.

Management responsibilities with regard to information security and combating social engineering is to increase their security level means that unauthorize people can't enter to sensitive area of the organisation because it prevents many physical attack caused by social engineering attacks update their firewall policies to prevent any malicious or phishing traffic get into to their organisation. Regularly conduct workshops or awareness program on information security for employee and management of the organisation which makes aware them towards social engineering attacks.

Employee responsibilities with regard to information security and combating social engineering is to follow company security policies. not reveal any information about their company which may lead to security issue with anyone not even with friends. regurally attend awareness programe conducted by the organisation if employee find something like any social engineering attack to their system like any phishing mail or url or any attack his responsibility it to repost to its information security management immediately.

Make sure your work clarifies your opinion as to who carries more responsibility for preventing SE-the employees or management.

In my opinion Employees carries more responsibility for preventing social engineering than management because attacker always target the emmployees of the organisation because they know most of the employees are unaware of social engineering attack this will be more clear by an example

Suppose a employee Alice and attacker bob are close friend and they always meet and spent time together after work hours management of the company have done their best like they have installed the best security infrastructure in their organisation but attacker bob wants to attack them but due lack of imformation about comspany security he can't then he starts talking alice about their company security infrastructure and alice who are unaware of social engineering easily reveal all the imformation that the attacker bob required after getting imformation he will finds the loopholes of their system and able to perform the attack that's why employee is more responsible than management to prevent social engineering.

Please hit the like button if you find this helpful for you THANK YOU AND HAPPY LEARNING:)


Related Solutions

Are there any differences that you see in the companies listed on the NASDAQ from the...
Are there any differences that you see in the companies listed on the NASDAQ from the companies listed on the NYSE? Post anything else you found of interest while exploring the NYSE and NASDAQ websites. Compare and Contrast the NYSE and the NASDAQ.
5. You want to see if smoking marijuana has any effect (positive or negative) on memory...
5. You want to see if smoking marijuana has any effect (positive or negative) on memory span. You pre-test subjects on the memory span measure, then pair up subjects who have the same memory test score.  After matching the subjects, you conduct the actual experiment. One member of each of the 15 pairs of subjects is assigned at random to smoke a marijuana cigarette; the other member of each pair is assigned to smoke a cigarette that doesn't contain any of...
Write an essay on Measures taken by any 5 corporate companies to achieve environmental sustainability You...
Write an essay on Measures taken by any 5 corporate companies to achieve environmental sustainability You will need to: a) Give an introduction about the company b) Explain the measures taken by them to incorporate practices in order to achieve environmental sustainability.
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate...
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate applications, please select a non-cryptocurrency topic. prompt: A summary of the specific application of blockchain you selected. A discussion of the types of companies and/or industries that will benefit from this application. An analysis of whether or not this application of blockchain technology will be successful. minimum 450 words
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate...
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate applications, please select a non-cryptocurrency topic. 1. A brief summary of blockchain technology in general. Minimum 200 words
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate...
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate applications, please select a non-cryptocurrency topic. Prompt: A summary of the specific application of blockchain you selected. A discussion of the types of companies and/or industries that will benefit from this application. An analysis of whether or not this application of blockchain technology will be successful. Minimum 450 words
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate...
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate applications, please select a non-cryptocurrency topic. Prompt: A summary of the specific application of blockchain you selected. A discussion of the types of company or industry that will benefit from this application. An analysis of whether or not this application of blockchain technology will be successful. Minimum 450 words
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate...
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate applications, please select a non-cryptocurrency topic. 1. A brief summary of blockchain technology in general. Minimum 250 words
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate...
companies are adopting or planning to adopt blockchain technology. Since we want to focus on corporate applications, please select a non-cryptocurrency topic. Prompt: A summary of the specific application of blockchain you selected. A discussion of the types of companies and/or industries that will benefit from this application. An analysis of whether or not this application of blockchain technology will be successful. Minimum 450 words
Corporate Finance management - MBA why do we need to analyze the financial statement of companies?
Corporate Finance management - MBA why do we need to analyze the financial statement of companies?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT