Social Engineering in IT Security: Tools, Tactics, and Techniques

Cutting-edge social engineering testing techniques "Provides all of the core areas and nearly everything [you] need to know about the fundamentals of the topic."--Slashdot

Conduct ethical social engineering tests to identify an organization's susceptibility to attack. Written by a global expert on the topic, Social Engineering in IT Security discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results. Specific measures you can take to defend against weaknesses a social engineer may exploit are discussed in detail. This practical guide also addresses the impact of new and emerging technologies on future trends in social engineering.

• Explore the evolution of social engineering, from the classic con artist to the modern social engineer
• Understand the legal and ethical aspects of performing a social engineering test
• Find out why social engineering works from a victim's point of view
• Plan a social engineering test--perform a threat assessment, scope the test, set goals, implement project planning, and define the rules of engagement
• Gather information through research and reconnaissance
• Create a credible social engineering scenario
• Execute both on-site and remote social engineering tests
• Write an effective social engineering report
• Learn about various tools, including software, hardware, and on-site tools
• Defend your organization against social engineering attacks