Mitigating the risk of social engineering attacks

Show full item record

Title: Mitigating the risk of social engineering attacks
Author: Spinapolice, Matthew
Abstract: The topic of social engineering is only covered briefly in today's system administration and security coursework. This lack of coverage leaves many Administrators ill-equipped to administer the users of a computer network. In addition to their technical training, administrators need to comprehend the potential severity and likelihood of social engineering attacks. Teaching administrators only to minimize the risk of hacking attempts or computer virus infections does not fully equip them with the knowledge needed to defend their networks. To ensure the safety of their network from social engineering attacks, administrators need to be able to answer three primary questions: * How can Administrators look for and identify a social engineering attack? * How can Administrators properly train users to ensure they do not become the network's weakest security link? * How can Administrators test their protection methods to ensure the risk of social engineering attacks is sufficiently mitigated? This thesis attempts to answer these questions, devise a training workshop template Administrators can present to their users, and present a base set of audit guidelines Administrators can employ to ensure their attack prevention methods are effective.
Record URI: http://hdl.handle.net/1850/14666
Date: 2011

Files in this item

Files Size Format View
MSpinapoliceThesis11-15-2011.pdf 561.8Kb PDF View/Open

The following license files are associated with this item:

This item appears in the following Collection(s)

Show full item record

Search RIT DML


Advanced Search

Browse