Question

Identify and counteract social engineering exploits.

Answer 1

Answer)

Social engineering attacks and exploits are the behaviors for a broad range of malicious activities which can be accomplished by the human interactions and social connections. The social engineering exploits use the psychological manipulation to trick users into making security mistakes and also many a times give away sensitive information.

Next we will see an example of an attack and how to prevent it.

An attacker is impersonating an employee and is using his credentials or his id to attempt to access an employee’s protected information from the company system or network. You can prevent this scenario by using specific resources, tools and personnel the next time somebody tries to attack the same way. Some of the ways to prevent this are:

a) Educating the employees about the attacks and keeping their id and credentials safe.

b) Enable a SPAM filter which will detect virus, and other attackers and provide a level of protection in the network.

c) Latest security updates and patches have to be installed.

d) Firewall is a must to detect and block the attacker's attempt.

e) Encrypt all the sensitive company and personnel information using special encryption tools.

f) Antivirus solution and tools which monitor the systems and the network and the computers.

g) Strong authentication mechanisms and password policy and biometric authentication in place.

i) Encryption of email and telephonic communication within and outside the company.

j) Administrator and security officers in charge of the company systems security should implement the above security policies and maintenance.