Fee Download Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady
This is some of the benefits to take when being the member and get guide Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady here. Still ask what's different of the various other site? We provide the hundreds titles that are created by recommended writers and also publishers, around the world. The link to get as well as download Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady is also really simple. You may not discover the difficult website that order to do even more. So, the method for you to obtain this Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady will be so simple, won't you?
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady
Fee Download Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady
Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady. Thanks for visiting the very best internet site that available hundreds type of book collections. Right here, we will certainly present all publications Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady that you need. The books from renowned writers and authors are supplied. So, you could enjoy now to get one by one kind of publication Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady that you will certainly search. Well, related to the book that you want, is this Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady your choice?
This publication Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady offers you far better of life that can produce the high quality of the life more vibrant. This Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady is what individuals currently require. You are here and you could be exact and also certain to obtain this publication Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady Never ever doubt to get it even this is merely a book. You could get this publication Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady as one of your compilations. Yet, not the compilation to display in your shelfs. This is a priceless publication to be reviewing compilation.
How is making sure that this Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady will not presented in your bookshelves? This is a soft documents publication Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady, so you can download Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady by purchasing to obtain the soft documents. It will reduce you to read it each time you require. When you really feel lazy to relocate the printed publication from home to workplace to some location, this soft data will certainly alleviate you not to do that. Because you can just save the information in your computer hardware as well as gizmo. So, it enables you review it all over you have determination to review Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady
Well, when else will you locate this possibility to get this book Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady soft file? This is your excellent opportunity to be right here and also get this wonderful publication Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady Never ever leave this book before downloading this soft file of Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady in web link that we give. Social Engineering In IT Security: Tools, Tactics, And Techniques, By Sharon Conheady will truly make a lot to be your friend in your lonesome. It will certainly be the very best companion to improve your business and pastime.
Cutting-edge social engineering testing techniques "Provides all of the core areas and nearly everything [you] need to know about the fundamentals of the topic."--Slashdot
Conduct ethical social engineering tests to identify an organization's susceptibility to attack. Written by a global expert on the topic, Social Engineering in IT Security discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results. Specific measures you can take to defend against weaknesses a social engineer may exploit are discussed in detail. This practical guide also addresses the impact of new and emerging technologies on future trends in social engineering.- Explore the evolution of social engineering, from the classic con artist to the modern social engineer
- Understand the legal and ethical aspects of performing a social engineering test
- Find out why social engineering works from a victim's point of view
- Plan a social engineering test--perform a threat assessment, scope the test, set goals, implement project planning, and define the rules of engagement
- Gather information through research and reconnaissance
- Create a credible social engineering scenario
- Execute both on-site and remote social engineering tests
- Write an effective social engineering report
- Learn about various tools, including software, hardware, and on-site tools
- Defend your organization against social engineering attacks
- Sales Rank: #483694 in Books
- Brand: Conheady, Sharon
- Published on: 2014-08-04
- Original language: English
- Number of items: 1
- Dimensions: 8.75" h x 7.00" w x .50" l,
- Binding: Paperback
- 272 pages
About the Author
Sharon Conheady is a director at First Defence Information Security in the UK where she specializes in social engineering. She has presented on the topic at security conferences worldwide and regularly leads training seminars on how to perform ethical social engineering tests and defend against social engineers.
Most helpful customer reviews
4 of 4 people found the following review helpful.
Effective guide on which to build a social engineering testing program
By Ben Rothke
When I first got a copy of Social Engineering in IT Security Tools, Tactics, and Techniques by Sharon Conheady, my first thought was that it likely could not have much that Christopher Hadnagy didn't already detail in the definitive text on the topic: Social Engineering: The Art of Human Hacking. Obviously Hadnagy thought differently, as he wrote the foreward to the book; which he found to be a valuable resource.
While there is overlap between the two books; Hadnagy takes a somewhat more aggressive tool-based approach, while Conheady's book takes a somewhat more passive, purely social approach to the topic. There are many more software tools in Hadnagy; while Conheady doesn't reference software tools until nearly half-way through the book.
This book provides an extensive introduction to the topic and details how social engineering has evolved through the centuries. Conheady writes how the overall tactics and goals have stayed the same; while the tools and techniques have been modified to suit the times.
Coming in at about 250 pages, the book finds a good balance between high-level details and actionable tactical things to execute on. Without getting bogged down in filler.
Since the social engineering tools and techniques only get better, the advantage Conheady's book has it that it details a lot that has changed in the 4 years since Hadnagy's book came out.
Conheady writes about mumble attacks, which are telephone-based social engineering attacks that are targeted at call center agents. The social engineer will pose as a speech-impaired customer or as a person calling on behalf of the speech-impaired customer. The goal of this method is to make the victims; in this case call center agents feel awkward or embarrassed and release the desired information. Given the pressure in which most call center agents are under; this is a simple yet highly effective attack.
Like Hadnagy, this also has a detailed social engineering test methodology. Conheady details a methodology with 5 stages: planning and target identification, research and reconnaissance, scenario creation, attack execution and exit, and reporting. She notes that one does not have to be a slave to the methodology, and it can be modified depending on the project.
Social engineering can often operate on the limit of what is legal and ethical. The author goes to great lengths to write what the ethical and legal obligations are for the tester.
The book is filled with lots of practical advice as Conheady is seasoned and experienced in the topic. From advice to dealing with bathrooms as a holding location, gaining laptop connectivity and more; she writes of the many small details that can make the difference between a successful social engineering test and a failed one.
The book also details many areas where the job of the social engineer is made easy based on poor security practices at the location. Chapter 7 details how many locations have access codes on doors often don't do much to keep social engineers out. Many doors have 4-character codes, and she writes that she has seen keypads where the combination numbers have been so worn down that you can spot them straightaway.
As noted earlier, the book focuses more on the human techniques of social engineering than on software tools. She does not ignore that tools and in chapter 9 provides a list of some of the more popular tools to use, including Maltego, Cree.py and others. She also has lists of other tools to use such as recording devices, bugging devices, phone tools and more.
With all those, she still notes that the cell phone is the single most useful item you can bring with you on a social engineering test. She writes that some of the many uses a cell phone has is to discourage challengers, fake a call to look busy, use the camera and more.
While most of the book is about how to execute a social engineering test, chapter 10 details how you can defend against social engineering. She notes that it is notoriously difficult to defend against social engineering because it targets the weakest link in the security chain: the end-user. She astutely notes that a firm can't simply roll out a patch and immunize its staff against the latest social engineering attack. Even though there are vendors who make it seem like you can.
The chapter also lists a number of indicators that a firm may be experiencing a social engineering attack.
Hadnagy's Social Engineering: The Art of Human Hacking is still the gold-standard on the topic. But Social Engineering in IT Security Tools, Tactics, and Techniques certainly will give it a run for the money.
Hadnagy's approach to social engineering is quite broad and aggressive. Conheady takes more of a kinder, gentler approach to the topic.
For those that are looking for an effective guide on which to build their social engineering testing program on, this certainly provides all of the core areas and nearly everything they need to know about the fundamentals of the topic.
0 of 0 people found the following review helpful.
Could've had much more depth of subject matter.
By Amazon Customer
I bought this book used, for quite a discount, here at Amazon. Amazon came through as expected with standard delivery times. The book was in mint as new condition. My only complaint is that the book itself could have been better. It's an McGraw hill educational book, so I expected a lot more of an in depth look into it's subject matter. Yet I personally found there to be a few key insights, most of the book was filler, with chapter after chapter, rehashing what was stated in the former chapter. I feel the subject matter of this book could have been explained in a couple pages, and many of the paragraphs just repeated the same thing, over and over, yet worded a little different.
0 of 1 people found the following review helpful.
Social Engineering - Working with a Superstar
By Jon Fisher
I’ve just spent the last few days reading Sharon Conheady’s book ‘Social Engineering in IT Security: Tools, Tactics, and Techniques’ published by McGraw-Hill.
I must make clear that I know Sharon as I work at First Defence Information Security Limited where she is one of the Directors, but my interest in her book transcends our working relationship and errs more towards the realms of my status as a FAN.
Sharon’s reputation precedes her (this is one of the reasons I decided to Join First Defence in the first place), and her experience, thoughts and innovations are distilled into the book in fantastic detail. Those of you who have seen her speak at conferences and seminars around the world will be familiar with her style and extensive catalogue of ‘war stories’ – you’ll find all of this and more packed into the book.
A proportion of the book is dedicated to the mechanics of Social Engineering testing – the legalities, ethics, tools and how to go about producing a useful client-facing report. There are tips and thoughts scattered throughout the chapters for those planning how to go about performing a test, as well as insights into how attacks are planned and executed for those looking at how to protect themselves and their business.
My particular favourite aspects of the book are the historic and cultural examples of Social Engineering in action, and the use of some up-to-the-minute references to relatively recent news stories.
In my role as Sales Consultant at First Defence, having such a star in our midst certainly helps in the many conversations I have with current and prospective clients about how we might help them with the understanding of their information security risks, and how we might help them make improvements.
As a fan, I can safely say that the book satisfies my desire to have all Sharon’s years of experience crystallised into a logical and helpful form. ……… As an Information Security Professional, I can also attest to the fact that having the latest thinking to hand helps me in how I approach my clients’ challenges……………. As an employee of First Defence – I can only say that having one of the top Social Engineering talents in the world as a boss certainly makes my life easier (although busier!).
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady PDF
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady EPub
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady Doc
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady iBooks
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady rtf
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady Mobipocket
Social Engineering in IT Security: Tools, Tactics, and Techniques, by Sharon Conheady Kindle
Tidak ada komentar:
Posting Komentar