Social Engineering

  • Six types of behaviors for a positive response to social engineering are as follows:

    • Scarcity Works on the belief that something is in short supply. It's a common technique of marketers, "buy now; quantities are limited."
    • Authority Works on the premise of power. As an example, "hi, is this the help desk? I work for the senior VP, and he needs his password reset in a hurry!"
    • Liking Works because we tend to do more for people we like than people we don't.
    • Consistency People like to be consistent. As an example," why should I badge in? Everyone else just walks in once someone opens the door."
    • Social validation Based on the idea that if one person does it, others will too.
    • Reciprocation If someone gives you a token or small gift, you feel pressured to give something in return.
  • Human-based social engineering works on a personal level. It works by impersonationposing as an important user, using a third-party approach, masqueradingand can be attempted in person.
  • Computer-based social engineering uses software to retrieve information. It works by means of pop-up windows, email attachments, and fake websites.
  • Reverse social engineering involves sabotaging someone else's equipment and then offering to fix the problem. It requires the social engineer to first sabotage the equipment, and then market the fact that he can fix the damaged device, or pretend to be a support person assigned to make the repair.
  • There are a few good ways to deter and prevent social engineering, and user awareness, policies, and procedures rate among the best.

Session Hijacking

Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software

Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg © 2008-2020.
If you may any questions please contact us: