Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Project Social Engineering Threats

Project Social Engineering Threats

Ratings:
(0)
|Views: 19|Likes:

More info:

Published by: Nand Prakash Prajapati on Nov 30, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/30/2011

pdf

text

original

 
MidsizeBusinessSecurityGuidance   
HowtoProtectInsidersfromSocialEngineeringThreats   
Published:August2006Forthelatestinformation,pleaseseewww.microsoft.com/technet/security/midsizebusiness/default.mspx   
 
© 2006 Microsoft Corporation. This work is licensed under the Creative Commons Attribution-NonCommercialLicense. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5/ or send a letter toCreative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
 
Contents
Introduction..............................................................................................1Who Should Read this Paper ..................................................................1Overview............................................................................................1Social Engineering Threats and Defenses.......................................................2Online Threats.....................................................................................2E-Mail Threats................................................................................2Pop-Up Applications and Dialog Boxes................................................4Instant Messaging...........................................................................5Telephone-Based Threats ......................................................................7Private Branch Exchange..................................................................8Service Desk..................................................................................9Waste Management Threats.................................................................10Personal Approaches...........................................................................11Virtual Approaches........................................................................13Physical Approaches......................................................................13Reverse Social Engineering..................................................................16Designing Defenses Against Social Engineering Threats..................................18Developing a Security Management Framework.......................................18Risk Assessment................................................................................20Social Engineering in the Security Policy.................................................23Implementing Defenses Against Social Engineering Threats ............................24Awareness........................................................................................25Managing Incidents ............................................................................25Operational Considerations ..................................................................26Social Engineering and the Defense-in-Depth Layered Model .....................26Appendix 1: Security Policy for Social Engineering Threat Checklists.................28Company Social Engineering Attack Vector Vulnerabilities .........................28Steering Committee Security Requirement and Risk Matrix........................29Steering Committee Procedure and Document Requirements.....................29Security Policy Implementation Checklist................................................30Incident Report..................................................................................30Appendix 2: Glossary...............................................................................31

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->