From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Social engineering
From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Social engineering
- [Narrator] Digital threats aren't the only issue facing information security professionals seeking to protect their organizations. Some of the most dangerous risks come from the human threat of social engineering. These are also some of the hardest threats to defend against. Social engineering attacks use psychological tricks to manipulate people into performing an action or divulging sensitive information that undermines the organization's security. For example, an attacker posing as a help desk technician might use social engineering to trick a user into revealing their password over the telephone. Social engineering attacks are the online version of running a con. There are six main reasons that social engineering attacks are successful. These include authority, intimidation, consensus, scarcity, urgency, and familiarity. Let's dig into each of these a little more. Psychological…