Cargando…
Social engineering penetration testing : executing social engineering pen tests, assessments and defense /
This book gives the practical methodology needed to plan and execute a social engineering penetration test and assessment. It has insights into how social engineering techniques--including email phishing, telephone pretexting, and physical vectors--can be used to elicit information or manipulate ind...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Waltham, Massachusetts :
Syngress,
©2014.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 a 4500 | ||
|---|---|---|---|
| 001 | OR_ocn880637978 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 140528s2014 maua ob 001 0 eng d | ||
| 040 | |a UMI |b eng |e pn |c UMI |d UIU |d IDEBK |d E7B |d CDX |d YDXCP |d OCLCF |d DEBBG |d DEBSZ |d TPH |d STF |d B24X7 |d COO |d RIV |d CDS |d VT2 |d OCLCQ |d OCLCO |d TFW |d OCLCQ |d LIV |d OCLCQ |d OCLCO |d OCLCA |d CEF |d INT |d AU@ |d OCLCO |d OCLCQ |d WYU |d OCLCA |d OCLCO |d OCL |d OCLCQ | ||
| 019 | |a 878114942 |a 898035836 |a 1065906009 |a 1153027111 | ||
| 020 | |a 9780124201828 | ||
| 020 | |a 0124201822 | ||
| 020 | |a 1306642329 |q (ebk) | ||
| 020 | |a 9781306642323 |q (ebk) | ||
| 020 | |a 0124201245 | ||
| 020 | |a 9780124201248 | ||
| 020 | |z 9780124201248 | ||
| 029 | 1 | |a AU@ |b 000057231636 | |
| 029 | 1 | |a AU@ |b 000065316837 | |
| 029 | 1 | |a AU@ |b 000065427819 | |
| 029 | 1 | |a CHBIS |b 010480712 | |
| 029 | 1 | |a CHVBK |b 336920490 | |
| 029 | 1 | |a DEBBG |b BV042032820 | |
| 029 | 1 | |a DEBSZ |b 414182944 | |
| 029 | 1 | |a GBVCP |b 882730894 | |
| 035 | |a (OCoLC)880637978 |z (OCoLC)878114942 |z (OCoLC)898035836 |z (OCoLC)1065906009 |z (OCoLC)1153027111 | ||
| 037 | |a CL0500000435 |b Safari Books Online | ||
| 050 | 4 | |a HM668 |b .W387 2014 | |
| 060 | 4 | |a Online Book | |
| 082 | 0 | 4 | |a 303.4 |b 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Watson, Gavin, |d 1982- |e author. | |
| 245 | 1 | 0 | |a Social engineering penetration testing : |b executing social engineering pen tests, assessments and defense / |c Gavin Watson, Andrew Mason, Richard Ackroyd ; foreword Chris Hadnagy. |
| 260 | |a Waltham, Massachusetts : |b Syngress, |c ©2014. | ||
| 300 | |a 1 online resource : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Print version record. | |
| 504 | |a Includes bibliographical references and index. | ||
| 520 | |a This book gives the practical methodology needed to plan and execute a social engineering penetration test and assessment. It has insights into how social engineering techniques--including email phishing, telephone pretexting, and physical vectors--can be used to elicit information or manipulate individuals into performing actions that may aid in an attack. Using the book's easy-to-understand models and examples, the reader will have a much better understanding of how best to defend against these attacks. The authors show hands-on techniques they have used at RandomStorm to provide clients with valuable results that make a real difference to the security of their businesses. The book shows how to use widely available open-source tools to conduct pen tests and the practical steps to improve defense measures in response to test results. -- |c Edited summary from book. | ||
| 505 | 0 | |a Front Cover; Social Engineering Penetration Testing; Copyright Page; Contents; Foreword; Acknowledgements; About the Authors; About the Technical Editor; 1 An Introduction to Social Engineering; Introduction; Defining social engineering; Examples from the movies; Sneakers; Hackers; Matchstick Men; Dirty Rotten Scoundrels; The Imposter; Famous social engineers; Kevin Mitnik; Frank Abagnale; Badir brothers; Chris Hadnagy; Chris Nickerson; Real-world attacks; The RSA breach; The Buckingham Palace breach; The Financial Times breach; The Microsoft XBox breach; Operation Camion; Summary. | |
| 505 | 8 | |a 2 The Weak Link in the Business Security ChainIntroduction; Why personnel are the weakest link; Secure data with vulnerable users; The problem with privileges; Data classifications and need to know; Security, availability, and functionality; Customer service mentality; Poor management example; Lack of awareness and training; Weak security policies; Weak procedures; Summary; 3 The Techniques of Manipulation; Introduction; Pretexting; Impersonation; Baiting; Pressure and solution; Leveraging authority; Reverse social engineering; Chain of authentication; Gaining credibility. | |
| 505 | 8 | |a From innocuous to sensitivePriming and loading; Social proof; Framing information; Emotional states; Selective attention; Personality types and models; Body language; Summary; 4 Short and Long Game Attack Strategies; Introduction; Short-term attack strategies; Targeting the right areas; Using the allotted time effectively; Common short game scenarios; Long-term attack strategies; Expanding on initial reconnaissance; Fake social media profiles; Information elicitation; Extended phishing attacks; Gaining inside help; Working at the target company; Targeting partner companies. | |
| 505 | 8 | |a Long-term surveillanceSummary; 5 The Social Engineering Engagement; Introduction; The business need for social engineering; Compliance and security standards; Payment Cards Industry Data Security Standard; ISO/IEC 27000 information security series; Human Resource Security, Domain 8; Physical and Environmental Security, Domain 9; Social engineering operational considerations and challenges; Challenges for the social engineers; Less mission impossible, more mission improbable; Dealing with unrealistic time scales; Dealing with unrealistic time frames; Taking one for the team; Name and shame. | |
| 505 | 8 | |a Project managementChallenges for the client; Getting the right people; Legislative considerations; The Computer Misuse Act 1990 (UK)-http://www.legislation.gov.uk/ukpga/1990/18; Section 1-Unauthorized access to computer material; Section 2-Unauthorized access with intent to commit or facilitate commission of further offenses; Section 3-Unauthorized acts with intent to impair or with recklessness as to impairing, operation of computer, etc.; The Police and Justice Act 2006 (UK)-http://www.legislation.gov.uk/ukpga/2006/48/contents. | |
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Social engineering. | |
| 650 | 0 | |a Social sciences. | |
| 650 | 1 | 2 | |a Social Sciences |
| 650 | 6 | |a Ingénierie sociale. | |
| 650 | 6 | |a Sciences sociales. | |
| 650 | 7 | |a social sciences. |2 aat | |
| 650 | 7 | |a Social sciences. |2 fast |0 (OCoLC)fst01122877 | |
| 650 | 7 | |a Social engineering. |2 fast |0 (OCoLC)fst01122444 | |
| 655 | 4 | |a Llibres electrònics. | |
| 700 | 1 | |a Mason, Andrew G., |e author. | |
| 700 | 1 | |a Ackroyd, Richard, |e author. | |
| 776 | 0 | 8 | |i Print version: |a Watson, Gavin, 1982- |t Social engineering penetration testing |z 9780124201248 |w (DLC) 2014003510 |w (OCoLC)871186904 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780124201248/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Books 24x7 |b B247 |n bks00066989 | ||
| 938 | |a Coutts Information Services |b COUT |n 28119978 | ||
| 938 | |a ebrary |b EBRY |n ebr10864338 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n cis28119978 | ||
| 938 | |a YBP Library Services |b YANK |n 11785698 | ||
| 994 | |a 92 |b IZTAP | ||