User Account

All Pages

Exploiting security weaknesses social engineering

Assignment Help Management Theories
Reference no: EM131052514

Exploiting Security Weaknesses Social Engineering

An employee who needs permission to access an electronic workspace, database, or other information systems resource typically fills in a request form and obtains approval from the responsible manager. The manager then routes the request to one of the system's administrators. Highly trusted and well-trained systems administrators spend a significant amount of time doing nothing more technical than adding or removing names from access control lists. In large organizations, it's not unusual for systems administrators to have never met any of the people involved in a specific request. The administrators may not even work in the same office. Hackers have learned to take advantage of this approach to access authorization. They begin by probing an organization. The hacker doesn't expect to compromise the system during this initial probe. He or she just starts by making a few phone calls to learn who is responsible for granting access and how to apply. A little more probing helps the hacker learn who's who within the organization's structure. Some organizations even post this information online in the form of employee directories. With this information in hand, the hacker knows whom to talk to, what to ask for, and what names to use to sound convincing. The hacker is now ready to try to impersonate an employee and trick a systems administrator into revealing a password and unwittingly granting unauthorized access. Organizations determine who needs access to which applications.

They also need a system through which they can authenticate the identity of an individual making a request. Finally, they need to manage this process both effectively and inexpensively.

a. Describe the business problems that this exercise presents.
b. Suggest several ways to reduce an organization's exposure to social engineering.
c. Prepare an orientation memo to new hires in your IT department describing "social engineering." Suggest several ways employees can avoid being tricked by hackers.

Reference no: EM131052514

Questions Cloud

Write a paper about art tom brenner stoop pastel on paper : Write a paper about art Tom Brenner Stoop Pastel on paper. What era of Art History does your artwork belong to? INTRO: one paragraph
High degree of trust-commitment : I was in an organization that had a high degree of trust, commitment, and effort in stilled into everyone that worked there.  I was in the United States Marine Crops where every Marine is instill with a core set of values to fallow while doing the..
Regarding buy-sell agreements : Which of the following statements is true regarding buy-sell agreements?
Regarding tax implications of key employee life insurance : Which of the following statements regarding the tax implications of key employee life insurance is correct?
Exploiting security weaknesses social engineering : An employee who needs permission to access an electronic workspace, database, or other information systems resource typically fills in a request form and obtains approval from the responsible manager.
Benefit payments have started under pure life annuity : If the annuitant dies after annuity benefit payments have started under a “pure life annuity” settlement option
Explain the distribution channel : Pick a company and construct a diagram to explain the distribution channel that their products go through. Report in APA essay format 1 1/2 to pages long. Can add diagram to it and must cite references.
Company to profile-whole foods inc : How attractive is your company in the field of competitors? How has it entered the market and how is it positioned to capture a share of the emerging markets? Is this even a strategy for your company?
Problems with passwords authentication : Network and application managers need to know who is accessing their systems to determine appropriate access levels. Typically, they require that users create secret passwords. A secret password, known only to the user, allows an administrator to ..

Reviews

Write a Review

Management Theories Questions & Answers

  Describe the mix of health care provision in contemporary

Describe the mix of health care provision in contemporary Britain. Evaluate different approaches to the funding of health services in Britain. Identify and evaluate the demographic factors that are likely to affect the NHS in the future. Explain the ..

  Explain a contemporary management issue or idea

Managing the Internal Environment and Managing the external environment. You are also expected to respond to questions at the conclusion of your audio-visual presentation Topics Managing the Internal Environment

  The midland daily courier

You are the new online advertising manager for the Midland Daily Courier, a local newspaper. The newspaper wants to sell adverting on its Web site in a variety of formats to meet the needs of its advertisers.

  Whats the importance of statistics to a public administrator

Whats the importance of statistics to a public administrator?

  Describe the development phases of an m&a

Describe the development phases of an M&A and the respective HR implications.

  Differences between a lowcost and differentiation strategy

Over time, will the adoption of Six Sigma quality improvement processes give a company a competitive advantage, or will it be required only to achieve parity with competitors?

  How does a planner determine the appropriate service style

How does a planner determine the appropriate service style for each meal at an event? Provide an example of a style of food service and tie it to an event.

  Downstream of the customization point

In general, would you expect to see production lines upstream or downstream of the customization point in a supply chain? What about job shops? Explain.

  Discuss why variable pay-for-performance plans

Discuss why variable pay-for-performance plans have become popular and what elements are needed to make them successful.

  Distinction between insider trading and trading on inside

What is the distinction between insider trading and trading on inside information pursuant to U.S. securities law? Why is this distinction critical? Who can legally trade on inside information? Is such trading moral?

  A company markets wild and crazy games for teens

A company markets wild and crazy games for teens to play at parties. This company's customer market is a business market.

  Vacuums exist when leadership is struggling

Vacuums exist when leadership is struggling or communication internally is poor, so what vacuums exist within your organization? What recent events have exposed vacuums and what sort of rumours circulated? How does the leadership respond?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd