From the course: CISA Cert Prep: 5 Information Asset Protection for IS Auditors
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Social engineering
From the course: CISA Cert Prep: 5 Information Asset Protection for IS Auditors
Social engineering
- [Instructor] Alright, let's talk about social engineering. So, social engineering is essentially, in plain English, tricking people into doing something they may not be in their best interest. Getting them to do something for your purposes, not perhaps their own. Of course, now it's being used to attack computer systems by tricking people into breaking proper security practices, or the policies or the best processes that the organization has put in place. Let's talk about some of the different things you should know about social engineering, some of the different terms. So, pretexting, the first thing we should talk about, is essentially a fake scenario that you usually tell a story to someone to try and trick them into believing you, get a false sense of trust, and then pull some information out of them, oftentimes. So, a good example would be a call from tech support, a phony call from tech support or the CEO's office saying, we need your password, please, we need to reset this or…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.