University of Maryland Social Engineer Profile Paper

/in /by

Develop a profile of a social engineer, who they are, how to recognize them, and what tactics they use to manipulate employees. Then design a set of 10 different posters we could put in places where employees congregate to remind them of the risk, how social engineers work, and how to protect themselves. You will want to use different ones for different types of employees and also for different threats. Be creative and engaging. Upload below.

Elements

Exceeds Competency

90 – 100

Mechanics

Grammar, spelling, sentence structure; Cite sources in APA format from reputable reference materials

(10%)

All work is in APA format with appropriately cited sources; no grammar or spelling errors.Uses complete sentences, well formed paragraphs, and graduate level word usage and complex sentence structure.

Social Engineer Profile

(45%)

Develops a clear, accurate profile of a social engineer that includes who they are (generally, not names), how to recognize them, and what tactics they use to manipulate employees. The profile is based on well-documented, reliable sources.Includes examples from real cases that provide more evidence of tactics they use to manipulate people.

Posters

(45%)

Designs a set of more than 10 different posters that can be put in places where employees congregate to remind them of the risk, how social engineers work, and how to protect themselves.The posters use different ones for different types of employees and also for different threats.The posters are creative and engaging.They use color, graphics and pictures, a few highly effective words, and accurate information to enhance the presentation.Provides reliable sources to support the information.

background:

Message From the Consulting Company Director:We have a client who has, until now, maintained their data center within their main facility.After multiple breaches, they realize that their data is a risk and they need a new secure facility just for the data center. The breaches so far have been socially engineered, with one attacker actually getting inside the data center at the main facility and removing a hard drive with sensitive information.After their CIO investigated the incident, he found that the attacker had managed to manipulate a number of employees to get information and gain access.It appears that the employees “just wanted to help” and with lack of proper training, actually aided in the attack.They are in great need of our help. What I need you to do is to work with the IT department to develop a report and plan to:

  • Determine where to relocate the Data Center
  • Decide what physical security is needed to secure the site
  • Determine what training is needed for the employees to decrease the risk of another attack.
  • Determine appropriate countermeasures to deal with common threats.
  • Devise a maintenance plan for review security on a regular basis.