Perform the following three labs, making sure to document your results with either screenshots or notes for your own documentation so that you can remember what you did in the labs. Access the uCertify tab in the Table of Contents, choose the Dashboard, and select “Hands-On Labs” button in the middle of the screen in uCertify. All Lesson/Labs will be visible. Locate the Lesson/Lab name and complete the lab assigned. Some units will have Lesson/Labs that do not correspond to the unit number you are on. Please read the Lesson/Lab name carefully.
uCertify CISM – Certified Information Security Manager LiveLab
• Lesson 2: Using Social Engineering Techniques to Plan an Attack
• Lesson 2: Demonstrating Network Mapping and Quarantining a Vulnerable System
uCertify CompTIA Cybersecurity Analyst (CySA+)
• Lesson 2: Identifying a Suspicious Account on the System User Groups
Using your lab results, write a 2- to 3-page analysis that provides an assessment of social engineering techniques found in the labs and the reading. You should identify a minimum of three social engineering techniques as well as related mitigation strategies. An example would be a user receiving a phishing email purporting to be from the IRS giving the status of their tax refund with a link that downloads ransomware. The remediation strategy might involve a combination of user training and restoring a recent backup image of the affected system.
Unit 2 Assignment Social Engineering
Outcomes addressed in this activity:
Unit Outcome:
• Distinguish appropriate standards and methodologies for cybersecurity solutions.
Course Outcome:
: Assess appropriate cybersecurity processes for addressing appropriate outcomes.
Purpose
Almost two-thirds of all cybersecurity attacks are initiated by some sort of social engineering exploit. No matter how strong and effective a cybersecurity infrastructure may be, the safeguards can easily be bypassed by a clever social engineering attack. Protecting an organization against social engineering requires a combination of user training and mitigation strategies. The main difficulty that many organizations have when dealing with social engineering occurs when personnel are unclear about what to do if they find themselves in an uncertain situation. Well-crafted security policies and regular training can help mitigate personnel vulnerability to social engineering. This assignment gives you the attacker’s point of view when planning a social engineering attack as well as some mitigation strategies.
Assignment Instructions
Create an analysis assessing a minimum of three social engineering techniques discovered in your lab results and from the reading. Feel free to include more techniques in your analysis, but three should be the minimum. Be sure to note the exploitability, the relative impact on the organization, and the scope of the attack. Following your social engineering analysis, provide 2–3 pages of discussion that includes a description of the social engineering techniques, how each of the techniques relates to risk for the organization, and how each technique can be mitigated or prevented.
The minimum page count is 2–3 pages (excluding title page, etc.). If you require more pages to thoroughly discuss the identified techniques, then include them. Your paper should use Times New Roman 12-point font, be double spaced, and use correct APA formatting (title page and reference page). Be sure to use proper APA in-text citations that match your reference list.
Sample Solution
