Social Engineering Test

Engagement Objective

Devise various methods to (1) obtain confidential information which has been discarded and (2) manipulate employees to divulge confidential information (3) test physical access controls (4) test employee awareness to falling prey to phishing attacks

Alternative Engagement Components

- Phone Pretexting Attacks

- Dumpster Dive, Workplace Search and Physical Access

- Email "Phishing" Attacks

-  Targeted Social Engineering Attacks (Requires analysis of your business processes in order to establish scripts)

Next Steps

Complete the Information Request form  and Audit Serve will contact you to scale the audit scope to the requirements of your organization and establish a proposal for the engagement or email levinemh@auditserve.com

 

AuditNet - The Global Resource for Auditors

Free
Audit Vision
Newsletter

Since 1991
Join 3,500 other subscribers

 

 

Free Audit Serve Seminars Posted Online

25 minute extract from the seminar entitled "Alternate Control Design Approaches for z/OS" presented by Mitch Levine in London (at the Churchill War Rooms) March, 2018 which would be of interest to IT Audit, Security and GRC personnel

General Data Protection Regulation Seminar

Copyright © 2015. All Rights Reserved.