“System Upgrade” Select one of the following and discuss in no less than three paragraphs, and have at least one response to another student of at least one paragraph:
- Imagine a scenario where Jane, an administrative employee of a company, receives a call from James, the company’s security administrator. He announces that he is calling everyone to inform them about this coming weekend’s upgrade to the accounting system. James adds that he does not need anyone’s password to the system, which Jane believes is a secure option. Instead, James will provide a batch file to complete the update. As an outsider looking into this scenario, explain the social engineering concerns that Jane should consider. Include the major signs that would indicate James’s request is either a valid one or one that represents a potential attack on Jane’s system.
- Suggest one strategy that a security department could use in order to raise awareness of social engineering concerns in an organization. Describe an original scenario similar to the one in the first portion of this question that brings to light a social engineering attack or concern and the manner in which the user(s) should react to such an attack.
- Any current topic or article related to penetration techniques.