Introduction Social engineering has been the cause of many of the most high profile cyber-attacks in recent years. The human element is too often the problem. In this training class, you will learn how some of the most elegant social engineering attacks take place. Learn to perform these scenarios and what is done during each step of the attack, from imitation through exploitation. This course is intended to help you better prepare your organization for defense of social engineering attacks, as well as how to ethically use these techniques for intelligence gathering.
Topics include: Intro to social engineering, exploitation lifecycle, digital information gathering, targeting, digital profile reduction, psychology of social engineering, elicitation, pretexting, cold-calling, bypassing physical security, post exploitation, binary evasion and more.
Pre-requisites: This class is intended for cyber security professionals who have at least a baseline understanding of penetration testing and security policy principles. Approximately two years of experience in cyber security or some well-established information security certification is highly recommended.
Training Methods and Course Materials
For each course attended, you will be provided with:
comprehensive course specifications, writing guidelines and notes;
workshop model solutions;
a CD-ROM with extensive documents and resources;
Information regarding access to web-resources and etc.;
Post access to the presenter via phone and email for up to 3 months after the completion of the course.
Module 1 - Introduction Introduction The Social Engineer Exploatation Life-Cycle
Module 5 – Detection and Prevention Detection and Prevention Towards Advanced Social Engineering
About the Presenter
With his 4 years’ experience as an IT Systems Engineer, and 6 years hands-on experience in the field of Information Security, besides CISO’s operations and governance in the Bank, currently working as responsible for PCI DSS implementation and maintenance in the Bank’s Card-Holder-Data-Environment, as well.
Darko’s educational status is Master of Science with Master thesis in the field of Industrial Information Security (SCADA Environment). His professional background is accompanied with several certifications in the field of information security, such as: Certified Ethical Hacker, Certified ISO27001:2013 Lead Auditor, BIA Implementer etc.
His resume includes several publications:
Assessing Industrial Networks,
Hacking Techniques performed in Industrial Environment,
Compensation controls as an alternative method for PAN numbers encryption in MS SQL Database (PCI DSS 3.0 Chapter 3.4),
Attacking IT-Defense Devices,
Implementation of „SSL for ADO.Net“ for Encryption of the Data In Transit in the Corporate Network (PCI DSS 3.1 Chapters 2.3, 4.1