Social Engineering: Protecting Systems from Users

Length: 4000 words
Task:
There have been many studies conducted on the
relative weakness of security products, components and mechanisms. In the
majority of cases the major weakness has been identified as the actual users of
the system. Whether they are the attacker or the attacked users have the
greatest capacity to compromise a system by using, or providing information to
hackers, in a way that is damaging. Much time as an IT Security
professional is spent on developing, implementation and managing technical
controls without much more than a passing interest paid to the people that use
the technology every day.
For this assessment task you will write an essay on
the following:

Social Engineering: Protecting Systems from Users

Some primary ideas you might like to address in
this essay include:
Definition
of Social Engineering.How
does Social Engineering allow hackers to gain access to systems or
escalate privileges?What
are the key challenges of combating Social Engineering Attacks?What
mechanisms, techniques or tools can be used to mitigate against Social
Engineering Attacks?

IMPORTANT!!!Please refer to the
Marking Criteria and Rubric:

Marking
Criteria:

Introduction
The introduction sets the scene for the whole essay. The purpose of the introduction
is to identify the topic, your point of view and the main reasons for your
response. Generally approximately 10-15% of the allocated word count.
This section will often contain the following points:
• Introduce the topic.
• Give background or context to give relevance to the discussion.
• State the main point or purpose of the essay.
• Preview the subtopics or themes.

Body
Paragraphs in the body of the essay show your discussion of the main ideas
supporting your position or response to the question. Ideas from the
scholarly literature give credibility and weight to your argument. Generally
approximately 70-80% of the allocated word count.
Each paragraph should link with the previous paragraph and may include:
• A topic sentence: a statement of the main idea of the paragraph.
• Explanation or supporting evidence from the scholarly readings.
• Further evidence from your reading to deepen your discussion.
• Application of ideas to a scenario or through the use of an example.
• Your discussion of, comment on and evaluation of these ideas.
• A concluding sentence that brings the paragraph to a close.

Conclusion

The purpose of the conclusion is to summarise and make final evaluative
comments. It is important to refer back to the essay questions. Generally
approximately 10-15% of the allocated word count.
This paragraph includes:
• A brief summary of the main ideas presented in the essay.
• Confirmation of any thesis included in the introduction.
• Final evaluative comments on the relative importance of the arguments.
• Comments on the ongoing significance of the topic as an issue that needs
further discussion or investigation.
• DO NOT introduce any new content at this point.

Presentation

• Grammar & spelling
• Essay format
• Overall presentation
• Appropriate referencing using APA 6th Edition.
• Reference list should contain a minimum of 6 appropriate references.

Rubric:

Criteria

Result Expected

Explore
and discuss the definition and principles of social engineering and its relevance
to information security.
·Definition of social
engineering.
· Discuss
how social engineering can be used as a method for gain access to information
or systems.
· Discuss
the key challenges of protecting information against social engineering attacks.
· Discuss relevant tools
and mechanisms that may be used to protect against social engineering
attacks.

A clear and
accurate definition of social engineering has been discussed. The
student has comprehensively addressed the task, demonstrating an excellent
conceptual understanding of how social engineering is used to gain access to
information or systems. They have discussed in detail a range of challenges
with respect to social engineering and have related each challenge with
clarity to a range of protective tools and mechanisms that can be used by
security professionals. The student has fully addressed all of the essay
criteria.

Selection of a range of
material which is relevant to the topic. Integration of material sourced
from literature to support the ideas expressed in the essay. Minimum of
8 references 4 of which must be relevant, refereed, journal articles located
by the student.

Excellent independent identification
of an extensive range of literature which is: relevant; current; authoritative;
and which includes multiple publication types. Substantially exceeds the
minimum number of required references, demonstrating excellent skills in
searching for relevant and credible literature. Excellent linkage and
integration. Has developed and justified using own ideas based on
publications which have been thoroughly analysed, applied and discussed to
illustrate and justify the discussion.

A successful Masters student must
write clearly and purposefully in English using vocabulary and language that suits
the writing task and addresses their intended audience.

Writing demonstrates clarity of intention,
purpose, and approach to the topic.
Written
expression is clear, fluent and well-structured:
· Sentences are well structured, with good use of
vocabulary, and with minimal or no grammatical and punctuation errors.
· Paragraphs are structured to present a flow of
ideas.
· The written piece is well-formatted with
minimal or no spelling or proofreading errors.
· Language
is used to convey a clear meaning to the intended audience.
Writing style conveys a clear and meaningful
interpretation of the task, based on confidence in knowledge and ability to
clearly communicate complex concepts and ideas.
Presented in 1.5 line spacing, with wide margins,
page numbers and suitable type-size.