CIS420 Discussion

"System Upgrade"  Please respond to the following:

• Imagine a scenario where Jane, an administrative employee of a company, receives a call from James,the company’s security administrator. He announces that he is calling everyone to inform them about this coming weekend’s upgrade to the accounting system. James adds that he does not need anyone’s password to the system, which Jane believes is a secure option. Instead, James will provide a batch file to complete the update. As an outsider looking into this scenario, explain the social engineering concerns that Jane should consider. Include the major signs that would indicate James’s request is either a valid one or one that represents a potential attack on Jane’s system.
• Suggest one strategy that a security department could use in order to raise awareness of social engineering concerns in an organization. Describe an original scenario similar to the one in the first portion of this question that brings to light a social engineering attack or concern and the manner in which the user(s) should react to such an attack.
• Discuss any article from the Scam database https://idtaskforce-young.house.gov/scams from the Instructor Insight area.
• Discuss any current event relative to the course.