EUt+ Mobility
Go back

Course Page ✏️


Social Engineering [ELECTIVE]
30.2622

Description
ELECTIVE COURSE -> not offered every semester

Learning objectives:
The participants
understand the mode of action of social engineering not only on a technical but also on a psychological level.
know the different phases of a social engineering attack.
are able to name, analyze and evaluate different attack vectors.
are able to recognize social engineering by means of technical and organizational measures and to develop and implement countermeasures.
can conceptualize, implement and evaluate the success of security awareness training.
can apply methods from IT auditing to carry out appropriate tests for the existence and effectiveness of controls and employee awareness of social engineering.
Course content
Theoretical basics of social engineering (definition, mode of action, human behavior, attack vectors)
Embedding social engineering in the IT security management of companies (e.g. security incident process)
Presentation of concrete social engineering attack vectors (e.g. e-mail phishing, attacks via telephone, distribution of USB sticks, physical access attempts)
Using "The Social-Engineer Toolkit" to carry out social engineering penetration tests
Measures to detect social engineering (e.g. spam filters, anti-malware, security awareness, authentication)
Measures to prevent social engineering (e.g. security awareness, technical solutions)
Approaches to testing security awareness in companies
Transfer of practical experience


ECTS credits
5

Teaching Language
Deutsch

Exam Language
Deutsch

Support Materials Language
English/Deutsch

Basic Learning Outcomes

Managing Entity (faculty)
Computer Science Department (HDA)