The Social Engineering test’s procedure, which is similar to
the technical test, is also composed of five steps, namely Reconnaissance,
Confirmation, Implementation, Analysis, Report. Here is the detail of each
step:
1) Reconnaissance: Use such social platforms as
Google and Linkedin to locate candidates who may be tested targets.
2) Confirmation: Confirm with the client about the
tested methodologies and the individuals as tested targets before documenting
the test plan. Bear in mind that the precise time frame of the implementation should not be known by the client in advance in order to estimate the client's incident response ability.
3) Implementation: Launch the SE test in accordance
with the aforementioned test plan; record every reaction from the targets
during the implementation.
4) Analysis: Analyze the reactions. Normally, the
incident response team of the client may confirm the situation with the SE
team.
5) Report: Document the analysis report after the
SE test is done, and submit the report before holding a meeting to discuss the
detail regarding the result.
No comments:
Post a Comment