BD308 Assignment 10- amelia nurul mupty-2581499006

  1. Define “social engineering” and provide three examples (e.g., pretexting, baiting).
  2. What are the key components of a good security awareness training program for employees?
  3. How can a simple “clean desk” policy contribute to the overall security of a business?

How can a simple “clean desk” policy contribute to the overall security of a business?

Answer
1. Social engineering is a manipulation technique used by attackers to trick people into revealing confidential information or performing unsafe actions. Examples include:Pretexting: pretending to be someone trustworthy (e.g., IT staff) to obtain sensitive data.Baiting: offering something enticing (like a free USB or download) that contains malware.Phishing: sending fake emails or messages that appear legitimate to steal login credentials

2. A good security awareness training program should include clear policies, regular training sessions, real-world attack simulations (like phishing tests), and continuous updates to keep employees aware of new threats. It should also encourage reporting suspicious activities.

3. A “clean desk” policy improves security by ensuring sensitive documents, devices, and information are not left exposed. This reduces the risk of unauthorized access, data theft, and accidental information leaks.

Status: 100%

Keterangan: Telah dikerjakan sebaik mungkin.

 

Previous Post Previous Post
Newer Post Newer Post

Leave a comment