Course 2019-2020 a.y.

20653 - SOCIAL ENGINEERING

Cross-institutional study L. Bocconi - Politecnico Milano

Course taught in English
Go to class group/s: 25
CYBER (2 credits - II sem. - OB  |  ING-INF/05)
Course Director:
STEFANO ZANERO

Classes: 25 (II sem.)
Instructors:
Class 25: STEFANO ZANERO


Mission & Content Summary

CONTENT SUMMARY

Social engineering attacks, non-technical and based on fraud and misrepresentation, are one of the main security threats. In this course we will review the basic definition of social engineering, examine examples of attacks and basic techniques employed in them, and review existing organizational and technical countermeasures.


Intended Learning Outcomes (ILO)

KNOWLEDGE AND UNDERSTANDING

At the end of the course student will be able to...

After successful completion of this course students will understand:

  • The threat posed by social engineering attacks
  • The most common attack methodologies
  • Tools and techniques for information gathering

APPLYING KNOWLEDGE AND UNDERSTANDING

At the end of the course student will be able to...

After successful completion of this course students will be able to:

  • Assess the potential risks from social engineering attacks for organizations
  • Demonstrate simple social engineering attacks
  • Use information gathering tools

Teaching methods

  • Face-to-face lectures
  • Guest speaker's talks (in class or in distance)
  • Exercises (exercises, database, software etc.)
  • Case studies /Incidents (traditional, online)
  • Interactive class activities (role playing, business game, simulation, online forum, instant polls)

DETAILS

The learning experience of this course includes, in addition to face-to-face lectures, thought experiments, case discussions, real examples and interactions with guest speakers from different organizations.

During the course, discussions and role playing will take place in class.


Assessment methods

  Continuous assessment Partial exams General exam
  • Written individual exam (traditional/online)
     x
  • Active class participation (virtual, attendance)
 x    

ATTENDING STUDENTS

  • Interactions in class / roleplay / debate (30% of the final grade) designed to verify the student ability to discuss topics related to the course and to test social engineering scenarios.
  • Final written exam (70% of the final grade), which aims to assess the student’s learning level of theoretical knowledge and the ability to apply it to real scenarios.

NOT ATTENDING STUDENTS

Final written exam (100% of the final grade), which aims to assess the student’s learning level of theoretical knowledge and the ability to apply it to real scenarios.


Teaching materials


ATTENDING STUDENTS

Teaching notes, suggested readings


NOT ATTENDING STUDENTS

  • Teaching notes, suggested readings
  • Textbook: No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing, Johnny Long

 

Last change 20/06/2019 09:12