Do My Assignment!

Are coursework assignment or deadlines stressing you?

We can assist you, we solve problems, answer questions and write papers for top grades

Check our clients testimonials and rest assured you’ll get a high quality, plagiarism-free paper, 100% according to your instructions and deadline!

Special offer! Get 20-30% discount on all orders - Check Coupons Section

Posted: August 28th, 2022

“Don’t Include Social Engineering in Penetration Tests,”

Computer Sciences and Information Technology
“Don’t Include Social Engineering in Penetration Tests,” Article
After reading the article “Don’t Include Social Engineering in Penetration Tests,” discuss whether social engineering should be included as part of a penetration test. Knowing that the human is the weakest link in the cybersecurity chain, is it ethical as part of the pen test to engage in behavior that the author describes as a “grey area: compromising staff members’ personal devices or personal email accounts (as opposed to work accounts); breaking into office buildings to steal equipment or plant network monitoring devices; compromising social media accounts to perform recon; etc.”? (Kaplan-Moss, 2017)

Review several of your fellow learners’ posts and respond to at least two of your peers by end of Day 7 of the week. In your response to your classmates’ posts:

Do you agree with your fellow learners’ assessments of social engineering as part of penetration testing?
Try to expand on your rationale by asking your classmates questions and provide additional resources and evidence to support your claims and to extend their thoughts on their point of view.
References

Kaplan-Moss, J. (2017, June 27). Don’t include social engineering in penetration tests [Blog post]. Retrieved from https://jacobian.org/2017/jun/27/social-engineering-pentests/
—>
From reading the article “Don’t Include Social Engineering in Penetration Tests” by Jacob Kaplan-Moss, it is clear that social engineering should not be included as part of a penetration test. Kaplan-Moss argues that social engineering tactics, such as compromising staff members’ personal devices or personal email accounts, breaking into office buildings, and compromising social media accounts, are a “grey area” and can be considered unethical.
Furthermore, Kaplan-Moss states that these tactics can also harm the reputation of the company conducting the penetration test and can lead to legal issues. Additionally, the article highlights that social engineering is a separate field from penetration testing and should be treated as such.
I agree with Kaplan-Moss’s assessment that social engineering should not be included as part of a penetration test. The human factor is a crucial aspect of cybersecurity, and it is essential to consider the potential consequences of social engineering tactics on both the company and the individuals involved. Additionally, it is essential to consider the legal and ethical implications of these tactics and ensure that they align with industry standards and regulations.
To expand on this point, one could ask questions such as: What are the alternatives to using social engineering tactics in a penetration test? How can companies test their employees’ susceptibility to social engineering without compromising their personal information? Additionally, one could provide resources such as the “Code of Ethics” from the International Association of Penetration Testers (IAPP) which states that penetration testers should respect the privacy and legal rights of individuals and organizations.
Social engineering should not be included as part of a penetration test due to its unethical nature and potential legal and reputational consequences. It is essential for companies to consider the human factor in cybersecurity and to adhere to industry standards and regulations.
—>

Article Review
The utilization of social engineering in penetration tests is mainly to uncover the security weaknesses within its vulnerabilities. However, the activity is risky, considering its borderline conduct during the processes. On reading the Article by Kaplan-Moss (2017), I agree that social engineering should not be part of the penetration tests due to its inability to produce invalid results. Human beings are the weakest links in cybersecurity systems since a simple wrong move in their interactions with the systems could compromise the corporation’s information. Social engineering will have its partakers even engage in unethical conduct that could position an individual at a compromise point.
The process mainly entails having a person disguised as an authorized individual asking an employee to use their credentials to access sensitive information (Murashka, 2018). An unknowing employee could easily believe such an individual, especially if they provide the right information and have the individual access the information in an instant. By the time the individual understands that he was tricked into the activity, the damage has already been done. This would determine how one’s employees are ready in the face of system risks and vulnerabilities (Brecht, 2016). However, it is unethical to trick, con, steal information, or use other information to access sensitive information. It is prudent that cybersecurity systems are monitored in legal ways at all points such that the final reports gained were developed from a legal and true point. According to Kaplan-Moss (2017), social engineering is a risky process that will not bring useful outcomes. Therefore, it is prudent that other options are considered, such as simulation, and focus on the systems’ remediation process.

References
Brecht, D. (2016). Google Docs – Create and edit documents online for free. Retrieved from https://docs.google.com/document/d/1zAPy5ZcXbrZlG9fqRHBACAJqO1OLaMjF3K3xDUyiDoo/edit
Kaplan-Moss, J. (2017). Don’t include social engineering in penetration tests. Retrieved from https://jacobian.org/2017/jun/27/social-engineering-pentests/
Murashka, U. (2018, January 25). Social engineering penetration testing: An overview. Retrieved from https://www.scmagazine.com/home/opinion/executive-insight/social-engineering-penetration-testing-an-overview/

Check Price Discount

Tags:

Order for this Paper or Similar Assignment Help

Fill a form in 3 easy steps - less than 5 mins.

Why Opt for Custom Writing Services

You Want Quality and That’s What We Deliver

Top Essay Writers

To join our team, we choose only the best writers. They each have expertise in specific topic fields and experience in academic writing.

Affordable Prices

We offer student friendly prices while still having maintaining  the best writing standard. Compared to other writing services, our prices are fair and reasonable..

100% Plagiarism-Free

You will never receive a product that contains any plagiarism. We scan every final draft before releasing it to be delivered to a customer.

How it works

When you decide to place an order with Write my Nursing Paper, here is what happens:

Complete the Order Form

You will complete our order form, filling in all of the fields and giving us as much instructions detail as possible.

Assignment of Writer

We analyze your order and match it with a custom writer who has the unique qualifications for that subject, and he begins from scratch.

Order in Production and Delivered

You and your writer communicate directly during the process, and, once you receive the final draft, you either approve it or ask for revisions.

Giving us Feedback (and other options)

We want to know how your experience went. You can read other clients’ testimonials too. And among many options, you can choose a favorite writer.

Expert paper writers are just a few clicks away

Place an order in 3 easy steps. Takes less than 5 mins.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00