About this course
The course consists of 8 lectures covering various aspects of Social Engineering (the main approach is based on the book Social Engineering: The Art of Human Hacking by Christopher Hadnagy; it is complemented with assorted other sources) and 4 practical labs/seminars. The participants will be divided into 4 groups, each group will be responsible for one lab (chooses the main topic, compiles a presentation and exercises/experiments done with the participation of other students), the main topic of each lab will be consulted with the lecturer beforehands. In addition, each participant is to write a 5-10 page paper on a freely chosen but course-related topic. The main topics of the course are:
- Information gathering.
- Elicitation.
- Pretexting.
- Psychological principles in SE.
- Influence and persuasion.
- Tools of SE.
- Case studies and examples.
- Prevention, mitigation and counters.
NB! This course will take place in spring semester 2024/2025 which starts on 3rd of February and ends on 16th of June (you can find that information under Start date section). The real course start and end dates will be announced at the beginning of February at the latest.
Learning outcomes
Student will:
- know the essence of Social Engineering and its common forms and techniques;
- recognize Social Engineering attempts and act accordingly;
- has an overview of the measures to prevent Social Engineering involving technology, training and policy/regulations.
Examination
Final assessment can consist of one test/assignment or several smaller assignments completed during the whole course. After declaring a course the student can re-sit the exam/assessment once. Assessment can be graded or non-graded. For specific information about the assessment process please get in touch with the contact person of this course. For specific information about grade transfer please contact your home university
Course requirements
Ordinary computer/Internet skills and interest in cyber security will suffice. The course uses the university's MS Teams environment for most tasks, the students will need the Uni-ID identifier for access.
Resources
- The list includes, but is not limited to:
- - ANDRESS, Jason. The Basics of Information Security: Understanding the Fundamentals of InfoSec in
- Theory and Practice. Syngress 2011
- - CONTOS, Brian T. Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise
- Security Management Countermeasures. Syngress 2006
- - GRAGIDO, Will, PIRC, John. Cybercrime and Espionage: An Analysis of Subversive Multi-vector
- Threats. Syngress 2011
- - GRAGIDO, Will et al. Blackhatonomics: An Inside Look at the Economics of Cybercrime. Syngress
- 2013
- - HADNAGY, Christopher. Social Engineering: The Art of Human Hacking. Wiley Publishing 2011
- - LONG, Johnny. No Tech Hacking: A Guide to Social Engineering, Dumpster Diving and Shoulder
- Surfing. Syngress 2008
- - LONG, Johnny et al. Google Hacking for Penetration Testers. Third Edition. Syngress 2016
- - MITNICK, Kevin D., SIMON, William L. The Art of Deception: Controlling the Human Element of
- Security. Wiley Publishing 2003
- - MITNICK, Kevin D., SIMON, William L. The Art of Intrusion: The Real Stories Behind the Exploits fo
- Hackers, Intruders & Deceivers. Wiley Publishing 2005
- - NISSEN, Thomas Elkjer. The Weaponization of Social Media: Characteristics of Contemporary
- Conflicts. Royal Danish Defence College 2015 (saadaval ka veebilehel https://www.stratcomcoe.org/thomasnissen-
- weaponization-social-media)
Activities
lectures, practices
Additional information
- More infoCoursepage on website of Tallinn University of Technology
- Contact a coordinator
- CreditsECTS 3
- LevelBachelor
- Contact hours per week1.5
- InstructorsKaido Kikkas
- Mode of instructionOnline - at a specific time
Offering(s)
Start date
3 February 2025
- Ends16 June 2025
- Term *Spring semester 2025
- Instruction languageEnglish
- Register between29 Oct - 29 Nov 2024
Only 9 days to enrolApply now