Assessment item 3 – Social Engineering Essay
Humans are social creatures – it is one of our defining qualities within the animal kingdom. In the hyperconnected world of the 21st century we indulge our desire to connect and collaborate with our fellow humans via social media. As more of our lives move online, so too do the threats to our livelihoods and our privacy. Criminals have always sought to gain through exploitation of human weakness, and today’s cyber criminals use our digital footprint to improve their chances of success. As a security professional, you will need to understand and address both the technical and non-technical weaknesses that threaten the information you are charged with protecting.
For this assessment task, you will write an essay on the following:
Social Engineering: The Hidden Cost of Being Social
The primary ideas you should address in this essay are:
A comprehensive definition and description of social engineering
What makes social engineering so effective?
How does our use of social media contribute to the success of social engineering?
What technical and administrative techniques can be deployed to mitigate the threat of social engineering?
Refer to the suggested structure below and ensure that you address all the criteria. Note that the suggested headings and suggested proportion of the word count are provided as a guide to your essay structure; you are not required to strictly follow this format
The introduction sets the scene for the whole essay. The purpose of the introduction is to identify the topic, your point of view and the main reasons for your response. Generally, approximately 10-15% of the allocated word count.
This section will often contain the following points:
Introduce the topic.
Give background or context to give relevance to the discussion.
State the main point or purpose of the essay.
Preview the subtopics or themes.
Paragraphs in the body of the essay show your discussion of the main ideas supporting your position or response to the question. Ideas from the scholarly literature give credibility and weight to your argument. Generally, approximately 70-80% of the allocated word count.
Each paragraph should link with the previous paragraph and may include:
A topic sentence: a statement of the main idea of the paragraph.
Explanation or supporting evidence from the scholarly readings.
Further evidence from your reading to deepen your discussion.
Application of ideas to a scenario or using an example.
Your comments on, discussion and evaluation of these ideas.
A concluding sentence that brings the paragraph to a close.
The purpose of the conclusion is to summarise and make final evaluative comments. It is important to refer to the essay questions. Generally, approximately 10-15% of the allocated word count.
This paragraph includes:
A summary of the main ideas presented in the essay.
Confirmation of any thesis included in the introduction.
Final evaluative comments on the relative importance of the arguments.
Comments on the ongoing significance of the topic as an issue that needs further discussion or investigation.
DO NOT introduce any new content at this point.
The key elements expected for presentation of a written assignment at masters’ level:
Correct grammar, spelling and sentence structure
Cohesive and well-structured essay format
Clean and professional overall presentation
Appropriate referencing using APA 7th Edition (reference list should contain a minimum of 6 appropriate references)
This assessment task will assess the following learning outcome/s:
be able to analyse information system weaknesses, and demonstrate how these make an environment vulnerable to attack.
be able to implement countermeasures to prevent attackers causing harm to their target, and from covering their tracks.
Marking criteria and standards
Introduction and definition
Introduce the topic of Social Engineering, giving context in terms of recent events. Summarise the topic for the reader, providing a precis of the content you will explore in the body of the essay.
Provide a clear, informative and comprehensive definition of Social Engineering, and how our online habits contribute to its success.
The topic is artfully and insightfully introduced, and well contextualised within the contemporary cyber security landscape.
The description of Social Engineering is extremely comprehensive, well-researched and informative.
The reader is left with an exceptionally clear sense of the thesis proposed by the author, regarding the factors underpinning Social Engineering.
The length of the summary is appropriate, being approximately 10-15% of the overall word count.
Attack and defence
The body of the essay should describe in detail the means used by successful Social Engineers, and the role played by social media in supporting these attacks. This section should showcase a recent example of a cyberattack where social engineering was a key factor and explain in detail how such attacks may be mitigated using both technical and non-technical means.
Social Engineering is clearly, comprehensively and insightfully explained. The student demonstrates excellent use of relevant literature to support the answer.
The link between social media use and successful Social Engineering is insightfully described and explained, and a relevant recent example is succinctly and accurately described.
The strategies, tools and techniques that may be used to mitigate Social Engineering threats are comprehensively explained, linked to previously described attack techniques and well supported by relevant literature.
This section will summarise the main thesis of the essay, providing statements on how well the evidence supports the arguments made by the author. The student will evaluate the outcome of the exploration of the topic and provide insight towards additional study or research that may be needed to enhance understanding of the topic.
The main thesis is clearly and insightfully summarised, and all key findings from the discussion are concisely explained.
Each argument supporting or refuting the thesis is included in the summary, and the student succinctly evaluates the topic based on the arguments presented.
The ongoing significance of the topic is clearly explained, and insightful suggestions are made concerning further work required.
No new material is introduced in this section.
Presentation and referencing
Grammar, spelling and sentence structure must be accurate and professional. The format of the submission must befit a corporate or government institution. The presentation must be clean and professional, and the message always clearly conveyed.
Appropriate referencing should be included using APA 7th Edition, and the reference list should contain a minimum of 6 appropriate references.
Grammar and spelling contain no errors
Sentence and paragraph structure are accurate and cohesive, and the ideas flow throughout the essay
CSU/IT Masters formatting standards are closely followed
Overall presentation is professional and fastidiously edited, and commensurate with a master’s level submission
Referencing and citation are properly and judiciously implemented, and a large amount of high-quality literature has been researched
Use an report format, with correct grammatical protocols and accurate spelling, punctuation and word count.
Feel free to use headings and bullet-lists where you think this is appropriate.
APA referencing should be used unless students have made prior arrangements with the subject mentor.
Word count for this assignment is taken seriously. The word count reflects the level of detail you are required to put into your assignment. Students who exceed the word count by more than 10% will be penalised, and students who exceed wordcounts by an excessive amount may not have their assignment marked beyond a certain point to ensure fairness to other students who have completed the assignment within the guidelines given.