期刊名称:International Journal of Network Security & Its Applications
印刷版ISSN:0975-2307
电子版ISSN:0974-9330
出版年度:2013
卷号:5
期号:4
DOI:10.5121/ijnsa.2013.5402
出版社:Academy & Industry Research Collaboration Center (AIRCC)
摘要:Organizations invest heavily in technicalcontrols for their Information Assurance (IA) infrastructure.These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Mostorganizations rely on training to mitigate and reduce risk of non-technical attacks such as socialengineering. Organizations lump IA training into small modules that personnel typically rush throughbecause the training programs lack enough depth and creativity to keep a trainee engaged. The key toretaining knowledge is making the information memorable. This paper describes common and emergingattack vectors and how to lower and mitigate the associated risks
关键词:Security Risks;Phishing; Social Engineering;Cross Site Scripting; Emerging Attack Vectors;DNS poising
