4.3. Summary
This chapter has necessarily been a little different from the others in this book. Although it is easy to show someone how to pick a lock or hack a wireless network, social engineering is a far more subjective topic and must therefore be described in more abstract terms. The bottom line is that you can read a great deal on the subject and, indeed, on psychology in general but your success in this field will depend largely on your own personality and people skills. You may feel that you don't possess the requisite nature – very few people do and this problem is exacerbated by the fact that such skills are impossible to practice – at least in the way that you can practice hacking or lock picking. In any case, you are likely to have one person on your team who can competently execute the social-engineering aspect of a test. If not, I suggest you look to your sales staff. After all, a lot of techniques discussed in this chapter are similar to those used by sales staff.
Get Unauthorised Access: Physical Penetration Testing For IT Security Teams now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
