The Art of Deception: Controlling the Human Element of Security
The Art of Deception: Controlling the Human Element of Security
Teaching students to hack: curriculum issues in information security
Proceedings of the 36th SIGCSE technical symposium on Computer science education
Cyberattacks: a lab-based introduction to computer security
Proceedings of the 7th conference on Information technology education
Teaching students to hack: ethical implications in teaching students to hack at the university level
InfoSecCD '06 Proceedings of the 3rd annual conference on Information security curriculum development
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Educating the next generation of spammers
Proceedings of the 41st ACM technical symposium on Computer science education
A capstone exercise for a cybersecurity course
Journal of Computing Sciences in Colleges
Unauthorised Access: Physical Penetration Testing For IT Security Teams
Unauthorised Access: Physical Penetration Testing For IT Security Teams
Two methodologies for physical penetration testing using social engineering
Proceedings of the 26th Annual Computer Security Applications Conference
Effectiveness of Physical, Social and Digital Mechanisms against Laptop Theft in Open Organizations
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
Teaching the security mindset to CS1 students
Proceeding of the 44th ACM technical symposium on Computer science education
| Hi-index | 0.00 |
Practical courses in information security provide students with first-hand knowledge of technical security mechanisms and their weaknesses. However, teaching students only the technical side of information security leads to a generation of students that emphasize digital solutions, but ignore the physical and the social aspects of security. In the last two years we devised a course where students were given a practical assignment which includes a combination of physical security, social engineering and digital penetration testing. As part of the course, the students stole laptops using social engineering from unaware employees throughout the university campus. The assignment provided the students with a practical overview of security and increased their awareness of the strengths and weaknesses of security mechanisms. In this paper we present the design of the practical assignment and the observations from the execution.