RONSAM
TUTORS
FOR3702 ASSIGNMENT 02 SEMESTER 02
DISCLAIMER!!!: The assignments sold through this website
are intended for research, study, and reference purposes
only. They are not to be submitted as your own work. Only
use this document as reference to generate your own
assignment
FOR EXAMS, PORTFOLIO, AND ASSIGNMENT ASSISTANCE
WHATSAPP 0671189059 EMAIL:
,ASSIGNMENT 2
QUESTION 1
The crime rate in South Africa is high. Criminals often make use of social
engineering, phishing, whaling, and baiting to commit crimes. How is social
engineering often committed? (10)
Social engineering is a form of attack where cybercriminals manipulate people into
divulging confidential information or performing actions that compromise security.
According to the study guide for "Forensic Methods and Techniques" by G. Thenga
(2016), social engineering techniques are employed by cybercriminals to deceive
unsuspecting users into revealing their confidential data, infecting their computers
with malware, or opening links to infected sites. This is often achieved by exploiting a
computer user's lack of knowledge about technology, the value of data, and how to
best protect it (Thenga, 2016).
Social engineering in the context of information security refers to the "psychological
manipulation of people into performing actions or divulging confidential information"
(Thenga, 2016). Unlike traditional confidence tricks, social engineering often forms
part of a more complex fraud scheme aimed at information gathering, fraud, or
gaining unauthorized access to systems. This method targets the human element of
security, which can be the weakest link in any security framework, exploiting people's
inherent trust and their susceptibility to manipulation through well-proven
psychological techniques (Thenga, 2016).
Cybercriminals apply social engineering techniques against individuals who can be
persuaded, against their better judgment, to believe or do things they should not.
The inherent complexity of information technology systems, which cannot be fully
understood by many people, increases the likelihood that information security will be
compromised through such indirect attacks (Thenga, 2016). For example, an
attacker might impersonate a trusted individual or organization to gain the trust of the
target and then deceive them into revealing sensitive information, such as
passwords or financial data. This approach is particularly effective because it
bypasses technical security measures by targeting human psychology (Thenga,
2016).
, social engineering is a potent method used by cybercriminals to exploit human
vulnerabilities to access confidential data and commit various crimes. It relies on
psychological manipulation and persuasion, often forming part of a larger fraudulent
scheme. Alongside social engineering, numerous other methods are employed by
criminals, including phishing, baiting, data manipulation, and using malicious
software such as Trojan horses and viruses. To mitigate these threats, it is crucial to
enhance public awareness and understanding of information technology, as well as
strengthen the capacity of law enforcement agencies to detect and investigate such
crimes.
QUESTION 2
There are various types of investigations that are conducted, such as criminal
investigation, civil investigation, and commission of enquiries. In your own
words explain the objectives of corporate investigation. (10)
Corporate investigations are conducted to ascertain the truth regarding particular
incidents, determine responsibility, and provide organizations with critical information
to address potential issues or prevent future occurrences. The primary objective of a
corporate investigation is to discover what happened, how it happened, when it
occurred, why it occurred, where it took place, and who was involved. This process
involves gathering and analyzing evidence to reveal the facts surrounding the
incident in a manner that is legally sound and compliant with all applicable rules and
regulations (Thenga, 2016).
The scope of a corporate investigation may encompass various aspects, including
but not limited to financial misconduct, breaches of company policy, fraud,
corruption, internal theft, data breaches, and non-compliance with regulations. Once
an investigation concludes, several outcomes are possible, such as prosecution,
disciplinary measures, preventive action, amendment of company policy, or civil
recovery. These actions serve to hold the responsible parties accountable and
prevent future occurrences of similar issues.
TUTORS
FOR3702 ASSIGNMENT 02 SEMESTER 02
DISCLAIMER!!!: The assignments sold through this website
are intended for research, study, and reference purposes
only. They are not to be submitted as your own work. Only
use this document as reference to generate your own
assignment
FOR EXAMS, PORTFOLIO, AND ASSIGNMENT ASSISTANCE
WHATSAPP 0671189059 EMAIL:
,ASSIGNMENT 2
QUESTION 1
The crime rate in South Africa is high. Criminals often make use of social
engineering, phishing, whaling, and baiting to commit crimes. How is social
engineering often committed? (10)
Social engineering is a form of attack where cybercriminals manipulate people into
divulging confidential information or performing actions that compromise security.
According to the study guide for "Forensic Methods and Techniques" by G. Thenga
(2016), social engineering techniques are employed by cybercriminals to deceive
unsuspecting users into revealing their confidential data, infecting their computers
with malware, or opening links to infected sites. This is often achieved by exploiting a
computer user's lack of knowledge about technology, the value of data, and how to
best protect it (Thenga, 2016).
Social engineering in the context of information security refers to the "psychological
manipulation of people into performing actions or divulging confidential information"
(Thenga, 2016). Unlike traditional confidence tricks, social engineering often forms
part of a more complex fraud scheme aimed at information gathering, fraud, or
gaining unauthorized access to systems. This method targets the human element of
security, which can be the weakest link in any security framework, exploiting people's
inherent trust and their susceptibility to manipulation through well-proven
psychological techniques (Thenga, 2016).
Cybercriminals apply social engineering techniques against individuals who can be
persuaded, against their better judgment, to believe or do things they should not.
The inherent complexity of information technology systems, which cannot be fully
understood by many people, increases the likelihood that information security will be
compromised through such indirect attacks (Thenga, 2016). For example, an
attacker might impersonate a trusted individual or organization to gain the trust of the
target and then deceive them into revealing sensitive information, such as
passwords or financial data. This approach is particularly effective because it
bypasses technical security measures by targeting human psychology (Thenga,
2016).
, social engineering is a potent method used by cybercriminals to exploit human
vulnerabilities to access confidential data and commit various crimes. It relies on
psychological manipulation and persuasion, often forming part of a larger fraudulent
scheme. Alongside social engineering, numerous other methods are employed by
criminals, including phishing, baiting, data manipulation, and using malicious
software such as Trojan horses and viruses. To mitigate these threats, it is crucial to
enhance public awareness and understanding of information technology, as well as
strengthen the capacity of law enforcement agencies to detect and investigate such
crimes.
QUESTION 2
There are various types of investigations that are conducted, such as criminal
investigation, civil investigation, and commission of enquiries. In your own
words explain the objectives of corporate investigation. (10)
Corporate investigations are conducted to ascertain the truth regarding particular
incidents, determine responsibility, and provide organizations with critical information
to address potential issues or prevent future occurrences. The primary objective of a
corporate investigation is to discover what happened, how it happened, when it
occurred, why it occurred, where it took place, and who was involved. This process
involves gathering and analyzing evidence to reveal the facts surrounding the
incident in a manner that is legally sound and compliant with all applicable rules and
regulations (Thenga, 2016).
The scope of a corporate investigation may encompass various aspects, including
but not limited to financial misconduct, breaches of company policy, fraud,
corruption, internal theft, data breaches, and non-compliance with regulations. Once
an investigation concludes, several outcomes are possible, such as prosecution,
disciplinary measures, preventive action, amendment of company policy, or civil
recovery. These actions serve to hold the responsible parties accountable and
prevent future occurrences of similar issues.
