Summary
In this chapter, we have defined several common social engineering types, several types of malicious software, and the three major categories of insider threats. You have learned how to identify different tactics and technologies so you can build better defenses. You have gained an understanding of different insider threat types so you can support well-meaning insiders, identify and eradicate compromised accounts, and stop malicious insiders before they cause irreparable harm to your organization. We have begun to establish a solid foundation for information security.
In our next chapter, we will detail the anatomy of an attack. We will introduce the stages of an attack and provide example cases where detail is available so we can see exactly how attackers performed reconnaissance, gained access, escalated privileges, and acted on their objectives.
