A: There are many different kinds of tests that can be performed under the umbrella of 'social engineering'. Some of these are listed below:
- Calling the help desk and pretending to be an employee.
- Phishing emails - attempting to gain sensitive information from employees.
- Arriving dressed as a service technician - can we gain access to the computer room.
- Dumpster diving - yes, going through the trash cans.
- Shoulder surfing - attempting to discover passwords over a users shoulder.
- Standing around the "smoking area" and going inside the building without credentials.