The topic of social engineering is only covered briefly in today\u27s system administration and security coursework. This lack of coverage leaves many Administrators ill-equipped to administer the users of a computer network. In addition to their technical training, administrators need to comprehend the potential severity and likelihood of social engineering attacks. Teaching administrators only to minimize the risk of hacking attempts or computer virus infections does not fully equip them with the knowledge needed to defend their networks. To ensure the safety of their network from social engineering attacks, administrators need to be able to answer three primary questions: * How can Administrators look for and identify a social engineering attack? * How can Administrators properly train users to ensure they do not become the network\u27s weakest security link? * How can Administrators test their protection methods to ensure the risk of social engineering attacks is sufficiently mitigated? This thesis attempts to answer these questions, devise a training workshop template Administrators can present to their users, and present a base set of audit guidelines Administrators can employ to ensure their attack prevention methods are effective
