>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AT-2(1)Security Awareness

Operational

>Control Description

SECURITY AWARENESS | PRACTICAL EXERCISES The organization includes practical exercises in security awareness training that simulate actual cyber-attacks. Supplemental Guidance: Practical exercises may include, for example, no-notice social engineering attempts to collect information, gain unauthorized access, or simulate the adverse impact of opening malicious email attachments or invoking, via spear phishing attacks, malicious web links. Related controls: CA-2, CA-7, CP-4, IR-3.

>Tailoring Guidance

This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.

Ask AI

Configure your API key to use AI features.