AT-2(1): Practical Exercises

Control Family:

Awareness and Training

Parent Control:

AT-2: Literacy Training and Awareness

CSF v1.1 References:

PR.AT-1

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
AT-2(1): Practical Exercises

Control Statement

Provide practical exercises in literacy training that simulate events and incidents.

Supplemental Guidance

Practical exercises include no-notice social engineering attempts to collect information, gain unauthorized access, or simulate the adverse impact of opening malicious email attachments or invoking, via spear phishing attacks, malicious web links.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5