Navigate

AT-2(1)

AT-2(1): Practical Exercises

Provide practical exercises in literacy training that simulate events and incidents.

Supplemental

Practical exercises include no-notice social engineering attempts to collect information, gain unauthorized access, or simulate the adverse impact of opening malicious email attachments or invoking, via spear phishing attacks, malicious web links.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
DAF Baseline

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AT-2(1).

Control	Description
CA-2	a: Select the appropriate assessor or assessment team for the type of assessment to be conducted; b: Develop a control assessment plan that describes the scope of the assessment including: 1: Controls and control enhancements under assessment; 2: Assessment procedures to be used to determine control effectiveness; and 3: Assessment environment, assessment team, and assessment roles and responsibilities; c: Ensure the control assessment plan is reviewed and approved by the authorizing official or designated representative prior to conducting the assessment; d: Assess the controls in the system and its environment of operation [the frequency at which to assess controls in the system and its environment of operation is defined;] to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting established security and privacy requirements; e: Produce a control assessment report that document the results of the assessment; and f: Provide the results of the control assessment to [individuals or roles to whom control assessment results are to be provided are defined;].
CA-7	Develop a system-level continuous monitoring strategy and implement continuous monitoring in accordance with the organization-level continuous monitoring strategy that includes: a: Establishing the following system-level metrics to be monitored: [system-level metrics to be monitored are defined;]; b: Establishing [frequencies at which to monitor control effectiveness are defined;] for monitoring and [frequencies at which to assess control effectiveness are defined;] for assessment of control effectiveness; c: Ongoing control assessments in accordance with the continuous monitoring strategy; d: Ongoing monitoring of system and organization-defined metrics in accordance with the continuous monitoring strategy; e: Correlation and analysis of information generated by control assessments and monitoring; f: Response actions to address results of the analysis of control assessment and monitoring information; and g: Reporting the security and privacy status of the system to [one of ] [one of ].
CP-4	a: Test the contingency plan for the system [frequency of testing the contingency plan for the system is defined;] using the following tests to determine the effectiveness of the plan and the readiness to execute the plan: [one of ]. b: Review the contingency plan test results; and c: Initiate corrective actions, if needed.
IR-3	Test the effectiveness of the incident response capability for the system [frequency at which to test the effectiveness of the incident response capability for the system is defined;] using the following tests: [tests used to test the effectiveness of the incident response capability for the system are defined;].

Enhancements

The controls below (if any) add on to the requirements of AT-2(1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AT-2(1).

CCI	Definition
CCI-000107	Provide practical exercises in literacy training that simulate events and incidents.