This site has been deprecated in favor of and will remain in place until 11/1/22.

User Training

From attackics
Jump to navigation Jump to search
User Training
ID M0917
NIST SP 800-53 Rev. 4 AT-2


Train users to be aware of access or manipulation attempts by an adversary to reduce the risk of successful spearphishing, social engineering, and other techniques that involve user interaction.

Techniques Addressed by Mitigation

Data from Information RepositoriesDevelop and publish policies that define acceptable information to be stored in repositories.
Spearphishing AttachmentUsers can be trained to identify social engineering techniques and spearphishing emails.
User ExecutionUse user training as a way to bring awareness to common phishing and spearphishing techniques and how to raise suspicion for potentially malicious events.