>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AT-3(3)Role Based Security Training

Operational

>Control Description

SECURITY TRAINING | PRACTICAL EXERCISES The organization includes practical exercises in security training that reinforce training objectives. Supplemental Guidance: Practical exercises may include, for example, security training for software developers that includes simulated cyber-attacks exploiting common software vulnerabilities (e.g., buffer overflows), or spear/whale phishing attacks targeted at senior leaders/executives. These types of practical exercises help developers better understand the effects of such vulnerabilities and appreciate the need for security coding standards and processes.

Ask AI

Configure your API key to use AI features.