Scenario
An initial agreement has been made, and Helios Health Insurance has provided a service level agreement (SLA) that defines the relationship between Fit-vantage and Helios. You have been tasked with recommending implementation of the controls detailed in the SLA. Now that the partnership is in place, the insurance company’s SLA contains the terms and conditions that require evidence of how Fit-vantage will address three critical controls—specifically, how the organization will use awareness training to defend against social engineering attacks.
To complete this task, you will prepare service level agreement requirement recommendations for the internal stakeholder board identifying an approach to meeting the requirements in the scenario.
Prompt
Prepare a brief that outlines the requirement recommendations for the service level agreement and describes your approach to meeting the requirements of the scenario. You must address the critical elements listed below. The codes shown in brackets indicate the course competency to which each critical element is aligned.
I. Select two sub-controls that address the requirements of the scenario.
A. Control One: Justify how your selected control type (i.e., policy, standard, procedure, or guideline) and implementation will meet the requirements. [CYB-260-03]
B. Control Two: Justify how your selected control type (i.e., policy, standard, procedure, or guideline) and implementation will meet the requirements. [CYB-260-03]
II. Describe the necessity for a training program to address a specific social engineering threat. [CYB-260-03]
III. Describe the expected outcomes of a training program that addresses the social engineering threat you identified in the previous critical element. [CYB-260-03]
Sample Solution