Determine centralization of IT management
Determining if a "corporate" help desk exists, the degree of access and control it has, and whether there are "edge" units that may have different support processes and standards. 
Tactic: Organizational Information Gathering
DetectionDetectable by Common Defenses (Yes/No/Partial): No
Explanation: No technical means to detect an adversary collecting information about a target. Any detection would be based upon strong OPSEC policy implementation.
Difficulty for the AdversaryEasy for the Adversary (Yes/No): Yes
Explanation: Requires an adversary to undergo a research process to learn the internal workings of an organization. An adversary can do this by social engineering individuals in the company by claiming to need to find information for the help desk, or through social engineering of former employees or business partners.
- Scott Rasmussen. (2002, January 28). Centralized Network Security Management: Combining Defense In Depth with Manageable Security. Retrieved March 5, 2017.