A large multinational corporation has recently upgraded its IT infrastructure and implemented a new access control system to manage user access to its critical resources. Despite these upgrades, the company has experienced several security incidents, including unauthorized access attempts, phishing attacks, and signs of potential privilege escalation. The IT security team is now focused on evaluating and enhancing the effectiveness of their access control and security monitoring measures.

a$)$ The IT security team has discovered that some employees with standard access rights have managed to escalate their privileges to access sensitive data. Explain how privilege escalation might occur within an access control system. Describe the access control techniques and methodologies that can be implemented to prevent such privilege escalation incidents. Additionally, discuss how the effectiveness of these techniques can be assessed and improved over time.

b$)$ The company has also been experiencing suspicious activities that suggest potential intrusions and phishing attacks. Discuss the role of monitoring and intrusion detection systems in identifying and responding to these security incidents. Explain the key components of a robust monitoring strategy and intrusion detection process, and provide recommendations for enhancing these measures to better detect and mitigate ongoing threats.