AC-17 |
Remote Access |
Protects |
T1021.006 |
Windows Remote Management |
AC-2 |
Account Management |
Protects |
T1021.006 |
Windows Remote Management |
AC-3 |
Access Enforcement |
Protects |
T1021.006 |
Windows Remote Management |
AC-4 |
Information Flow Enforcement |
Protects |
T1021.006 |
Windows Remote Management |
AC-5 |
Separation of Duties |
Protects |
T1021.006 |
Windows Remote Management |
AC-6 |
Least Privilege |
Protects |
T1021.006 |
Windows Remote Management |
CM-2 |
Baseline Configuration |
Protects |
T1021.006 |
Windows Remote Management |
CM-5 |
Access Restrictions for Change |
Protects |
T1021.006 |
Windows Remote Management |
CM-6 |
Configuration Settings |
Protects |
T1021.006 |
Windows Remote Management |
CM-7 |
Least Functionality |
Protects |
T1021.006 |
Windows Remote Management |
CM-8 |
System Component Inventory |
Protects |
T1021.006 |
Windows Remote Management |
IA-2 |
Identification and Authentication (organizational Users) |
Protects |
T1021.006 |
Windows Remote Management |
RA-5 |
Vulnerability Monitoring and Scanning |
Protects |
T1021.006 |
Windows Remote Management |
SC-46 |
Cross Domain Policy Enforcement |
Protects |
T1021.006 |
Windows Remote Management |
SC-7 |
Boundary Protection |
Protects |
T1021.006 |
Windows Remote Management |
SI-4 |
System Monitoring |
Protects |
T1021.006 |
Windows Remote Management |
action.hacking.variety.Use of stolen creds |
Use of stolen authentication credentials (including credential stuffing) |
related-to |
T1021.006 |
Remote Services: Windows Remote Management |
action.hacking.vector.Command shell |
Remote shell |
related-to |
T1021.006 |
Remote Services: Windows Remote Management |
amazon_virtual_private_cloud |
Amazon Virtual Private Cloud |
technique_scores |
T1021.006 |
Windows Remote Management |
aws_network_firewall |
AWS Network Firewall |
technique_scores |
T1021.006 |
Windows Remote Management |