| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003 | OS Credential Dumping |
Comments
This diagnostic statement protects against OS Credential Dumping through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.001 | LSASS Memory |
Comments
This diagnostic statement protects against LSASS Memory through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.002 | Security Account Manager |
Comments
This diagnostic statement protects against Security Account Manager through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.003 | NTDS |
Comments
This diagnostic statement protects against NTDS through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.004 | LSA Secrets |
Comments
This diagnostic statement protects against LSA Secrets through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.005 | Cached Domain Credentials |
Comments
This diagnostic statement protects against Cached Domain Credentials through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.006 | DCSync |
Comments
This diagnostic statement protects against DCSync through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.007 | Proc Filesystem |
Comments
This diagnostic statement protects against Proc Filesystem through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1003.008 | /etc/passwd and /etc/shadow |
Comments
This diagnostic statement protects against /etc/passwd and /etc/shadow through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1006 | Direct Volume Access |
Comments
This diagnostic statement protects against Direct Volume Access through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1020.001 | Traffic Duplication |
Comments
This diagnostic statement protects against Traffic Duplication through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1021 | Remote Services |
Comments
This diagnostic statement protects against Remote Services through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1021.001 | Remote Desktop Protocol |
Comments
This diagnostic statement protects against Remote Desktop Protocol through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1021.002 | SMB/Windows Admin Shares |
Comments
This diagnostic statement protects against SMB/Windows Admin Shares through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1021.004 | SSH |
Comments
This diagnostic statement protects against SSH through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1021.007 | Cloud Services |
Comments
This diagnostic statement protects against Cloud Services through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1021.008 | Direct Cloud VM Connections |
Comments
This diagnostic statement protects against Direct Cloud VM Connections through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1036 | Masquerading |
Comments
This diagnostic statement protects against Masquerading through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1036.010 | Masquerade Account Name |
Comments
This diagnostic statement protects against Masquerade Account Name through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1040 | Network Sniffing |
Comments
This diagnostic statement protects against Network Sniffing through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1047 | Windows Management Instrumentation |
Comments
This diagnostic statement protects against Windows Management Instrumentation through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1048 | Exfiltration Over Alternative Protocol |
Comments
This diagnostic statement protects against Exfiltration Over Alternative Protocol through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1053 | Scheduled Task/Job |
Comments
This diagnostic statement protects against Scheduled Task/Job through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1053.002 | At |
Comments
This diagnostic statement protects against At through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1053.003 | Cron |
Comments
This diagnostic statement protects against Cron through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1053.005 | Scheduled Task |
Comments
This diagnostic statement protects against Scheduled Task through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1053.006 | Systemd Timers |
Comments
This diagnostic statement protects against Systemd Timers through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1053.007 | Container Orchestration Job |
Comments
This diagnostic statement protects against Container Orchestration Job through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1059 | Command and Scripting Interpreter |
Comments
This diagnostic statement protects against Command and Scripting Interpreter through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1059.008 | Network Device CLI |
Comments
This diagnostic statement protects against Network Device CLI through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1072 | Software Deployment Tools |
Comments
This diagnostic statement protects against Software Deployment Tools through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1078 | Valid Accounts |
Comments
This diagnostic statement protects against Valid Accounts through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1078.001 | Default Accounts |
Comments
This diagnostic statement protects against Default Accounts through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1078.002 | Domain Accounts |
Comments
This diagnostic statement protects against Domain Accounts through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1078.003 | Local Accounts |
Comments
This diagnostic statement protects against Local Accounts through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1078.004 | Cloud Accounts |
Comments
This diagnostic statement protects against Cloud Accounts through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1087 | Account Discovery |
Comments
This diagnostic statement protects against Account Discovery through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1087.004 | Cloud Account |
Comments
This diagnostic statement protects against Cloud Account through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement protects against Account Manipulation through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This diagnostic statement protects against Additional Cloud Credentials through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098.002 | Additional Email Delegate Permissions |
Comments
This diagnostic statement protects against Additional Email Delegate Permissions through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098.003 | Additional Cloud Roles |
Comments
This diagnostic statement protects against Additional Cloud Roles through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098.004 | SSH Authorized Keys |
Comments
This diagnostic statement protects against SSH Authorized Keys through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098.005 | Device Registration |
Comments
This diagnostic statement protects against Device Registration through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1098.006 | Additional Container Cluster Roles |
Comments
This diagnostic statement protects against Additional Container Cluster Roles through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1110 | Brute Force |
Comments
This diagnostic statement protects against Brute Force through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1110.001 | Password Guessing |
Comments
This diagnostic statement protects against Password Guessing through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1110.002 | Password Cracking |
Comments
This diagnostic statement protects against Password Cracking through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1110.003 | Password Spraying |
Comments
This diagnostic statement protects against Password Spraying through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1110.004 | Credential Stuffing |
Comments
This diagnostic statement protects against Credential Stuffing through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1114 | Email Collection |
Comments
This diagnostic statement protects against Email Collection through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1114.002 | Remote Email Collection |
Comments
This diagnostic statement protects against Remote Email Collection through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1133 | External Remote Services |
Comments
This diagnostic statement protects against External Remote Services through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1134 | Access Token Manipulation |
Comments
This diagnostic statement protects against Access Token Manipulation through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1134.001 | Token Impersonation/Theft |
Comments
This diagnostic statement protects against Token Impersonation/Theft through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1134.002 | Create Process with Token |
Comments
This diagnostic statement protects against Create Process with Token through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1134.003 | Make and Impersonate Token |
Comments
This diagnostic statement protects against Make and Impersonate Token through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1134.005 | SID-History Injection |
Comments
This diagnostic statement protects against SID-History Injection through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1136 | Create Account |
Comments
This diagnostic statement protects against Create Account through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1136.001 | Local Account |
Comments
This diagnostic statement protects against Local Account through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1136.002 | Domain Account |
Comments
This diagnostic statement protects against Domain Account through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1136.003 | Cloud Account |
Comments
This diagnostic statement protects against Cloud Account through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1185 | Browser Session Hijacking |
Comments
This diagnostic statement protects against Browser Session Hijacking through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1187 | Forced Authentication |
Comments
This diagnostic statement protects against Forced Authentication through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1195 | Supply Chain Compromise |
Comments
This diagnostic statement protects against Supply Chain Compromise through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1197 | BITS Jobs |
Comments
This diagnostic statement protects against BITS Jobs through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1199 | Trusted Relationship |
Comments
This diagnostic statement protects against Trusted Relationship through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1201 | Password Policy Discovery |
Comments
This diagnostic statement protects against Password Policy Discovery through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1213 | Data from Information Repositories |
Comments
This diagnostic statement protects against Data from Information Repositories through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1213.001 | Confluence |
Comments
This diagnostic statement protects against Confluence through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1213.002 | Sharepoint |
Comments
This diagnostic statement protects against Sharepoint through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1213.003 | Code Repositories |
Comments
This diagnostic statement protects against Code Repositories through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1213.004 | Customer Relationship Management Software |
Comments
This diagnostic statement protects against Customer Relationship Management Software through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1484 | Domain or Tenant Policy Modification |
Comments
This diagnostic statement protects against Domain or Tenant Policy Modification through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1484.001 | Group Policy Modification |
Comments
This diagnostic statement protects against Group Policy Modification through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1484.002 | Trust Modification |
Comments
This diagnostic statement protects against Trust Modification through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1485 | Data Destruction |
Comments
This diagnostic statement protects against Data Destruction through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1485.001 | Lifecycle-Triggered Deletion |
Comments
This diagnostic statement protects against Lifecycle-Triggered Deletion through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1489 | Service Stop |
Comments
This diagnostic statement protects against Service Stop through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1490 | Inhibit System Recovery |
Comments
This diagnostic statement protects against Inhibit System Recovery through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1505 | Server Software Component |
Comments
This diagnostic statement protects against Server Software Component through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1505.003 | Web Shell |
Comments
This diagnostic statement protects against Web Shell through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1528 | Steal Application Access Token |
Comments
This diagnostic statement protects against Steal Application Access Token through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1530 | Data from Cloud Storage |
Comments
This diagnostic statement protects against Data from Cloud Storage through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1537 | Transfer Data to Cloud Account |
Comments
This diagnostic statement protects against Transfer Data to Cloud Account through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1538 | Cloud Service Dashboard |
Comments
This diagnostic statement protects against Cloud Service Dashboard through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1539 | Steal Web Session Cookie |
Comments
This diagnostic statement protects against Steal Web Session Cookie through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1543 | Create or Modify System Process |
Comments
This diagnostic statement protects against Create or Modify System Process through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1543.002 | Systemd Service |
Comments
This diagnostic statement protects against Systemd Service through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1543.003 | Windows Service |
Comments
This diagnostic statement protects against Windows Service through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1543.004 | Launch Daemon |
Comments
This diagnostic statement protects against Launch Daemon through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1543.005 | Container Service |
Comments
This diagnostic statement protects against Container Service through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1546 | Event Triggered Execution |
Comments
This diagnostic statement protects against Event Triggered Execution through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1546.003 | Windows Management Instrumentation Event Subscription |
Comments
This diagnostic statement protects against Windows Management Instrumentation Event Subscription through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1546.011 | Application Shimming |
Comments
This diagnostic statement protects against Application Shimming through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1547 | Boot or Logon Autostart Execution |
Comments
This diagnostic statement protects against Boot or Logon Autostart Execution through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1547.004 | Winlogon Helper DLL |
Comments
This diagnostic statement protects against Winlogon Helper DLL through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1547.006 | Kernel Modules and Extensions |
Comments
This diagnostic statement protects against Kernel Modules and Extensions through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1547.009 | Shortcut Modification |
Comments
This diagnostic statement protects against Shortcut Modification through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1547.012 | Print Processors |
Comments
This diagnostic statement protects against Print Processors through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1547.013 | XDG Autostart Entries |
Comments
This diagnostic statement protects against XDG Autostart Entries through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1548 | Abuse Elevation Control Mechanism |
Comments
This diagnostic statement protects against Abuse Elevation Control Mechanism through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1548.002 | Bypass User Account Control |
Comments
This diagnostic statement protects against Bypass User Account Control through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1548.005 | Temporary Elevated Cloud Access |
Comments
This diagnostic statement protects against Temporary Elevated Cloud Access through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1550 | Use Alternate Authentication Material |
Comments
This diagnostic statement protects against Use Alternate Authentication Material through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1550.001 | Application Access Token |
Comments
This diagnostic statement protects against Application Access Token through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1550.002 | Pass the Hash |
Comments
This diagnostic statement protects against Pass the Hash through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1550.003 | Pass the Ticket |
Comments
This diagnostic statement protects against Pass the Ticket through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1552 | Unsecured Credentials |
Comments
This diagnostic statement protects against Unsecured Credentials through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1552.001 | Credentials In Files |
Comments
This diagnostic statement protects against Credentials In Files through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1552.002 | Credentials in Registry |
Comments
This diagnostic statement protects against Credentials in Registry through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1552.004 | Private Keys |
Comments
This diagnostic statement protects against Private Keys through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1552.006 | Group Policy Preferences |
Comments
This diagnostic statement protects against Group Policy Preferences through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1552.007 | Container API |
Comments
This diagnostic statement protects against Container API through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1555 | Credentials from Password Stores |
Comments
This diagnostic statement protects against Credentials from Password Stores through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1555.001 | Keychain |
Comments
This diagnostic statement protects against Keychain through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1555.003 | Credentials from Web Browsers |
Comments
This diagnostic statement protects against Credentials from Web Browsers through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1555.005 | Password Managers |
Comments
This diagnostic statement protects against Password Managers through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556 | Modify Authentication Process |
Comments
This diagnostic statement protects against Modify Authentication Process through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.001 | Domain Controller Authentication |
Comments
This diagnostic statement protects against Domain Controller Authentication through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.003 | Pluggable Authentication Modules |
Comments
This diagnostic statement protects against Pluggable Authentication Modules through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.004 | Network Device Authentication |
Comments
This diagnostic statement protects against Network Device Authentication through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.005 | Reversible Encryption |
Comments
This diagnostic statement protects against Reversible Encryption through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.006 | Multi-Factor Authentication |
Comments
This diagnostic statement protects against Multi-Factor Authentication through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.007 | Hybrid Identity |
Comments
This diagnostic statement protects against Hybrid Identity through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1556.009 | Conditional Access Policies |
Comments
This diagnostic statement protects against Conditional Access Policies through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1558 | Steal or Forge Kerberos Tickets |
Comments
This diagnostic statement protects against Steal or Forge Kerberos Tickets through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1558.001 | Golden Ticket |
Comments
This diagnostic statement protects against Golden Ticket through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1558.002 | Silver Ticket |
Comments
This diagnostic statement protects against Silver Ticket through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1558.003 | Kerberoasting |
Comments
This diagnostic statement protects against Kerberoasting through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1558.004 | AS-REP Roasting |
Comments
This diagnostic statement protects against AS-REP Roasting through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562 | Impair Defenses |
Comments
This diagnostic statement protects against Impair Defenses through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.001 | Disable or Modify Tools |
Comments
This diagnostic statement protects against Disable or Modify Tools through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.002 | Disable Windows Event Logging |
Comments
This diagnostic statement protects against Disable Windows Event Logging through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.004 | Disable or Modify System Firewall |
Comments
This diagnostic statement protects against Disable or Modify System Firewall through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.006 | Indicator Blocking |
Comments
This diagnostic statement protects against Indicator Blocking through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.007 | Disable or Modify Cloud Firewall |
Comments
This diagnostic statement protects against Disable or Modify Cloud Firewall through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.008 | Disable or Modify Cloud Logs |
Comments
This diagnostic statement protects against Disable or Modify Cloud Logs through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1562.012 | Disable or Modify Linux Audit System |
Comments
This diagnostic statement protects against Disable or Modify Linux Audit System through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1563 | Remote Service Session Hijacking |
Comments
This diagnostic statement protects against Remote Service Session Hijacking through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1563.001 | SSH Hijacking |
Comments
This diagnostic statement protects against SSH Hijacking through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1563.002 | RDP Hijacking |
Comments
This diagnostic statement protects against RDP Hijacking through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1566 | Phishing |
Comments
This diagnostic statement protects against Phishing through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1566.001 | Spearphishing Attachment |
Comments
This diagnostic statement protects against Spearphishing Attachment through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1566.002 | Spearphishing Link |
Comments
This diagnostic statement protects against Spearphishing Link through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1566.003 | Spearphishing via Service |
Comments
This diagnostic statement protects against Spearphishing via Service through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1569 | System Services |
Comments
This diagnostic statement protects against System Services through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1569.001 | Launchctl |
Comments
This diagnostic statement protects against Launchctl through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1574 | Hijack Execution Flow |
Comments
This diagnostic statement protects against Hijack Execution Flow through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1574.005 | Executable Installer File Permissions Weakness |
Comments
This diagnostic statement protects against Executable Installer File Permissions Weakness through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1574.010 | Services File Permissions Weakness |
Comments
This diagnostic statement protects against Services File Permissions Weakness through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1574.012 | COR_PROFILER |
Comments
This diagnostic statement protects against COR_PROFILER through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1578 | Modify Cloud Compute Infrastructure |
Comments
This diagnostic statement protects against Modify Cloud Compute Infrastructure through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1578.001 | Create Snapshot |
Comments
This diagnostic statement protects against Create Snapshot through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1578.002 | Create Cloud Instance |
Comments
This diagnostic statement protects against Create Cloud Instance through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1578.003 | Delete Cloud Instance |
Comments
This diagnostic statement protects against Delete Cloud Instance through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1578.005 | Modify Cloud Compute Configurations |
Comments
This diagnostic statement protects against Modify Cloud Compute Configurations through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1580 | Cloud Infrastructure Discovery |
Comments
This diagnostic statement protects against Cloud Infrastructure Discovery through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1599 | Network Boundary Bridging |
Comments
This diagnostic statement protects against Network Boundary Bridging through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1599.001 | Network Address Translation Traversal |
Comments
This diagnostic statement protects against Network Address Translation Traversal through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1601 | Modify System Image |
Comments
This diagnostic statement protects against Modify System Image through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1601.001 | Patch System Image |
Comments
This diagnostic statement protects against Patch System Image through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1601.002 | Downgrade System Image |
Comments
This diagnostic statement protects against Downgrade System Image through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1606 | Forge Web Credentials |
Comments
This diagnostic statement protects against Forge Web Credentials through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1606.002 | SAML Tokens |
Comments
This diagnostic statement protects against SAML Tokens through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1609 | Container Administration Command |
Comments
This diagnostic statement protects against Container Administration Command through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1610 | Deploy Container |
Comments
This diagnostic statement protects against Deploy Container through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1613 | Container and Resource Discovery |
Comments
This diagnostic statement protects against Container and Resource Discovery through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1619 | Cloud Storage Object Discovery |
Comments
This diagnostic statement protects against Cloud Storage Object Discovery through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1621 | Multi-Factor Authentication Request Generation |
Comments
This diagnostic statement protects against Multi-Factor Authentication Request Generation through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1648 | Serverless Execution |
Comments
This diagnostic statement protects against Serverless Execution through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1649 | Steal or Forge Authentication Certificates |
Comments
This diagnostic statement protects against Steal or Forge Authentication Certificates through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1654 | Log Enumeration |
Comments
This diagnostic statement protects against Log Enumeration through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1657 | Financial Theft |
Comments
This diagnostic statement protects against Financial Theft through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|
| PR.AA-01.01 | Identity and credential management | Mitigates | T1666 | Modify Cloud Resource Hierarchy |
Comments
This diagnostic statement protects against Modify Cloud Resource Hierarchy through the use of hardened access control policies, secure defaults, password complexity requirements, multifactor authentication requirements, and removal of terminated accounts.
|