| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1114.003 | Email Forwarding Rule |
Comments
This diagnostic statement provides protection from adversaries that try to gain sensitive information and data from users via email. Utilizing methods such as encryption is recommended to minimize the risk of adversaries collecting user's credentials via email forwarding rules to collect credentials and other sensitive information.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1114.002 | Remote Email Collection |
Comments
This diagnostic statement provides protection from adversaries that try to gain sensitive information and data from users via email. Utilizing methods such as encryption and MFA are recommended to minimize the risk of adversaries collecting user's credentials via exchange servers from within a network.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1114.001 | Local Email Collection |
Comments
This diagnostic statement provides protection from adversaries that try to gain sensitive information and data from users via email. Utilizing methods such as encryption and using public cryptic keys are recommended to minimize the risk of adversaries collecting information from files saved on email servers and caches.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1114 | Email Collection |
Comments
This diagnostic statement provides protection from adversaries that try to gain sensitive information and data from users via email. Utilizing methods such as MFA is recommended to minimize the risk of adversaries collecting usernames and passwords.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1598 | Phishing for Information |
Comments
This diagnostic statement provides protection from phishing attacks through the implementation of software configuration methods, such as anti-spoofing and email authentication. Enabling mechanisms like, SPF and DKIM, add protection against adversaries that may send phishing messages through the form of emails, instant messages, etc. to gain sensitive information.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1598.002 | Spearphishing Attachment |
Comments
This diagnostic statement provides protection from phishing attacks through the implementation of software configuration methods, such as anti-spoofing and email authentication. Enabling mechanisms like, SPF and DKIM, add protection against adversaries that may send spearphishing emails with a malicious attachment to gain elicit sensitive information.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1598.003 | Spearphishing Link |
Comments
This diagnostic statement provides protection from phishing attacks through the implementation of software configuration methods, such as anti-spoofing and email authentication. Enabling mechanisms like, SPF and DKIM, add protection against adversaries that may send spearphishing emails with a malicious link to gain elicit sensitive information.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1566.002 | Spearphishing Link |
Comments
This diagnostic statement provides protection from phishing attacks through the implementation of software configuration methods, such as anti-spoofing and email authentication. Enabling mechanisms like, SPF and DKIM, add protection against adversaries that may send spearphishing emails with a malicious link.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1566.001 | Spearphishing Attachment |
Comments
This diagnostic statement provides protection from phishing attacks through the implementation of software configuration methods, such as anti-spoofing and email authentication. Enabling mechanisms like, SPF and DKIM, add protection against adversaries that may send spearphishing emails with a malicious attachment.
|
| PR.AA-03.03 | Email verification mechanisms | Mitigates | T1566 | Phishing |
Comments
This diagnostic statement provides protection from phishing attacks through the implementation of software configuration methods, such as anti-spoofing and email authentication.
|