| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.AA-04.01 | Access control within and across security perimeters | Mitigates | T1548 | Abuse Elevation Control Mechanism |
Comments
This diagnostic statement provides protection from Abuse Elevation Control Mechanism through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts such as removing accounts from the Adminstrators group, access control mechanisms, and auditing the attribution logs provides some protection against adversaries attempting to abuse the elevation control mechanism.
|
| PR.AA-04.01 | Access control within and across security perimeters | Mitigates | T1565 | Data Manipulation |
Comments
This diagnostic statement provides protection from Data Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify data without being observed.
|
| PR.AA-04.01 | Access control within and across security perimeters | Mitigates | T1213 | Data from Information Repositories |
Comments
This diagnostic statement provides protection from Data from Information Repositories through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to access sensitive data in information repositories.
|
| PR.AA-04.01 | Access control within and across security perimeters | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement provides protection from Account Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-04.01 | Access control within and across security perimeters | Mitigates | T1087.004 | Cloud Account |
Comments
This diagnostic statement provides protection from Cloud Account through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|