| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.AA-05.02 | Privileged system access | Mitigates | T1003.006 | DCSync |
Comments
This diagnostic statement protects against DCSync through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1003.007 | Proc Filesystem |
Comments
This diagnostic statement protects against Proc Filesystem through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1003.008 | /etc/passwd and /etc/shadow |
Comments
This diagnostic statement protects against /etc/passwd and /etc/shadow through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021 | Remote Services |
Comments
This diagnostic statement protects against Remote Services through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021.001 | Remote Desktop Protocol |
Comments
This diagnostic statement protects against Remote Desktop Protocol through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021.002 | SMB/Windows Admin Shares |
Comments
This diagnostic statement protects against SMB/Windows Admin Shares through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021.003 | Distributed Component Object Model |
Comments
This diagnostic statement protects against Distributed Component Object Model through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021.004 | SSH |
Comments
This diagnostic statement protects against SSH through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021.006 | Windows Remote Management |
Comments
This diagnostic statement protects against Windows Remote Management through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1021.007 | Cloud Services |
Comments
This diagnostic statement protects against Cloud Services through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1040 | Network Sniffing |
Comments
This diagnostic statement protects against Network Sniffing through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1047 | Windows Management Instrumentation |
Comments
This diagnostic statement protects against Windows Management Instrumentation through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1053 | Scheduled Task/Job |
Comments
This diagnostic statement protects against Scheduled Task/Job through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1053.002 | At |
Comments
This diagnostic statement protects against At through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1053.005 | Scheduled Task |
Comments
This diagnostic statement protects against Scheduled Task through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1053.006 | Systemd Timers |
Comments
This diagnostic statement protects against Systemd Timers through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1053.007 | Container Orchestration Job |
Comments
This diagnostic statement protects against Container Orchestration Job through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1055 | Process Injection |
Comments
This diagnostic statement protects against Process Injection through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1055.008 | Ptrace System Calls |
Comments
This diagnostic statement protects against Ptrace System Calls through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1056 | Input Capture |
Comments
This diagnostic statement protects against Input Capture through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1056.003 | Web Portal Capture |
Comments
This diagnostic statement protects against Web Portal Capture through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1059 | Command and Scripting Interpreter |
Comments
This diagnostic statement protects against Command and Scripting Interpreter through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1059.001 | PowerShell |
Comments
This diagnostic statement protects against PowerShell through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1059.008 | Network Device CLI |
Comments
This diagnostic statement protects against Network Device CLI through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1059.009 | Cloud API |
Comments
This diagnostic statement protects against Cloud API through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1072 | Software Deployment Tools |
Comments
This diagnostic statement protects against Software Deployment Tools through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1078 | Valid Accounts |
Comments
This diagnostic statement protects against Valid Accounts through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1078.001 | Default Accounts |
Comments
This diagnostic statement protects against Default Accounts through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1078.002 | Domain Accounts |
Comments
This diagnostic statement protects against Domain Accounts through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1078.003 | Local Accounts |
Comments
This diagnostic statement protects against Local Accounts through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1078.004 | Cloud Accounts |
Comments
This diagnostic statement protects against Cloud Accounts through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement protects against Account Manipulation through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This diagnostic statement protects against Additional Cloud Credentials through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1098.002 | Additional Email Delegate Permissions |
Comments
This diagnostic statement protects against Additional Email Delegate Permissions through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1098.003 | Additional Cloud Roles |
Comments
This diagnostic statement protects against Additional Cloud Roles through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1098.005 | Device Registration |
Comments
This diagnostic statement protects against Device Registration through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1098.006 | Additional Container Cluster Roles |
Comments
This diagnostic statement protects against Additional Container Cluster Roles through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1110 | Brute Force |
Comments
This diagnostic statement protects against Brute Force through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1110.001 | Password Guessing |
Comments
This diagnostic statement protects against Password Guessing through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1110.002 | Password Cracking |
Comments
This diagnostic statement protects against Password Cracking through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1110.003 | Password Spraying |
Comments
This diagnostic statement protects against Password Spraying through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1110.004 | Credential Stuffing |
Comments
This diagnostic statement protects against Credential Stuffing through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1114 | Email Collection |
Comments
This diagnostic statement protects against Email Collection through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1114.002 | Remote Email Collection |
Comments
This diagnostic statement protects against Remote Email Collection through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1133 | External Remote Services |
Comments
This diagnostic statement protects against External Remote Services through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1134 | Access Token Manipulation |
Comments
This diagnostic statement protects against Access Token Manipulation through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1134.001 | Token Impersonation/Theft |
Comments
This diagnostic statement protects against Token Impersonation/Theft through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1134.002 | Create Process with Token |
Comments
This diagnostic statement protects against Create Process with Token through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1134.003 | Make and Impersonate Token |
Comments
This diagnostic statement protects against Make and Impersonate Token through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1136 | Create Account |
Comments
This diagnostic statement protects against Create Account through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1136.001 | Local Account |
Comments
This diagnostic statement protects against Local Account through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1136.002 | Domain Account |
Comments
This diagnostic statement protects against Domain Account through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1136.003 | Cloud Account |
Comments
This diagnostic statement protects against Cloud Account through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1190 | Exploit Public-Facing Application |
Comments
This diagnostic statement protects against Exploit Public-Facing Application through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1199 | Trusted Relationship |
Comments
This diagnostic statement protects against Trusted Relationship through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1210 | Exploitation of Remote Services |
Comments
This diagnostic statement protects against Exploitation of Remote Services through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1213 | Data from Information Repositories |
Comments
This diagnostic statement protects against Data from Information Repositories through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1213.003 | Code Repositories |
Comments
This diagnostic statement protects against Code Repositories through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1218 | System Binary Proxy Execution |
Comments
This diagnostic statement protects against System Binary Proxy Execution through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1218.007 | Msiexec |
Comments
This diagnostic statement protects against Msiexec through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1222 | File and Directory Permissions Modification |
Comments
This diagnostic statement protects against File and Directory Permissions Modification through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1222.001 | Windows File and Directory Permissions Modification |
Comments
This diagnostic statement protects against Windows File and Directory Permissions Modification through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1222.002 | Linux and Mac File and Directory Permissions Modification |
Comments
This diagnostic statement protects against Linux and Mac File and Directory Permissions Modification through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1484 | Domain or Tenant Policy Modification |
Comments
This diagnostic statement protects against Domain or Tenant Policy Modification through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1484.002 | Trust Modification |
Comments
This diagnostic statement protects against Trust Modification through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1485 | Data Destruction |
Comments
This diagnostic statement protects against Data Destruction through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1495 | Firmware Corruption |
Comments
This diagnostic statement protects against Firmware Corruption through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1505 | Server Software Component |
Comments
This diagnostic statement protects against Server Software Component through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1505.001 | SQL Stored Procedures |
Comments
This diagnostic statement protects against SQL Stored Procedures through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1505.002 | Transport Agent |
Comments
This diagnostic statement protects against Transport Agent through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1505.004 | IIS Components |
Comments
This diagnostic statement protects against IIS Components through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1525 | Implant Internal Image |
Comments
This diagnostic statement protects against Implant Internal Image through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1530 | Data from Cloud Storage |
Comments
This diagnostic statement protects against Data from Cloud Storage through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1539 | Steal Web Session Cookie |
Comments
This diagnostic statement protects against Steal Web Session Cookie through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1542 | Pre-OS Boot |
Comments
This diagnostic statement protects against Pre-OS Boot through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1542.001 | System Firmware |
Comments
This diagnostic statement protects against System Firmware through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1542.003 | Bootkit |
Comments
This diagnostic statement protects against Bootkit through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1542.005 | TFTP Boot |
Comments
This diagnostic statement protects against TFTP Boot through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1543 | Create or Modify System Process |
Comments
This diagnostic statement protects against Create or Modify System Process through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1543.002 | Systemd Service |
Comments
This diagnostic statement protects against Systemd Service through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1546 | Event Triggered Execution |
Comments
This diagnostic statement protects against Event Triggered Execution through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1546.003 | Windows Management Instrumentation Event Subscription |
Comments
This diagnostic statement protects against Windows Management Instrumentation Event Subscription through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1547 | Boot or Logon Autostart Execution |
Comments
This diagnostic statement protects against Boot or Logon Autostart Execution through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1547.006 | Kernel Modules and Extensions |
Comments
This diagnostic statement protects against Kernel Modules and Extensions through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1548 | Abuse Elevation Control Mechanism |
Comments
This diagnostic statement protects against Abuse Elevation Control Mechanism through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1548.002 | Bypass User Account Control |
Comments
This diagnostic statement protects against Bypass User Account Control through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1548.003 | Sudo and Sudo Caching |
Comments
This diagnostic statement protects against Sudo and Sudo Caching through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1548.006 | TCC Manipulation |
Comments
This diagnostic statement protects against TCC Manipulation through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1550 | Use Alternate Authentication Material |
Comments
This diagnostic statement protects against Use Alternate Authentication Material through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1550.002 | Pass the Hash |
Comments
This diagnostic statement protects against Pass the Hash through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1550.003 | Pass the Ticket |
Comments
This diagnostic statement protects against Pass the Ticket through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1552 | Unsecured Credentials |
Comments
This diagnostic statement protects against Unsecured Credentials through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1552.002 | Credentials in Registry |
Comments
This diagnostic statement protects against Credentials in Registry through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1552.007 | Container API |
Comments
This diagnostic statement protects against Container API through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1553 | Subvert Trust Controls |
Comments
This diagnostic statement protects against Subvert Trust Controls through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1553.006 | Code Signing Policy Modification |
Comments
This diagnostic statement protects against Code Signing Policy Modification through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1555 | Credentials from Password Stores |
Comments
This diagnostic statement protects against Credentials from Password Stores through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1555.006 | Cloud Secrets Management Stores |
Comments
This diagnostic statement protects against Cloud Secrets Management Stores through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556 | Modify Authentication Process |
Comments
This diagnostic statement protects against Modify Authentication Process through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556.001 | Domain Controller Authentication |
Comments
This diagnostic statement protects against Domain Controller Authentication through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556.003 | Pluggable Authentication Modules |
Comments
This diagnostic statement protects against Pluggable Authentication Modules through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556.004 | Network Device Authentication |
Comments
This diagnostic statement protects against Network Device Authentication through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556.005 | Reversible Encryption |
Comments
This diagnostic statement protects against Reversible Encryption through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556.006 | Multi-Factor Authentication |
Comments
This diagnostic statement protects against Multi-Factor Authentication through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1556.007 | Hybrid Identity |
Comments
This diagnostic statement protects against Hybrid Identity through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1558 | Steal or Forge Kerberos Tickets |
Comments
This diagnostic statement protects against Steal or Forge Kerberos Tickets through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1558.001 | Golden Ticket |
Comments
This diagnostic statement protects against Golden Ticket through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1558.002 | Silver Ticket |
Comments
This diagnostic statement protects against Silver Ticket through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1558.003 | Kerberoasting |
Comments
This diagnostic statement protects against Kerberoasting through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1559 | Inter-Process Communication |
Comments
This diagnostic statement protects against Inter-Process Communication through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1559.001 | Component Object Model |
Comments
This diagnostic statement protects against Component Object Model through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1562 | Impair Defenses |
Comments
This diagnostic statement protects against Impair Defenses through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1562.009 | Safe Mode Boot |
Comments
This diagnostic statement protects against Safe Mode Boot through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1563 | Remote Service Session Hijacking |
Comments
This diagnostic statement protects against Remote Service Session Hijacking through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1563.001 | SSH Hijacking |
Comments
This diagnostic statement protects against SSH Hijacking through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1563.002 | RDP Hijacking |
Comments
This diagnostic statement protects against RDP Hijacking through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1569 | System Services |
Comments
This diagnostic statement protects against System Services through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1569.002 | Service Execution |
Comments
This diagnostic statement protects against Service Execution through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1599 | Network Boundary Bridging |
Comments
This diagnostic statement protects against Network Boundary Bridging through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1599.001 | Network Address Translation Traversal |
Comments
This diagnostic statement protects against Network Address Translation Traversal through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1601 | Modify System Image |
Comments
This diagnostic statement protects against Modify System Image through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1601.001 | Patch System Image |
Comments
This diagnostic statement protects against Patch System Image through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1601.002 | Downgrade System Image |
Comments
This diagnostic statement protects against Downgrade System Image through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1606 | Forge Web Credentials |
Comments
This diagnostic statement protects against Forge Web Credentials through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1606.002 | SAML Tokens |
Comments
This diagnostic statement protects against SAML Tokens through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1609 | Container Administration Command |
Comments
This diagnostic statement protects against Container Administration Command through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1611 | Escape to Host |
Comments
This diagnostic statement protects against Escape to Host through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1612 | Build Image on Host |
Comments
This diagnostic statement protects against Build Image on Host through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1621 | Multi-Factor Authentication Request Generation |
Comments
This diagnostic statement protects against Multi-Factor Authentication Request Generation through the use of privileged account management and the use of multi-factor authentication.
|
| PR.AA-05.02 | Privileged system access | Mitigates | T1651 | Cloud Administration Command |
Comments
This diagnostic statement protects against Cloud Administration Command through the use of privileged account management and the use of multi-factor authentication.
|