| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1498.001 | Direct Network Flood |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to conduct DoS attacks. Implementing mitigation strategies, such as filtering network traffic and using ISP or third-party providers, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1498.002 | Reflection Amplification |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to conduct DoS attacks. Implementing mitigation strategies, such as filtering network traffic, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1498 | Network Denial of Service |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to conduct DoS attacks. Implementing mitigation strategies, such as filtering network traffic, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1499.004 | Application or System Exploitation |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to conduct DoS attacks. Implementing mitigation strategies, such as filtering network traffic, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1499.003 | Application Exhaustion Flood |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to exploit software vulnerabilities that can cause an application or system to crash. Implementing mitigation strategies, such as filtering network traffic, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1499.002 | Service Exhaustion Flood |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to conduct DoS attacks. Implementing mitigation strategies, such as filtering network traffic, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1499 | Endpoint Denial of Service |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to block availability of services to user by attempting to conduct DoS attacks. Implementing mitigation strategies, such as filtering network traffic, enables blocking IP addresses and protocols used for transport.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1561.002 | Disk Structure Wipe |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to disrupt availability by attempting to corrupt or wipe the disk data structures on a hard drive. Implementing mitigation strategies, such as data backup, enables the restoration of organizational plans and critical information.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1561.001 | Disk Content Wipe |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to disrupt availability by attempting to erase contents of storage devices on systems and networks. Implementing mitigation strategies, such as data backup, enables the restoration of organizational plans and critical information.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1561 | Disk Wipe |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to disrupt availability by attempting to render stored data on local and remote drives via encryption. Implementing mitigation strategies, such as data backup, enables the restoration of organizational plans and critical information.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1486 | Data Encrypted for Impact |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to disrupt availability by attempting to wiping disk data on system and network resources. Implementing mitigation strategies, such as data backup, enables the restoration of organizational plans and critical information.
|
| PR.IR-04.02 | Availability and capacity management | Mitigates | T1485 | Data Destruction |
Comments
This diagnostic approach safeguards systems and network resources from adversaries seeking to disrupt availability by destroying data files. Implementing mitigation strategies, such as data backup, enables the restoration of organizational plans and critical information. Additionally, the use of multi-factor authentication serves as an effective measure to restrict unauthorized access to credentials, thereby reducing the risk of data destruction.
|