Alternate storage sites are geographically distinct from primary storage sites and maintain duplicate copies of information and data if the primary storage site is not available. Similarly, alternate processing sites provide processing capability if the primary processing site is not available. Geographically distributed architectures that support contingency requirements may be considered alternate storage sites. Items covered by alternate storage site agreements include environmental conditions at the alternate sites, access rules for systems and facilities, physical and environmental protection requirements, and coordination of delivery and retrieval of backup media. Alternate storage sites reflect the requirements in contingency plans so that organizations can maintain essential mission and business functions despite compromise, failure, or disruption in organizational systems.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| CP-6 | Alternate Storage Site | Protects | T1070 | Indicator Removal on Host |
| CP-6 | Alternate Storage Site | Protects | T1070.001 | Clear Windows Event Logs |
| CP-6 | Alternate Storage Site | Protects | T1486 | Data Encrypted for Impact |
| CP-6 | Alternate Storage Site | Protects | T1565 | Data Manipulation |
| CP-6 | Alternate Storage Site | Protects | T1565.001 | Stored Data Manipulation |
| CP-6 | Alternate Storage Site | Protects | T1070.002 | Clear Linux or Mac System Logs |
| CP-6 | Alternate Storage Site | Protects | T1119 | Automated Collection |
| CP-6 | Alternate Storage Site | Protects | T1070.008 | Clear Mailbox Data |