NIST 800-53 IA-4 Mappings

Common device identifiers include Media Access Control (MAC) addresses, Internet Protocol (IP) addresses, or device-unique token identifiers. The management of individual identifiers is not applicable to shared system accounts. Typically, individual identifiers are the usernames of the system accounts assigned to those individuals. In such instances, the account management activities of AC-02 use account names provided by IA-04. Identifier management also addresses individual identifiers not necessarily associated with system accounts. Preventing the reuse of identifiers implies preventing the assignment of previously used individual, group, role, service, or device identifiers to different individuals, groups, roles, services, or devices.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
IA-4 Identifier Management Protects T1021.001 Remote Desktop Protocol
IA-4 Identifier Management Protects T1053 Scheduled Task/Job
IA-4 Identifier Management Protects T1053.002 At (Windows)
IA-4 Identifier Management Protects T1053.005 Scheduled Task
IA-4 Identifier Management Protects T1537 Transfer Data to Cloud Account
IA-4 Identifier Management Protects T1543 Create or Modify System Process
IA-4 Identifier Management Protects T1547.006 Kernel Modules and Extensions
IA-4 Identifier Management Protects T1550.001 Application Access Token
IA-4 Identifier Management Protects T1552.005 Cloud Instance Metadata API
IA-4 Identifier Management Protects T1562 Impair Defenses
IA-4 Identifier Management Protects T1602.002 Network Device Configuration Dump
IA-4 Identifier Management Protects T1003 OS Credential Dumping
IA-4 Identifier Management Protects T1003.005 Cached Domain Credentials
IA-4 Identifier Management Protects T1003.006 DCSync
IA-4 Identifier Management Protects T1021.005 VNC
IA-4 Identifier Management Protects T1110 Brute Force
IA-4 Identifier Management Protects T1110.003 Password Spraying
IA-4 Identifier Management Protects T1110.004 Credential Stuffing
IA-4 Identifier Management Protects T1213 Data from Information Repositories
IA-4 Identifier Management Protects T1213.001 Confluence
IA-4 Identifier Management Protects T1213.002 Sharepoint
IA-4 Identifier Management Protects T1552 Unsecured Credentials
IA-4 Identifier Management Protects T1563 Remote Service Session Hijacking
IA-4 Identifier Management Protects T1578 Modify Cloud Compute Infrastructure
IA-4 Identifier Management Protects T1578.001 Create Snapshot
IA-4 Identifier Management Protects T1578.002 Create Cloud Instance
IA-4 Identifier Management Protects T1578.003 Delete Cloud Instance
IA-4 Identifier Management Protects T1602 Data from Configuration Repository
IA-4 Identifier Management Protects T1602.001 SNMP (MIB Dump)
IA-4 Identifier Management Protects T1110.001 Password Guessing
IA-4 Identifier Management Protects T1110.002 Password Cracking
IA-4 Identifier Management Protects T1528 Steal Application Access Token
IA-4 Identifier Management Protects T1530 Data from Cloud Storage Object