NIST 800-53 SC-30 Mappings

Concealment and misdirection techniques can significantly reduce the targeting capabilities of adversaries (i.e., window of opportunity and available attack surface) to initiate and complete attacks. For example, virtualization techniques provide organizations with the ability to disguise systems, potentially reducing the likelihood of successful attacks without the cost of having multiple platforms. The increased use of concealment and misdirection techniques and methods—including randomness, uncertainty, and virtualization—may sufficiently confuse and mislead adversaries and subsequently increase the risk of discovery and/or exposing tradecraft. Concealment and misdirection techniques may provide additional time to perform core mission and business functions. The implementation of concealment and misdirection techniques may add to the complexity and management overhead required for the system.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SC-30 Concealment and Misdirection Protects T1068 Exploitation for Privilege Escalation
SC-30 Concealment and Misdirection Protects T1189 Drive-by Compromise
SC-30 Concealment and Misdirection Protects T1190 Exploit Public-Facing Application
SC-30 Concealment and Misdirection Protects T1203 Exploitation for Client Execution
SC-30 Concealment and Misdirection Protects T1210 Exploitation of Remote Services
SC-30 Concealment and Misdirection Protects T1211 Exploitation for Defense Evasion
SC-30 Concealment and Misdirection Protects T1212 Exploitation for Credential Access