| CP-10 |
System Recovery and Reconstitution |
Protects |
T1485 |
Data Destruction |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1486 |
Data Encrypted for Impact |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1490 |
Inhibit System Recovery |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1491 |
Defacement |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1491.001 |
Internal Defacement |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1491.002 |
External Defacement |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1561 |
Disk Wipe |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1561.001 |
Disk Content Wipe |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1561.002 |
Disk Structure Wipe |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1565 |
Data Manipulation |
| CP-10 |
System Recovery and Reconstitution |
Protects |
T1565.001 |
Stored Data Manipulation |
| CP-2 |
Contingency Plan |
Protects |
T1485 |
Data Destruction |
| CP-2 |
Contingency Plan |
Protects |
T1486 |
Data Encrypted for Impact |
| CP-2 |
Contingency Plan |
Protects |
T1490 |
Inhibit System Recovery |
| CP-2 |
Contingency Plan |
Protects |
T1491 |
Defacement |
| CP-2 |
Contingency Plan |
Protects |
T1491.001 |
Internal Defacement |
| CP-2 |
Contingency Plan |
Protects |
T1491.002 |
External Defacement |
| CP-2 |
Contingency Plan |
Protects |
T1561 |
Disk Wipe |
| CP-2 |
Contingency Plan |
Protects |
T1561.001 |
Disk Content Wipe |
| CP-2 |
Contingency Plan |
Protects |
T1561.002 |
Disk Structure Wipe |
| CP-6 |
Alternate Storage Site |
Protects |
T1070 |
Indicator Removal on Host |
| CP-6 |
Alternate Storage Site |
Protects |
T1070.001 |
Clear Windows Event Logs |
| CP-6 |
Alternate Storage Site |
Protects |
T1070.002 |
Clear Linux or Mac System Logs |
| CP-6 |
Alternate Storage Site |
Protects |
T1119 |
Automated Collection |
| CP-6 |
Alternate Storage Site |
Protects |
T1486 |
Data Encrypted for Impact |
| CP-6 |
Alternate Storage Site |
Protects |
T1565 |
Data Manipulation |
| CP-6 |
Alternate Storage Site |
Protects |
T1565.001 |
Stored Data Manipulation |
| CP-7 |
Alternate Processing Site |
Protects |
T1070 |
Indicator Removal on Host |
| CP-7 |
Alternate Processing Site |
Protects |
T1070.001 |
Clear Windows Event Logs |
| CP-7 |
Alternate Processing Site |
Protects |
T1070.002 |
Clear Linux or Mac System Logs |
| CP-7 |
Alternate Processing Site |
Protects |
T1119 |
Automated Collection |
| CP-7 |
Alternate Processing Site |
Protects |
T1485 |
Data Destruction |
| CP-7 |
Alternate Processing Site |
Protects |
T1486 |
Data Encrypted for Impact |
| CP-7 |
Alternate Processing Site |
Protects |
T1490 |
Inhibit System Recovery |
| CP-7 |
Alternate Processing Site |
Protects |
T1491 |
Defacement |
| CP-7 |
Alternate Processing Site |
Protects |
T1491.001 |
Internal Defacement |
| CP-7 |
Alternate Processing Site |
Protects |
T1491.002 |
External Defacement |
| CP-7 |
Alternate Processing Site |
Protects |
T1561 |
Disk Wipe |
| CP-7 |
Alternate Processing Site |
Protects |
T1561.001 |
Disk Content Wipe |
| CP-7 |
Alternate Processing Site |
Protects |
T1561.002 |
Disk Structure Wipe |
| CP-7 |
Alternate Processing Site |
Protects |
T1565 |
Data Manipulation |
| CP-7 |
Alternate Processing Site |
Protects |
T1565.001 |
Stored Data Manipulation |
| CP-9 |
System Backup |
Protects |
T1003 |
OS Credential Dumping |
| CP-9 |
System Backup |
Protects |
T1003.003 |
NTDS |
| CP-9 |
System Backup |
Protects |
T1070 |
Indicator Removal on Host |
| CP-9 |
System Backup |
Protects |
T1070.001 |
Clear Windows Event Logs |
| CP-9 |
System Backup |
Protects |
T1070.002 |
Clear Linux or Mac System Logs |
| CP-9 |
System Backup |
Protects |
T1119 |
Automated Collection |
| CP-9 |
System Backup |
Protects |
T1485 |
Data Destruction |
| CP-9 |
System Backup |
Protects |
T1486 |
Data Encrypted for Impact |
| CP-9 |
System Backup |
Protects |
T1490 |
Inhibit System Recovery |
| CP-9 |
System Backup |
Protects |
T1491 |
Defacement |
| CP-9 |
System Backup |
Protects |
T1491.001 |
Internal Defacement |
| CP-9 |
System Backup |
Protects |
T1491.002 |
External Defacement |
| CP-9 |
System Backup |
Protects |
T1561 |
Disk Wipe |
| CP-9 |
System Backup |
Protects |
T1561.001 |
Disk Content Wipe |
| CP-9 |
System Backup |
Protects |
T1561.002 |
Disk Structure Wipe |
| CP-9 |
System Backup |
Protects |
T1565 |
Data Manipulation |
| CP-9 |
System Backup |
Protects |
T1565.001 |
Stored Data Manipulation |
| CP-9 |
System Backup |
Protects |
T1565.003 |
Runtime Data Manipulation |
