NIST 800-53 Contingency Planning Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CP-10 System Recovery and Reconstitution Protects T1485 Data Destruction
CP-10 System Recovery and Reconstitution Protects T1486 Data Encrypted for Impact
CP-10 System Recovery and Reconstitution Protects T1490 Inhibit System Recovery
CP-10 System Recovery and Reconstitution Protects T1491 Defacement
CP-10 System Recovery and Reconstitution Protects T1491.001 Internal Defacement
CP-10 System Recovery and Reconstitution Protects T1491.002 External Defacement
CP-10 System Recovery and Reconstitution Protects T1561 Disk Wipe
CP-10 System Recovery and Reconstitution Protects T1561.001 Disk Content Wipe
CP-10 System Recovery and Reconstitution Protects T1561.002 Disk Structure Wipe
CP-10 System Recovery and Reconstitution Protects T1565 Data Manipulation
CP-10 System Recovery and Reconstitution Protects T1565.001 Stored Data Manipulation
CP-2 Contingency Plan Protects T1485 Data Destruction
CP-2 Contingency Plan Protects T1486 Data Encrypted for Impact
CP-2 Contingency Plan Protects T1490 Inhibit System Recovery
CP-2 Contingency Plan Protects T1491 Defacement
CP-2 Contingency Plan Protects T1491.001 Internal Defacement
CP-2 Contingency Plan Protects T1491.002 External Defacement
CP-2 Contingency Plan Protects T1561 Disk Wipe
CP-2 Contingency Plan Protects T1561.001 Disk Content Wipe
CP-2 Contingency Plan Protects T1561.002 Disk Structure Wipe
CP-6 Alternate Storage Site Protects T1070 Indicator Removal on Host
CP-6 Alternate Storage Site Protects T1070.001 Clear Windows Event Logs
CP-6 Alternate Storage Site Protects T1070.002 Clear Linux or Mac System Logs
CP-6 Alternate Storage Site Protects T1119 Automated Collection
CP-6 Alternate Storage Site Protects T1486 Data Encrypted for Impact
CP-6 Alternate Storage Site Protects T1565 Data Manipulation
CP-6 Alternate Storage Site Protects T1565.001 Stored Data Manipulation
CP-7 Alternate Processing Site Protects T1070 Indicator Removal on Host
CP-7 Alternate Processing Site Protects T1070.001 Clear Windows Event Logs
CP-7 Alternate Processing Site Protects T1070.002 Clear Linux or Mac System Logs
CP-7 Alternate Processing Site Protects T1119 Automated Collection
CP-7 Alternate Processing Site Protects T1485 Data Destruction
CP-7 Alternate Processing Site Protects T1486 Data Encrypted for Impact
CP-7 Alternate Processing Site Protects T1490 Inhibit System Recovery
CP-7 Alternate Processing Site Protects T1491 Defacement
CP-7 Alternate Processing Site Protects T1491.001 Internal Defacement
CP-7 Alternate Processing Site Protects T1491.002 External Defacement
CP-7 Alternate Processing Site Protects T1561 Disk Wipe
CP-7 Alternate Processing Site Protects T1561.001 Disk Content Wipe
CP-7 Alternate Processing Site Protects T1561.002 Disk Structure Wipe
CP-7 Alternate Processing Site Protects T1565 Data Manipulation
CP-7 Alternate Processing Site Protects T1565.001 Stored Data Manipulation
CP-9 System Backup Protects T1003 OS Credential Dumping
CP-9 System Backup Protects T1003.003 NTDS
CP-9 System Backup Protects T1070 Indicator Removal on Host
CP-9 System Backup Protects T1070.001 Clear Windows Event Logs
CP-9 System Backup Protects T1070.002 Clear Linux or Mac System Logs
CP-9 System Backup Protects T1119 Automated Collection
CP-9 System Backup Protects T1485 Data Destruction
CP-9 System Backup Protects T1486 Data Encrypted for Impact
CP-9 System Backup Protects T1490 Inhibit System Recovery
CP-9 System Backup Protects T1491 Defacement
CP-9 System Backup Protects T1491.001 Internal Defacement
CP-9 System Backup Protects T1491.002 External Defacement
CP-9 System Backup Protects T1561 Disk Wipe
CP-9 System Backup Protects T1561.001 Disk Content Wipe
CP-9 System Backup Protects T1561.002 Disk Structure Wipe
CP-9 System Backup Protects T1565 Data Manipulation
CP-9 System Backup Protects T1565.001 Stored Data Manipulation
CP-9 System Backup Protects T1565.003 Runtime Data Manipulation

Capabilities

Capability ID Capability Name Number of Mappings
CP-10 System Recovery and Reconstitution 11
CP-6 Alternate Storage Site 7
CP-9 System Backup 18
CP-2 Contingency Plan 9
CP-7 Alternate Processing Site 15