• xThreat Vector: Information Disclosure
IDNameImplementation GroupsThreats
IG1IG2IG3
13Data Protection   STRIDE-LM
13.2Remove Sensitive Data or Systems Not Regularly Accessed by OrganizationSTRIDE-LM
13.3Monitor and Block Unauthorized Network Traffic  STRIDE-LM
13.4Only Allow Access to Authorized Cloud Storage or Email Providers STRIDE-LM
13.5Monitor and Detect Any Unauthorized Use of Encryption  STRIDE-LM
13.6Encrypt Mobile Device DataSTRIDE-LM
13.7Manage USB Devices STRIDE-LM
13.8Manage System's External Removable Media's Read/Write Configurations  STRIDE-LM
13.9Encrypt Data on USB Storage Devices  STRIDE-LM
14Controlled Access Based on the Need to Know   STRIDE-LM
14.1Segment the Network Based on Sensitivity STRIDE-LM
14.2Enable Firewall Filtering Between VLANs STRIDE-LM
14.3Disable Workstation to Workstation Communication STRIDE-LM
14.4Encrypt All Sensitive Information in Transit STRIDE-LM
14.6Protect Information Through Access Control ListsSTRIDE-LM
14.7Enforce Access Control to Data Through Automated Tools  STRIDE-LM
15Wireless Access Control   STRIDE-LM
15.7Leverage the Advanced Encryption Standard (AES) to Encrypt Wireless DataSTRIDE-LM
16Account Monitoring and Control   STRIDE-LM
16.4Encrypt or Hash all Authentication Credentials STRIDE-LM
16.5Encrypt Transmittal of Username and Authentication Credentials STRIDE-LM
18Application Software Security   STRIDE-LM
18.2Ensure That Explicit Error Checking is Performed for All In-House Developed Software STRIDE-LM
18.5Use Only Standardized and Extensively Reviewed Encryption Algorithms STRIDE-LM
18.11Use Standard Hardening Configuration Templates for Databases STRIDE-LM