• xThreat Vector: Lateral Movement
IDNameImplementation GroupsThreats
1Inventory and Control of Enterprise Assets   STRIDE-LM
1.5Use a Passive Asset Discovery Tool  STRIDE-LM
4Secure Configuration of Enterprise Assets and Software   STRIDE-LM
4.4Implement and Manage a Firewall on ServersSTRIDE-LM
4.5Implement and Manage a Firewall on End-User DevicesSTRIDE-LM
4.8Uninstall or Disable Unnecessary Services on Enterprise Assets and Software STRIDE-LM
6Access Control Management   STRIDE-LM
6.3Require MFA for Externally-Exposed ApplicationsSTRIDE-LM
6.4Require MFA for Remote Network AccessSTRIDE-LM
9Email and Web Browser Protections   STRIDE-LM
9.1Ensure Use of Only Fully Supported Browsers and Email ClientsSTRIDE-LM
9.4Restrict Unnecessary or Unauthorized Browser and Email Client Extensions STRIDE-LM
9.7Deploy and Maintain Email Server Anti-Malware Protections  STRIDE-LM
10Malware Defenses   STRIDE-LM
10.1Deploy and Maintain Anti-Malware SoftwareSTRIDE-LM
10.2Configure Automatic Anti-Malware Signature UpdatesSTRIDE-LM
10.3Disable Autorun and Autoplay for Removable MediaSTRIDE-LM
10.4Configure Automatic Anti-Malware Scanning of Removable Media STRIDE-LM
12Network Infrastructure Management   STRIDE-LM
12.2Establish and Maintain a Secure Network Architecture STRIDE-LM
12.6Use of Secure Network Management and Communication Protocols STRIDE-LM
12.8Establish and Maintain Dedicated Computing Resources for All Administrative Work  STRIDE-LM
13Network Monitoring and Defense   STRIDE-LM
13.3Deploy a Network Intrusion Detection Solution STRIDE-LM
13.4Perform Traffic Filtering Between Network Segments STRIDE-LM
13.5Manage Access Control for Remote Assets STRIDE-LM
13.8Deploy a Network Intrusion Prevention Solution  STRIDE-LM
13.10Perform Application Layer Filtering  STRIDE-LM