• xThreat Vector: Tampering
IDNameImplementation GroupsThreats
1Inventory and Control of Enterprise Assets   STRIDE-LM
1.2Address Unauthorized AssetsSTRIDE-LM
2Inventory and Control of Software Assets   STRIDE-LM
2.3Address Unauthorized SoftwareSTRIDE-LM
3Data Protection   STRIDE-LM
3.3Configure Data Access Control ListsSTRIDE-LM
3.6Encrypt Data on End-User DevicesSTRIDE-LM
3.9Encrypt Data on Removable Media STRIDE-LM
3.10Encrypt Sensitive Data in Transit STRIDE-LM
3.11Encrypt Sensitive Data at Rest STRIDE-LM
3.12Segment Data Processing and Storage Based on Sensitivity STRIDE-LM
4Secure Configuration of Enterprise Assets and Software   STRIDE-LM
4.1Establish and Maintain a Secure Configuration ProcessSTRIDE-LM
4.2Establish and Maintain a Secure Configuration Process for Network InfrastructureSTRIDE-LM
4.10Enforce Automatic Device Lockout on Portable End-User Devices STRIDE-LM
4.11Enforce Remote Wipe Capability on Portable End-User Devices STRIDE-LM
8Audit Log Management   STRIDE-LM
8.2Collect Audit LogsSTRIDE-LM
8.4Standardize Time Synchronization STRIDE-LM
8.5Collect Detailed Audit Logs STRIDE-LM
8.8Collect Command-Line Audit Logs STRIDE-LM
11Data Recovery   STRIDE-LM
11.3Protect Recovery DataSTRIDE-LM
11.4Establish and Maintain an Isolated Instance of Recovery DataSTRIDE-LM
12Network Infrastructure Management   STRIDE-LM
12.6Use of Secure Network Management and Communication Protocols STRIDE-LM
13Network Monitoring and Defense   STRIDE-LM
13.2Deploy a Host-Based Intrusion Detection Solution STRIDE-LM
13.7Deploy a Host-Based Intrusion Prevention Solution  STRIDE-LM
16Application Software Security   STRIDE-LM
16.8Separate Production and Non-Production Systems STRIDE-LM