• xThreat Vector: Repudiation
IDNameBaselinesPriorityThreats
LowModerateHigh
AC-2Account Management
  • P1
STRIDE-LM
(2)Removal Of Temporary / Emergency Accounts 
  • P1
STRIDE-LM
(3)Disable Inactive Accounts 
  • P1
STRIDE-LM
(4)Automated Audit Actions 
  • P1
STRIDE-LM
(8)Dynamic Account Creation   
  • P1
STRIDE-LM
(10)Shared / Group Account Credential Termination   
  • P1
STRIDE-LM
(12)Account Monitoring / Atypical Usage  
  • P1
STRIDE-LM
AC-3(2)Dual Authorization   
  • P1
STRIDE-LM
AC-6(9)Auditing Use Of Privileged Functions 
  • P1
STRIDE-LM
AC-7(2)Purge / Wipe Mobile Device   
  • P2
STRIDE-LM
AC-11Session Lock 
  • P3
STRIDE-LM
AC-25Reference Monitor   
  • P0
STRIDE-LM
AU-3Content Of Audit Records
  • P1
STRIDE-LM
AU-6Audit Review, Analysis, And Reporting
  • P1
STRIDE-LM
(3)Correlate Audit Repositories 
  • P1
STRIDE-LM
(5)Integration / Scanning And Monitoring Capabilities  
  • P1
STRIDE-LM
(6)Correlation With Physical Monitoring  
  • P1
STRIDE-LM
(9)Correlation With Information From Nontechnical Sources   
  • P1
STRIDE-LM
AU-10Non-Repudiation  
  • P2
STRIDE-LM
(1)Association Of Identities   
  • P2
STRIDE-LM
(2)Validate Binding Of Information Producer Identity   
  • P2
STRIDE-LM
(3)Chain Of Custody   
  • P2
STRIDE-LM
(4)Validate Binding Of Information Reviewer Identity   
  • P2
STRIDE-LM
AU-13(2)Review Of Monitored Sites   
  • P0
STRIDE-LM
AU-14Session Audit   
  • P0
STRIDE-LM
(1)System Start-Up   
  • P0
STRIDE-LM
(2)Capture/Record And Log Content   
  • P0
STRIDE-LM
(3)Remote Viewing / Listening   
  • P0
STRIDE-LM
AU-16Cross-Organizational Auditing   
  • P0
STRIDE-LM
IA-2Identification And Authentication (Organizational Users)
  • P1
STRIDE-LM
(1)Network Access To Privileged Accounts
  • P1
STRIDE-LM
(2)Network Access To Non-Privileged Accounts 
  • P1
STRIDE-LM
(3)Local Access To Privileged Accounts 
  • P1
STRIDE-LM
(4)Local Access To Non-Privileged Accounts  
  • P1
STRIDE-LM
(5)Group Authentication   
  • P1
STRIDE-LM
IA-4Identifier Management
  • P1
STRIDE-LM
(1)Prohibit Account Identifiers As Public Identifiers   
  • P1
STRIDE-LM
(2)Supervisor Authorization   
  • P1
STRIDE-LM
(3)Multiple Forms Of Certification   
  • P1
STRIDE-LM
(4)Identify User Status   
  • P1
STRIDE-LM
(5)Dynamic Management   
  • P1
STRIDE-LM
(6)Cross-Organization Management   
  • P1
STRIDE-LM
(7)In-Person Registration   
  • P1
STRIDE-LM
IA-5Authenticator Management
  • P1
STRIDE-LM
(1)Password-Based Authentication
  • P1
STRIDE-LM
(2)Pki-Based Authentication 
  • P1
STRIDE-LM
(3)In-Person Or Trusted Third-Party Registration 
  • P1
STRIDE-LM
(5)Change Authenticators Prior To Delivery   
  • P1
STRIDE-LM
(9)Cross-Organization Credential Management   
  • P1
STRIDE-LM
(10)Dynamic Credential Association   
  • P1
STRIDE-LM