• xBaseline: Moderate
  • xThreat Vector: Spoofing
  • xThreat Vector: Tampering
IDNameBaselinesThreats
LowModerateHighPrivacy
AC-2Account Management STRIDE-LM
(1)Automated System Account Management  STRIDE-LM
(2)Automated Temporary and Emergency Account Management  STRIDE-LM
(3)Disable Accounts  STRIDE-LM
(4)Automated Audit Actions  STRIDE-LM
(5)Inactivity Logout  STRIDE-LM
AC-3Access Enforcement STRIDE-LM
AC-4Information Flow Enforcement  STRIDE-LM
AC-7Unsuccessful Logon Attempts STRIDE-LM
AC-11Device Lock  STRIDE-LM
AC-12Session Termination  STRIDE-LM
AC-17(2)Protection of Confidentiality and Integrity Using Encryption  STRIDE-LM
AC-19(5)Full Device or Container-based Encryption  STRIDE-LM
AU-6Audit Record Review, Analysis, and Reporting STRIDE-LM
(3)Correlate Audit Record Repositories  STRIDE-LM
AU-9Protection of Audit Information STRIDE-LM
(4)Access by Subset of Privileged Users  STRIDE-LM
CM-3Configuration Change Control  STRIDE-LM
(2)Testing, Validation, and Documentation of Changes  STRIDE-LM
(4)Security and Privacy Representatives  STRIDE-LM
CM-5Access Restrictions for Change STRIDE-LM
IA-2Identification and Authentication (organizational Users) STRIDE-LM
(1)Multi-factor Authentication to Privileged Accounts STRIDE-LM
(2)Multi-factor Authentication to Non-privileged Accounts STRIDE-LM
(8)Access to Accounts - Replay Resistant STRIDE-LM
IA-3Device Identification and Authentication  STRIDE-LM
IA-4Identifier Management STRIDE-LM
(4)Identify User Status  STRIDE-LM
IA-5Authenticator Management STRIDE-LM
(1)Password-based Authentication STRIDE-LM
(2)Public Key-based Authentication  STRIDE-LM
(6)Protection of Authenticators  STRIDE-LM
IA-7Cryptographic Module Authentication STRIDE-LM
IA-8Identification and Authentication (non-organizational Users) STRIDE-LM
(1)Acceptance of Piv Credentials from Other Agencies STRIDE-LM
(2)Acceptance of External Authenticators STRIDE-LM
(4)Use of Defined Profiles STRIDE-LM
IA-11Re-authentication STRIDE-LM
IA-12(2)Identity Evidence  STRIDE-LM
(3)Identity Evidence Validation and Verification  STRIDE-LM
(5)Address Confirmation  STRIDE-LM
MA-2Controlled Maintenance STRIDE-LM
MA-3Maintenance Tools  STRIDE-LM
(1)Inspect Tools  STRIDE-LM
(2)Inspect Media  STRIDE-LM
(3)Prevent Unauthorized Removal  STRIDE-LM
MA-4Nonlocal Maintenance STRIDE-LM
MA-5Maintenance Personnel STRIDE-LM
MP-2Media Access STRIDE-LM
MP-4Media Storage  STRIDE-LM