• xThreat Vector: Spoofing
AC-2Account Management STRIDE-LM
(1)Automated System Account Management  STRIDE-LM
(2)Automated Temporary and Emergency Account Management  STRIDE-LM
(3)Disable Accounts  STRIDE-LM
(4)Automated Audit Actions  STRIDE-LM
(5)Inactivity Logout  STRIDE-LM
(6)Dynamic Privilege Management    STRIDE-LM
(8)Dynamic Account Management    STRIDE-LM
(12)Account Monitoring for Atypical Usage   STRIDE-LM
AC-4Information Flow Enforcement  STRIDE-LM
(1)Object Security and Privacy Attributes    STRIDE-LM
(2)Processing Domains    STRIDE-LM
(3)Dynamic Information Flow Control    STRIDE-LM
(4)Flow Control of Encrypted Information   STRIDE-LM
(7)One-way Flow Mechanisms    STRIDE-LM
(8)Security and Privacy Policy Filters    STRIDE-LM
(9)Human Reviews    STRIDE-LM
(12)Data Type Identifiers    STRIDE-LM
(13)Decomposition into Policy-relevant Subcomponents    STRIDE-LM
(17)Domain Authentication    STRIDE-LM
AC-7Unsuccessful Logon Attempts STRIDE-LM
(3)Biometric Attempt Limiting    STRIDE-LM
(4)Use of Alternate Authentication Factor    STRIDE-LM
AC-9Previous Logon Notification    STRIDE-LM
(3)Notification of Account Changes    STRIDE-LM
AC-10Concurrent Session Control   STRIDE-LM
AC-11Device Lock  STRIDE-LM
AC-12Session Termination  STRIDE-LM
AC-17(10)Authenticate Remote Commands    STRIDE-LM
AC-24Access Control Decisions    STRIDE-LM
AU-6Audit Record Review, Analysis, and Reporting STRIDE-LM
(3)Correlate Audit Record Repositories  STRIDE-LM
(5)Integrated Analysis of Audit Records   STRIDE-LM
(6)Correlation with Physical Monitoring   STRIDE-LM
(9)Correlation with Information from Nontechnical Sources    STRIDE-LM
AU-16(3)Disassociability    STRIDE-LM
IA-2Identification and Authentication (organizational Users) STRIDE-LM
(1)Multi-factor Authentication to Privileged Accounts STRIDE-LM
(2)Multi-factor Authentication to Non-privileged Accounts STRIDE-LM
(6)Access to Accounts - Separate Device    STRIDE-LM
(8)Access to Accounts - Replay Resistant STRIDE-LM
IA-3Device Identification and Authentication  STRIDE-LM
(1)Cryptographic Bidirectional Authentication    STRIDE-LM
(3)Dynamic Address Allocation    STRIDE-LM
(4)Device Attestation    STRIDE-LM
IA-4Identifier Management STRIDE-LM
(1)Prohibit Account Identifiers as Public Identifiers    STRIDE-LM
(4)Identify User Status  STRIDE-LM
(5)Dynamic Management    STRIDE-LM
(6)Cross-organization Management    STRIDE-LM