IDNameBaselinesThreats
    LowModerateHighPrivacy
    AC-17Remote Access STRIDE-LM
    (1)Monitoring and Control  STRIDE-LM
    (2)Protection of Confidentiality and Integrity Using Encryption  STRIDE-LM
    (3)Managed Access Control Points  STRIDE-LM
    (4)Privileged Commands and Access  STRIDE-LM
    (6)Protection of Mechanism Information    STRIDE-LM
    (9)Disconnect or Disable Access    STRIDE-LM
    (10)Authenticate Remote Commands    STRIDE-LM
    AC-18Wireless Access STRIDE-LM
    (1)Authentication and Encryption  STRIDE-LM
    (3)Disable Wireless Networking  STRIDE-LM
    (4)Restrict Configurations by Users   STRIDE-LM
    (5)Antennas and Transmission Power Levels   STRIDE-LM
    AC-19Access Control for Mobile Devices STRIDE-LM
    (4)Restrictions for Classified Information    STRIDE-LM
    (5)Full Device or Container-based Encryption  STRIDE-LM
    AC-20Use of External Systems STRIDE-LM
    (1)Limits on Authorized Use  STRIDE-LM
    (2)Portable Storage Devices - Restricted Use  STRIDE-LM
    (3)Non-organizationally Owned Systems - Restricted Use    STRIDE-LM
    (4)Network Accessible Storage Devices - Prohibited Use    STRIDE-LM
    (5)Portable Storage Devices - Prohibited Use    STRIDE-LM
    AC-21Information Sharing  STRIDE-LM
    (1)Automated Decision Support    STRIDE-LM
    (2)Information Search and Retrieval    STRIDE-LM
    AC-22Publicly Accessible Content STRIDE-LM
    AC-23Data Mining Protection    STRIDE-LM
    AC-24Access Control Decisions    STRIDE-LM
    (1)Transmit Access Authorization Information    STRIDE-LM
    (2)No User or Process Identity    STRIDE-LM
    AC-25Reference Monitor    STRIDE-LM
    AT-1Policy and ProceduresSTRIDE-LM
    AT-2Literacy Training and AwarenessSTRIDE-LM
    (1)Practical Exercises    STRIDE-LM
    (2)Insider Threat STRIDE-LM
    (3)Social Engineering and Mining  STRIDE-LM
    (4)Suspicious Communications and Anomalous System Behavior    STRIDE-LM
    (5)Advanced Persistent Threat    STRIDE-LM
    (6)Cyber Threat Environment    STRIDE-LM
    AT-3Role-based TrainingSTRIDE-LM
    (1)Environmental Controls    STRIDE-LM
    (2)Physical Security Controls    STRIDE-LM
    (3)Practical Exercises    STRIDE-LM
    (5)Processing Personally Identifiable Information   STRIDE-LM
    AT-4Training RecordsSTRIDE-LM
    AT-6Training Feedback    STRIDE-LM
    AU-1Policy and ProceduresSTRIDE-LM
    AU-2Event LoggingSTRIDE-LM
    AU-3Content of Audit Records STRIDE-LM
    (1)Additional Audit Information  STRIDE-LM