IA-6: Authentication Feedback
From NIST's SP800-53:
Obscure feedback of authentication information during the authentication process to protect the information from possible exploitation and use by unauthorized individuals.
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
SP800-53 Control Mapped to NIST Cyber Security Framework
Generated from NISTs SP800-53/CSF Crosswalk mappings.
| Control ID | Description |
|---|---|
| PR.AC-1 | Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes |
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1578.003 | Delete Cloud Instance | Defense Evasion |
| T1530 | Data from Cloud Storage | Collection |
| T1578 | Modify Cloud Compute Infrastructure | Defense Evasion |
| T1563 | Remote Service Session Hijacking | Lateral Movement |
| T1021.005 | VNC | Lateral Movement |
| T1021.001 | Remote Desktop Protocol | Lateral Movement |
| T1578.001 | Create Snapshot | Defense Evasion |
| T1578.002 | Create Cloud Instance | Defense Evasion |