SC-4: Information in Shared System Resources
From NIST's SP800-53:
Prevent unauthorized and unintended information transfer via shared system resources.
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1558 | Steal or Forge Kerberos Tickets | Credential Access |
| T1552.001 | Credentials In Files | Credential Access |
| T1552 | Unsecured Credentials | Credential Access |
| T1080 | Taint Shared Content | Lateral Movement |
| T1558.004 | AS-REP Roasting | Credential Access |
| T1602 | Data from Configuration Repository | Collection |
| T1565.003 | Runtime Data Manipulation | Impact |
| T1119 | Automated Collection | Collection |
| T1020.001 | Traffic Duplication | Exfiltration |
| T1602.002 | Network Device Configuration Dump | Collection |
| T1070.008 | Clear Mailbox Data | Defense Evasion |
| T1070.001 | Clear Windows Event Logs | Defense Evasion |
| T1040 | Network Sniffing | Credential Access, Discovery |
| T1602.001 | SNMP (MIB Dump) | Collection |
| T1558.002 | Silver Ticket | Credential Access |
| T1565.001 | Stored Data Manipulation | Impact |
| T1565.002 | Transmitted Data Manipulation | Impact |
| T1552.004 | Private Keys | Credential Access |
| T1557.002 | ARP Cache Poisoning | Collection, Credential Access |
| T1530 | Data from Cloud Storage | Collection |
| T1070 | Indicator Removal | Defense Evasion |
| T1565 | Data Manipulation | Impact |
| T1070.002 | Clear Linux or Mac System Logs | Defense Evasion |
| T1558.003 | Kerberoasting | Credential Access |
| T1552.002 | Credentials in Registry | Credential Access |
| T1595.003 | Wordlist Scanning | Reconnaissance |
| T1564.009 | Resource Forking | Defense Evasion |
| T1557 | Adversary-in-the-Middle | Collection, Credential Access |