IA-7: Cryptographic Module Authentication
From NIST's SP800-53:
Implement mechanisms for authentication to a cryptographic module that meet the requirements of applicable laws, executive orders, directives, policies, regulations, standards, and guidelines for such authentication.
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
SP800-53 Control Mapped to NIST Cyber Security Framework
Generated from NISTs SP800-53/CSF Crosswalk mappings.
| Control ID | Description |
|---|---|
| PR.AC-1 | Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes |
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1542.003 | Bootkit | Defense Evasion, Persistence |
| T1495 | Firmware Corruption | Impact |
| T1542.001 | System Firmware | Defense Evasion, Persistence |
| T1601.002 | Downgrade System Image | Defense Evasion |
| T1542.004 | ROMMONkit | Defense Evasion, Persistence |
| T1601.001 | Patch System Image | Defense Evasion |
| T1542 | Pre-OS Boot | Defense Evasion, Persistence |
| T1553 | Subvert Trust Controls | Defense Evasion |
| T1553.006 | Code Signing Policy Modification | Defense Evasion |
| T1195.003 | Compromise Hardware Supply Chain | Initial Access |
| T1601 | Modify System Image | Defense Evasion |
| T1542.005 | TFTP Boot | Defense Evasion, Persistence |