SC-41: Port and I/O Device Access

From NIST's SP800-53:

[Selection: Physically; Logically] disable or remove [Assignment: organization-defined connection ports or input/output devices] on the following systems or system components: [Assignment: organization-defined systems or system components].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
PR.PT-4	Communications and control networks are protected

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1052.001	Exfiltration over USB	Exfiltration
T1025	Data from Removable Media	Collection
T1052	Exfiltration Over Physical Medium	Exfiltration
T1200	Hardware Additions	Initial Access
T1091	Replication Through Removable Media	Initial Access, Lateral Movement