![]() ![]() F.1.7.6 Threat Event 6-Compromise of the Integrity of the Device or Its Network Communications via Installation of Malicious EMM/MDM, Network, VPN Profiles, or Certificates.F.1.7.7 Threat Event 7-Loss of Confidentiality of Sensitive Information via Eavesdropping on Unencrypted Device Communications.F.1.7.8 Threat Event 8-Compromise of Device Integrity via Observed, Inferred, or Brute-Forced Device Unlock Code.F.1.7.9 Threat Event 9-Unauthorized Access to Backend Services via Authentication or Credential Storage Vulnerabilities in Internally Developed Applications.F.1.7.10 Threat Event 10-Unauthorized Access of Enterprise Resources from an Unmanaged and Potentially Compromised Device.F.1.7.11 Threat Event 11-Loss of Organizational Data Due to a Lost or Stolen Device.F.1.7.12 Threat Event 12-Loss of Confidentiality of Organizational Data Due to Its Unauthorized Storage to Non-Organizationally Managed Services.F.1.8 Task 2-3: Identify Vulnerabilities and Predisposing Conditions.F.1.9 Task 2-4: Determine Likelihood of a Threat and the Likelihood of the Threat Having Adverse Impacts.F.1.10 Task 2-5: Determine the Extent of Adverse Impacts.F.1.11 Task 2-6: Determine Risk to Organization.G.1 Data Action 1: Blocking Access and Wiping Devices.G.1.1 Potential Problem for Individuals.G.2.1 Potential Problem for Individuals.G.3 Data Action 3: Data Sharing Across Parties.G.3.1 Potential Problems for Individuals. ![]() G.4 Mitigations Applicable Across Various Data Actions.Appendix H Threat Event Test Information.H.1 Threat Event 1-Unauthorized Access to Sensitive Information via a Malicious or Privacy-Intrusive Application.H.8 Threat Event 8-Compromise of Device Integrity via Observed, Inferred, or Brute-Forced Device Unlock Code.H.7 Threat Event 7-Loss of Confidentiality of Sensitive Information via Eavesdropping on Unencrypted Device Communications.H.6 Threat Event 6-Compromise of the Integrity of the Device or Its Network Communications via Installation of Malicious EMM/Mobile Device Management, Network, Virtual Private Network (VPN) Profiles, or Certificates.H.5 Threat Event 5-Violation of Privacy via Misuse of Device Sensors.H.4 Threat Event 4-Confidentiality and Integrity Loss due to Exploitation of Known Vulnerability in the Operating System or Firmware.H.3 Threat Event 3-Malicious Applications Installed via URLs in SMS or Email Messages.H.2 Threat Event 2-Theft of Credentials Through a Short Message Service (SMS) or Email Phishing Campaign. H.10 Threat Event 10-Unauthorized Access of Enterprise Resources from an Unmanaged and Potentially Compromised Device.H.9 Threat Event 9-Unauthorized Access to Backend Services via Authentication or Credential Storage Vulnerabilities in Internally Developed Applications. H.11 Threat Event 11-Loss of Organizational Data Due to a Lost or Stolen Device. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |