Skip to content

Hide Navigation Hide TOC

Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea)

Use remote security log and sensitive file storage where access can be controlled better to prevent exposure of intrusion detection log data or sensitive information.

Cluster A Galaxy A Cluster B Galaxy B Level
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Clear Network Connection History and Configurations - T1070.007 (3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Clear Persistence - T1070.009 (d2c4e5ea-dbdf-4113-805a-b1e2a337fb33) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Automated Collection - T1119 (30208d3e-0d6b-43c8-883e-44462a514619) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Clear Command History - T1070.003 (3aef9463-9a7a-43ba-8957-a867e07c1e6a) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Clear Windows Event Logs - T1070.001 (6495ae23-3ab4-43c5-a94f-5638a2c31fd2) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Software Deployment Tools - T1072 (92a78814-b191-47ca-909c-1ccfe3777414) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Clear Mailbox Data - T1070.008 (438c967d-3996-4870-bfc2-3954752a1927) Attack Pattern 1
Remote Data Storage - M1029 (20a2baeb-98c2-4901-bad7-dc62d0a03dea) Course of Action Clear Linux or Mac System Logs - T1070.002 (2bce5b30-7014-4a5d-ade7-12913fe6ac36) Attack Pattern 1
Clear Network Connection History and Configurations - T1070.007 (3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc) Attack Pattern Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 2
Clear Persistence - T1070.009 (d2c4e5ea-dbdf-4113-805a-b1e2a337fb33) Attack Pattern Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 2
Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern 2
Clear Command History - T1070.003 (3aef9463-9a7a-43ba-8957-a867e07c1e6a) Attack Pattern Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern Clear Windows Event Logs - T1070.001 (6495ae23-3ab4-43c5-a94f-5638a2c31fd2) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern Clear Mailbox Data - T1070.008 (438c967d-3996-4870-bfc2-3954752a1927) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern Clear Linux or Mac System Logs - T1070.002 (2bce5b30-7014-4a5d-ade7-12913fe6ac36) Attack Pattern 2