情報システム開発契約のセキュリティ仕様作成のためのガイドライン
認証方法のダンプ
をテンプレートにして作成
開始行:
[[設定対策]]
*認証方法のダンプ [#cddcc773]
**戦術 [#gdc4fa75]
水平展開
**対象OS[#t9758f3c]
-Linux
-Windows
-macOS
**必要なアクセス許可 [#qefaa41a]
-Administrator
-SYSTEM
-root
**概説 [#g2dd4d4b]
認証情報のダンプは、OSに保存されているアカウントのIDとパ...
-オフラインで解読するための資格情報のHasデータの抽出
-暗号化されていないプレーンテキストの抽出
-Kerberosチケットの抽出
**攻撃評価 [#j3989121]
|戦術分類|119 Value|Pen Value|
|初期侵入|RIGHT:3|RIGHT:3|
119 Value:Min:1 Max:3 数値が高いほど攻撃実績が多い~
Pen Value:Min:1 Max:3 数値が高いほどペネトレーションテス...
**MITRE 緩和策 [#s6343a97]
***Active Directoryの構成 [#odf6c3cc]
「ディレクトリの変更の複製」のアクセス制御リストと、ドメ...
※ディレクトリ変更の複製の権限は以下に与えられているため、...
また、Administrators, EnterpriseAdmin,DomainAdm...
|LEFT;250|CENTER;300|CENTER;300|c
|アカウント|ディレクトリの変更の&br;レプリケート(Pull)|デ...
|SYSTEM|〇|〇|
|Enteprise Read-Only Domain Controllers|〇||
|Domain Admin|〇|〇|
|Domain Controllers||〇|
|Enteprise Admin|〇|〇|
|Enterprise Key Admin|〇|〇|
|Administrators|〇|〇|
|Enteprise Domain Controllers||〇|
***資格情報アクセス保護 [#d4b1311a]
Windows 10では、Microsoftは、Credential Guardと呼ばれる新...
***オペレーティングシステムの構成 [#lacc19b8]
NTLMの無効化または制限を検討してください。
※NTLMを無効化すると、様々な影響が出ます。十分な検証をして...
[[NTLM使用ガイドの監査と制限:https://docs.microsoft.com/j...
***パスワードポリシー [#vdb1e5cc]
ローカル管理者アカウントには、ネットワーク上のすべてのシ...
※ローカルの管理者アカウントのID、パスワードが共通であると...
[[NIST Special Publication 800-63B Digital Identity Guide...
***特権アカウント管理 [#m6f64b60]
Windows~
厳密に制御されない限り、システム全体のローカル管理者グル...
※ローカルのAdministratorのパスワードを個別に設定するため...
~
Linux~
メモリからパスワードをスクレイピングするには、ルート権限...
***特権プロセスの整合性 [#u2febac0]
Windows 8.1およびWindows Server 2012 R2では、LSAのProtect...
[[追加の LSA の保護の構成:https://docs.microsoft.com/ja-j...
[[Windowsの新セキュリティ機能を検証する LSAの保護モードと...
***ユーザートレーニング [#o97825e5]
ユーザーと管理者が複数のアカウントに同じパスワードを使用...
※ローカルのAdministratorsのパスワードと、ドメインユーザー...
**Windows 10 STIG [#p798fbb8]
[[V-63797:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63429:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63347:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63335:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63413:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63415:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63419:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63711:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63421:https://www.stigviewer.com/stig/windows_10/2019...
[[V-71769:https://www.stigviewer.com/stig/windows_10/2019...
[[V-71763:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63383:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63381:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63385:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63389:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63669:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63423:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63371:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63721:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63617:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63747:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63625:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63627:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63729:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63709:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63733:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63639:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63405:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63409:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63643:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63647:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63645:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63427:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63653:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63661:https://www.stigviewer.com/stig/windows_10/2019...
**Windows Server 2016STIG [#x0a0afa8]
[[V-73325:https://www.stigviewer.com/stig/windows_server_...
[[V-73621:https://www.stigviewer.com/stig/windows_server_...
[[V-73599:https://www.stigviewer.com/stig/windows_server_...
[[V-73593:https://www.stigviewer.com/stig/windows_server_...
[[V-73687:https://www.stigviewer.com/stig/windows_server_...
[[V-73497:https://www.stigviewer.com/stig/windows_server_...
[[V-73223:https://www.stigviewer.com/stig/windows_server_...
[[V-73309:https://www.stigviewer.com/stig/windows_server_...
[[V-73261:https://www.stigviewer.com/stig/windows_server_...
[[V-73263:https://www.stigviewer.com/stig/windows_server_...
[[V-91779:https://www.stigviewer.com/stig/windows_server_...
[[V-73311:https://www.stigviewer.com/stig/windows_server_...
[[V-73313:https://www.stigviewer.com/stig/windows_server_...
[[V-73315:https://www.stigviewer.com/stig/windows_server_...
[[V-73317:https://www.stigviewer.com/stig/windows_server_...
[[V-73319:https://www.stigviewer.com/stig/windows_server_...
[[V-73657:https://www.stigviewer.com/stig/windows_server_...
[[V-73637:https://www.stigviewer.com/stig/windows_server_...
[[V-73635:https://www.stigviewer.com/stig/windows_server_...
[[V-73633:https://www.stigviewer.com/stig/windows_server_...
[[V-73631:https://www.stigviewer.com/stig/windows_server_...
[[V-73639:https://www.stigviewer.com/stig/windows_server_...
[[V-73321:https://www.stigviewer.com/stig/windows_server_...
[[V-73323:https://www.stigviewer.com/stig/windows_server_...
[[V-73641:https://www.stigviewer.com/stig/windows_server_...
[[V-73645:https://www.stigviewer.com/stig/windows_server_...
[[V-73625:https://www.stigviewer.com/stig/windows_server_...
[[V-73231:https://www.stigviewer.com/stig/windows_server_...
[[V-73617:https://www.stigviewer.com/stig/windows_server_...
[[V-73229:https://www.stigviewer.com/stig/windows_server_...
[[V-73567:https://www.stigviewer.com/stig/windows_server_...
[[V-73571:https://www.stigviewer.com/stig/windows_server_...
[[V-73677:https://www.stigviewer.com/stig/windows_server_...
[[V-73579:https://www.stigviewer.com/stig/windows_server_...
**Others [#a42a9efd]
[[Windows 認証での資格情報の処理:https://docs.microsoft.c...
終了行:
[[設定対策]]
*認証方法のダンプ [#cddcc773]
**戦術 [#gdc4fa75]
水平展開
**対象OS[#t9758f3c]
-Linux
-Windows
-macOS
**必要なアクセス許可 [#qefaa41a]
-Administrator
-SYSTEM
-root
**概説 [#g2dd4d4b]
認証情報のダンプは、OSに保存されているアカウントのIDとパ...
-オフラインで解読するための資格情報のHasデータの抽出
-暗号化されていないプレーンテキストの抽出
-Kerberosチケットの抽出
**攻撃評価 [#j3989121]
|戦術分類|119 Value|Pen Value|
|初期侵入|RIGHT:3|RIGHT:3|
119 Value:Min:1 Max:3 数値が高いほど攻撃実績が多い~
Pen Value:Min:1 Max:3 数値が高いほどペネトレーションテス...
**MITRE 緩和策 [#s6343a97]
***Active Directoryの構成 [#odf6c3cc]
「ディレクトリの変更の複製」のアクセス制御リストと、ドメ...
※ディレクトリ変更の複製の権限は以下に与えられているため、...
また、Administrators, EnterpriseAdmin,DomainAdm...
|LEFT;250|CENTER;300|CENTER;300|c
|アカウント|ディレクトリの変更の&br;レプリケート(Pull)|デ...
|SYSTEM|〇|〇|
|Enteprise Read-Only Domain Controllers|〇||
|Domain Admin|〇|〇|
|Domain Controllers||〇|
|Enteprise Admin|〇|〇|
|Enterprise Key Admin|〇|〇|
|Administrators|〇|〇|
|Enteprise Domain Controllers||〇|
***資格情報アクセス保護 [#d4b1311a]
Windows 10では、Microsoftは、Credential Guardと呼ばれる新...
***オペレーティングシステムの構成 [#lacc19b8]
NTLMの無効化または制限を検討してください。
※NTLMを無効化すると、様々な影響が出ます。十分な検証をして...
[[NTLM使用ガイドの監査と制限:https://docs.microsoft.com/j...
***パスワードポリシー [#vdb1e5cc]
ローカル管理者アカウントには、ネットワーク上のすべてのシ...
※ローカルの管理者アカウントのID、パスワードが共通であると...
[[NIST Special Publication 800-63B Digital Identity Guide...
***特権アカウント管理 [#m6f64b60]
Windows~
厳密に制御されない限り、システム全体のローカル管理者グル...
※ローカルのAdministratorのパスワードを個別に設定するため...
~
Linux~
メモリからパスワードをスクレイピングするには、ルート権限...
***特権プロセスの整合性 [#u2febac0]
Windows 8.1およびWindows Server 2012 R2では、LSAのProtect...
[[追加の LSA の保護の構成:https://docs.microsoft.com/ja-j...
[[Windowsの新セキュリティ機能を検証する LSAの保護モードと...
***ユーザートレーニング [#o97825e5]
ユーザーと管理者が複数のアカウントに同じパスワードを使用...
※ローカルのAdministratorsのパスワードと、ドメインユーザー...
**Windows 10 STIG [#p798fbb8]
[[V-63797:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63429:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63347:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63335:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63413:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63415:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63419:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63711:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63421:https://www.stigviewer.com/stig/windows_10/2019...
[[V-71769:https://www.stigviewer.com/stig/windows_10/2019...
[[V-71763:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63383:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63381:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63385:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63389:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63669:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63423:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63371:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63721:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63617:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63747:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63625:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63627:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63729:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63709:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63733:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63639:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63405:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63409:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63643:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63647:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63645:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63427:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63653:https://www.stigviewer.com/stig/windows_10/2019...
[[V-63661:https://www.stigviewer.com/stig/windows_10/2019...
**Windows Server 2016STIG [#x0a0afa8]
[[V-73325:https://www.stigviewer.com/stig/windows_server_...
[[V-73621:https://www.stigviewer.com/stig/windows_server_...
[[V-73599:https://www.stigviewer.com/stig/windows_server_...
[[V-73593:https://www.stigviewer.com/stig/windows_server_...
[[V-73687:https://www.stigviewer.com/stig/windows_server_...
[[V-73497:https://www.stigviewer.com/stig/windows_server_...
[[V-73223:https://www.stigviewer.com/stig/windows_server_...
[[V-73309:https://www.stigviewer.com/stig/windows_server_...
[[V-73261:https://www.stigviewer.com/stig/windows_server_...
[[V-73263:https://www.stigviewer.com/stig/windows_server_...
[[V-91779:https://www.stigviewer.com/stig/windows_server_...
[[V-73311:https://www.stigviewer.com/stig/windows_server_...
[[V-73313:https://www.stigviewer.com/stig/windows_server_...
[[V-73315:https://www.stigviewer.com/stig/windows_server_...
[[V-73317:https://www.stigviewer.com/stig/windows_server_...
[[V-73319:https://www.stigviewer.com/stig/windows_server_...
[[V-73657:https://www.stigviewer.com/stig/windows_server_...
[[V-73637:https://www.stigviewer.com/stig/windows_server_...
[[V-73635:https://www.stigviewer.com/stig/windows_server_...
[[V-73633:https://www.stigviewer.com/stig/windows_server_...
[[V-73631:https://www.stigviewer.com/stig/windows_server_...
[[V-73639:https://www.stigviewer.com/stig/windows_server_...
[[V-73321:https://www.stigviewer.com/stig/windows_server_...
[[V-73323:https://www.stigviewer.com/stig/windows_server_...
[[V-73641:https://www.stigviewer.com/stig/windows_server_...
[[V-73645:https://www.stigviewer.com/stig/windows_server_...
[[V-73625:https://www.stigviewer.com/stig/windows_server_...
[[V-73231:https://www.stigviewer.com/stig/windows_server_...
[[V-73617:https://www.stigviewer.com/stig/windows_server_...
[[V-73229:https://www.stigviewer.com/stig/windows_server_...
[[V-73567:https://www.stigviewer.com/stig/windows_server_...
[[V-73571:https://www.stigviewer.com/stig/windows_server_...
[[V-73677:https://www.stigviewer.com/stig/windows_server_...
[[V-73579:https://www.stigviewer.com/stig/windows_server_...
**Others [#a42a9efd]
[[Windows 認証での資格情報の処理:https://docs.microsoft.c...
ページ名:
