RISK-004 Lateral Movement via Local Administrator

Detalhes e análise do risco

Critical Open Operational
Edit Back
Risk ID
RISK-004
Risk Title
Lateral Movement via Local Administrator
Category (ISO 31000)
Operational
Risk Description
Attackers use shared local administrator passwords to move across the network.
Risk Type
Operational
Responsável
Not specified
Status
Open
Applicable Framework
Qriar IAM Security Framework
Ativo de Informação
Not specified
Fonte de Ameaça
Not specified
Data de Revisão
Not specified
Inherent Risk
12345
Catastrófico 5 10 15 20 25
Maior 4 8 12 16 20
Moderado 3 6 9 12 15
Menor 2 4 6 8 10
Insignif. 1 2 3 4 5
Rare Unlikely Possible Likely Almost Certain
Residual Risk
12345
Catastrófico 5 10 15 20 25
Maior 4 8 12 16 20
Moderado 3 6 9 12 15
Menor 2 4 6 8 10
Insignif. 1 2 3 4 5
Rare Unlikely Possible Likely Almost Certain
Descrição do Cenário
Not specified
-
Frequência Mín.
-
Frequência Máx.
-
Magnitude Mín.
-
Magnitude Máx.
-
Expectativa de Perda Anual (BRL)
Resposta ao Risco
Modify
Response Status
Planned
Plano de Resposta
Not specified
Notas de Mitigação
Not specified
ID Risk Description Domínio
PAM-003 Remove local administrator account and use LAPS for unique, per-workstation rotated passwords. Privileged Access (PAM)
PAM-004 Implement a Tiered Model (Tiering/Red Forest): Tier 0 admins never log on to Tier 1/2. Privileged Access (PAM)
No history recorded.
Inherent Score
16
Critical
Residual Score
16
Critical
Probability (1-5)
4/5 4/5
Impact (1-5)
4/5 4/5
Created on
17/12/2025 03:54
Atualizado em
26/02/2026 06:45