Skip to content

Commit 04bb629

Browse files
DebLangerDebLanger
authored
Update predefined-classification-rules-and-levels.md
1 parent 92f6261 commit 04bb629

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

exposure-management/predefined-classification-rules-and-levels.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ Current asset types are:
3333
| Backup | Device | Medium | Backup server is responsible for safeguarding data through regular backups, ensuring data protection and disaster recovery readiness. |
3434
| Domain Admin Device | Device | High | Domain admin devices are devices that one or more of the domain admins are frequently logged into. These devices are likely to store related files, documents, and credentials used by the domain admins. |
3535
| Domain Controller | Device | High | Domain controller server is responsible for user authentication, authorization, and centralized management of network resources within an active directory domain. |
36-
| DNS | Device | Medium | The DNS server is essential for resolving domain names to IP addresses, enabling network communication and access to resources both internally and externally. |
36+
| DNS | Device | Low | The DNS server is essential for resolving domain names to IP addresses, enabling network communication and access to resources both internally and externally. |
3737
| Exchange | Device | Medium | Exchange server is responsible for all the mail traffic within the organization. Depending on the setup and architecture, each server might hold several mail databases that store highly sensitive organizational information. |
3838
| SCCM | Device | Medium | SCCM is used for managing endpoints in a large network, including patch management, software distribution, and inventory management. |
3939
| IT Admin Device | Device | Medium | Critical devices used to configure, manage, and monitor the assets within the organization are vital for IT administration and are at high risk of cyber threats. They require top-level security to prevent unauthorized access. |
@@ -106,4 +106,4 @@ Current asset types are:
106106
| Immutable Azure Storage | Cloud resource | Medium | This rule applies to Azure storage accounts that have immutability support enabled. Immutability stores business data in a write once read many (WORM) state, and usually indicates that the storage account holds critical or sensitive data that must be protected from modification. |
107107
| Immutable and Locked Azure Storage | Cloud resource | High | This rule applies to Azure storage accounts that have immutability support enabled with a locked policy. Immutability stores business data in a write once read many (WORM). Data protection is increased with a locked policy to ensure that data can’t be deleted or its retention time shortened. These settings usually indicate that the storage account holds critical or sensitive data that must be protected from modification or deletion. Data might also need to align with compliance policies for data protection. |
108108
| Azure Virtual Machine with a Critical User Signed-in | Cloud resource | High | This rule applies to virtual machines protected by Defender for Endpoint, where a user with a high or very high criticality level is signed in. The signed-in user can be through a joined or registered device, an active browser session, or other means. |
109-
| Azure Key Vaults with Many Connected Identities | Cloud resource | High | This rule identifies Key Vaults that can be accessed by a large number of identities, compared to other Key Vaults. This often indicates that the Key Vault is used by critical workloads, such as production services. |
109+
| Azure Key Vaults with Many Connected Identities | Cloud resource | High | This rule identifies Key Vaults that can be accessed by a large number of identities, compared to other Key Vaults. This often indicates that the Key Vault is used by critical workloads, such as production services. |

0 commit comments

Comments
 (0)