Description
Employ [Assignment: organization-defined data mining prevention and detection techniques] for [Assignment: organization-defined data storage objects] to detect and protect against unauthorized data mining.
Supplemental Guidance
Data storage objects include database records and database fields. Sensitive information can be extracted from data warehouses, databases, and data storage objects through data mining. Data mining prevention and detection techniques include limiting the types of responses provided to database queries, limiting the number or frequency of database queries to increase the work factor needed to determine the contents of databases, and notifying organizational personnel when atypical database queries or accesses occur.
Changes from Rev 4
No significant changes from Rev 4.
MITRE ATT&CK Techniques (15)
ATT&CK v16.1Techniques mitigated by this control, mapped via CTID.