| ID | Name |
|---|---|
| T2032.001 | CAN Restrict |
| T2032.002 | Disable Memory Protection |
| T2032.003 | Disable or Modify System Firewall |
Adversaries may disable or modify system firewalls in order to bypass controls limiting network usage. Changes could be disabling the entire mechanism as well as adding, deleting, or modifying particular rules. This can be done numerous ways depending on the operating system, including via command-line, editing Windows Registry keys, and Windows Control Panel.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.