NIST 800-53 r5 · Controls catalogue · Family SC
SC-30Concealment and Misdirection
Employ the following concealment and misdirection techniques for {{ insert: param, sc-30_odp.02 }} at {{ insert: param, sc-30_odp.03 }} to confuse and mislead adversaries: {{ insert: param, sc-30_odp.01 }}.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (7)
- T1068 Exploitation for Privilege Escalation Privilege Escalation
- T1189 Drive-by Compromise Initial Access
- T1190 Exploit Public-Facing Application Initial Access
- T1203 Exploitation for Client Execution Execution
- T1210 Exploitation of Remote Services Lateral Movement
- T1211 Exploitation for Stealth Stealth
- T1212 Exploitation for Credential Access Credential Access
Weaknesses this control addresses (7)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | 10,204 | Concealment techniques directly prevent real sensitive data from being exposed to adversaries. |
CWE-203 | Observable Discrepancy | 836 | Misdirection can normalize or falsify responses to eliminate observable discrepancies that aid reconnaissance. |
CWE-209 | Generation of Error Message Containing Sensitive Information | 642 | Misdirection allows generation of misleading error messages that withhold or falsify sensitive details. |
CWE-497 | Exposure of Sensitive System Information to an Unauthorized Control Sphere | 314 | System information is concealed or replaced with decoys, reducing leakage to unauthorized observers. |
CWE-204 | Observable Response Discrepancy | 149 | Fake or randomized responses remove distinguishable success/failure signals attackers rely on. |
CWE-208 | Observable Timing Discrepancy | 121 | Timing randomization or delays can mask true operation timing and mislead timing-based attacks. |
CWE-548 | Exposure of Information Through Directory Listing | 54 | Directory listings and resource enumeration can be suppressed or populated with misleading entries. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
CVE-2025-13476 | 2.0 | 9.8 | 0.0002 | good |