| ID | Name |
|---|---|
| ATAGS-T1146.001 | Local Groups |
| ATAGS-T1146.002 | Domain Groups |
| ATAGS-T1146.003 | Cloud Groups |
Threat Actors may attempt to find domain-level groups and permission settings. The knowledge of domain-level permission groups can help Threat Actors determine which groups exist and which users belong to a particular group. Threat Actors may use this information to determine which users have elevated permissions, such as domain administrators.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.