1
Q
Identify Critical Information
A
- analyzing friendly and adversary strategies to achieve objectives
2
Q
Analyze the Threat
A
- adversaries with the INTENT and CAPABILITY to be a threat to our mission.
3
Q
Analyze vulnerabilities
A
- when critical information is susceptible to exploitation by an adversary.
4
Q
Indicator
A
- any detectable activity or information that, when looked at by itself or in conjunction with something else, POINTS TO VULNERABILITIES
- ex: uniforms in unusual places, cars in a parking lot.
5
Q
Indicators that establish a profile
A
- activities that show patterns of an organization
6
Q
Indicators that show a deviation
A
- activities not part of an organizations normal conduct
7
Q
Tip off indicators
A
- activities that give the adversary direction on where to focus their intel
8
Q
What are 3 types of indicators
A
1) Indicators that establish a profile
2) Indicators that show deviation
3) Tip off indicators
9
Q
Assess risk
A
- risk is the likelihood that an adversary with gather and exploit your critical information
10
Q
2 basic ways to assess risks:
A
1) Intuitive reasoning approach
2) Committee approach
11
Q
Intuitive reasoning approach
A
- done alone and based on personal experience
12
Q
Committee approach
A
- a group of people look at the problem
- PREFERRED METHOD
13
Q
RISK =
A
Threat x Vulnerability x Impact
14
Q
Apply Countermeasure
A
- a countermeasure is anything that effectively reduces an adversaries ability to exploit vulnerabilities.
- a “smarter way” of doing a task.
15
Q
Types of countermeasures:
A
- changes in procedure
- controlling dissemination
- cover and deception
- speed and execution
- awareness training
16
Q
Awareness training
A
- educates personnel about the threat and collection methods used by adversaries.
- MOST EFFECTIVE
17
Q
OPSEC PROCESS:
A
1) IDENTIFY CRITICAL INFORMATION
2) ANALYZE THE THREAT
3) ANALYZE VULNERABILITIES
4) ASSESS RISK
5) APPLY COUNTERMEASURES
