6.Intro to CWO

Question 1

National Security Strategy (NSS)

Answer 1

-Highest level of strategic planning
-Prepared by president, his cabinet and support staff–submitted to congress
-Legal foundation for the document is spelled out in the Goldwater-Nichols Act of 1986, which helped streamline the military chain of command.
-More policy rather than strategy

Question 2

National Defense Strategy (NDS)

Answer 2

-Developed by the DOD and signed by the SecDef
-Set of overarching defense objectives that guide the DOD’s security activities and provide direction for the National Military Strategy

Question 3

National Defense Strategy (NDS) – Two main goals

Answer 3

1. To restore America’s competitive edge by blocking global rivals Russia and China from challenging the U.S. and our allies.
2. To keep those rivals from throwing the current international order out of balance.

Question 4

National Defense Strategy (NDS) – Three lines of effort

Answer 4

1. Build a more lethal force
2. Strengthen alliances and find new partners
3. Reform the Department

Question 5

National Military Strategy (NMS)

Answer 5

–CJCS, JCS, CCMD, and OSD prepare the NMS and deliver to SecDef
–Briefly outlines the strategic aims of the armed services by supporting the NSS and implementing the NDS
–Chief source of guidance is the NSS.
–Provides focus for military activities by defining a set of interrelated military objectives from which the service chiefs and CCMD identify desired capabilities

Question 6

National Military Strategy (NMS) – Five mission areas

Answer 6

1. Respond to threats
2. Deter strategic attack (and proliferation of WMD)
3. Deter conventional attack
4. Assure allies and partners
5. Compete below the level of armed conflict (with a military dimension

Question 7

National Military Strategy for Cyberspace Operations (NMS-CO)

Answer 7

The Armed Forces’ comprehensive strategic approach for using cyberspace operations to assure US military strategic superiority in the cyber domain.

Question 8

Joint Publication (JP) 3–12, Cyberspace Operations

Answer 8

Sets forth joint doctrine to govern the activities and performance of the military in joint cyberspace operations, and provide considerations for military interaction with governmental, and non-governmental agencies, multinational forces, and other inter-organizational partners.

Question 9

Air Force Doctrine Document (AFDD) 3–12

Answer 9

The Air Force’s foundational doctrine publication for AF ops in, through, and from the cyberspace domain.

Question 10

Air Force Policy Directive (AFPD) 17–2

Answer 10

• Establishes Air Force policy for planning and executing Air Force and joint cyberspace operations
• states the cyberspace operations related responsibilities of MAJCOMs

Question 11

COCOM

Answer 11

Non-transferable command authority – Authority to perform those functions of command over assigned forces involving organizing and employing commands and forces; assigning tasks; designating objectives; and giving authoritative direction over all aspects of military operations, joint training, and logistics necessary to accomplish the missions assigned to the command.
Logistics

Question 12

ADCON

Answer 12

The direction or exercise of authority over subordinate or other organizations with respect to administration and support.
Not a warfighting authority

Question 13

OPCON

Answer 13

The authority to perform the functions of command over subordinate forces involving organizing and employing commands and forces, assigning tasks, designating objectives, and giving authoritative direction necessary to accomplish the mission.
Delegatable
does not include authoritative direction for logistics or matters of administration, discipline, internal organization, or unit training.

Question 14

TACON

Answer 14

The authority over forces that is limited to the detailed direction and control of movements and maneuvers within the operational area necessary to accomplish missions or tasks.
Small scale

Question 15

Support (Command Authority)

Answer 15

– Aids, protects, complements, or sustains another force.
– Used when neither OPCON nor TACON is appropriate.
– SecDef specifies support relationships between CCDRs.

Question 16

General Support

Answer 16

That support which is given to the supported force as a whole rather than to a particular subdivision thereof

Question 17

Mutual Support

Answer 17

That support which units render each other against an enemy because of their assigned tasks, their position relative to each other and to the enemy, and their inherent capabilities

Question 18

Direct Support

Answer 18

A mission requiring a force to support another specific force and authorizing it to answer directly to the supported force’s request for assistance

Question 19

Close Support

Answer 19

That action of the supporting force against targets or objectives that are sufficiently near the supported force as to require detailed integration or coordination of the supporting action with the fire, movement, or other actions of the supported force.

Question 20

Department of Defense Information Network (DODIN)

Answer 20

– Renamed from the GIG, in 2013, this is the globally interconnected, end-to-end set of information capabilities.
– Includes all owned and leased communications and computing systems and service
– Supports the DOD, national security, and related IC missions and functions
– Provides capes for all operating locations

Question 21

Cyber Mission Force (CMF)

Answer 21

– Directed by USCYBERCOM to be their action arm in and through cyberspace.
– Consisting of 133 Cyber Mission Teams, Joint Forces Headquarters-Cyber (JFHQ-C), and a Cyber National Mission Force.

Question 22

Drove CMF Creation – DODs 3 mission areas

Answer 22

1. Secure, Operate, and Defend the DODIN
2. Defend the Nation against cyberspace attack
3. Provide CCMD support

Question 23

Three lines of operations, by which the CMF carries out the three mission areas

Answer 23

1. DODIN Operations
2. Defensive Cyberspace Operations (DCO)
3. Offensive Cyberspace Operations (OCO)

Question 24

CMF three subordinate commands

Answer 24

1. Cyber National Mission Force (CNMF)
2. Cyber Protection Force (CPF)
3. Cyber Combat Mission Force (CCMF)

Question 25

CNMF / CNMF-HQ

Answer 25

-Direct and synchronize full spectrum cyberspace operations to, on order, deter, disrupt, and if necessary, defeat adversary cyberspace actors in order to defend the DODIN, US critical infrastructure/key resources, and the nation
-defend the US and its interests against cyberspace attacks of significant consequence

Question 26

National Mission Teams (NMTs)

Answer 26

– Aligned against a specific cyber threat.
– Tactical units - missions normally include defensive cyberspace operations-response actions (DCO-RA), in order to protect and defend the DODIN or other blue cyberspace, when ordered.

Question 27

National Support Teams (NSTs)

Answer 27

Provide specialized technical, analytic, and planning support to NMTs.

Question 28

Cyberspace Protection Force (CPF)

Answer 28

– “Largest slice of CMF pie” 68 CPTs
– Enable a supported commander’s mission capabilities and in supporting infrastructure by conducting survey, secure, protect, and recover missions to prepare local cyberspace defenders to sustain an advanced cyberspace defense posture and to defend the supported commander’s critical assets and Cyberspace Key Terrain (C-KT)
– Conduct hunt missions to determine if a suspected compromise has taken place

Question 29

Joint Force Headquarters-DoDIN (JFHQ-DODIN)

Answer 29

– Provides unity of command and unity of effort to secure, operate, and defend the DODIN.
– Operates as a C2 headquarters
– Employs an operational-level C2 approach.
– Delegated directive authority of cyberspace operations over all DOD agencies by CDRUSSTRATCOM

Question 30

Cyber Protection Teams (CPTs)

Answer 30

– Operate the CVA/H weapon system
– Real-time DCO

Question 31

DODIN CPTs

Answer 31

Conduct their mission on DODIN systems and networks in support of DISA

Question 32

CCMD CPTs

Answer 32

Assigned to specific MAJCOMs in support of the respective missions – Directed by MAJCOM they are under

Question 33

National CPTs

Answer 33

– Fall under the Cyber Protection Force, operationally, but they report directly to CNMF-HQ.
– Operate within the AOR of CNMF includes U.S. critical infrastructure/key terrain (CI/KR) and national interests.

Question 34

Service CPTs

Answer 34

Aligned to a particular military branch – support missions within that service.

Question 35

Cyberspace Combat Mission Force (CCMF)

Answer 35

– Provide integrated cyberspace capabilities to support military operations and contingency plans.
– Where OCOs are carried out.
– Directed by JFHQ-C

Question 36

JFHQ-C

Answer 36

– Supports the geographic and functional CCMDs across the globe
– Execute OPCON over the Combat Mission Teams (CMTs) and Combat Support Teams (CSTs)
– led by dual-hatted service cyberspace component commanders

Question 37

Army Cyber Command (ARCYBER)

Answer 37

-U.S. Central Command (USCENTCOM)

-U.S. Africa Command (USAFRICOM)

-U.S. Northern Command (USNORTHCOM)

Question 38

U.S. Fleet Cyber Command (FLTCYBER)

Answer 38

-U.S. Indo-Pacific Command (USINDOPACOM)

-U.S. Southern Command (USSOUTHCOM)

Question 39

Marine Corps Forces Cyberspace Command (MARFORCYBER)

Answer 39

-U.S. Special Operations Command (USSOCOM)

Question 40

Air Forces Cyber (AFCYBER)

Answer 40

-U.S. European Command (USEUCOM)

-U.S. Strategic Command (USSTRATCOM)

-U.S. Transportation Command (USTRANSCOM)

Question 41

Combat Mission Teams (CMTs)

Answer 41

– 27 CMTs within the CMF
– Designated by the USCYBERCOM commander and operate at the tactical level of authority
– Comprised of dedicated interactive operators, analysts, targeteers, analyst reporters, linguists, and leadership.
– Conduct planned operations in support of CCMD contingency plans, crisis action plans, or other CCMD validated requirements for cyberspace effect

Question 42

Combat Support Teams (CSTs)

Answer 42

– Comprised of capability developers, OCO analysts and planners, and DCO analysts and DCO mitigation planners.
– Develop and employ offensive cyberspace capabilities to achieve, or directly support the achievement of CCMD objectives while being integrated, synchronized and/or de-conflicted with operations in other domains

Question 43

Defend the Nation Against Cyberspace Attack (CMF Mission Area)

Answer 43

– If directed by the president or the SecDef, the US military may conduct cyberspace operations to counter an imminent or on-going attack against the US homeland or interests in cyberspace
– To blunt attack and prevent damage to key infrastructure or loss of life.

Question 44

Defend the Nation Against Cyberspace Attack (CMF Mission Area)

Answer 44

– If directed by the president or the SecDef, the US military may conduct cyberspace operations to counter an imminent or on-going attack against the US homeland or interests in cyberspace
– To blunt attack and prevent damage to key infrastructure or loss of life.

Question 45

Secure, Operate, and Defend the DODIN (CMF Mission Area)

Answer 45

– Be able to secure its own networks against attack and recover quickly if security measures fail
– Prepare and be ready to operate in an environment where access to cyberspace is contested

Question 46

Provide CCMD Support (CMF Mission Area)

Answer 46

– OCOs in support of CCMDs directed by pres or SecDef to deter or defeat strategic threats in other domains

Question 47

DODIN Ops

Answer 47

– Proactive manner
– Designing, building, configuring, securing, operating, maintaining, and sustaining the information environment that we rely on for operations

Question 48

DCO

Answer 48

– Passive and active cyberspace defense activities
– Designed to change current paradigm where attackers have advantage
– Ability to discover, detect, analyze, and mitigate threats, to include insider threats

Question 49

OCO

Answer 49

Project power by the application of force in and through cyberspace. These operations are authorized like operations in the physical domains.

Question 50

Defensive Cyberspace Operations-Internal Defensive Measures (DCO-IDM)

Answer 50

– Hunting on friendly cyber terrain for threats that evade our security and directing appropriate internal responses.
– Detect, defend, analyze, and stop threats and vulnerabilities.

Question 51

Defensive Cyberspace Operations-Responsive Actions (DCO-RA)

Answer 51

– More-so about going after the threat less about defending.
– Can operate in redspace “best defense is a good offense” stop them before they get to us
– NMTs are the sole entity who conduct DCO-RAs

Question 52

Cyber Operational Preparation of the Environment (OPE)

Answer 52

– Non-intelligence enabling activities conducted to plan and prepare for followup cyber actions
– Testing a way into the box, pre-staging tools, creating/modifying accounts, setting up beacons, and much more

Question 53

Cyber Intelligence, Surveillance, and Reconnaissance (ISR)

Answer 53

Focuses on tactical and operational intelligence and on mapping adversary cyberspace to support planning and future OCO/DCO

Question 54

Information Operations (IO)

Answer 54

Intended to influence, disrupt, corrupt, or usurp the decision-making of adversaries and potential adversaries while protecting our own.
3 Dimension
- Physical
- Information
- Cognative

Question 55

Physical Dimension (IO)

Answer 55

–Control systems, key decision makers, and supporting infrastructure that enable individuals and organizations to create effects.
– Includes, but is not limited to, people, command and control facilities, newspapers, books, microwave towers, laptops, smart phones, computers, or any other objects that are subject to empirical measurement
– Not confined solely to military or even nation-based systems and processes; it is a defused network connected across national, economic, and geographical boundaries.

Question 56

Information Dimension (IO)

Answer 56

– Where and how information is collected, processed, stored, disseminated, and protected
– Command and control of military forces is exercised and where the commander’s intent is conveyed

Question 57

Cognitive Dimension (IO)

Answer 57

– Minds of those who transmit, receive, and respond to or act on information and their processing, perception and judgement.
– Influenced by their individual and cultural beliefs, norms, vulnerabilities, motivations, emotions, experiences, morals, education, mental health, identities, and ideologies

Question 58

Information Assurance (IA)

Answer 58

– Process of processing, storing, and transmitting the right information to the right people at the right time

Question 59

Wing Cybersecurity Office (WCO)

Answer 59

Addresses all cybersecurity requirements on the base for IT under the control of the base communications squadron/flight, including IT of tenant units unless formal agreements exist

Question 59

Wing Cybersecurity Office (WCO)

Answer 59

Addresses all cybersecurity requirements on the base for IT under the control of the base communications squadron/flight, including IT of tenant units unless formal agreements exist

Question 60

Information Assurance Officer (IAO)

Answer 60

Unit-level position that acts as the single liaison between the organization and the WCO for all Computer Security (COMPUSEC) matters under the IA program

Question 61

Special Security Officer (SSO)

Answer 61

– Security management, operation, implementation, use and dissemination of all types of SCI material within their respective organization. Including dev of classification guides and markings
– Personnel security, communications security, physical security, information security, and/or computer security

Question 62

Information System/COMSEC Users

Answer 62

Responsible for knowing the required safeguards, and using them in accordance with their assigned duties

Question 63

OPSEC Process

Answer 63

1. Identification of Critical Information
2. Analysis of threats
3. Analysis of vulnerabilities
4. Assessment of risk
5. Application of appropriate OPSEC countermeasures

Question 64

16th Air Force (AFCYBER)

Answer 64

Integrates multisource intelligence, surveillance, and reconnaissance, cyber warfare, electronic warfare, and information operations capabilities across the conflict continuum to ensure that our Air Force is fast, lethal and fully integrated in both competition and in war. Sixteenth Air Force provides mission integration of Information Warfare (IW) at operational and tactical levels… recognizing the role of information in creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Question 65

616th Operations Center (616 OC)

Answer 65

Receives orders and tasks from U.S. Cyber Command and, in turn, tasks 16th AF subordinate units to perform a wide range of cyber missions in support of Air Force and joint force commanders
– C3MS Weapon System

Question 66

67th Cyberspace Wing (67 CW)

Answer 66

Lackland
Mission: Delivering cyberspace outcomes to generate a decisive advantage across the continuum of conflict for the Nation

Execution arm for generating, projecting, and sustaining combat power with the employment of the Cyberspace Vulnerability Assessment/Hunter (CVA/H) weapon system

The 67 CW consists of the following four groups:
(1) 67th Cyberspace Operations Group (67 COG)
(2) 318th Cyberspace Operations Group (318 COG)
(3) 567th Cyberspace Operations Group (567 COG)
(4) 867th Cyberspace Operations Group (867 COG)

Question 67

67th Cyberspace Operations Group (67 COG)

Answer 67

Lackland
The 67 COG has five active squadrons:
(1) 91st Cyberspace Operations Squadron (91 COS)
(2) 305th Cyberspace Operations Squadron (305 COS)
(3) 352nd Cyberspace Operations Squadron (352 COS)
(4) 375th Cyberspace Operations Squadron (375 COS)
(5) 390th Cyberspace Operations Squadron (390 COS)

mission is to provides forces to conduct Air Force computer network operations for United States Strategic Command, United States Cyber Command and other combatant commands. The group conducts computer network operations and warfare planning for the Air Force, joint task forces and combatant commanders. The group also conducts Secretary of Defense-directed special network warfare missions

Question 68

91 COS

Answer 68

Lackland
Mission: Conducts offensive cyber operations tasked by USCYBERCOM in support of world-wide Combatant Commander objectives. Executes computer network exploitation as a National Security Agency delegated authority to address intelligence community requirements. Degrades, disrupts, denies, deceives and exploits adversary information systems. Presents trained forces to USCYBERCOM as part of the CMF.

Question 69

305 COS

Answer 69

Ft. Gordon
Mission: Conducts offensive cyberspace operations in support of Combatant Commands

Question 70

352 COS

Answer 70

Hickam
Mission: Generate, conduct, and sustain offensive cyberspace operations.

Question 71

375 COS

Answer 71

Lackland
Mission: Conduct offensive cyberspace and ISR operations in support of Combatant Command objectives

Question 72

390 COS

Answer 72

Lackland
Mission: Generate mission-ready offensive cyber maneuver forces for USCYBERCOM and build cyber tacticians for our Service, Joint Force, and Nation.

Question 73

318th Cyberspace Operations Group (318 COG)

Answer 73

Lackland
Innovate, Partner & Deliver combat capability in, through, and from cyberspace through the development, testing, training and exercising of material and non-material solutions

The 318 COG consists of four squadrons:
(1) 39 Information Operations Squadron (39 IOS)
(2) 90 Cyberspace Operations Squadron (90 COS)
(3) 318 Range Squadron (318 RANS)
(4) 346 Test Squadron (346 TS)

Question 74

39 IOS

Answer 74

Hurlburt
Mission: To conduct qualification and advanced training to provide mission-ready information operations planners and cyber warfare operators for all Air Force Major Commands.

Question 75

90 COS

Answer 75

Lackland
Mission: Accelerate Global Vigilance, Reach and Power by rapidly developing joint cyber capabilities.

The 90 COS expeditiously integrates, innovates, and deploys cyberspace capabilities to achieve priority military objectives in and through air, space, and cyberspace.

Question 76

318 RANS

Answer 76

Lackland
Operate training and exercise ranges

Question 77

346 TS

Answer 77

Lackland
Mission: Execute mission relevant, responsive, and rigorous validation of Department of Defense Cyber-Warfare, Electronic-Warfare (EW), and Information-Warfare (IW) capabilities.

Question 78

567 COG

Answer 78

Scott
plans and executes cyberspace operations to assist supported commanders to fight in contested cyberspace environmen

The 567 COG consists of four squadrons:
(1) 92nd Cyberspace Operations Squadron (92 COS)
(2) 834th Cyberspace Operations Squadron (834 COS)
(3) 835th Cyberspace Operations Squadron (835 COS)
(4) 837th Cyberspace Operations Squadron (837 COS)

Question 79

92 COS

Answer 79

Lackland
Mission: To assure Air Force and DoD mission performance by employing CPTs and performing cyberspace vulnerability assessments (CVAs) and COMSEC assessments.

Question 80

834 COS

Answer 80

Lackland
Mission: To Employ and Exploit the unique advantages of Cyber Protection Teams in the Defense of AF and DoD Critical mission areas.

Question 81

835 COS

Answer 81

Scott
Mission: To protect critical Air Force and Department of Defense infrastructure and mission systems

Question 82

837 COS

Answer 82

Scott
Mission: Maintain combat superiority by dominating in cyberspace

Question 83

867th Cyberspace Operations Group (867 COG)

Answer 83

Meade
Offensive Cyberspace Operations (OCOs) and providing defensive capabilities to the CNMF.
The 867 COG Consists of four squadrons:
(1) 315th Cyberspace Operations Squadron (315 COS)
(2) 341st Cyberspace Operations Squadron (341 COS)
(3) 833d Cyberspace Operations Squadron (833 COS)
(4) 836th Cyberspace Operations Squadron (836 COS)

Question 84

315 COS

Answer 84

Meade
Mission: Find the enemy, exploit weaknesses, attack!

Question 85

341 COS

Answer 85

Meade
Mission: Train and deliver operationally focused Airmen to the Cyber National Mission Force (CNMF) in defense of the nation.

Question 86

833 COS

Answer 86

Lackland
Mission: To present, plan, and execute cyberspace operations in order to defend national information networks against cyber threats

Question 87

836 COS

Answer 87

Lackland
Mission: To present, plan, and execute cyberspace operations in order to defend national information networks against cyber threats

Question 88

688th Cyberspace Wing (688 CW)

Answer 88

Lackland
Mission: Engineer, build, operate, secure, defend and extend the Air Force cyberspace domain to enable and assure Air Force core missions and the Joint fight.

The 688 CW consists of four notable groups, of which, we will only discuss two:
(1) 26 Cyberspace Operations Group (26 COG)
(2) 690 Cyberspace Operations Group (690 COG)

Question 89

26th Cyberspace Operations Group (26 COG)

Answer 89

Lackland
performs cyberspace and active-defense operations to achieve full-spectrum cyberspace capabilities through its three squadrons.

The three squadrons that fall under the 26 COG:
(1) 26th Network Operations Squadron (26 NOS)
(2) 33d Network Warfare Squadron (33 NWS)
(3) 68th Network Warfare Squadron (68 NWS)

Question 90

26 NOS

Answer 90

Maxwell

Question 91

33 NWS

Answer 91

Lackland
AFNOC
Mission: Find and defeat the enemy.

Question 92

68 NWS

Answer 92

Lackland
Mission: Detect, prevent and assess risk of data content loss in Air Force networks.
CDA weapon system

Question 93

7th Intelligence Squadron

Answer 93

Meade
conduct red-team operations, DCO, or cyber intelligence operations in support of National Security Agency

Question 94

35th Intelligence Squadron

Answer 94

Lackland
Mission: Conduct ISR operations & analysis from and for cyberspace, leveraging cryptologic capabilities to enable USAF and joint operations.

Question 95

Title 10-Armed Forces

Answer 95

Subtitle A - General Military Law, including the Uniform Code of Military Justice (UCMJ)

Subtitle B - Army

Subtitle C - Navy and Marine Corps

Subtitle D - Air Force and Space Force

Subtitle E - Reserve Components

Question 96

Title 15- Commerce & Trade

Answer 96

Chapter 7 - National Institute of Standards and Technology (NIST)

Chapter 22 - Trademarks

Chapter 23 - Dissemination of Technical, Scientific, and Engineering Information

Chapter 63 - Technology Innovation

Chapter 100 - Cyber Security Research and Development

Question 97

Title 17-Copyright

Answer 97

Chapter 2 - Copyright Ownership and Transfer

Chapter 3 - Duration of Copyright

Chapter 5 - Copyright Infringement and Remedies

Chapter 7 - Copyright Office

Chapter 10 - Digital Audio Recording Devices and Media

Question 98

Title 18

Answer 98

Crimes and Criminal Procedure

Question 99

Title 18 §1030

Answer 99

Computer Fraud

Question 100

Title 18 §1343

Answer 100

Wirefraud

Question 101

Title 18 §1362

Answer 101

Communication lines

Question 102

Title 18 §2510-2522

Answer 102

Federal wire tap

Question 103

Title 18 §2701–2712

Answer 103

Stored Communications

Question 104

Title 32

Answer 104

National Guard

Question 105

Title 50

Answer 105

War and National Defense

Question 106

UCMJ

Answer 106

Article 2 - Persons subject to the UCMJ

Article 91 - Insubordinate conduct toward warrant officer, noncommissioned officer, or petty officer

Article 92 - Failure to obey order or regulation

Article 103a - Espionage

Article 103b - Aiding the enemy

Article 123 - Offenses concerning Government computers

Article 134 - General Article

Question 107

The Convention on Cybercrime (2001)

Answer 107

Budapest
first international agreement aimed at reducing computer-related crime by harmonizing national laws, improving investigative techniques, and increasing international cooperation

Question 108

2015 G-20 Summit

Answer 108

Ankara Turkey
All leaders agreed international law applies to us all in cyberspace and that we will all abide by the norms. We also would not allow cyberspace to be used to steal IP

Question 109

United Nations Convention against Transnational Organized Crime

Answer 109

AKA Palermo Convention
Obligates state parties to enact domestic criminal offenses that target organized criminal groups and to adopt new frameworks for extradition, mutual legal assistance, and law enforcement cooperation