OPSEC Flashcards
Identify Critical Information when…?
• analyzing friendly and adversary strategies to achieve objectives
When do you Analyze the Threat?
• When adversaries have the INTENT and CAPABILITY to be a threat to our mission.
When do you analyze vulnerabilities?
• when critical information is susceptible to exploitation by an adversary.
Indicator
• any detectable activity or information that, when looked at by itself or in conjunction with something else, POINTS TO VULNERABILITIES.
EXAMPLE: uniforms in unusual places, cars in a parking lot.
Indicators that establish a profile
• activities that show patterns of an organization
Indicators that show a deviation
• activities not part of an organization’s normal conduct
Tip-off indicators
• activities that give the adversary direction on where to focus their intel
What are 3 types of indicators?
1) Indicators that establish a profile
2) Indicators that show deviatio
3) Tip off indicators
Assess risk
• risk is the likelihood that an adversary with gather and exploit your critical information
2 basic ways to assess risks:
1) Intuitive reasoning approach
2) Committee approach
Intuitive reasoning approach
• done alone and based on personal experience
Committee approach
• a group of people look at the problem
*** PREFERRED METHOD
RISK =
Threat x Vulnerability x Impact
Apply Countermeasure
- a countermeasure is anything that effectively reduces an adversaries ability to exploit vulnerabilities.
- a “smarter way” of doing a task.
Types of countermeasures:
- changes in procedure
- controlling dissemination
- cover and deception
- speed and execution
- awareness training
