OPSEC (Operations Security) 2504

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/10

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

11 Terms

1
New cards

Operations Security (OPSEC)

Analytical process used to deny an adversary information, generally unclassified about our intentions and capabilities by identifying, controlling, and protecting indicators associated with our planning process or operations

- Supplements other security disciplines, not replaces them

2
New cards

5 Step OPSEC Process

1. Identification of critical information
2. Analysis of threats
3. Analysis of vulnerabilities
4. Assessment of risk
5. Application of countermeasures

3
New cards

Identification of critical information

Defines information in need of protection and analyzes how that information may be inadvertently compromised

4
New cards

Essential Elements of Friendly infromation (EEFI)

Are the aspects of an operation that, if known the adversary would subsequently compromise, lead to failure or limit the success of the operation

5
New cards

Analysis of threat

Elements of a threat:

Intent - Does an adversary intend to gain our sensitive/critical information?

Capability - Is the adversary capable of gaining the information

6
New cards

Adversary

Anyone who opposes, or acts against law enforcements interests

7
New cards

Identify ways that adversaries use to gather information

Communications (electronic devices to obtain infromation on police operations and personnel)

Imagery (The use of still video camera to obtain visual representation of Law Enforcement Personnel or operations)

Trash (Process of searching trash and gather data on people and activities)

Open source (published material)

Human (the process of watching, listening, and asking questions about the abilities and intentions of Law Enforcement Agency)

Computer accessing

8
New cards

Risk is determined by analyzing three factors:

  1. Threat

  2. Vulnerability

  3. Impact

9
New cards

When calculating risk, following questions need to be addressed:

Is the risk great enough to do something about the threat?

How would the loss of sensitive data affect your operations?

What would be the cost of losing sensitive information?

10
New cards

Application of countermeasures

Refers to anything that effectively negates an adversary’s ability to exploit vulnerabilities

11
New cards

Examples of countermeasures

  • Procedural changes

  • Background checks (police personnel)

  • Physical security (access control)

  • Limiting web page access

  • Shredding sensitive documents

  • Monitoring public conversations

  • Not using e-mails to discuss sensitive operations