Cyber Operations

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What were the three factors presented that are used to determine a nation's cyber war strength?

Cyber Offense, Cyber Dependence, and Cyber Defense

According to the Joint Force Commander's Guide to Cyberspace Operations, which of the following consists of non-intelligence actions that set the stage for follow-on operations?

Cyberspace Operational Preparation of the Environment

A battlespace for cyber can be domestic or foreign and is considered to constitute three basic layers: physical, logical, and technological. Intelligence must inform policy makers on all three categories.

False

It is important to understand that the effects of both conventional and cyber attacks will last for a certain amount of time which is important for meeting the objectives of an operation. What are the three degrees of persistence of effects?

Permanent, Temporary, Transient

What were the three categories of severity for effects defined in the lesson?

Primary effects, Secondary effects, Indirect effects

What was the origin of the technology that led to the development of the TOR browser that uses onion routing techniques?

Researchers at the US Naval Research Laboratory who wanted to create a way for US intelligence operatives and dissidents to communicate without fear of discovery.

The U.S. Joint Chiefs of Staff added 3 additional principles to the 9 principles of war outlined by the U.S. Army. Which of these states that while conducting military operations, commanders should exercise control to limit collateral damage and prevent the unnecessary use of force?

Restraint

The U.S. Joint Chiefs of Staff added 3 additional principles to the 9 principles of war outlined by the U.S. Army. Which of these states that while conducting military operations, commanders should use restraint, or limit collateral damage and prevent the unnecessary use of force?

Restraint

Which of the following regulations or acts addresses auditability, protection and accuracy of financial data?

SOX

Do jus in bello rules apply to computer network attacks?

Yes

Based on the discussion of what a threat is, which of the following would be considered a "threat"?

A hacker

In the lesson, which U.S. Code was mentioned as the major law governing cyber crime?

18 U.S.C. 1030, the Computer Fraud and Abuse Act

Which of the following is (are) true about anonymity on the Internet?

A and B but not C Anonymity allows a person to express his or her views freely without the fear of repercussions. Anonymity allows a person to be controversial, to take unpopular positions on volatile issues.

Which of the following was (were) offered as part of the general rules about Cyber War?

A and C but not B Cyber War is only appropriate in a wartime situation. Should be used to supplement conventional war.

The Simplicity principle of war states that military plans should be simple, clear, and concise. What was the reason given for this?

Both of the above. The more complex or ambiguous a set of orders, the more likely it is that the unit will fail to achieve its objective. Simplicity reduces confusion and misunderstanding.

Which of the following was NOT one of the categories of attacks (or incidents) shown in the lesson?

All of the above were categories shown in the lesson Physical Attacks Disasters Eavesdropping/Interception/hijacking Nefarious activity/abuse

Which of the following was discussed in the lesson when addressing cyber threats to the U.S.?

All of the above were discussed in the lesson as being cyber threats to the U.S. Russian actors are stealthy in their cyber tradecraft and their intentions are sometimes difficult to discern. China steals intellectual property from global businesses to benefit Chinese companies and undercut U.S. competitiveness. While Iran and North Korea have less developed cyber capabilities, they have displayed an overt level of hostile intent towards the United States and U.S. interests in cyberspace.

President Harry Truman announced in 1950 that the United States would launch an information program known as the "Campaign of Truth". Which of the following was the goal of the campaign?

All of the above were goals of the campaign. Establish a "healthy international community" with confidence in American leadership. Present America fairly and counter "all the misrepresentations" Help "to roll back Soviet influence" by all means short of force.

Which of the following are conditions discussed in the lesson for an individual to be considered a combatant?

All of the above. They must be commanded by a person responsible for their subordinates. They must have a fixed distinctive emblem recognizable at a distance. They must carry arms openly. They must conduct their operations in accordance with the laws and customs of war.

At the time of the sinking of the USS Maine, Spain was blamed for the incident. After much research since that time, what is the current best "guess" as to the cause of the sinking of the ship?

An internal coal fire which ignited the magazines in the ship are now suspected of the explosion that sunk the ship.

The process of trying to connect a cyberspace actor or action to an actual individual, group, or state actor is known as which of the following?

Attribution

There were a number of images from tobacco advertisements from decades ago shown in the lesson. Which of the following was one of the major thrusts used by the industry (and specifically Lucky as shown in the ads) to convince individuals that they should smoke.

By smoking a cigarette instead of reaching for "a sweet", they could ensure that they would not become obese.

According to the lesson, which of the following was NOT described as a type of Malware?

Backdoor

According to the discussion of Cyber War Strength, why was the U.S. ranked lower than North Korea?

Both B and C The U.S. had a lower Cyber Dependence value (i.e. is more dependent on cyber) The U.S. had a lower Cyber Defense value.

According to the table in the lesson, which type of attacker might be conducting a cyber attack for ideological reasons?

Both C and D Cyber terrorists/Individual Hackers Hacktivists

The "CIA of Security" refers to which three elements?

Confidentiality, Integrity, and Availability

Which of the following unique cyber weapon/attack characteristics was described as being unlike munitions, which are normally destroyed upon use, and can include code that can be saved, analyzed, and recoded for use against allies or friendly nations?

Can be reverse engineered

What is the name of the paradigm that states that traditional Westphalian nation-state experience an erosion of power and sovereignty, with non-state actors being part of the cause because the challenge state borders and sovereignty claims.

Cobweb Paradigm

On the Cyber Threat Spectrum, which of the following was considered to be the most Complex type of attack?

Compromised Hardware Systems

The defender must implement a defense-in-depth strategy in case one level is breached. The attacker then only has to find an area not defended in depth and find a hole in it.

Computer Network Attack

Which of the following is NOT one of the 4 categories of offensive information operations discussed in the lesson?

Deceive

Which of the following was NOT one of the three categories of defensive teams the DoD is fielding to facilitate DoD network protection?

Defensive cyber operations - Counter-attack response teams (DCO-CART)

Which of the following deals with economic espionage and theft of trade secrets?

Economic Espionage Act (ECPA).

What is the term used to refer to news reporters being attached to military units involved in armed conflicts?

Embedded Journalism

In which step of the Lockheed Martin Cyber Kill Chain is malware code triggered which then takes action on the target network to exploit vulnerabilities?

Exploitation

There were a number of Defensible Actions in the cyber kill chain mentioned in the lesson. Which of the following actions prevents information disclosure and unauthorized access?

Deny

Which of the following was provided as one of the 3 main advantages that an active cyber defense system leverages?

Earlier and more effective cyber kill chain disruption

According to the Law of War Manual, Cyber Operations generally include activities that merely use computers or cyberspace without a primary purpose of achieving objectives or effects in or through cyberspace. For example, operations that use computer networks to facilitate command and control, operations that use air traffic control systems, and operations to distribute information broadly using computers would generally be considered cyber operations because the impact military units.

False

Cyber Power allows a nation-state to produce effects within cyberspace but it cannot affect the other domains (land, sea, air, and space) through cyberspace.

False

Deterrence by denial seeks to prevent aggression by threatening greater aggression in the form of painful and perhaps fatal retaliation.

False

In all incidents, being able to determine attribution quickly and correctly is actually more important than simply determining that an attack is occurring. Obviously it is important to determine an incident is underway, but once an attack is discovered, attribution becomes the most important element of the entire incident.

False

It is logical for a state with many cyber assets to engage in hostile cyber action against a state without a high dependence on cyber infrastructures because it need not worry about a retaliation in-kind.

False

Once an EXORD has been issued, the Operations Planning process is over. Up to the moment of the EXORD being implemented, the plan may be modified as required by changing situations. This is especially true for Cyber Operations.

False

Perception Management is found in a variety of arenas and is generally considered limited to the following: the military, politics, foreign relations, and the media.

False

Today, since the original development of onion routing was in the United States, and since the U.S. has long had a significant portion of its citizens concerned with personal privacy, the U.S. has the highest concentration of anonymous users of the Internet as measured by daily TOR users per 100,000 Internet users.

False

Which of the five cyber strategies presented in the lesson has as a key to the strategy having all assets disconnected from any kind of outside network?

Going Dark

Individuals who may feel that they are promoting security by helping to expose flaws in organizations or specific technology, but that don't have permission of the vendor or organization to do so are known as which of the following?

Gray Hat Hackers

Which of the following regulations or acts addresses privacy regulations in the Healthcare industry?

HIPAA

The SANS IT Code of Ethics has 3 general principles with more specific descriptions of what each means. The three general principles are: I will strive to know myself and be honest about my capability; I will conduct my business in a manner that assure the IT profession is considered one of integrity and professionalism; and which of the following?

I respect privacy and confidentiality.

What is important about the Peace of Westphalia in terms of cyber conflicts?

The Peace of Westphalia introduced the concept of sovereignty which basically at the time introduced the concept of borders and the right of rulers to dictate what goes on within those borders. The question is how that applies to the cyber realm since attack packets may travel through a nation's cyberspace.

In which step of the cyber operations planning process do planners participate in the commander's initial assessment actions and gather the resources required for mission analysis?

Initiation

Which of the following techniques of information operations is only partially contained in the Cyberwarfare sphere?

Intelligence Gathering

The Shodan tool was discussed in the lesson. What is this tool designed to do?

It is a tool that can be used to find ICS targets connected to the Internet.

Which of the following was created in an effort to create "a Geneva Convention for Cyberwar"?

The Tallinn Manual

Which of the following cyberspace operation techniques presented in the lesson is a software program or hardware device that is used to monitor and log the activities of users?

Keylogger

Which of the following is the name given to intelligence detected and classified from targets that identify or describe signatures (distinctive characteristics) of fixed or dynamic target sources?

MASINT

Which of the following variables in determining Digital Power includes information (cyber) warfare unit size?

Military Unit Designation

Which of the following threat types is also known as a "man-in-the-middle" attack?

Modification

Who was credited with saying "It is not what is true that counts, but what people think is true", and "If the press is not controlled, I shall not remain three days in power."

Napoleon

Which of the following Cyber Threat Actors was listed in the lesson as potentially the most dangerous?

Nation State

Which of the following would be considered a "use of force"?

None of the above would be considered a "use of force".

In which of the following types of attacks might an attacker develop an attack technique and then use a brute-force attack against thousands or millions of targets in an attempt to find a handful of vulnerable systems?

Opportunistic Attack

Which level of warfare discussed in the lesson has activities that include the specific use of military units that engage each other in battles and small-unit actions? Commanders at this level are concerned with the 'nuts and bolts' of warfare.

Tactical

Which of the following was NOT one of the Principles listed in the description of the "Defender's Dilemma"?

The defender must implement a defense-in-depth strategy in case one level is breached. The attacker then only has to find an area not defended in depth and find a hole in it.

When comparing CNA and CNE, which of the following statements is true?

The first steps in both are basically the same but once access is obtained in a target system, the activities from then on may differ significantly.

According to the video on America's cyber power, Jason Healy which of the following was discussed as America's real cyber power?

The nation's tech companies and those producing contents for the Internet

Since Cuba was then under the control of Spain, what have the Cubans publicly stated about the explosion of the USS Maine and the U.S. involvement in their being freed from Spanish Control?

They have accused the U.S. of deliberately sinking the ship to create a pretext for military action against Spain as part of their ongoing "imperialist greed"

Which of the following Titles role in cyberspace is crime prevention, apprehension and prosecution of criminals operating in cyberspace?

Title 18

What was the major lesson learned from the UTSA Honey Community research effort?

To be able to spot all attacks on a community, multiple sectors need to share information and work together.

A cyber strategy can be thought of as an umbrella for various individual cyber operations with the ultimate aim of achieving a strategic or political goal.

True

A small state wielding cyber weapons might have a greater degree of relative power than a large state if it has significant theoretical and demonstrated capabilities but few vulnerabilities.

True

According to U.S. Doctrine, irregular warfare is defined as characterized as a violent struggle among state and non-state actors for legitimacy and influence over the relevant populations.

True

Active Cyber Defense (ACD) builds upon current cybersecurity best practices, such as multi-perimeter security, defense-in-depth, and continuous monitoring but advances a few steps further. It converts underlying security infrastructure from a static, fixed, and reactive mode to a dynamic, agile and proactive one.

True

After WW I, Marshal Paul von Hindenburg stated "This English propaganda was a new weapon, or rather a weapon which had never been employed on such a scale and so ruthlessly in the past." What he was acknowledging was that it was clear that large numbers of civilians could be mobilized for a massive war effort through persuasive techniques derived from the emerging disciplines of behavioral psychology and social sciences.

True

Commanders must be aware that U.S. military forces are critically dependent on networks and information systems to conduct operations. Nearly every conceivable component within the DoD is networked. These networked systems and components are inextricably linked to the Department's ability to project military force and the associated mission assurance.

True

Cyber infrastructure located on aircraft, ships, or other platforms in international airspace, on the high seas, or in outer space is subject to the jurisdiction of the flag nation-state.

True

Doctrine describes the manner in which a military will operate and provides commanders with guidance and advice on issues of strategic, operational, and tactical importance.

True

In 2013, the part of the Smith-Mundt Act of 1948 that forbade the Voice of America from broadcasting directly to American citizens (in order to protect the American public from propaganda actions by its own government) was repealed.

True

In our lesson it was stated that national security is the maintenance of the survival of the state. At the same time it was stated that cyber is important because if forms a modern infrastructure beneath the pillars supporting national security.

True

Information Superiority is the operational advantage derived from the ability to collect, process, and disseminate an uninterrupted flow of information while exploiting or denying an adversary's ability to do the same.

True

Military power is one facet of national power which also includes the economy as well as political and national will.

True

One of the reasons given as to why anonymity is important to a cyber attacker is because if a target of a potential attack emanating from cyberspace knows where an attack will occur, or who will perpetrate the attack, it is much more likely to be able to defend against the attack.

True

Operations described as "cyber attacks" or "computer network attacks" are not necessarily "armed attacks" for the purposes of triggering a nation=state's inherent right of self \-defense under jus ad bellum.

True

Osama bin Laden recognized the importance of the media in conflicts. In fact, he has been credited with stating that "it is obvious that the media war in this century is one of the strongest methods, in fact, its ration may reach 90% of the total preparation for the battles."

True

PRISM was a highly classified government-sponsored data collection program which used other service providers to aid in the collection of the data.

True

Potential adversaries have invested significantly in cyber as it provides them with a viable, plausibly deniable capability to target the U.S. homeland and damage U.S. interests.

True

Since the laws of armed conflict require a nation to avoid collateral damage where possible and to minimize it where it is unavoidable, the uncertainty of cyber effects from an attack make offensive cyber weapons particularly problematic.

True

The first stage of an ICS cyber attack is best categorized as the type of activity that would traditionally be classified as espionage or an intelligence operation.

True

The term "kill chain" was originally used as a military concept related to the structure of an attack; consisting of: Target Identification; Force dispatch to target; Decision and order to attack the target; and The destruction of the target.

True

Which of the following principals of war discussed in the lesson states a single commander should be responsible for achieving each military objective?

Unity of Command

Disgruntled employees are part of which level of threat as discussed in the lesson?

Unstructured Threats

Which of the following was discussed in our lesson and is true about the introduction of the "Internet of Things" and IOT Security?

With the proliferation of devices connected to the Internet, there are now a lot more systems that can be subverted and used in attacks on other systems.

Considering the U.N. Charter was established before the use of computers was common, do cyber activities ever constitutes a use of force AS DEFINED IN ARTICLE 2 OF THE UN CHARTER?

Yes


Set pelajaran terkait

Capitals of Spanish Speaking Countries

View Set

Chapter 13: Therapeutic Exercise

View Set

Fundamentals of Nursing Ch 21 Teacher and Counselor Terms PrepU/NCLEX

View Set

Working with Tabs & Headers & Footers

View Set

Families and Society cumulative review

View Set

Chapter 3 Life Insurance Policies

View Set