Ch. 4 Integration thru the Ops Process

Questions and Answers

During execution in cyberspace operations, what is the primary focus of commanders, staff, and subordinate commanders?

• Translating planning decisions into concrete actions to accomplish the mission. (correct)
• Maintaining detailed records of all actions for after-action reviews.
• Delegating all decision-making authority to subordinate commanders.
• Minimizing risk to friendly forces at all costs.

What is the purpose of commanders conducting Offensive Cyberspace Operations (OCO) and Electronic Attack (EA)?

• To train new cyber personnel.
• To gather intelligence on civilian populations.
• To project combat power in cyberspace and the Electromagnetic Spectrum (EMS). (correct)
• To build defensive cyber infrastructure.

How should commanders balance detailed planning with the realities of cyberspace and the Electromagnetic Operational Environment (EMOE)?

• Rely solely on intuition, as detailed plans are generally ineffective in cyberspace.
• Understand that planning provides a forecast, but be ready to adapt to rapid changes. (correct)
• Avoid planning altogether to maintain maximum flexibility.
• Adhere strictly to the original plan, regardless of changing circumstances.

What is the definition of operational initiative in the context of military operations?

The setting of the tempo and terms of action throughout an operation. (A)

How can commanders use cyberspace attacks and EA to gain an advantage over the enemy?

By forcing enemy commanders to abandon their preferred courses of action. (A)

Why is it important for commanders and staff to continuously use information collection and electromagnetic reconnaissance assets?

To identify enemy attempts to regain the initiative. (B)

What does 'defeat' mean in a military context?

Rendering a force incapable of achieving its objective. (D)

What is the purpose of 'assessment' in the context of military operations?

To determine the progress toward accomplishing a task, creating an effect, or achieving an objective. (A)

When developing friendly Courses of Action (COAs) to counter enemy capabilities in cyberspace and the EMS, what considerations are incorporated by the G-2 or S-2 in collaboration with the CEMA section?

The adversary's historical use of cyberspace and the EMS, and the types of cyberspace and EMS-related operations they have conducted. (B)

What is the role of the G-2 or S-2 in assisting the CEMA section regarding cyberspace and EW assets?

Determining the unit's specific cyberspace and EW assets that can produce desired effects when engaging High Value Targets (HVTs). (C)

In the context of cyberspace operations, what does the development of threat COAs primarily result from?

First identifying High Value Targets (HVTs) and High Payoff Targets (HPTs). (B)

What is the primary purpose of conducting terrain analysis by the CEMA section?

To examine aspects of terrain in cyberspace and the EMS for determining obstacles that require immediate mitigation. (C)

During terrain analysis, what does the CEMA section identify regarding friendly forces' posture in cyberspace and the EMS?

Potential weaknesses that require additional cover and concealment. (B)

Which of the following is an example of a technique used to provide additional cover and concealment for friendly forces in cyberspace and the EMS, as identified during terrain analysis?

Electromagnetic hardening actions. (C)

Why is it important to identify key locations in cyberspace and the EMS that can become access points during terrain analysis?

To understand all the different ways an adversary might get into friendly systems. (B)

Considering that a cyberspace threat could operate outside of a unit’s assigned AO, how might an enemy extend their reach?

By using proxies worldwide beyond a unit’s area of interest. (D)

What is the primary responsibility of the CEMA section in the context of cyberspace and EMS during information collection?

Identifying and presenting cyberspace and EMS-related IRs to the commander as potential CCIRs. (D)

Which section prepares the requirements planning tools and recommends cyberspace and EW assets for information collection?

The G-2 or S-2 section. (B)

Besides SIGINT, how else can the G-3 or S-3 support information collection efforts?

By tasking cyberspace and EW assets. (D)

What is the G-2 or S-2 responsible for, regarding information asset synchronization?

Maintaining the synchronization of all assets used for the information collection efforts. (C)

What is the main objective when executing information collection tasks during the IPB process?

Collecting data that answers CCIRs and IRs for analysis. (B)

In what way does the G-2 or S-2 section execute collection?

Through intelligence operations, reconnaissance, surveillance, and security operations. (B)

What are intelligence operations primarily focused on achieving?

Obtaining information to satisfy validated requirements. (C)

Besides specific information on cyberspace and the EMS, what other type of knowledge attained from intelligence disciplines may be valuable?

Knowledge attained from other intelligence disciplines. (C)

How do CEMA sections support G-2 or S-2's surveillance efforts?

By requesting OCO support for cyberspace exploitation or using EW assets for electromagnetic reconnaissance. (D)

What is the primary objective of security operations in the context of cyberspace and the EMS?

To gather data on adversary courses of action, providing early warning and disrupting attacks. (D)

What opportunities arise during security operations concerning High Value Targets (HVTs)?

Security operations provide chances to identify HVTs for potential future cyber attacks or EA. (A)

How do early and accurate warnings benefit friendly forces?

They provide time and space to maneuver, enabling the use of force protection measures. (A)

What does maintaining a secured prevalence in cyberspace and the EMS allow?

A position of advantage for any combatant conducting cyberspace operations and EW. (B)

Which actions are included to allow early detection and mitigation of threats in cyberspace and the EMS?

Cyberspace defense, cyberspace security, and EP. (C)

In the context of cyberspace and the EMS, what does 'key terrain' represent?

Any area whose control offers a significant advantage to either side. (B)

What does conducting electromagnetic reconnaissance through ES missions help to attain?

Information about the arrangement of enemy threats in the EMS, which then can modify security efforts. (C)

What is the primary function of EMS fields of fire in electromagnetic reconnaissance?

To detect, identify, and evaluate enemy electromagnetic energy. (B)

Which of the following best describes key terrain in the EMS?

Frequencies used as access or launch points to enemy spectrum-dependent systems. (C)

Why is it important for the CEMA working group to match mission objectives with terrain analysis during planning?

To determine key terrain in friendly, neutral, and enemy cyberspace and the EMS. (B)

According to the content, what is the definition of a 'target' in the context of targeting?

Any entity or object that performs a function for the adversary considered for possible engagement. (B)

In the context of cyberspace effects, what does the physical network layer refer to?

The wired and wireless transmission means through which digital data travels. (B)

How is a target's position identified in the logical network layer?

By its assigned IP addresses. (B)

When defenders know the logical point of origin for a threat without knowing its physical location, what type of engagement can occur?

Engagement of logical network layer targets can only occur with a cyberspace capability. (C)

If planners only know the logical location of some targets, but not their physical location, what is true regarding engagement?

They can only engage the targets with a cyberspace capability. (D)

What is a potential operational consequence resulting from compromised networks, systems, or data due to cyberspace intrusions or attacks?

Injury or death of personnel, damage to equipment, and mission degradation. (D)

Why is it important for commanders and staff to consider cascading effects when employing cyberspace attacks and EA (Electronic Attack)?

To avoid unintended consequences that could hinder other operations. (B)

What is the role of the CEMA section in relation to cyberspace and EW capabilities?

To ensure the commander and staff understand the characteristics of cyberspace and EW capabilities and their associated effects. (B)

Why is understanding the reversibility of effects resulting from cyberspace attacks and EA important for commanders and staff?

To understand that some effects cannot be undone at the operator level, influencing risk assessment. (A)

What is a primary OPSEC (Operations Security) vulnerability associated with personal electronic devices (PEDs)?

PEDs may expose friendly cyberspace and EW capabilities, revealing sensitive information. (D)

What does the CEWO (Cyber and Electronic Warfare Officer) do regarding the risks associated with PEDs?

Gathers understanding surrounding risks associated with PEDs and makes recommendations to the commander regarding their usage. (D)

When conducting OCO (Offensive Cyberspace Operations) and EA (Electronic Attack), how can friendly locations and intentions be revealed to an adversary prematurely?

By failing to consider risk management, allowing effects to expose sensitive information. (B)

What constitutes a technical risk in the context of cyberspace operations?

When there are exploitable vulnerabilities in systems on the DODIN-A, and there are threats that can exploit those vulnerabilities. (A)

Flashcards

Execution

Putting a plan into action using combat power to achieve the mission.

OCO and EA

Projecting combat power in cyberspace and the electromagnetic spectrum.

DCO and EP

Protecting friendly forces and systems in cyberspace and the EMS.

Reconnaissance

Gathering combat information in cyberspace and the EMS for situational awareness.

Operational Initiative

The setting or tempo and terms of action throughout an operation.

Defeat

Rendering a force unable to achieve its objective.

Cyberspace attacks and EA

To force enemy commanders to abandon their preferred courses of action and make costly mistakes.

Assessment

The determination of the progress toward accomplishing a task, creating an effect, or achieving an objective

Cyberspace/EA HVTs

Identified nodes, control centers, communication infrastructure that enemy cyberspace attacks and EA targets.

G-2/S-2 Role in COA

Incorporates adversary's past behavior in cyberspace and the EMS and types of cyber/EMS operations conducted.

Unit Cyber/EW Assets

Specific cyber and EW resources to create desired effects on HVTs.

Cyberspace Threat AO

An enemy can use proxies worldwide, beyond a unit’s area of interest.

Threat COAs

Developed from identifying High Value Targets and High Payoff Targets.

Named Area of Interest (NAI)

Geospatial area/system node to collect specified information.

Target Area of Interest (TAI)

Geographic area for acquiring and engaging High Value Targets.

CEMA Terrain Analysis

Examines terrain in cyberspace/EMS for obstacles and avenues of approach.

EMS Fields of Fire

Areas where enemy electromagnetic energy can be detected and evaluated.

Key Terrain in the EMS

Frequencies used as access points to enemy systems or for countermeasures.

Key Physical Terrain for EW

Terrain providing superior line of sight for EW operations.

CEMA Working Group Task

Matching mission goals with terrain analysis in cyberspace and the EMS.

Targeting

Selecting and prioritizing targets and matching appropriate responses.

Target (JP 3-60)

An entity or object that performs a function for the adversary considered for engagement.

Physical Network Layer

The medium through which digital data travels, including wired and wireless means.

Logical Network Layer

A target's position identified by its IP address.

CEMA Information

Gaining understanding of adversary's cyberspace and electronic warfare capabilities.

CEMA Section Support

Supports surveillance by using cyber exploitation or EW assets in cyberspace and EMS.

Security Operations

Operations providing early warning, reaction time, and maneuver space against enemies.

Early Threat Mitigation

Detecting and mitigating threats early in cyberspace and the EMS by using Cyberspace defense, cyberspace security, and EP.

ES Missions

Collecting data on enemy position in the EMS, adapting security using ES missions(Electromagnetic reconnaissance).

Security Operations Goal

Collecting early warning data, disrupting enemy attacks in cyberspace and EMS.

Preemptive Measures

Preventing enemies from finding friendly locations and weaknesses in cyberspace and EMS.

Key Terrain

A location that provides a significant advantage; applies to cyberspace and EMS.

CEMA Section's Role

Requests cyberspace and EMS-related information on actors in the area of operations (AO).

CEWO Role

Identifies potential Cyberspace and EMS-related IRs for the commander's Critical Information Requirements (CCIRs).

G-2/S-2 Responsibilities

Prepares requirements planning tools and suggests cyber/EW assets for information gathering.

G-3/S-3 Role

Tasking cyber/EW assets to support information collection.

G-2/S-2 Synchronization Role

Maintains synchronization of all assets used for information gathering.

Executing Collection Focus

Answers CCIRs and IRs to support IPB (Intelligence Preparation of the Battlefield).

Collection Activities Goal

Acquire information about the enemy's cyberspace and EMS capabilities.

Intelligence Operations

Tasks undertaken to obtain information to satisfy validated requirements.

Cyber/EMS Compromises

Compromised networks, systems, and data in cyberspace or the EMS can lead to personnel injury/death, equipment damage/loss, capability degradation, mission degradation, or mission failure.

Data Exfiltration Risks

Enemy exfiltration of data can remove the element of surprise, reduce initiative, and compromise future operations.

Risks of Cyber/EW ops

Friendly cyberspace operations and EW carry operational risks, including cascading effects.

Commander's Cyber/EW Understanding

Understanding characteristics, cascading effects, and the reversibility of effects provides commanders situational awareness for risk determination.

OCO/EA One-Time Effects

Some OCO or EA effects have a one-time use; once utilized, they cannot be effectively used again.

PED OPSEC Risks

Personal electronic devices can be a significant OPSEC vulnerability to friendly cyberspace and EW capabilities.

Technical Risks (Cyber)

Exploitable vulnerabilities in systems on the DODIN-A coupled with threats that can exploit those vulnerabilities.

CEMA Reversibility Awareness

The CEMA section informs the commander and staff of the reversibility of effects resulting from cyberspace attacks and EA to understand that some effects are irreversible at the operator level.

Study Notes

• Integrates cyberspace operations and electromagnetic warfare through the operations process
• Outlines the operations process's four activities
• Details how to synchronize cyberspace operations and electromagnetic warfare with battlefield intelligence preparation

The Operations Process

• Conducted by the cyberspace electromagnetic activities (CEMA) section with collaboration from the CEMA working group
• The CEMA section belongs to the G-3 or S-3 and works with the CEMA working group
• Unity of effort ensures meeting objectives:
• Unifying efforts to engineer, manage, secure, and defend the Department of Defense Information Network (DODIN)
• Ensuring information collected is routed to provide situational awareness, targeting, and intelligence
• Using cyberspace operations and electronic warfare (EW) efficiently for collection and targeting
• Coordinating between forces and host nations before employing cyberspace operations and EW
• The operations process includes planning, preparing, executing, and assessing the operation
• The CEMA working group helps the commander understand cyberspace and the electromagnetic environment (EMOE)
• Commanders and staff must align its concept of operations with adjacent units when conducting combat to ensure unity
• Commanders, staff, and headquarters use the operations process to organize efforts, integrate warfighting functions, and synchronize
• Army forces plan, prepare, execute, and assess cyberspace operations and EW with joint forces and unified action partners
• Commanders and staff need awareness of joint planning systems and processes for cyberspace operations and EW, including:
• The Joint Planning Process
• Adaptive Planning
• Review and approval process for cyberspace operations

Planning

• The art and science of understanding a situation, envisioning a desired future, and laying out ways of bringing that future about
• Commanders apply the art of command and the science of control to ensure cyberspace operations and EW support the concept of operations
• Whether planned from higher headquarters or requested from tactical units, timely staff actions and commanders' involvement with situational awareness of cyberspace and the EMS is critical
• Army headquarters uses the Army design methodology and military decision-making process as planning methods
• The CEMA working group must understand both design methodology and military decision-making process, as they consist of:
• The Army design methodology: adductive and systemic reasoning for complex, ill-formed problems
• The military decision-making process: deductive and analytical approach to planning
• Commanders and staff must integrate cyberspace operations and EW through the planning activity to:
• Understand situations and develop solutions to problems
• Task-organize the cyberspace and EW force, prioritize efforts
• Direct, coordinate, and synchronize cyberspace operations, EW, and management operations with missions
• Anticipate events and adapt to changing circumstances
• The intelligence preparation of the battlefield (IPB) process synchronizes with operations during planning and execution. During the IPB process:
• The G-2 or S-2 supports cyberspace operations and EW
• Provides analyzed intelligence determining conditions relevant to operations
• Assists commanders in understanding the OE, identifying opportunities for operations and EW, and creating courses of action
• During planning, the fires support element develops a fire support plan with the commander's concept of operations by:
• Addressing each means of fire support available
• Describing how fires, joint fires, and target acquisition integrate with maneuver
• The fires support coordinator works with the CEWO to integrate attacks and EA into the fire support plan
• The final product of planning is an operation plan (OPLAN) that becomes an operation order (OPORD) when directed for implementation based on a specific time or event
• The CEWO is responsible for Annex C, Appendix 12, and helps with Annex H, Appendixes 1 and 6 of the OPLAN or OPORD

Preparation

• Activities performed to improve units' and Soldiers' ability to execute an operation
• Includes initiating information collection, DODIN operations preparation, rehearsals, training, and inspections
• Requires the commanders, staff, unit, and Soldiers' active engagement
• Preparation activities start during planning and continue to execution
• Subordinate units task-organized to employ cyberspace operations and EW capabilities conduct activities to improve opportunity for success
• Commanders drive preparation activities through leading and assessing
• Commander and staff can use preparation functions by:
• Improving situational understanding of cyberspace and the EMOE within the AO
• Developing a shared understanding of the plan by conducting training, which provides the perfect setting for subordinate units to execute and identify issues
• Training and becoming proficient in critical tasks. Through rehearsals and training, subordinate units gain and refine skills
• Integrating the force, Commanders allocate prep time to put a task-organized force into effect
• Ensuring the positioning of forces and resources, positioning and task organization happen concurrently

Execution

• Putting a plan into action by applying combat power to accomplish the mission
• Commanders, staff, and subordinates focus on translating decisions made during planning and preparing into actions
• Commanders conduct offensive cyberspace operations (OCO) and EA to project combat power, defensive cyberspace operations (DCO) and EP to protect forces/systems, and reconnaissance through cyberspace and the EMS
• Detailed planning provides a reasonable forecast, but situations may change rapidly in cyberspace and the EMOE so commanders seize, retain, and exploit operational initiative while accepting risk
• Operational initiative is the setting or tempo and terms of action throughout an operation
• Commanders can use attacks and EA to force enemy commanders to abandon preferred courses of action and make costly mistakes, retaining initiative
• Commanders and staff use information collection and electromagnetic reconnaissance assets to identify attempts to regain the initiative
• Once friendly forces seize the initiative, they exploit it through continued operations to accelerate the enemy's defeat
• Commanders can use attacks and EA to disrupt enemy attempts to reconstitute forces

Assessment

• Determination of accomplishing a task, creating an effect, or achieving an objective
• Commanders and staff assess cyberspace operations and EW to determine if they resulted in the desired effect and refine plans
• Assessment precedes and guides the other activities of the operations process, so commanders develop an effective assessment plan by:
• Developing the assessment approach and plan
• Collecting information and intelligence
• Analyzing information and intelligence
• Communicating feedback and recommendations
• Adapting plans or operations

Integrating Processes

• Commanders and staff integrate warfighting functions and synchronize to changing circumstances
• The CEMA section aligns operations and EW with the operations process to identify threats, to target and attack, and to support warfighting functions
• The operations process is the principal essential activity conducted by a commander and staff who integrate and synchronize CEMA with five key integrating processes:
• IPB
• Information collection
• Targeting
• Risk management
• Knowledge management

Intelligence Preparation of the Battlefield

• The G-2 or S-2 leads the staff through the IPB process to integrate and synchronize information collection tasks and missions
• The IPB process analyzes mission variables of enemy, terrain, weather, and civil considerations to determine their effect on operations
• IPB assists in understanding relevant aspects of the OE, including threats
• Integrating the IPB process supports the commander's ability to understand the OE and visualize operations, requiring four steps:
• Define the operational environment
• Describe environment effects on operations
• Evaluate the threat
• Determine threat COAs
• The IPB process starts during planning and continues throughout, resulting in IPB products to develop friendly COAs and decision points, which are critical to planning cyberspace operations and EW

Define the Operational Environment

• The G-2 or S-2 uses the IPB process to define cyberspace and the EMOE, enabling the commander and staff to visualize friendly and enemy cyberspace and EW assets through the three layers of cyberspace and the EMS
• The CEMA section supports the IPB process by helping with managing the electronic order of battle
• The G-2 or S-2 synchronizes SIGINT assets in conjunction with criminal intelligence to gather cyberspace and EW-related information to define the OE fully
• The G-2 or S-2 develops graphic AO overlays with collected intelligence to include cyberspace and EMS-related terrain aspects, which may depict the physical layer more easily than the logical or cyber-persona layers
• The G3 ensures information gathered by operational systems, platforms, and sensors is formally disseminated and made accessible to the intelligence community to define the operational environment

Describe Environmental Effects on Cyberspace and the Electromagnetic Spectrum

• The G-2 or S-2 defines the types of threats and capabilities while defining environmental effects, including:
• Terrain: Understand the terrain's affect on cyberspace operations and EW
• Weather:
• Light:
• Illumination data:
• Civil:
• The CEMA working group analyzes terrain by employing traditional methods and military aspects of terrain when determining threat courses of action:
• Observation and fields of fire
• Avenues of approach
• Key terrain
• Obstacles
• Cover and concealment
• Civil considerations are applied by cross walking with the operational variables, including such civil considerations as cellular phone coverage, internet service providers, and electricity distribution
• Threats and intelligence are incorporated into IPB products like threat overlays, tables, terrain matrices, analysis, or assessments

Evaluate the Threat

• The G-2 or S-2, in collaboration with the CEMA section, determines capabilities, doctrinal principles, tactics, techniques, and procedures used by the enemy
• Use of the EMS to accomplish or support objectives vary
• The G-2 or S-2 and CEMA section evaluate the threat by developing threat models, COAs, and identifying enemy high value targets (HVTs) to determine how the enemy integrates and uses cyberspace and EW capabilities
• The enemy likely has cyberspace and EW capabilities that operate across all warfighting functions and identifies enemy and neutral assets, including:
• Nation-state actors
• Transnational non-state actors or terrorists
• Criminal organizations or multinational cyber syndicate actors
• Individual actors, hacktivists, or small groups
• Insider threats
• Autonomous systems, software, and malicious code
• Evaluating the threat helps develop that depict how enemy forces typically execute operations
• The model also describes how enemy forces historically reacted to various types of attacks and EA in similar circumstances

Determine Threat Courses of Action

• The G-2 or S-2 uses data gathered through threat evaluation to identify and develop an enemy available COAs and collaborates with the CEMA section on their capabilities
• The G-2 or S-2 provides the G-3 or S-3 with information for developing friendly COAs to counter those available, developing countermeasures with CEMA
• Each threat COA includes identified attack and EA-related HVTs such as nodes, command centers, towers, satellites, providers, and power substations
• When developing friendly COAs, the G-2 or S-2 incorporates considerations such as use of cyberspace and EMS (in collaboration with CEMA)
• The G-2 or S-2 assists the CEMA section in determining which unit assets can produce effects when engaging HVTs
• The G-2 or S-2 should understand a threat could be operating outside of the unit's AO; an enemy can use proxies beyond a unit's area of interest
• COAs result from first identifying HVTs and HPTs
• Threat COAs include templates and event matrices that identify objectives, areas of interest and target areas of interest
• A named area of interest (NAI) is the geospatial area or systems node or link against which information will satisfy a specific information requirement (IR) can be collected
• A target area of interest (TAI) is the geographical area where high-value targets can be acquired and engaged
• The CEMA section analyzes terrain to examine aspects of the EMS for determining obstacles
• The CEMA section identifies avenues of approach to employ attack and EA on enemy capabilities
• Through terrain analysis, the CEMA identifies potential weaknesses in friendly forces' posture
• Terrain in cyberspace and the EMS connected to critical assets on the DODIN are key terrains

Information Collection

• An activity that synchronizes and integrates the planning and sensors as well as distribution systems in direct support of operations
• These sensors and assets may include cyberspace operations and EW assets conducting cyberspace exploitation operations, electromagnetic probing/reconnaissance for information collection
• Information collection is the acquisition of information and the provision of this information
• Information collection integrates the intelligence and operations staff functions with a focus on answering the commander's critical information requirements and information requirements that assists the commander and staff
• Collection enables the commander to understand and visualize the operation; the steps are:
• Plan requirements and assess collection
• Task and direct collection
• Execute collection
• Information collection identifies information gaps that require aligning intelligence assets with cyberspace exploitation to collect data:
• Identified enemy capabilities through assist the CEMA working group in identifying potential targets and key terrain

Plan Requirements and Assess Collection

• The G-2 or S-2 collaborates with the other staff to validate IRs for collection
• The CEMA section provides the G-2 or S-2 with cyberspace and EMS-related IRs requesting information on friendly, enemy, and neutral actors operating in the AO
• The CEWO identifies all cyberspace and EMS-related IRs to present to the commander as potential critical information requirements (CCIRs)
• The G-2 or S-2 prepares the requirements planning tools and recommends cyberspace and EW assets for the G-3 or S-3

Task and Direct Collection

• The G-3 or S-3 may task cyberspace and EW assets to support the information collection effort
• The CEMA section will assist the G-2 or S-2 by assigning organic EW assets while requesting others
• The assets with the G-2 or S-2

Execute Collection

• The focus when executing information collection is to collect data for analysis during the IPB process; assists in shaping the OE and attaining information on the enemy
• Collection activities acquire information about the enemy, including their capabilities and assets
• Collection begins shortly after the receipt of the mission and continue throughout preparation and execution activities
• The G-2 or S-2 executes collection by conducting:
• Intelligence operations for threat capabilities, activities, disposition, and characteristics using multiple intelligence disciplines
• Reconnaissance produces information about the assigned AO
• Surveillance collection in cyberspace and the EMS as part of a surveillance mission called network surveillance
• Security operations providing early warning and continuously disrupting attacks

Terrain Aspects

• Key terrain in cyberspace and the EMS is comparable to terrain in the other domains, and commanders and staff must consider all military aspects of terrain
• Obstacles in cyberspace may include firewalls and port blocks
• Avenues of approach in cyberspace can be analyzed to identify nodes and links that connect endpoints to sites
• Cover and concealment may include hiding IP addresses or incorporating password-protected access
• Cyberspace observation and fields of fire include areas where network traffic can be monitored, intercepted, or recorded
• Key cyberspace terrain provides access points to major lines of communications and launch points
• Obstacles in the EMS may include electromagnetic environmental effects, enemy deployment of scanners and radars, and enemy masking and security
• Avenues of approach in the EMS can be analyzed to identify spectrum-dependent systems and infrastructures that connect endpoints
• Cover and concealment can include emission control or masking techniques
• EMS fields of fire are areas where enemy energy can be detected, identified, and evaluated through electronic reconnaissance
• Key terrain in the EMS includes frequencies for enemy spectrum-dependent assets, countermeasures observing threats, and critical assests
• Members of the CEMA group need to match mission objectives with terrain analysis during planning to ensure dependencies in and EMS

Targeting

• Is the process of selecting and prioritizing targets and matching the response to them
• A target is an entity or object that performs a function for the adversary
• When targeting for effects (attacks), the physical network layer is the medium
• Planners may know a target's logical location without physical or defend against known origin without necessarily knowing
• The logical network layer gives planners an alternate view of the
• Inability to target an area in physical and logical network layers presents
• EA is well suited to attack locations physically, is too temporary
• support plans prepares a combination including attacks and EA
• Targeting interaction among everyone involved

Targeting Functions

• D2EA: is the Army Targeting methodology
• The four targeting functions occur throughout the operations processes and joint process
• Each of these processes connect the operations processes, JTC, D2EA, and military decisions in various ways

Decide

• Deciding is the first step, starting during military and continuing operations
• Capabilities and analyses are carried out during analyses to value the targets
• EW capabilities during value to potential high value
• Specific targets must be selected and secured Time and location of the target must be decided
• ISR must determine capabilities to appropriately impact
• Cyberspace must contribute to the target
• Effects must have the necessary
• The CEMA must decide if the commander has the needed affect
• Action must occur if EW is unsuccessful The units EW needs for operations support
• The command must communicate the level as targets are added
• Risk communications for cyberspace must occur

Detection

• The second step.
• The target must meet commander needs.
• The working group uses focus on targets interest.
• The actions include The priority and EW Assets need to get more Intel support
• The high and low need to be properly updated
• Capability must be assessed

Deliver

• The implementation must fully support commanders
• Intel support is highly

Assessment

• Throughout all processes
• Combat measurement has to take place
• All recommendations must be approved

Considerations When Targeting

• Planning, integration, synchronizing planning is very The characteristics, The effects
• OCO,

Characteristics of Cyberspace and Electromagnetic Warfare

• Conditions always have to be gathered The use of computer must comply with the forces Intelligence is what helps create

Cascading, Compounding, and Collateral Effects

• Interoperation between overlapping must be
• There have to be legal restrictions

Reversibility of Effects

Targeting planners must consider everything

• All forces have to be accounted for

Requesting Offensive Cyberspace Operations

• Process require time and is necessary
• Only a select few function
• Make sure not already selected
• Consolidate the answers
• Is the intelligence necessary?
• Give updates regularly

Risk Management

• Is very important to balance
• Effects are all around
• Risks can be assessed and mitigated

Risks In Cyberspace and the EMS All operations have risks, and all can either assist in creating positive impacts or negative

Cyber Security Tasks

• 4 big tasks
• All are technical Policy includes all

Operations Security Risks

• Both space and EMS provide risks
• Commanders must establish measures

Knowledge Management

• The whole flow system for good results and decision
• Requires 4 parts
• The commander's ability must be facilitated
• The CEMA delivers EWs at the right instances
• CEWO establishes EW flow
• The staffs knowledge must be applied

Description

This lesson covers the commander's role and considerations during cyberspace operations, including offensive actions and electronic attacks. It addresses how commanders balance planning with the realities of cyberspace and the electromagnetic environment, emphasizing the importance of continuous information collection and reconnaissance assets.