Back

Perform intelligence operations on target systems and networks, as necessary.


CONTROL ID
14039
CONTROL TYPE
Investigate
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Provide intelligence support to the organization, as necessary., CC ID: 14020

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • To draw up a security concept, and especially to apply the IT-Grundschutz Compendium it is necessary to analyse and document the interaction of the business processes, applications and existing information technology. Since IT systems today are highly networked, the network topology plan should be u… (§ 7.4 ¶ 1, BSI-Standard 200-2 IT-Grundschutz Methodology, Version 1.0)
  • the networked and non-networked IT systems belonging to the information domain, (§ 7.4 ¶ 1 Bullet 3, BSI-Standard 200-2 IT-Grundschutz Methodology, Version 1.0)
  • Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies). (T0758, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
  • Identify the need, scope, and timeframe for applicable intelligence environment preparation derived production. (T0726, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
  • Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies). (T0758, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Identify the need, scope, and timeframe for applicable intelligence environment preparation derived production. (T0726, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Conduct target research and analysis. (T0624, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Profile targets and their activities. (T0778, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Conduct independent in-depth target and technical analysis including target-specific information (e.g., cultural, organizational, political) that results in access. (T0614, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Identify target communications within the global network. (T0846, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Evaluate and interpret metadata to look for patterns, anomalies, or events, thereby optimizing targeting, analysis and processing. (T0844, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • Perform analysis for target infrastructure exploitation activities. (T0591, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)