CISSP-ISSMP · Question #147
Which of the following statements is related with the second law of OPSEC?
The correct answer is B. If you don't know what to protect, how do you know you are protecting it?. The Laws of OPSEC are sequential: the first law asks 'If you don't know the threat, how do you know what to protect?' - establishing that identifying the threat comes first. The second law follows logically: 'If you don't know what to protect, how do you know you are protecting i
Question
Which of the following statements is related with the second law of OPSEC?
Options
- AIf you are not protecting it (the critical and sensitive information), the adversary wins!
- BIf you don't know what to protect, how do you know you are protecting it?
- CIf you don't know about your security resources you could not protect your network.
- DIf you don't know the threat, how do you know what to protect?
How the community answered
(26 responses)- B88% (23)
- C4% (1)
- D8% (2)
Explanation
The Laws of OPSEC are sequential: the first law asks 'If you don't know the threat, how do you know what to protect?' - establishing that identifying the threat comes first. The second law follows logically: 'If you don't know what to protect, how do you know you are protecting it?' - emphasizing that once the threat is known, organizations must clearly identify their critical information and assets. Without knowing what needs protecting, any security measures are arbitrary and incomplete. The third law states that if you are not protecting it, the adversary wins. These laws form a logical chain in the OPSEC process.
Topics
Community Discussion
No community discussion yet for this question.