nerdexam
(ISC)2

CISSP-ISSMP · Question #147

Which of the following statements is related with the second law of OPSEC?

The correct answer is B. If you don't know what to protect, how do you know you are protecting it?. The Laws of OPSEC are sequential: the first law asks 'If you don't know the threat, how do you know what to protect?' - establishing that identifying the threat comes first. The second law follows logically: 'If you don't know what to protect, how do you know you are protecting i

Security Leadership and Management

Question

Which of the following statements is related with the second law of OPSEC?

Options

  • AIf you are not protecting it (the critical and sensitive information), the adversary wins!
  • BIf you don't know what to protect, how do you know you are protecting it?
  • CIf you don't know about your security resources you could not protect your network.
  • DIf you don't know the threat, how do you know what to protect?

How the community answered

(26 responses)
  • B
    88% (23)
  • C
    4% (1)
  • D
    8% (2)

Explanation

The Laws of OPSEC are sequential: the first law asks 'If you don't know the threat, how do you know what to protect?' - establishing that identifying the threat comes first. The second law follows logically: 'If you don't know what to protect, how do you know you are protecting it?' - emphasizing that once the threat is known, organizations must clearly identify their critical information and assets. Without knowing what needs protecting, any security measures are arbitrary and incomplete. The third law states that if you are not protecting it, the adversary wins. These laws form a logical chain in the OPSEC process.

Topics

#Operations Security (OPSEC)#Critical Information#Information Protection Principles

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice