DEPARTMENT OF DEFENSE UNITED STATES CYBER COMMAND 9800 SAVAGE ROAD SUITE 6171 FORT GEORGE G MEADE MARYLAND 20755 APR O4 2019 Michael Martelle The National Security Archive Gelman Library Suite 701 2130 H Street N W Washington D C 20037 Dear Mr Martelle Thank you for your September 21 2018 Freedom of Information Act FOIA request for the Joint Force Headquarters - Cyber JFHQ-C certification slide presentation from October 2013 As the initial denial authority I am partially denying portions of the document under 5 U S C §§ 552 b l and b 3 The denied portions include classified national security information under the criteria of Executive Order 13526 labeled as b l defense critical infrastructure security information exempt from disclosure under 10 U S C § 130e labeled as b 3 and personally identifying information regarding personnel assigned to a sensitive unit exempt from disclosure under 10 U S C § 130b also labeled as b 3 U S Cyber Command is a sensitive unit If you are not satisfied with our action on this request you may file an administrative appeal within 90 calendar days from the date of this letter If you submit your appeal in writing please address it to ODCMO Director of Oversight and Compliance 4800 Mark Center Drive ATTN DPCLTD FOIA Appeals Mailbox #24 Alexandria VA 22350-1700 If you submit your appeal by email please send it to OSD FOIA-APPEAL@mail mil All correspondence should reference U S Cyber Command case tracking number 19-R019 You may also contact the Office of Government Information Services OGIS which provides mediation services to help resolve disputes between FOIA requesters and Federal agencies OGIS may be reached at ogis@nara gov 202-741-5770 and 1-877-684-6448 Sincerely R A ROSS A MYERS Rear Admiral U S Chief of Staff f avy JFHQ-C Certification Framework to Operationalize the JFHQ r b 3 10 u s c § 130b I The overall classification of this briefing is TOP SE CReT Re l TO US ' Pll Y UNCLASSIFIED FOR OFFICl O l Y ONLV 1 UNCLASSIFIED FQR OFFICIAL us ONL¥ Agenda • Section 1 - Problem Statement Purpose Method Endstate Certification Criteria • Section 2 - JFHQ-C Mission Essential Task MET List JFHQ-C METs and Mission Critical Functions MCF • Section 3 - USCYBERCOM Processes • Section 4 - Integrated MET MCF and USCYBERCOM processes • Way Ahead UNCLASSIFIED FOR OFFl IAb us ONlV 2 Section 1 Problem Statement Purpose Method Endstate Certification Criteria UNCLASSIFIED FOR OFFICIAL USE OPJLV 3 UNCLASSIFIED fFOR OFFICIP b USli ONLV • Problem Statement • Conduct distributed full spectrum cyberspace operations CO across 4x JFHQ-C that are responsive to planning and execution demands of the Combatant Command's while providing the overwatch and visibility needed for USCVBERCOM UNCLASSIFIED FOR OFFICIAL USli ONbV 4 UNCLASSIFIED FOR OFFICIAL USE OPRV • Purpose Method Endstate • Purpose To establish JFHQ-C criteria for initial and full operating capability IOC FOC • Method This brief aligns JFHQ-C mission essential tasks METs and mission critical functions MCF with USCYBERCOM processes currently used to conduct full-spectrum cyberspace operations CO It integrates tactical actions contained in SOPs and daily battle rhythm into the JFHQC METs and MCFs This integration forms the basis to conduct individual training to reach IOC Collectively the JFHQ-C and its sub-elements demonstrate proficiency in these processes as part of Tier 1 11 exercises to achieve FOC • Endstate A METL-driven training program to baseline the individual and collective JFHQ-C readiness assessment criteria necessary to conduct full-spectrum distributed CO UNCLASSIFIED FOR OFFICIAL USE O llV 5 UNCLASSIFIED FOR OfflCIAl YSE ONLV • Certification Criteria • Certification occurs in two parts individual and collective • Individual certification occurs upon mastery of individual training standards as defined by the Commander JFHQ-C • Collective certification occurs upon successful participation by the JFHQC and its sub-elements in at least two major exercises USCVBERCOM evaluates the JFHQ-C and its sub-elements l' For the purpose of certification subordinate commands and USCYBERCOM Directorates may nominate their participation in any of the Command's required exercises This exercise nomination must take place prior to the exercise and have a fully supported assessment plan both during and after the exercise event The exercise must clearly demonstrate the subordinate command and directorate abilities to perform assigned JMETs Additionally analysis of Learning Management System entries will be used to determine training readiness of individuals assigned to the directorate At least two major exercises Tier I or II must be used to determine certification Joint Cyberspace Training and Certification Standards JCT CS vl 2 UNCLASSIFIED FOR OFFICIAl YSi ONLV 6 I UNCLASSIFIED FOR Ol FICl' b YH ONbY JFHQ-C IOC Criteria Administrative Criteria Develops Approves Mission Tasks Functions approved JFHQ-C CONOPs approved Organization Design approved JFHQ-C METL approved Joint Staff C2 EXORD signed uscc sec sec sec uscc Key subject elements of MOA ISSA are established with applicable Service Cyber Components Services and NSA MOA ISSA not necessarily finalized sec uscc uscc uscc sec uscc sec css 5 1 Team work-space allocation plan in place for IOC force sec uscc uscc 5 2 Operational process and relationship with NSA at Cryptologic Centers codified sec sec and css 1 2 2 1 3 4 5 Logistics and Support processes and relationships with 5 3 NSA Services and Services Cyber Components are codified UNCLASSIFIED l OR OHICIAl YH ONlY sec Services and sec css Services and uscc 7 UNCLASSIFIED FOR QfflCl ' b U5 ONI ¥ • JFHQ-C IOC Criteria 6 JFHQ-C possesses manning and capability for C2 of attached forces 7 Individual Job Qualification Requirements are Developed 8 sec uscc USCC SCC USCC SCC Individuals are trained in accordance with their JQR sec sec 9 A functional Watch Element e g JOC capable of supporting full spectrum cyber operations is in place sec uscc 10 A functional 24 7 IROC capable of supporting full spectrum cyber operations is in place sec uscc 11 A functional intelligence oversight program is established incorporating JFHQ-C as required sec uscc 12 Continuity of Operations COOP Procedures established sec sec 13 USCC and sec J39 operational procedures integrated and codified sec uscc 14 Reporting procedures to include operational and administrative missions sec sec UNCLASSIFIED I FOR OfflCIAb us QNLV 8 UNCLASSIFIED FO R OFFICl ' l YSE O IL V • A Building Block Approach to IOC FOC • Tier 1 11 Exercises • b 1 Sec 1 7 e • • • Mission Rehearsal Exercise • JFHQ-C training • Sub-Element Validation Events SEV • Cyber Flag • fb 1 Sec 1 7 e I • Branch Division training • Team Section training • • • • UNCLASSIFIED FOR OHICI O l UH ONLY Individual qualification OJT Individual training pipeline Formal initial training IOC - Training Plan i 9 en C en en 2 -0 n ··- u s cc a en u en_ LU ta c o ·- u N S CU •u 0 I en J u ·- a·t i a 1 l 0 w C VI vi u 3 z u • JFHQ-C MET and MCF Background Information • In March 2013 USCYBERCOM established a working group to develop the Mission Essential Tasks and subsequent Mission Critical Functions for the JFHQC The WG performed a detailed scrub of the Universal Joint Task List UJTL identifying all UJTL entries that were listed under Joint Task Force and debated within the WG on which JTF UJTLs were most relevant to the JFHQC The following METs and MCFs were reviewed and approved by USCYBERCOM J3 in June 2013 Ver X J-Code AO 11 UNCLASSIFIED FOR OFFICI O l llSE ONLY • JFHQ-C Mission Essential Task List METL 1 Exercise C2 of all attached CMF ISO CCMD mission 2 Exercise SIGINT Authority Mission Delegation and Intelligence Oversight to include SIGINT 10 and auditing of all attached CMF ISO CCMD mission 3 Plan and direct Cyber ISR Cyber OPE Cyber Attack and - when directed - Cyber Defense actions to accomplish CCMD specified missions and BPT conduct crisis action planning and CO in response to global threats 4 Coordinate integrate synchronize and de-conflict CO of attached CMF with other JFHQ-C NMF-HQ and USCC operating in the same networks at the tactical level to maximize operational effectiveness Coordinate as required with NSA Cryptologic Center Commanders 5 Conduct intelligence operations including managing CMF intelligence requirements and the collection production and dissemination of intelligence 6 Coordinate JFHQ-C support functions for attached and for co-located CMF with USCC NSA service and functional components direct CMF training exercises and readiness requirements JFHQ-C Mission Essential Tasks and Functions Brief dtd 21JUN13 UNCLASSIFIED FOR OFFICIAL llSE ONLY 12 UNCLASSIFIED FOR OFFICIAL USE OPJLV • JFHQ-C MET 1 and MCFs • MET 1 Exercise C2 of all attached CMF ISO CCMD mission Command and Control Joint Force Headquarters - Cyber • Mission Critical Functions MCF 1 1 Exercise Command and Control of CMF maneuver teams 1 2 Report Readiness 1 3 Provide for Legal Services ISO planning operations except that all operational SIGINT legal advice will be provided by NSA OGC 1 4 Maintain Operational Information and Force Status Also supports Tasks 2-5 1 5 Conduct Joint Force Staff Operations 1 6 Conduct operational synchronization and integration with JCC JFCCC 1 7 Conduct Knowledge Management and Information Management UNCLASSIFIED FOR OFFICIAL IJSE mJLY 13 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 2 and MCFs • MET 2 Exercise SIGINT Authority Mission Delegation and Intelligence Oversight to include SIGINT 10 and auditing of all attached CMF ISO CCMD mission • Mission Critical Functions MCF 2 1 Manage the SIGINT collection process 2 2 Conduct asset management 2 3 Manage mission delegation 2 4 Oversee CMF Cryptologic Intelligence Oversight CIO program 2 5 Provide advice and guidance on SIGINT policy and procedures 2 6 Provide Operations Intelligence system support UNCLASSIFIED FOR OFFICIAL US ONbV 14 UNCLASSIFIED FOR OFFICIAl yi mllV • JFHQ-C MET 3 and MCFs • MET 3 Plan and direct Cyber ISR Cyber OPE Cyber Attack and -when directed - Cyber Defense actions to accomplish CCMD specified missions and BPT conduct crisis action planning and CO in response to global threats • Mission Critical Functions MCF 3 1 3 2 3 3 3 4 3 5 3 6 3 7 3 8 Prepare Plans and Orders Conduct Mission Analysis Issue Planning Guidance Develop COA Prepare staff estimates Issue Commander's Estimate Issue Plans and Orders Coordinate battlespace maneuver integrate with firepower Support Target System Analysis Electronic Target Folders and Target List Production Management UNCLASSIFIED FOR OFFICIAl USE OPJlY 15 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 3 and MCFs Cont • MET 3 Plan and direct Cyber ISR Cyber OPE Cyber Attack and - when directed - Cyber Defense actions to accomplish CCMD specified missions and BPT conduct crisis action planning and CO in response to global threats • Mission Critical Functions MCF 3 9 Support HPT HVT development 3 10 Conduct operational rehearsals 3 11 Conduct operational maneuver 3 12 Conduct effects and tactical assessments 3 13 Prioritize OPE and ISR efforts 3 14 Conduct dynamic targeting 3 15 Participate in Task Forces Joint interagency international 3 16 Conduct Computer Network Exploitation CNE enabling operations Cyberspace ISR and Cyberspace OPE UNCLASSIFIED FOR OFFICIAL USE 01 bV 16 UNCLASSIFI ED I FOR OFFICIAL USE • om v JFHQ-C MET 4 and MCFs • MET 4 Coordinate integrate synchronize and de-conflict CO of attached CMF with other JFHQ-C NMF-HQ and USCC operating in the same networks at the tactical level to maximize operational effectiveness Coordinate as required with NSA Cryptologic Center Commanders • Mission Critical Functions MCF 4 1 4 2 4 3 4 4 4 5 4 6 4 7 4 8 Synchronize deconflict and integrate operations fires Coordinate employment of CO Manage use and assignment of terrain Synchronize and integrate operations Conduct Operational Assessment Employ tactical cyberspace firepower Coordinate and integrate joint multinational and IA support Coordinate with cryptologic enterprise elements NSA UNCLASSIFIED FOR Ol l ICIAl US ONLY 17 UNCLASSIFIED FOR QFFICIAL YSE QNL Y • JFHQ-C MET 5 and MCFs • MET 5 Conduct intelligence operations including managing CMF intelligence requirements and the collection production and dissemination of intelligence • Mission Critical Functions MCF 5 1 Process and exploit collected operational information 5 2 Direct Joint Intelligence Support Element JISE operations 5 3 Perform Collection Management Planning Prioritization Requirements Management Tasking Cyber ISR Assets 5 4 Conduct Intelligence Preparation of the Battlespace IPB 5 5 Gain Maintain Situational Understanding 5 6 Provide Intelligence Support to Plans Operations and Fires 5 7 Develop Operational Targets 5 8 Conduct Cyberspace ISR 5 9 Conduct Single Source Exploitation 5 10 Provide SIGINT on Specified Targets 5 11 Produce Operational Intelligence 5 12 Conduct Intelligence Staff Operations UNCLASSIFIED FOR OFFICIAL YSE ONL ¥ 18 UNCLASSIFIED FOR OFFICIAL USE OPILY • JFHQ-C MET 6 and MCFs • Coordinate JFHQ-C support functions for attached or co-located CMF with USCC NSA service and functional components direct CMF training exercises and readiness requirements • Mission Critical Functions MCF 6 1 6 2 6 3 Plan Direct and Execute Exercises Provide Resource Management Serve as the USCC Coordinating Authority facilitating as required Service Component ADCON through local coordination of admin logistics support requirements for all co-located attached and unattached CMF 6 4 Serve as the USCC Coordinating Authority to coordinate and deconflict deliberate mission scheduling for unattached co-located CMF 6 5 Serve as the USCC Coordinating Authority to coordinate and deconflict time sensitive operations for unattached co-located CMF 6 6 Prioritize Architecture and Capabilities Development and Requirements ISO Task 4 6 7 Coordinate Logistic Services 6 8 Manage Personnel Accountability Strength Reporting 6 9 Provide Security ACCM Management oversee STO SAP operations 6 10 Conduct Joint Force Staff Operations 6 11 Conduct command designated coordination operations 6 12 Coordinate and direct weapon capability development UNCLASSIFIED FOR OFFICIAL YH mil¥ 19 UNCLASSI FIED FOR OFFICIAL USE ONLY • USCYBERCOM Processes • The following are the processes B2C2WG and tactical actions that USCYBERCOM uses to conduct full spectrum CO • Processes Pl Cyberspace Tasking Cycle Modified Air Tasking Cycle - Cyberspace Operations Directive CyOD - Master Cyber Operations Plan MCOP - Integrated Tasking Order ITO - ·Special Instructions SPINs - Joint Tactical Cyber Request JTCR - Assessment MISREPs BDA MEA Re-strike Re-target P2 Cyberspace Effects Request Form CERF p3 b 3 10 U S C § 130e I P4 Planning Teams PS Operational Priorities and Intelligence Collection Priorities P6 Joint Targeting Cycle - Target Development TDWG JTWG - Strike Package Coordination JTCM - Target Validation Approval JTCB P7 Operations Synchronization UNCLASSIFIED FOR OJ Fl IAl us ONLY 21 UNCLASSIFIED FOR OFFICIAL YSE QNlV USCYBERCOM Process 1 and ITs • • Pl Cyberspace Tasking Cycle • The Cyberspace Tasking Cycle is a modified air tasking cycle It provides for effective and efficient employment of Joint forces and capabilities It is an iterative cyclic is a six step process to plan schedule execute and assess full-spectrum cyberspace operations • Individual Tasks ITs 1 1 Objectives Effects and Guidance CyOD 1 2 Target Development and Weaponeering Joint Targeting Process 1 3 Allocation MCOP JTCR 1 4 ITO Production and Disseminationfb J 10 u s c § 130e 1 5 Execution Planning and Force Execution SPINs 1 6 Assessment • MISREP • MOP MOE • Combat Assessment Process BOA MEA and Re-strike Re-target I UNCLASSIFIED FOR OFFICIAL USE ONLV 22 UNCLASSIFIED FOP OHICIAL US mJLY • Cyberspace Tasking Cycle UNCLASSIFIED FOR OFFICIAL USE om¥ UNCLASSIFIED FOR OFFICIAb blSE OPlbY • USCYBERCOM Process 2 and ITs • P2 Cyberspace Effects Request Form CERF • A CERF is a formal request for USCYBERCOM operational support It is the form USCYBERCOM uses to receive track and provide operational effects in support of planning and execution across all lines of operations offensive cyberspace operations OCO defensive cyberspace operations DCO and DOD global information grid operations DGO • Individual Tasks ITs 2 1 Links the desired effects with the tactical objective operational goal and strategic end state 2 2 Records tracks and manages requests from the supported JFC 2 3 Assigned to planning team IAW time horizon and function 2 4 Facilitates dialogue DIRLAUTH and transparency throughout the process 2 5 Automated status of planning tracker UNCLASSIFIED FQ R OHICIAb US E OPlbY 24 UNCLASSIFIED FOR OFFICIAL USE • Cyberspace Tasking Cycle UNCLASSIFIED FOR OFFICIAL USE OPJLY omv UNCLASSIFIED FOR OFFICl l l USE OPILV USCVBERCOM Process 3 and ITs • • P3 t 3 10 u s c § 13oe • • Individual Tasks ITs lfb 3 10 U S C § 130e 3 3 UNCLASSIFIED FOR OFFICl l l U§E OPJLV 26 UNCLASSIFIED FOR OFFICIAL blSE ONLY • USCYBERCOM Process 3 and ITs Cont • P3 b 3 10 u s c § 13oe • • Individual Tasks ITs 3 3 b 3 10 U S C § 130e U NCLASSIFIED FOR OFFICIAL blSE ONLY 27 UNCLASSIFIED FOR OFFICIJI L 1 m OPILY • Cyberspace Tasking Cycle b 3 10 u s c § 130e IT 0' SRINS M'G Ge J' t R CERF - Cyber Effects Request Form CYOD - Cyber Operations Directive JTCR - Joint Tactical Cyber Request UNCLASSIFIED FOP OFFICIAL USE ONLV LEGEND MCOP - Master Cyber Operations Plan ITO - Integrated Tasking Order CCO - Cyber Control Order UNCLASSIFIED FO R OFFICIAL USE OII ILY • USCYBERCOM Process 4 and ITs • P4 Planning Teams Planning translates strategic guidance and direction into campaign plans contingency plans and operations orders OPORDs Joint operation planning may be based on defined tasks identified in the Guidance for Employment of the Force GEF and the Joint Strategic Capabilities Plan JSCP Alternatively joint operation planning may be based on the need for a military response to an unforeseen current event emergency or time-sensitive crisis JP 5-0 • Individual Tasks ITs 4 1 Strategy Division Future Operations Team J35 • Base OPORD EXORD • Branches and sequel planning • Propose changes to ROE and Rules for Use Of Force ROF • Develop and coordinate the CyOD • Operational assessment reports and plans UNCLASSIFIED FOR OFFICIAL USE omv 29 UNCLASSIFI ED FOR OFFl IAb Y§i ONbV • USCVBERCOM Process 4 and ITs Cont • P4 Planning Teams Planning translates strategic guidance and direction into campaign plans contingency plans and operations orders OPORDs Joint operation planning may be based on defined tasks identified in the Guidance for Employment of the Force GEF and the Joint Strategic Capabilities Plan JSCP Alternatively joint operation planning may be based on the need for a military response to an unforeseen current event emergency or time-sensitive crisis JP 5-0 • Individual Tasks ITs 4 2 Combat Plans Joint Fires Element J38 • Conduct Crisis Action Planning • Produce MCOP • Process generate JTCRs • Produce ITO • Generate SPINs • Conduct combat assessments • Conduct advanced target development Weaponeering • Produce the draft JIPTL • Build and coordinate Strike Package • Manage Target Lists UNCLASSIFIED FOR OFFICIAb U§i ONlV 30 UNCLASSIFIED fOR OH'ICIAl YS OllllV • USCYBERCOM Process 4 and ITs Cont • P4 Planning Teams Planning translates strategic guidance and direction into campaign plans contingency plans and operations orders OPORDs Joint operation planning may be based on defined tasks identified in the Guidance for Employment of the Force GEF and the Joint Strategic Capabilities Plan JSCP Alternatively joint operation planning may be based on the need for a military response to an unforeseen current event emergency or time-sensitive crisis JP 5-0 • Individual Tasks ITs 4 3 Current Operations J33 • Provide constant monitoring and support of missions • Publish changes to ITO as necessary in response to changes in operations and or the operating environment • Develop reports as required • Manage common tactical operational picture • Conduct dynamic targeting • Provide real time intelligence UNCLASSIFIED FOR OFFICIAL YS ONLY 31 UNCLASSIFIED FOR OFFICIAL YS GPlb¥ • Cyberspace Tasking Cycle CERF - Cyber Effects Request Form CYOD - Cyber Operations Directive JTCR - Joint Tactical Cyber Request UNCLASSIFIED FOR OFFICIAL YSE omv LEGEND MCOP - Master Cyber Operations Plan ITO - Integrated Tasking Order CCO - Cyber Control Order UNCLASSIFIED FOR OFFICI AL USE OPllV USCVBERCOM Process 5 and ITs • • PS Operational Priorities and Intelligence Collection Priorities • The priorities process allows the Commander to shift his main and supporting efforts by periodically assessing operational priorities within three mission areas Defend the Nation Operate and Defend the DODIN and Support to Combatant Commanders The process aligns intelligence collection efforts with operational priorities • Individual Tasks ITs 5 1 Priorities Working Group PWG -Analyzes demand signal from CERFs and command guidance against current operational and planning priorities Creates proposed operational planning priorities for approval by DCDR via J2 J3 JS review 5 2 Collection Management Working Group CMWG • Reviews and prioritizes Joint Integrated Prioritized Collection List JIPCL intelligence access capability and interagency requirements • Develops intelligence collection guidance and priorities for ISR forces • Provides status of collection actions and evaluates effectiveness of collection • Deconflicts Command Service Cyber Component SCC requirements UNCLASSIFIED FOR OFFl IAl USE ONlV 33 UNCLASSIFIED FOR OFFICl t' b YH Ot lbY • Cyberspace Tasking Cycle PWG CMWG Cy OD KEY S0Ps Battle Rhythm 82C2WG UNCLASSIFIED FOR OHICIAL l JS ONLY CERF - Cyber Effects Request Form CYOD - Cyber Operations Directive JTCR - Joint Tactical Cyber Request LEGEND MCOP - Master Cyber Operations Plan ITO - Integrated Tasking Order CCO - Cyber Control Order UNCLASSIFIED FOR oi rn 1 n l Y5E omv • USCYBERCOM Process 6 and ITs • P6 Joint Targeting Cycle • Targeting is the process of selecting and prioritizing targets matching the appropriate response to them and considering operational requirements and capabilities JP 3-60 Integrating and synchronizing planning execution and assessment is pivotal to the success of targeting • Individual Tasks ITs 6 1 Target Development Working Group TDWG - Responsible developing targets through the basic through intermediate development process and produces a vetted target ready for advanced development The focus of the TDWG is target status to properly vet the target 6 2 Joint Targeting Working Group JTWG - Responsible for approving entities for target development and providing the status of advanced targets ultimately producing a target strike package to the JTCM for coordination The focus of the JTWG is to ensure fires and effects delivered in and through cyberspace support the objective s UNCLASSIFIED FOR OFFICIAl USE ONlV 35 UNCLASSIFIED FOR OFFICIP L blSE ONLV • USCVBERCOM Process 6 and ITs Cont • P6 Joint Targeting Cycle • Targeting is the process of selecting and prioritizing targets matching the appropriate response to them and considering operational requirements and capabilities JP 3-60 Integrating and synchronizing planning execution and assessment is pivotal to the success of targeting • Individual Tasks ITs 6 3 Cyberspace Strike Package - The primary product presented to the chairman of the JTCB for the purpose of informing the Commander's decision regarding the execution of an operation The Cyberspace Strike Package includes • Concept of Fires Effects • Intel Gain Loss IGL • Political Military Assessment PMA • Collateral Effects Estimate CEE • Operation Legal Review OLR • Blowback Assessment • No Foreign Policy Objection NFPO • Risk Assessment Report RAR Capability Target Pairing CTP UNCLASSIFIED FOR OFFICIP L blSE OPJLV 36 UNCLASSIFIED FOR OFFICIAL U mJLV • USCVBERCOM Process 6 and ITs Cont • P6 Joint Targeting Cycle • Targeting is the process of selecting and prioritizing targets matching the appropriate response to them and considering operational requirements and capabilities JP 3-60 Integrating and synchronizing planning execution and assessment is pivotal to the success of targeting • Individual Tasks ITs 6 4 Target Validation • Joint Targeting Coordination Board JTCB - On behalf of the supported or supporting JFC develop broad targeting priorities and other targeting guidance in accordance with the JFC's objectives as they relate operationally Approve Disapprove addition of targets to USCC target lists or target capability and concept of fires release to COCOM • The JTCB validates a target in context of the plan or operation order it supports UNCLASSIFIED FOR OFFICIAL USE OPJLY 37 UNCLASSIFIED FOR OFFICIAL US ONLY Cyberspace Tasking Cycle PWG CMWG JPG I OPT Meetings CyODWG CyOD MCOP TDWG JTWG JTCM I JTCB KEY S0Ps Battle Rhythm B2C2WG UNCLASSIFIED FOR OFFICIAL blS OPILY CERF - Cyber Effects Request Form CYOD - Cyber Operations Directive JTCR - Joint Tactical Cyber Request LEGEND MCOP - Master Cyber Operations Plan ITO - Integrated Tasking Order CCO - Cyber Control Order UNCLASSIFIED FOR OFFICIAb us O lbY USCVBERCOM Process 7 and ITs • • P7 Operations Synchronization • The Operations Synchronization OPS-SYNC meeting assesses operations executed during the last 24-hours evaluates ongoing operations for the present day ITO and schedules and deconflicts operations out to 48-hours and beyond by annotating them on a MCOP The current intelligence picture collection emphasis message target status and readiness of forces and infrastructure inform this effort • Individual Tasks ITs 7 1 Deconflicting CO throughout the domain 7 2 Synchronizing CO with other kinetic or non-kinetic operations 7 3 Providing updates support to efforts spanning all phases of the Cyberspace Tasking Cycle 7 4 Integrating legal services in support of planning and operations UNCLASSIFIED FOR OfflCIAb YS omv 39 UNCLASSIFIED fFOR OFFICIAL USE OPILV • Cyberspace Tasking Cycle PWG CMWG OPS-SYNCH I OPT Meetings JPG I OPT Meetings CyODWG Branches Sequels TDWG JTWG JTCM I JTCB MCOP Re-strike Retarget OPS-SYNCH Meeting Target Lists Strike Package MIS REPS ITO SPINs JTCR Meeting Meeting KEY SOPs Battle Rhythm 82C2WG UNCLASSIFIED FOR OFFICl» L USE O ILY CERF - Cyber Effects Request Form CYOD - Cyber Operations Directive JTCR - Joint Tactical Cyber Request LEGEND MCOP - Master Cyber Operations Plan ITO - Integrated Tasking Order CCO - Cyber Control Order UNCLASSIFIED FOR OFFICIAL USE ONLY • Cyberspace Tasking Cycle PWG CMWG OPS-SYNCH I OPT Meetings JPG I OPT Meeting s CyODWG ·e1 ers· p·aoe ' TDWG I JTWG JTCM I JTCB perati0n s OPS-SYNCH Meeting 0 €0 pee DCO-RA Meeting KEY Meeting SOPs Batt le Rhythm 8 2C2WG UNCLASSIFIED FOR OFFICIAL USE OPJLY CERF - Cyber Effects Request Form CYOD - Cyber Operations Directive JTCR - Joint Tactical Cyber Request LEGEND MCOP - Master Cyber Operations Plan ITO - Integrated Tasking Order CCO - Cyber Control Order Section 4 Integration of METs MCFs with USCYBERCOM processes UNCLASSIFIED FOR OFFICIJ l YSli' O llY 42 UNCLASSIFIED mR OFFICIP l USE ONlV • Integration of METs MCFs with USCYBERCOM processes • The following slides outline how the major USCYBERCOM process integrate with the METs MCFs of the JFHQ It nests individual tasks under mission critical functions that support the mission essential tasks to show how the processes employed by USCYBERCOM support each of the tasks that the JFHQ-C will required to accomplish UNCLASSIFIED FOR OFFIEIAl USE OP'LV 43 UNCLASSIFIED FOR OFFICIAl YSE ONLV -- JFHQ-C MET 1 and MCFs Integrated with • -·- USCYBERCOM Processes • MET 1 Exercise C2 of all attached CMF ISO CCMD mission Command and Control Joint Force Headquarters - Cyber • Mission Critical Functions MCF 1 1 Exercise Command and Control of CMF maneuver teams • p3 kb 3 10U S C §130e • P7 OPS-SYNCH IT 7 1 Deconflicting CO throughout the domain Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 2 Synchronizing CO with other lethal or non-lethal operations Ref TA 3 3 1 2 Report Readiness • p 3 kbH3 10 u s c § 13oe 1 3 Provide for Legal Services ISO planning operations except that all operational SIGINT legal advice will be provided by NSA OGC • P7 OPS-SYNCH IT 7 4 Integrating legal services in support of planning and operations Ref OP 4 4 7 Provide for legal services UNCLASSIFIED FOR OFFICIAL YSi O IL Y 44 UNCLASSIFIED FOR OFFICIAL USE mil¥ • JFHQ-C MET 1 and MCFs Integrated with USCYBERCOM Processes Cont 1 4 Maintain Operational Information and Force Status Also supports Tasks 2-5 - - • P3 C· b 3 10 U s c l JUe b 3 10 U S C § 130e • P7 OPS-SYNCH IT 7 3 Providing updates support to efforts spanning all phases of the Cyberspace Tasking Cycle 1 5 Conduct Joint Force Staff Operations • Pl Cyberspace Tasking Cycle Outlines the steps and processes necessary to conduct CO • P4 Planning Teams Properly organized teams following the Cyberspace Tasking Cycle will accomplish the staff actions needed to successfully employ CO 1 6 Conduct operational synchronization and integration with JCC JFCCC • P3 b 3 10U S C §130e • P7 OPS-SYNCH IT 7 1 Synchronizing and Deconflicting CO throughout the domain Ref TA 5 5 1 Conduct Force Link Up TA 5 6 5 1 Coordinate employment of Computer Network Operations in Joint Operations Area IT 7 3 Forum to discuss status of l W and operations assessments Ref TA 2 4 Discuss Tactical Warning Information and Attack Assessment UNCLASSIFIED FOR OFFICIAL Y5E ONLY 45 UNCLASSIFIED FOR OFFIClt l lJSi OPH V JFHQ-C MET 1 and MCFs Integrated with • - USCYBERCOM Processes Cont 1 7 Conduct Knowledge Management and Information Management • p 3 kb 3 10 u s c § 13oe • P7 OPS-SYNCH IT 7 1 Deconflict CO with the IC and adjacent units Ref TA 5 6 5 1 Coordinate employment of Computer Network Operations in a Joint Operations Area IT 7 3 Share Operational Intelligence UNCLASSIFIED FOR OFFICIAL USE OPJl¥ 46 UNCLASSIFIED FOR OFFICIAL USE mil¥ JFHQ-C MET 2 and MCFs Integrated with • · USCYBERCOM Processes • MET 2 Exercise SIGINT Authority Mission Delegation and Intelligence Oversight to include SIGINT 10 and auditing of all attached CMF ISO CCMD mission • Mission Critical Functions MCF 2 1 Manage the SIGINT collection process • IT 5 1 PWG Creates operational planning priorities that informs the intelligence collection priorities • IT 5 2 CMWG Prioritizes the JIPCL and develops collection guidance and priorities for ISR forces 2 2 Conduct asset management • p 3 b 3 10 u s c § 1Joe 2 3 Manage mission delegation • p3 b 3 10 U S C § 130e • IT 5 2 CMWG Prioritizes the JIPCL and develops collection guiaance and priorities for ISR forces UNCLASSIFIED FOR OHICIAl YSli ONI Y 47 UNCLASSIFIED F9R 9FFICIAL Y5E 9t ILY - JFHQ-C MET 2 and MCFs Integrated with • USCVBERCOM Processes 2 4 Oversee CMF Cryptologic Intelligence Oversight CIO program • p kb 3 10 u s c § 13oe 3 b 3 10 U S C § 130e 2 5 Provide advice and guidance on SIGINT policy and procedures • P7 OPS-SYNCH IT 7 4 Integrating legal services in support of planning and operations Ref OP 4 4 7 Provide for legal services 2 6 Provide Operations Intelligence system support • p3 kb 3 10 U S C § 130e UNCLASSIFIED FOR 9FFICIAL Y5E 9t 1LV 48 UNCLASSIFIED FOR OFFICIAL l IS O ILV • JFHQ-C MET 3 and MCFs • MET 3 Plan and direct Cyber ISR Cyber OPE Cyber Attack and -when directed Cyber Defense actions to accomplish CCMD specified missions and BPT conduct crisis action planning and CO in response to global threats • Mission Critical Functions MCF 3 1 Prepare Plans and Orders • Pl Cyberspace Tasking Cycle IT 1 4 ITO production and dissemination Ref OP 5 3 Prepare Plans and Orders OP 5 4 1 Approve Plans and Orders TA 3 3 1 Prepare the Air Tasking Order • P2 CERF IT 2 3 Initiates operational planning Ref TA 5 6 5 1 Coordinate Employment of Cyberspace operations • P3 fb 3 10 U S C § 130e rb 3 10 u s c § 130e I I • P4 Planning Teams IT 4 2 Prepare the ITO MCOP JIPTL and SPINs Ref TA 3 3 1 Coordinate Air Tasking Order 3 2 Conduct Mission Analysis • P4 Planning Teams IT 4 1 Conduct Branch and Sequel planning IAW the Joint Operation Planning Process JOPP outlined in JP 5-0 UNCLASSIFIED I FOR OFFIEIAL us mil¥ 49 UNCLASSIFIED JFOR OFFICIOL U$E O LY • JFHQ-C MET 3 and MCFs Cont 3 3 Issue Planning Guidance • Pl Cyberspace Tasking Cycle IT 1 1 Objectives Effects and Commander's guidance is disseminated to the JFHQ staff via the CyOD Ref TA 5 6 5 1 Coordinate Employment of Cyberspace Operations • P2 CERF IT 2 1 Conveys Commander's objectives end state and desired effects to the planning teams Ref TA 5 6 5 1 Coordinate Employment of Cyberspace Operations 3 4 Develop COA Prepare staff estimates • P4 Planning Teams IT 4 1 Conduct planning IAW the JOPP outlined in JP 5-0 3 5 Issue Commander's Estimate • P4 Planning Teams IT 4 1 Conduct planning IAW the JOPP outlined in JP 5-0 3 6 Issue Plans and Orders • Pl Cyberspace Tasking Cycle IT 1 4 ITO Production and Dissemination Ref OP 5 3 Prepare Plans and Orders OP 5 4 1 Approve Plans and Orders TA 3 3 1 Prepare the Air Tasking Order • p3 fb 3 10 U S C § 130e rb 3 10 u s c § 130e I I • P4 Planning Teams IT 4 2 Prepare the ITO MCOP JIPTL and SPINs Ref TA 3 3 1 Coordinate Air Tasking Order UNCLASSIFIED I FOR QFFICIAb us O JbV so UNCLASSIFIED FOR OFFl IAL USE ONLY • JFHQ-C MET 3 and MCFs Cont 3 7 Coordinate Battlespace maneuver integrate with firepower • Pl Cyberspace Tasking Cycle IT 1 3 Allocation IT 1 4 Iterative Cyclic process to plan schedule and execute CO Ref OP 3 1 2 Apportion fires OP 5 3 Prepare Plans and Orders OP 5 4 1 Approve Plans and Orders TA 3 3 1 Prepare the Air Tasking Order • p3 ib 3 10 u s c § 13oe • P7 OPS-SYNC IT 7 1 Deconflict operations with the IC and adjacent units Ref TA 5 6 5 1 Coordinate Employment of Cyberspace Operations 3 8 Support Target System Analysis Electronic Target Folders and Target List Production Management • Pl Joint Targeting Cycle IT 1 1 IT 1 2 Develop Targets through the advanced level and place them on a targeting list Ref OP 2 8 Provide Intelligence Support to Fires TA 2 1 Produce Electronic Target Folders • P4 Planning Teams IT 4 1 Submit intelligence requirements and requests for information as required to build a Target System Analysis Ref OP 2 8 Provide Intelligence Support to Fires UNCLASSIFIED FOR OFFICIAl YSE mil¥ 51 UNCLASSIFIED FOR OFFICIAl YSE ONlV • JFHQ-C MET 3 and MCFs Cont 3 9 Support HPT HVT development • P4 Planning Teams IT 4 1 Submit intelligence requirements and requests for information as required to build a Target System Analysis Ref OP 2 8 Provide Intelligence Support to Fires IT 4 2 Prioritize HPTs HVTs • P6 Joint Targeting Cycle IT 6 3 Prepare cyberspace strike package for Commander's approval 3 10 Conduct operational rehearsals • P4 Planning Teams IT 4 1 IT 4 2 Identify and rehearse key processes and elements 3 11 Conduct operational maneuver • Pl Cyberspace Tasking Cycle IT 1 3 Translate JTCR onto the MCOP IT 1 4 Produce ITOs from the MCOP IT 1 5 Generate SPINs • P7 OPS-SYNC IT 7 1 Deconflict operations with the IC and adjacent units TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower UNCLASSIFIED FOR OFFICIAl YSi ONL V 52 UNCLASSIFIED FOR OFFICI O l YSE OMLV • JFHQ-C MET 3 and MCFs Cont 3 12 Conduct effects and tactical assessments • Pl Cyberspace Tasking Cycle IT 1 6 Assessment MISREPS MOP MOE BOA • P3 rb 3 10 U S C § 130e I • P4 Planning Teams IT 4 1 Digest MISREPs and intelligence reports and produce effects and tactical assessments • P7 OPS-SYNC IT 7 3 Disseminate assessment information Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments 3 13 Prioritize OPE and ISR efforts • Pl Cyberspace Tasking Cycle IT 1 1 Objectives Effects and Guidance IT 1 3 Allocation • p3 b 3 10 u s c § 13oe • P4 Planning Teams IT 4 1 Provide characterization of the cyberspace battlespace Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 4 3 Identify cyberspace activity as neutral friendly or adversarial Ref TA 6 5 Provide for Combat Identification • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces UNCLASSIFIED FOR OFFICIAL USE O JLV 53 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 3 and MCFs Cont 3 14 Conduct dynamic targeting • P4 Planning Teams IT 4 2 Conduct planning crisis action planning and produce cyberspace strike packages as required to support dynamic targeting • P6 Joint Targeting Cycle IT 6 4 Validate targets at the JTCB and place them on a targeting list to be prosecuted as targets of opportunity 3 15 Participate in Task Forces Joint lnteragency lnternational • P2 CERF TA 2 4 Facilitates dialogue DIRLAUTH and transparency throughout the process Ref TA 5 6 5 1 Coordinate Employment of Cyberspace Operations 3 16 Conduct Computer Network Exploitation CNE enabling operations Cyberspace ISR and Cyberspace OPE Pl Cyberspace Tasking Cycle Iterative Cyclic process for planning scheduling executing and assessing OPE and ISR missions p3 ib 3 10 U S C § 130e UNCLASSIFIED FOR OFFICIAL USE OPJLV 54 UNCLASSIFIED FOR OFFICIAL USE OPllY • JFHQ-C MET 4 and MCFs • MET 4 Coordinate integrate synchronize and de-conflict cyber operations of attached CMF with other JFHQ-C NMF-HQ and USCC operating in the same networks at the tactical level to maximize operational effectiveness Coordinate as required with NSA Cryptologic Center Commanders • Mission Critical Functions MCF 4 1 Synchronize deconflict and integrate operations fires • Pl Cyberspace Tasking Cycle IT 1 3 Allocation MCOP IT 1 4 ITO Production and Dissemination Ref TA 5 6 5 1 Coordinate employment of Computer Network Operations in a Joint Operations Area • p3 bH3 10 u s c § 1Joe • P7 OPS-SYNC IT 7 1 Deconflict CO throughout the domain Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 3 Disseminate l W information Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNCLASSIFIED FOR OFFICIAL USE mJLY 55 UNCLASSIFIED FOR OFFl IAl YSE mil¥ JFHQ-C MET 4 and MCFs 4 2 Coordinate employment of Cyberspace Operations CO • Pl Cyberspace Tasking Cycle Iterative process that outlines the procedures necessary for conducting CO Ref TA 5 6 5 1 Coordinate employment of Computer Network Operations in a Joint Operations Area • p b 3 10 u s c § 13oe 3 • P4 Planning Teams IT 4 2 IT 4 3 Identify and rehearse key processes and elements • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 3 Disseminate l W information Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNCLASSIFIED FOR OFFl IAb YSE GNbY 56 UNCLASSIFIED FOR OFFICIAL US£ OPJLV • JFHQ-C MET 4 and MCFs 4 3 Manage use and assignment of terrain • Pl Cyberspace Tasking Cycle IT 1 3 Allocation - Systematically assign forces to battlespace areas Ref Op 3 1 2 Apportion Fires IT 1 3 Allocation - Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification • p3 b 3 10 U S C § 130e • IT 5 2 CMWG Develop collection guidance and priorities for ISR forces • P7 OPS-SYNC IT 7 1 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower UNCLASSIFIED I FOR m l IAL us O LV 57 UNCLASSIFIED 'FOR OFFICIAL blSI ONLY • JFHQ-C MET 4 and MCFs 4 4 Synchronize and integrate operations • p 3 kbl 3 10 u s c § 13oe • P7 OPS-SYNC IT 7 1 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 3 Identify cyberspace activity as neutral friendly or adversarial Ref TA 6 5 Provide for Combat Identification 4 5 Conduct Operational Assessment • Pl Cyberspace Tasking Cycle IT 1 6 Assessment • P3 fb 3 10 U S C § 130e • P4 Planning Teams IT 4 1 Digest MISREPs and intelligence reports and produce effects and tactical assessments • P7 OPS-SYNC IT 7 3 Disseminate assessment information Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments I UNCLASSIFIED FOR OFFICI O b YSE ONLY 58 UNCLASSIFIED FOR OfflCIAl YSE OPllY • JFHQ-C MET 4 and MCFs 4 6 Employ tactical cyberspace firepower • Pl Cyberspace Tasking Cycle IT 1 5 Execution Planning and Force Execution Ref OP 5 3 Prepare Plans and Orders OP 5 4 1 Approve Plans and Orders TA 3 3 1 Prepare the Air Tasking Order • p3 b 3 10 u s c § 13oe • P7 OPS-SYNC IT 7 1 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 3 2 3 Conduct Interdiction UNCLASSIFIED FOR OFl ICIAl USE O llV 59 UNCLASSIFIED FOR OFFICIAL USE OPlbY • JFHQ-C MET 4 and MCFs 4 7 Coordinate and integrate Joint Multinational and lnteragency support • P4 Planning Teams IT 4 1 Conduct planning IAW the Joint Operational Planning Process JOPP outlined in JP 5-0 and coordinate with Joint Multinational forces and the lnteragency as required to deconflict plans • P6 Joint Targeting Cycle IT 6 1 Develop targets and Vet them with the lnteragency IAW CJCSI 3370 01 IT 6 4 Validate targets and cyberspace strike package at the JTCB IAW CJCSI 3370 01 • P7 OPS-SYNC IT 7 1 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 3 2 3 Conduct Interdiction UNCLASSIFIED FOR OFFICl l USE ONlY 60 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 6 and MCFs 6 10 Conduct Joint Force Staff Operations Cont • P6 Joint Targeting Cycle IT 6 1 TDWG Develop targets through the intermediate stage and vet them with the IC IT 6 2 JTWG Nominate and approve entities of interest for target development and conduct advanced target development of vetted targets IT 6 3 Build cyberspace strike package to present at JTCM JTCB IT 6 4 JTCB Approve the target and cyberspace strike package for tactical engagement and place on JIPTL • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 3 Providing updates support to efforts spanning all phases of the Cyberspace Tasking Cycle IT 7 4 Integrating legal services in support of planning and operations Ref OP 4 4 7 Provide for legal services UNCLASSIFIED FOR OFFICIAL UH ONbV 80 UNCLASSIFIED FOR OFFICIAb IJ§ ONbY • JFHQ-C MET 6 and MCFs 6 10 Conduct Joint Force Staff Operations • Pl Cyberspace Tasking Cycle Iterative Cyclic process that allows staff officers to plan execute and assess CO • p kb 3 10 u s c § 13oe 3 • P4 Planning Teams Properly organized teams following the Cyberspace Tasking Cycle will accomplish the staff actions needed to successfully employ CO • PS Operational Priorities and Intelligence Collection Priorities IT 5 1 PWG Analyze demand signal from CERFs and command guidance against current and operational planning priorities IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces IT 5 2 CMWG Deconflict Command sec requirements UNCLASSIFIED FOR OFFICIAb l J§ O lbY 79 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 6 and MCFs 6 9 Provide Security ACCM Management oversee STO SAP operations • p tb 3 10 u s c § 13oe 3 • P4 Planning Teams IT 4 1 Establish ACCM management program IT 4 2 Submit JTCRs to add STO SAP missions to the MCOP and ITO Ref TA 5 6 5 1 Coordinate Employment of Cyberspace Operations UNCLASSIFIED FOR OFFICIAL USE ONbY 78 UNCLASSIFIED FQR OFFICl tlil • use ONL¥ JFHQ-C MET 6 and MCFs 6 7 Coordinate Logistic Services • p kbH3 10 u s c § 13oe 3 • P4 Planning Teams IT 4 1 Coordinate with USCC as required for logistic support Ref TA 4 Perform Logistics and Combat Service Support TA 4 2 Provide Sustainment 6 8 Manage Personnel Accountability Strength Reporting • p kbH3 10 u s c § 13oe 3 UNCLASSIFIED FQR OFFICIAL use QPIL¥ 71 UNCLASSIFIED FOR OFFICI O l l ISE ONlV • JFHQ-C MET 6 and MCFs 6 4 Serve as the USCC Coordinating Authority to coordinate and deconflict deliberate mission scheduling for unattached co-located CMF Cont • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize Operations with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower 6 5 Serve as the USCC Coordinating Authority to coordinate and deconflict time sensitive operations for unattached co-located CMF Ops Sync • p b 3 10 u s c § 13oe 3 • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower 6 6 Prioritize Architecture and Capabilities Development and Requirements ISO Task 4 • IT 5 2 CMWG Review and prioritize capability requirements Deconflict Command Sec requirements UNCLASSIFIED FOR OFFICIAl YS E OWlV 76 UNCLASSIFIED FOR OHICI O b YS OPJbY • JFHQ-C MET 6 and MCFs 6 3 Serve as the USCC Coordinating Authority facilitating as required Service Component ADCON through local coordination of ad min logistics support requirements for all co-located attached and unattached CMF • p bJ 3J 10 u s c § 1Joe 3 • P4 Planning Teams IT 4 1 Coordinate with USCC as required for administrative logistic and operational support Ref TA 4 Perform Logistics and Combat Service Support TA 4 2 Provide Sustainment 6 4 Serve as the USCC Coordinating Authority to coordinate and deconflict deliberate mission scheduling for unattached co-located CMF • p b 3l 10 u s c § 13oe 3 • P4 Planning Teams IT 4 2 Submit JTCRs to add CO missions to the MCOP and ITO Ref TA 5 6 5 1 Coordinate Employment of Cyberspace Operations UNCLASSIFIED FOR OFFl l 0 b YS OPJbY 75 UNCLASSIFIED FOR OFFICI O b • u 5 Ql'lbV JFHQ-C MET 6 and MCFs 6 1 Plan Direct and Execute Exercises Cont • P6 Joint Targeting Cycle IT 6 1 TDWG Develop targets through the intermediate stage and vet them with the IC IT 6 2 JTWG Nominate and approve entities of interest for target development and conduct advanced target development of vetted targets IT 6 3 Build cyberspace strike package to present at JTCM JTCB IT 6 4 JTCB Approve the target and cyberspace strike package for tactical engagement and place on JIPTL 6 2 Provide Resource Management • Pl Cyberspace Tasking Cycle IT 1 3 Deconflict infrastructure Assets Ref TA 5 6 5 1 Coordinate Employment on CO IT 1 5 Establish SPINs and TIPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • p3ib 3 10 U S C § 130e • IT 5 2 CMWG Develop intelligence guidance and priorities for ISR forces UNCLASSIFIED FOR OFFICI O b u 5 ONLY 74 UNCLASSIFIED FDR Of f ICIAl YS O LY • JFHQ-C MET 6 and MCFs 6 1 Plan Direct and Execute Exercises Cont • Pl Cyberspace Tasking Cycle Plan execute and assess CO Ref OP 4 4 5 Train Joint Forces and Personnel OP 5 4 6 Conduct Operational Rehearsals • p 3 kbJ 3J 10 u s c § 13oe • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 3 Identify cyberspace activity as neutral friendly or adversarial Ref TA 6 5 Provide for Combat Identification IT 7 3 Disseminate l W and operational assessment information Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNCLASSIFIED FOR OFFICIAl YSE O llY 73 UNCLASSIFIED FOR OFFICIAL UH • mnv JFHQ-C MET 6 and MCFs • Coordinate JFHQ-C support functions for attached and for co-located CMF with USCC NSA service and functional components direct CMF training exercises and readiness requirements • Mission Critical Functions MCF 6 1 Plan Direct and Execute Exercises • P4 Planning Teams IT 4 1 Use intelligence reports to shape operational plans Ref TA 2 Share Intelligence IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPI Ns and TTPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • PS Operational Priorities and Intelligence Collection Priorities IT 5 lPWG Analyze demand signal from CERFs and command guidance against current and operational planning priorities IT 5 2 CMWG Develop intelligence collection guidance and priorities for JSR forces UNCLASSIFIED FOR OFFICIAL US E OPILY 72 UNCLASSIFIED HJR OFFICIAb Y§i ONLY • JFHQ-C MET 5 and MCFs Cont 5 12 Conduct Intelligence Staff Operations • Pl Cyberspace Tasking Cycle Iterative Cyclic process that allows intelligence staff officers to incorporate intelligence into plans and operations • PS Operational Priorities and Intelligence Collection Priorities IT 5 1 PWG Analyze demand signal from CERFs and command guidance against current and operational planning priorities IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces UNCLASSIFIED FOR OFFl IAb Y§i OP-lb¥ 71 UNCLASSIF IED FOR OFFICIAL USE OPILY • JFHQ-C MET 5 and MCFs Cont 5 11Produce operational Intelligence • Pl Cyberspace Tasking Cycle Plan execute and assess Cyberspace ISR Ref TA 1 2 5 Conduct Site Exploration • p 3 b 3J 10 u s c § 13oe • P4 Planning Teams IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPINs and TIPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces • P7 OPS-SYNC IT 7 3 Disseminate operational assessment information Ref TA 2 Share Intelligence UNCLASSIFIED FOR OFFICIAL USE ONbV 70 UNCLASSIFIED FOR OHICIAl YSE O llY • JFHQ-C MET 5 and MCFs Cont 5 10 Provide SIGINT on Specified Targets • Pl Cyberspace Tasking Cycle Plan execute and assess Cyberspace ISR Ref TA 1 2 5 Conduct Site Exploration • p 3 kb 3 10 U S C § 130e • P4 Planning Teams IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPINs and TTPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces UNCLASSIFIED FOR OFFICIAL YSE ONL¥ 69 UNCLASSIFIED FO R OFFICIAL USE OPILV • JFHQ-C MET 5 and MCFs Cont 5 9 Conduct Single Source Exploitation • Pl Cyberspace Tasking Cycle Plan and conduct Cyberspace ISR Ref OP 5 6 5 4 Conduct Computer Network Exploitation CNE Enabling Operations • p3 b 3 10 u s c § 13oe • P4 Planning Teams IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPINs and TTPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 3 Disseminate l W and operational assessments Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNC LASSIFIED FO R Ol FICIAl YSi O lbY 68 UNCLASSIFIED FOR OFFICl t' l YS E ONlY • JFHQ-C MET 5 and MCFs Cont 5 8 Conduct Cyberspace ISR Cont • Pl Cyberspace Tasking Cycle IT 1 5 Conduct Cyberspace ISR Ref OP 5 6 5 4 Conduct Computer Network Exploitation CNE Enabling Operations • P7 OPS-SYNC IT 7 1 IT 7 2 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 3 Identify cyberspace activity as neutral friendly or adversarial Ref TA 6 5 Provide for Combat Identification IT 7 3 Disseminate l W and operational assessments Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNCLASSIFIED FO R OFFICIAL YSE ONLY 67 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 5 and MCFs Cont 5 7 Develop Operational Targets Cont • P4 Planning Teams IT 4 1 Conduct target system analysis on adversarial networks Ref TA 2 3 Produce Imagery Target Graphics • P6 Joint Targeting Cycle IT 6 1 TDWG Develop targets through the intermediate stage and vet them with the IC IT 6 2 JTWG Nominate and approve entities of interest for target development and conduct advanced target development of vetted targets IT 6 4 JTCM Deconflict targets with the IC and Joint forces and coordinate cyberspace strike package IT 6 4 JTCB Approve the target for tactical engagement and place on JIPTL 5 8 Conduct Cyberspace ISR • p3 b 3 10 u s c § 1Joe • P4 Planning Teams IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPINs and TTPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations UNCLASSIFIED FOR OFFICI AL IJS i ONLY 66 UNCLASSIFIED FOR OFFICIAb YSE ONbV • JFHQ-C MET 5 and MCFs Cont 5 6 Provide Intelligence Support to Plans Operations and Fires • Pl Cyberspace Tasking Cycle Iterative Cyclic process that allows intelligence integration into the planning and execution of CO • P4 Planning Teams IT 4 1 Use intelligence reports to shape operational plans TA 2 Share Intelligence IT 4 1 Conduct target system analysis on adversarial networks Ref TA 2 3 Produce Imagery Target Graphics IT 4 2 Digest MISREPs and intelligence reports and produce effects and tactical assessments Ref OP 2 8 1 Provide Intelligence Support to Fires OP 2 8 4 Provide Intelligence Support to Combat Assessments • P7 OPS-SYNC IT 7 3 Disseminate l W and operational assessments Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNCLASSIFIED FOR OFFICIAb YSE ONbY 6S UNCLASSIFIED FOR OFFICIAl YS mil¥ • JFHQ-C MET 5 and MCFs Cont 5 4 Conduct Intelligence Preparation of the Battlefield IPB • Pl Cyberspace Tasking Cycle Plan and conduct Cyberspace ISR Ref TA 1 2 5 Conduct Site Exploration • P4 Planning Teams IT 4 1 Conduct target system analysis on adversary networks Ref TA 2 3 Produce Imagery Target Graphics 5 5 Gain Maintain Situational Understanding • Pl Cyberspace Tasking Cycle Plan execute and assess Cyberspace ISR Ref OP 5 6 5 4 Conduct Computer Network Exploitation CNE Enabling Operations • P3 rb 3 10 u s c § 130e fb 3 10 u s c § 130e I I • P4 Planning Teams IT 4 1 Use intelligence reports to shape operational plans Ref TA 2 Share Intelligence • P7 OPS-SYNC IT 7 1 Deconflict and synchronize CO with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 5 1 Conduct Force Link up IT 7 2 Synchronize CO with other lethal non-lethal operations Ref 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower IT 7 3 Identify cyberspace activity as neutral friendly or adversarial Ref TA 6 5 Provide for Combat Identification IT 7 3 Disseminate l W and operational assessments Ref TA 2 4 Disseminate Tactical Warning Information and Attack Assessments UNCLASSIFIED FOR OFFICIAL YS O LV 64 UNCLASSIFIED FOR ornCIAb PJSli 0 Pll¥ • JFHQ-C MET 5 and MCFs Cont 5 2 Direct Joint Intelligence Support Element JISE operations Cont • P7 OPS-SYNC IT 7 1 IT 7 2 Synchronize and de c onflict operations with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 6 5 1 Coordinate Employment of CNO 5 3 Perform Collection Management Planning Prioritization Requirements Management Tasking Cyber ISR Assets • Pl Cyberspace Tasking Cycle IT 1 3 Allocation Ref Op 3 1 2 Apportion Fires • p 3 kb 3 10 U S C § 130e • P4 Planning Teams IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPINs and TTPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces • P7 OPS-SYNC IT 7 1 IT 7 2 Synchronize and deconflict operations with the IC and adjacent units Ref TA 3 3 Coordinate Battlespace Maneuver and Integrate with Firepower TA 5 6 5 1 Coordinate Employment of CNO UNCLASSIFIED FOR QFFICIAb YSli 0Plb¥ 63 UNCLASSIFIED FOR OFFICIAL USE ONLY • JFHQ-C MET 5 and MCFs • MET 5 Conduct intelligence operations including managing CMF intelligence requirements and the collection production and dissemination of intelligence • Mission Critical Functions MCF 5 1 Process and exploit collected operational information • Pl Cyberspace Tasking Cycle Iterative Cyclic process where intelligence drives operations • P4 Planning Teams IT 4 1 Use intelligence reports to shape operational plans TA 2 Share Intelligence 5 2 Direct Joint Intelligence Support Element JISE operations • Pl Cyberspace Tasking Cycle IT 1 3 Allocation Ref Op 3 1 2 Apportion Fires • p 3 b 3 10 U S C § 130e • P4 Planning Teams IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification IT 4 2 Establish SPINs and TTPs to protect tradecraft and capabilities Ref TA 6 8 Conduct Defensive Countermeasure Operations • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces UNCLASSIFIED FOR OFFICIAL USE OPILY 62 UNCLASSIFIED FOR ornCIAb YS ONbY • JFHQ-C MET 4 and MCFs 4 8 Coordinate with cryptologic enterprise elements NSA • P4 Planning Teams IT 4 1 Conduct planning IAW the Joint Operation Planning Process JOPP outlined in JP 5-0 and coordinate with NSA as required to deconflict plans IT 4 1 Establish primacy on cyberspace assets devices Ref TA 6 5 Provide for Combat Identification • P6 Joint Targeting Cycle IT 6 1 Develop targets and Vet them with the lnteragency IAW CJCSI 3370 01 IT 6 4 Validate targets and cyberspace strike package at the JTCB IAW CJCSI 3370 01 UNCLASSIFIED FOR OHICIAb Y§E OPlbV 61 UNCLASSIFIED FO R OFFl IAl • LIS E OPJLV JFHQ-C MET 6 and MCFs 6 11 Conduct command designated coordi ation operations • Pl Cyberspace Tasking Cycle Outlines B2C2WGs necessary to ensure proper coord ination and integration with IC and adjacent higher units • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces and Deconflict Command Sec requirements • P6 Joint Targeting Cycle IT 6 1 TDWG Develop targets through the intermediate stage and vet them with the IC IT 6 2 JTWG Nominate and approve entities of interest for target development and conduct advanced target development of vetted targets IT 6 3 Build cyberspace strike package to present at JTCM JTCB IT 6 4 JTCB Approve the target and cyberspace strike package for tactical engagement and place on JIPTL UNCLASSIFIED FOR OFFICIAL US QPJLY 81 UNCLASSIFIED FOR OFFICIAL USE OPlbY • JFHQ-C MET 6 and MCFs 6 12 Coordinate and direct weapon capability development • P4 Planning Teams IT 4 1 Conduct target system analysis on adversarial networks Ref TA 2 3 Produce Imagery Target Graphics IT 4 1 IT 4 2 Identify capability requirements and submit them for prioritization and development IT 4 2 Conduct advanced target development Weaponeering • IT 5 2 CMWG Develop intelligence collection guidance and priorities for ISR forces and Deconflict Command SCC requirements UNCLASSIFIED FOR OFFICIAL l ISE OtllV 82 UNCLASSIFIED FOR OFFICIAL USE OPJLY Way Ahead • Staff IOC FOC Certification Framework with Service Cyber Components • Conduct Troops to Task analysis • Either modify existing tactical actions contained in the UJTL to reflect CO or submit new TA for inclusion in the UJTL • Develop individual Joint Qualification Requirements • Feasibility of Support considerations _ - rb 3 10 u s c § 130e I Work stations Training support Minimum systems security requirements UNCLASSIFIED FOR OFFICIAL USE OPJLY 83 UNCLASSIFIED 84 UNCLASSIFIED FOR OFFICIAL USE OPILY • Terms of Reference • Blowback - Assesses the potential risk of retribution from the target s if the operation is detected and attributed to USCYBERCOM assesses the vulnerability of the GIG to potential cyber retribution • Boards Bureaus Centers Cells and Working Groups B2C2WG - Staff functions for planning coordinating and prioritizing operations • Capability Target Pairing CTP - CTP is a report required for the ELA waiver and ensures proper Operational Testing and Evaluation OT E • Cyberspace ISR - Cyberspace SR includes SR activities in cyberspace conducted to gather intelligence from target and adversary systems that may be required to support future operations including OCO or DCO JP 3-12 • Cyberspace Effects Request Form CERF - The CERF is a format used to request operational support in the cyberspace domain t 1 3 10 u s c § I • Collateral Effects Estimate CEE - Estimates the collateral effects of each target capability pairing first order effects on unintended targets involved with the operation are evaluated using the CEE logic UNCLASSIFIED FOR OFFICIAL us O LY 85 UNCLASSIFIED fFOR OFFICIAb • u O llY Terms of Reference Cont • Cyberspace Operations Directive CyOD -The CyOD focuses command activities on operational priorities across all three Lines of Operation LOO including DGO DCO and OCO and the Cyber Collection Guide CCG for the Operations Directorate • Cyberspace Operational Preparation of the Environment OPE - OPE consists of the non-intelligence enabling activities conducted to plan and prepare for potential follow-on military operations • Cyberspace Strike Package - The cyberspace strike package is the primary product presented to the chairman of the JTCB for the purpose of informing the Commander's decision regarding the execution of an operation • Defensive Cyberspace Operations - Response Actions DCO-RA - Del iberate authorized defensive measures or activities taken outside of the defended network to protect and defend DoD cyberspace capabilities or other designated systems • Evaluated Level of Assurance ELA - Established technical assurance levels that define criteria for OCO Technical Assurance Standards TAS evaluations DoDI 3600 02 UNCLASSIFIED FOR OFFICIAb u i ONbY 86 UNCLASSIFIED r GR OH' fCIAb us O lbY • Terms of Reference Cont • Integrated Tasking Order ITO - Articulates the taskings for Joint CO for a 24 hour period • Intelligence Gain Loss IGL - lndentifies the intelligence gain and loss associated with target s and planned effects Probability of Detection PoD and Probability of Attribution PoA are evaluated with regards to the operation and capability Perceived PoA PoD is also evaluated • Joint Collection Management Board JCMB - FO GO decision board to review command priorities and discuss intelligence collection access and capability requirements provide collection guidance priorities and direction for the employment of cyber forces communicate prioritized requirements and synchronize collection actions supporting command planning and operations The JCMB also identifies and prioritizes intelligence capacity and capability shortfalls • Joint Tactical Cyber Request JTCR - Specifies the timing and tempo of activities conducted in and through cyberspace to achieve the supported commander's objective s UNCLASSIFIED r GR OFFICIAl YS ONlY 87 UNCLASSIFIED F9R 9FFl IAL l ISE 9NLV • Terms of Reference Cont • Master Cyber Operations Plan MCOP - The time-phased cyberspace operations scheme of maneuver for a minimum 72 hour period that synthesizes commander's guidance desired effects supported component's schemes of maneuver available resources and friendly and enemy capabilities • No Foreign Policy Objection NFPO -Assesses the absence of any objections from the Department of State with relation to foreign policy • Political Military Assessment PMA -Assess the potential political and military response to perceived or actual attribution of the operation as characterized in the order and TAB C to Appendix 16 to Annex C to an Order Concept of Fires • Record of Fires -A comprehensive database of all executed cyberspace operations documentation e g ITOs MISREPs MISUMs • Risk Assessment Report RAR -Assesses the risk associated with the design and operation of a particular capability • Sub-elements - Those formally recognized parts of a larger organization e g combat plans is a sub-element of an Air Operations Center UNCLASSIFIED FOR QFm IAb IJSE mlbV 88 Back Up Slides UNCLASSIFIED 89 TQP §t CRt T 1 Rt L TQ USA 11 • Example JQR J _JK n1•a STANDARD IJQSI OFFENSIVE CYBER OPER OfflONS OCO MISSION LEAD_ t H IIHCJ I IUN - V 0 iiE 2 T SKSIKNOY'I LEOGE 1 I N ICAI R ET CRrNCl OUJtC llVE 1ii s 05 e 0 '11 _ u - J f ti - b S e izi - j l g -u• • JO 0 - t · oc·o li 1 1on Le-ad JQS Fonn it U The O C O ML il - S JQS cons1 t of tasks USU1g tbl' abo ·1 ' fonn'lt dull will b MSCSSC i dunng t JI nnd OJT iwnod pnor lo · 1fil-Jho11 of c u1uid - re n1 profiet 1c · colk' will igii 11 ' 111 J 'J ofprolk1 111 y U1 11 w11l Ul c' l' Uf for '°Jch t k Profic uc i · cod will ilw id 'lit ify wb th n- i la' k uhl'f Kllowlt' lJ ' wit I or P erfon11 111c o ba' C'U T luucal R of couc co u1J Ot 1 l v - will co u c a u c - u · to 1 1u11J co th co c u1J1dat u d coln11um11µ 1 ou 1 _ n -C- S lry net d hv - · n- tho t of tr mung nf'Kft 'd to m t r t is k F ulure- to nl t I C-nr - t s l 1d nllf11'd 111 lh JQS will con tdt1t 11nnll l1-'ff' cf'mfic ho n t tnrf' nd r ' tlt m 11- d1 1hnn nrl rf' Ct'fT1fic t1nn w ·1 1 U JQS Catcgoril'S TI1r forlo ne nrr thr o c o MI IMS orenm7 J tionnl C nt e ries for tl11 JQS nnd nr ciC finrd III the- JJS CONOP and Ma cr Trnuw1g PL'lll C- TE CORY DESRJPTJO -USCYBERCO vt Jome Op 1h c 111 r A CwT cout QfT c 11 _ CyVC't o rauou B l'lr111v V x n v T 'hc C l Tnrectmt t A e mM1t 4 2 Utlt'et 6 Knowlrrlet' Tns 1 · An• to be- fnl fillro hy rr c-nl C hine the- t l i nnd Tt'c-omme n o rr m th e- OJT P -1 0nnl trnitWll_t record 0 - Jgtl lt d Qunlifit'd nle Cnptnins and or M ton LA-nd' D well n'i Stoff SME crui Ulllkl l off OU tli ' l i' iu 0 11 Ihle JQS itluu lht 11 IIUS IOU U CO t C mJlll l le ti c'l COllf Jg to thoroughly udy 1 1 lu u-aiuiug m wu ib a ud 1· ol otlfC co uvuil 1bl Al t1i 'UJ of i g11 cou 1r iuw1g ptonoJ c u1uidatel ill J1 u1J i J1 comp cot d JQS m IX l'ar tUou for fiu 11 U'l ' '1 ll1 llh u u J CC''1JUc aho 11 4 i U fFet e rmonn 1K'r Tnr 1 · A rr to be- fulfilkd by c- o mpktme thC nc-lton k r l 011 111 JQ wlu lcu ndc-r m 1111 '11011 Ul Orr ind ''flC l i c 'd by prim uy rr 1intt on hift Nommrc- ' II r ' ord r nJt n nct hon m OJT ix--rwnnl crninwg record When JQS l3Sks nrc 'Oluplett'd successfully lht' prim iry Qu ilificcl Ban le Captnms nnd or M1s s1on Lends n veil as Stnf Mtss1on rt'n Subjccr Mllttcr E -cpcns SME w1U review tht' OJT pcrson il lr Ulll11 rccOTd nnd ininnl off on JQS l •I U Feee Ou th co Job TrJUWIJ OIT TI1t OJT Vla u i' J co- 11 11 ' l aro1u1 l lht JOC dat llolt a 1 - t · 1 S lelfh I co' • U•C'U Iv tr JW w ith c co1hfu J w hv1Ju 1l 011 J O hou t' l Ul J b • tnnct A lon« ' hlrt Vccl t-nd Day Fn -Sw1 on own indl du lJ ba LS Work position 10 nru1ouitc iuy ' f nor idrlr s Ni m th ' r _ o ns 1 Ul S lntts c i lJ otlow-on 5hl lt5 Work ilh ccrt16cd 111di idu l ns lead for assigned position to address any g ips no t c o · -rNi m lllf' onp_in 11 1 U I Sheth TOP SECRET li' H TO 'JS O V ¥ 90 TOP SECR T REL TO YSA FVEY • Example JQR Cont TOP SECRETIIREL TO YSA FVEY JOB QUAUF1CATION $TAHDARD CJQ OFFEU SIVE CVBER OPERATIO N S COCO MI SS ION LEA D i T K K i UOWI EOG IC i - oe Jl C T IVI j s i 3 TI a lt H ICll l t t t ktNC t - V I v c ertTl CATIOfl h ' B u iJ '- - -a ' - t z ·5 ti - ' 8 - 1 t ' U C C JO '-rn u llv 11 1 F uu ll ocul A rc- -- All JOC OCO MLJ I IS c ndid t n·ill chak wit h the- H I U iv i on SE to yr fy th u II ' 'Cllnty CCC net Ph w- I t r inine com 'l 't 'd IA ' J 3S lndi d11 I °' ' 'lopmcnr l' bn rn o r ro mne J Q S c ndid rc- ' r ' e pecte-d 10 - tlid ue th 'lt 111 nu ml 'ltory annt1 II wd USSS tniniu requiren m 3 e completed ind upd ited to tr 1i11in record Fo r J ud 1101 -· 'S A T r iiuin c ' l' ' Hui bl'l o w co ufiran co m11ll'li on d i t c irc u111l itcd 10 cr iiuinc nco rch n n tl J Q S h ltff11 ' ''' nrlrt n nctrt nr wrh'T'roe rnm 1A rnctrsn ir -Sc-n c-rvN SA -C SS - M nnctn t nryTt n n 111 pf 111 1 I I t J1ry cfn o f un ct lo n nl Acee - - 1t 111ircmc nt t lt'I 1 0bWncd XSA '- El' A a 11W 0 1JoloXl ' C SIPP P J 1'ol ci1 Bed T •r Rcuzirncn r · l'-' t NE I IC l'XI l' -rtlfi • l t ' P ci r r PK w b 3 10 U § fJ_ 130e - ccc to mfon atwn ' _ 'l I V U V S t 1 p nn ttl CJ Ot'l' -iml l1 tu · l'vv'g' It' l fp lu J S rup IU u d U V 1 - A t CO« H - s°L''P T Acco- m1 Xll'RXJ T Arc ' c r -D TEL 51'K Cl 'OWOI 11 r vo1L OV' ' t lOOJ l1 uc 10 T - cu- foooE 1- J- l t u - 1 V U I U 'JCT C rrn Ont C ' 'o' i lt adh oc• 0 '7 ' 1 lt t h Mr A l J U J w b ont w- bnd l ' C 1 100 lP V on ov v1 c « 1 t c '-Y L n -- 1 B R• 9a1r lP i C1 Clut CCOUnl C f' • u 11• ' I1•tl U I ' U • Go CCIC AAC'1 f 7' d - R 1 ' O · -h Ir J ut ••n A '- '1 - - Du1 y S lulh C uu h Ja te will comple te t1 1 u uuu 0 11 1h1 JQR J Q S w 11h theu n i m d T 1aiuer li1$1 1 1Cto r iu the foll owiul W UIH et n Complete- prc cribcd UI duty s hift M sieiuu 'Slt'i O the p rim IC · ML nnd or Mi ion Spcc nli t M$ w ith n qu li fic-d -f i io n A rcn $'1bjrcr f fnttc r Exi crt $ME Yon r • 'iencd tr inc-r i 6 U m Jc-a l u 111u u u 11 U l X h 3ner· Ntu c t Dote U tc cd ·r on n o JOB QUALI FICATION REQUIREMENT TOP SECRET ' REL TG YSA FVEY 91 TOP SECRETnIf RH TQ lJSn fY Example JQR Cont ID Ill ' B E O I- CERTIFICATION r TASKS KNOWLEDGE JOS O TECHNICAL REFERENCE Q OBJECTl' JE 'C O en Ii ¥ ' 5 1 1 u OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD C JOB QUALIFICATION STANDARD JQS - 0 g ' cu s - 8 C 0 0 ·g - 0 2C - · E C - OI l'I S c 2 ' O t C ' Cl 8 o- e o USC 'BERCOUJoini ptn os Ct11ftr 1 0-1 l mtb DOttd uctptioa Iiu rif · rcto i '- 3 lll doc -JmW prc-tt pr1 to mi le - 7 JOC OCO OPL 5 I 1 0 cperuon lSO OIDR USCC I JQS O OPI I IOPl 5 I TR JJS JOC x OCO CO O l TR fb 3 10 u s c § 130e OBJ QTTBD -1 I ---- n -1 Enforce iLform tioo m D lgnneat id seturiry coarrol JQ 1 1 TR J3S J0C J oco CONOP - rraJb 3 10 u s c § 130e OBJ QTIBD I 4 jorr jorr cubz h dtqmtt 3 -C con rol 10 0C0 inform cion b OQ rnnci le of lt t I I JQS Ll O TR ns 10c x oco co o i mJb l 3J 10 u s c § 1Joe I orr OBJ Q_TTBD 0Pl2 S En lmtt e ft tr of IT puif'm for OC CERF R D J T on JQS 1 1 OPl 5 I 2 19 0 I m-ilt t a id nttd·t -1 nm· 11 W Colll ll llld cb noo Uide TR HS JO oco ONO M1R fb 3 1 0 e§ 130e OBJ QTTBD U 1t JOCCommut · ofOpenn COO Pltt I I Iorr cc JQS l L ---s4c - - - -- - - TR JJS JOC S oco CO O ITR fb J 3 10 U S C § 130e 1orr OBJ QTTBD 92 F''EV TO p SECR T C Ti RCL TO USn v A • Example JQR Cont t0 Q J- P lii ' OPl 15 OP3 l OP3 l 2 2 3 0 5 0 0 5 1 0 5 l l OPl 2 5 213 l ' - JOB Q UALIFICATION STANDARD JQS OFFENSIVE CVBER OPERATI O NS OCO MISSIO N LEAD - B- I CER TI FIC TION l K jn NO'NL EOGE JO · s ·-l V 0 T EC HNIC AL R EFER E N C E · ONECTI VE · s 8 Carrtat Offtiuin Crbtr Optr atioa s 0- 6 3 mtb 11ort d t xrtptioa Gener itt routt and uuiobin SA on 3 1 OCO ordfl eomin mto or mt from USCYBERCO l FRAGOS OPORDS EXORDS JQS 2 0 TR J 3 S JOC OCO CONOP MTR fbl 3 10 U s c § 130e OBJ QT TBD b h r-teoaunend lnoc to tbt C -btr Bittle tpttin on OPR foe CERF m tn it tlnn lSO J5 · tb Ul ISO H5 JQS 2 1 TR BS JOC OCO CO OP ITR fbJ 3 10 U S C § 130e OBJ QTTBD Gentr itt 2nd App o -e Dilly SPINS tlut 2eeompmy ITO JQS 2 TR HS Joe OCOCO OP s MTR fb 3 10 u s c § 130e l'I - t - -- _ ' - I 6 · · I'll - 9 i7 ft 5 £ 'ii i V 3c lorr b lorr OPl 2 5 2 4 0 3 1orr OBJ OT TBD OPI 1 0 bint- 1in iru uioD l 'll rtDtS and l 111 1t IT pb 1Corms for tbt J OC ocot 3A1 CERF R1D J T Port 11 130e JQS 3 TR J3S JOC S OCO CONOP s fTRf b 3 10 U S C § 130e OBJ QTTBD umrain Slt l 'lrioll l AWJJ'tll md M uu e liSCYBERCO iMAND JOC Porul JOS ' U O TR BS JOC S OCO CO OP S b l 3 10 U S C § 130e b lorr OPI 25 2 1 0 OPl 2 5 l O OPl ' 5 l O m f 2 1 0 lorr OBJ OTTBD -b 1 tain Suu 1ooll l A'l t 3 lld Jn3 b 3 10 U S C § 130e I JQS 2 3 l TR B S JOC S OCO CO OP S MIR fb 3 10 U S C § 130e OBJ QTTBD M untam S1tu 1t1onll Aw 3 lld M th C -btr Efftet Rtqu t Form CERF Po ul d lorr JQ5 2 3 OPl 5 3c lorr TR J 3 S JOC S OCO CO OP S ITRfb 3 10 U S C § 130e OBJ QT TBO l uctaui S1t11 1tio1Ul A'I · for tht Opentional Dlt1 An ily 1 Tool ODAl JQS 2 3 3 TR BS JOC S OCO CO OP S ITR fb 3 10 U s c § 130e OBJ OTlBD ' b lorr TOP SECRET REL TO USA PlEY 93 TOP SECRET REL TO YSA PJ Y • Example JQR Cont TOP SECRET REL TO USA FVfY JOB QUALIACATION STANDARD JQS OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD - ' CERTIFICATION - ' JCS c m t- OBJECTIVE u I- '0 u OP12 S 2 1 0 r t- £ O'PI 'l E ' TASKSIKNO'NLEOGE ' - i TECHNICAL REFERENCE u ITKI a a 5 · t -a 5 w 11 1 - C - i' ' C ' n 5 c i n13 c C e -c oo - u VI 4' lorr OBJ OTTI3D f nnnm S nutiocul A ' -r fM ti Cyb -Common Op ntin P n C rCOP 11 0 0 1 Su uticail A ' a10 fo - the 624• OC R 20 Pocul JQS 2 3 4 'IK J33 JOC OCO C0' -00 S b 3 10 U S C § 130e unn 1n C th Porul JQS 3 S 1X JJ 1oc· OPl S oco co -op r m fbH3 1o u s c § 130e IOJT OBT· OTTBD Ulm umih 12on n Uh n r DCO DGO S NTOC IT patfon cd prO iuct dw upp n cw1tu1 o iuou JQS • 6 TR J3S JOC OCO CO'NOP MlR fb 3 10 U S C § 130e OBJ· QTTBD 1 0 n lorr 01'1 OPl E tt11tt aDd uJe rc·• dttAilrd 10 c --o opcntiC D ' l r luir•IOtDI' u io operadoDJI ll T i JQ i 1 0 1 0 0 OPI 1 0 1 P1-'D Dd ordrr Dd JR 13S JOC OCOCONOP l CTRfb 3 10 U S C § 130e O BJ O'I'TI3D ct JlS Cl iefi b ha m w c AlipicJ nth the Cowm mda · intent 0 JQ J 58 - 4·JOC CO OP L fIiqb • 3 10 US · C § 130e n 01'1 cJ 1 12 TOP SECRET RH TO YSA FVEY oco OBJ· QTTBD Eafe rcc 1a d r i cat c tl ar uuc ratrd l'l J in O r der JQ$ U TR HS JOC OCOCONOP MTK fb 3 10 U S C § 130e OBJ OTTBD r uo ITO to ubonL u ta mu e u a for CXOC'UbOD JQS 2 4 l O lK mi JOC OCOCO NOP S M1Kfb 3 10 u s c § 130e OBJ OTTBD Jc lorr Jc lorr k loJT Jc lorr 94 TOP SEER CT'rrEL ' R TO USA r v cv • Example JQR Cont TOP SECRET Rf l TO USA f'VEY EEl ' 11 I- ii u iE ' ' O l 25 2 5 0 0 3 1 5 0 1 JOB QUALIFICATION ANOARD JQ l OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD CERT IFICATION r Ill I- TASKSl'KNOWLEDGE JOS u 1 17 l M uugt and aintai QA of Inttpatd Ta in Oi tt ITO JQS 2 4 l l 1R J3S JOC OCO CO OP MIRJb 3 10 U s c § 130e 1 7 1 O U 5 S l JQS H l 2 1R J3S JOC S OCO CONOP MTR fbl 3 10 U s c § 130e OBJ QT TBD k e ITO rrio m or to ind c3rio md '2J1ll Q JQS 2 4 1 3 TR J3S JOC OCO CO OP MTR fbl 3 10 u s c § 130e OBJ QT TBD Coorcuute ITO 3cttcn 3 adii g to indic 1 ion lni w211lUg JQS 2 4 l 4 1R HS JOC OCO CO -lOP MTitfb 3 10 U S C § 130e OBJ OTTBD O t 5 17 0 OPl 9 j · ' 2 w 8 u i - 0 a a l'J C · c ' ' §B I- Ml ' J -n 1 5 C II 4' g 8 eo C lorr 4 lorr 4 jorr 4 lorr Eltente ITO Jction 3ccordi 1 to milcatio md C J Direct exK'Utior 3 z111ent ml reporting of ITO 3ctun O l 25 'C 0 OBJ QTTBD O l 5 S1 TECHNICAL REFERENCE OBJECTIVE JQS 2 4 1 5 1R J3S JOC OCO CONOP S MTR b 3 10 U S C § 130e OBJ QT TBD ht ch• JO ' C'B ' in dt •lopin r t common optr t tiou '1 picrun COP JQS 2 5 1R J3S JOC S OCO CONOP t MIR fbl 3 10 U S C § 130e OBJ QT TBD Repo t to luder hip ifCOl Dl lmdu Critical lnf tion Rtquuem nt h u been mtt md ubnut CCIR when nec i ·JQS 2 5 0 TR 13S JO S OCO CO OP S MIJ4bl 3 10 u s c § 130e OBJ QTTB 4 lorr h jorr O l 5 19 0 lorr TOP SECRET REL TO USA F'lEY 95 TOP SECf1ET REL TO y n F Y • Example JQR Cont B ' 'B t- 8E C 0 - I- OPL J OPl 5 OPl 5 a 2 11 JOB QUALIFICATION STANDARD JQS OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD CERTIFICATlON r ' TASKS KNOWLEDGE JOS iECHNICAL REFERENCE IQ I- OBJECTIVE 0 0 ubmn or re pond to ffiltl t for de-confhctton ofC O open non JQS 2 5 l TR J3 8 JOC Sc oco CO OP S ITRfbH3 10 u s c § 1JOe OBJ OT1BD Initiate Brief md R ei ort oo xh-er a1ul and fnendly itwtion w JQS 2 5 2 TR 138 JDC OCOCO OP ITRfbHJ 10 U S C § 130e 12 0 1 2 21 OBJ OT1BD E1r 1blhh ud UW11tain po irin coorrol of Crbu Foret JQ - TR 138 JOC OCOCO OP MIR fb 3 10 U S C § 130e TR BS JDC OCO CO OP MTRfbH3 10 U S C § 130e OBJ OT1BD OPl 11 TOP SECRET RH TO US C FV Y - C - 0 C IQ C I - I- O ' - 'cu i u 8 iE · oo- eu 0 JA lorr c lorr c lorr 3c 1orr b lorr Coorduutt mth USCC Directome DoD Compoi imc Intelh mce A enci uw Eofon tmtnt LE l S Cio 'fflllllCt md pmner o r · JQS 5 5 l TR BS JDC OCO CONOP Ml14b 3 10 U S C § 130e OBJ OT1BD 0 e8 ' J J· 3c 01 SJ QT TBO Mauiuin rwtioc hip n'idi USCC Dinetorate Do0 Compcci Inttlli enc e A aici L-w Eiuorcomc LE US scmmcnt l Dd putDa o tio un-oh- ci m c pl ar uun or other related on i JQS 2 S S O ·a ' l 0 jorr OBJ QTIBD H t OIY Synchroaiurioo l meetmg de ipitd fe r ill p uu to yochrOQl U 13 0 C j b OBJ QTTBD Send Wffkl · SITREP frc rm tiSCYCERCO ·l to the JlATF that up t Q 'tt l Offc i Cyl a Opcnllou OPl 5 t ope non JQS 2 5A 'IR ns JOC S oco CO OP S MTR fb 3 10 u s c § 130e OPl CJ 11 JQS 2 5 3 TR BS JDC DCO CO OP MTRJb 3 10 U S C § 130e OPl 5 ¢ - b 1orr 96 TOP SE CRET R L TO USA FVEY • Example JQR JOB QUALIFICATION STANDARD JQS OFFENSIVE CYBER OPERATIONS OCO MISSION L EAD II co I- ij ·'E 8E C · ii I u I- OPl 1 2 0 II co t- JOS 0 l lA Idei ttfy uid illu tr 11e the TACO md OPCON USCC C -ber Force Structutt 200 rehtion hi JQS 2 5 S 2 TR BS Joe oeo CO' '-lOP Mi tjb 3 10 U s c § 130e l 1 5 O Pl O Pl 1 1 l l l O OPl l l l l U JQS U TR HS Joe oeo CO' '-lOP MTR JbJ 3 10 U S C § 130e OBJ QT IDD C 0 iS II t7il ·-CO C EB u c ·- 0 tll '- t 41 CO C ·- - · ' C t- O II · m ·u - 'C E ·2 80 - 41 41 g '8 QO a jorr fatl bli b Al ERTCO Suru ith liSCC c oDtrolled firing unit 12 0 n OBJ QT TBU OPl 'O 0 OPl Cl ro TECHNICAL REF ERENCE OBJECTIVE e l 11 OPl -- TASKS KNOWLE DGE I CERTIFICATION 3r lorr Rec ommend Ch ln of ALERTCO Stiru for USCC controlled fi rin unu JQ«i 2 5 S t TR 13$ JOC oeo CO OP ITR fb 3 10 U S C § 130e OBJ·QTTBD billbi n r rtiO Ul control durin of firu unit during Title 50 and Title 10 openrion JQS 2 5 5 5 TR 13S Joe oeo CO OP MJR fb 3 10 U S C § 130e OBJ OTTBD E t 'lblhb ind amint iiu opt r itioa tl r 1D1Duuiurious JQS 2 5 6 TR HS Joe oc o CO OP ITK fb 3 10 u s c § 130e OBJ QTTBD E tJ bll h 100 m 1iul 1w opt1 ltioc ll cow muwc iti i th Su lot duute OP Ct11tes JQS 2 5 6 0 TR J3S JOC OCO CO Ol' ITRfb 3 10 U S C § 130e OBJ QTTBD E t a'bli h md i c op ntiozul commur ic ti ith Finn Umt Scn lco Cempocc t and COCOM CS E JOS 2 5 6 1 TR HS Joe oeo CO OP MTRlb 3 10 U S C § 130e OBJ QT TBD 3r lorr - 1orr b IOJT 1 1orr J jorr TOP SECRET RE L TO US A PJ EY 97 TOP SECRET REI TO bl§A F 'tY • Example JQR Cont EIB Ill Ill co I- i E JOB QUALIFICATION STANDARD JQS Ill co C I- II Ill u I- OPl 1 1 2 ' OPl L O T ASKSri NOWLEDGE Q JOS ni C 0 S J - - ea iii TECHNICAL REFERENCE OBJECTIVE O Cl 0 u 0 OPl f CERTIFICATION u I OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD Initiate communicati with unit TACO to USCi BERCO l JQS 2 5 6 2 TR J3S JOC OCO CO'NOP MTR fb 3J 10 U s c § 130e OBJ OT TBD Initiate commw icati u'bordin 1te comm md OPCON to lJSCi BERCOM JQS 5 6 3 1'R BS JOC S OCO CO -ZOP S Mllt fb 3 10 U S C § 130e OBJ QT TBD Plans WupollS T actics 3 0 J 90 mth nortd uctption s Encutt uid maintain dtlibn u dynamic and or cri1h plu1 TSPITST JQS 3 0 TR BS JOC OCO CO'NOP MTR fb 3 10 U s c § 130e OBJ OT TBD 11onitor Uldicati 3nd wamin VR T Intel ttiggar to upport ITO actio JQS 3 1 TR BS JOC OCO CO'NOP MTR Jb 3 10 u s c § 130e OBJ QT TBD Throupi tht CSE m J ke CUITUlt cu-y· e tecutioa are in hne with COC011 CDR' objectn·e JQS 3 TR BS JOC OCO CO'NOP MTR fbl 3 10 U S C § 130e OBJ QTTBD Ill ·i c ·- -' ' CO C - - ' cu - en 111 5 'm 1 l u i- - o- a eo - c ec -c · C Q Ill Q 8 Jc 1orr b lorr b lorr OP S 3 U OP12 5 3 5 l O i l - ' Cl Jc lorr Jc 1orr 'M nt2in S1n12rinn l lu- n nv n f MtTTOnl n h 1h nuehn111 th11 e lnho 2nd h rn ruraui In c uppon effectini deli ·ery of Cy r Effect Requ t roe CERF JQS 3 3 TR BS JOC S OCO CO OP Mntfb 3 10 u s c § 130e OBJ QT TBD Implement md enlUJte i co e of icti 011 to addl'e a declared ipiificant cyber event JQS 3A TR BS JOC OCO CONOP MIR fb 3 10 u s c § 130e OBJ QT TBD c 1orr OPl 5 O 1orr TOP SECRET REL TO USA F 'fY 98 TOP SEC RET REl TO USP FVl Y • Example JQR Cont JOB QUALIFICATION STANDARD JOS I II I ' Iv OPl 2 5 I l c F1c i11 N j · 1 0 ECTl11 E · vv I I N CE• OPl 25 OP3 l 6 I OFFENSIVE CYDER OPERATIONS OCO MISSION LEAD 'C c V ---- ' ' ' -- '-- ------ - l -h-- ---- - - Initiate Recall p - o 111 te pon to TSP 'TST Cri Action 1 JQS 3 5 TR HS JOC OCO CO' ' OP 1ntjb 3 10 U S C § 130e joJT OBJ OTTBD 2 2 0 faecute Pre-ApprO -ed Action PAA' at moment' notice 2 6 0 JQS 3 6 6 1 1 TR J3S JOC OCO CO OP MTR fb 3 10 U S C § 130e OJT OBJ OTTBD I 2 2 l Build out c ommunic 1tion pl in a TSP1TST c ri is action ituatio J ri e JQS 3 7 TR J3S JOC OCO CO OP fIR b 3 10 U S C § 130e OJT OBJ QTTBD I -t3 0 tr ee ind ssi t io oper uioo 11 utiliurioo ind emplo -mtot of u-upons ind up ibilirits JQS 3 S TR J3S JOC OCO CO OP s ITRfbl 3 10 U S C § 130e OJI OBJ QTTBD I 2 16 fainuin rimelv SA of imminent or ho rile ach-er u-i al i ntenti or ac ri -itie- -to ind ude ad er ui J l intention to cooduct computer nemuk attlck CNA -which Dl 3Y implct the coD1%JUad· OCO mi ion re ourc or cip ibilirie JQS 3 S O TR J3S JOC OCO CO O 1-ITR b 3 1O U S C § 130e OJT OBJ OTTBD I J 4 0 fainuin Situ atioD 11 An' lffnt ofc ap ibiline n 3i hblt for title l O ictioo 3Dd wbJt effect the e c ip tbilitie can be p un-d to do I JQS 3 S l TR BS JOC OCO CO OP Mlltfb 3 10 U S C § 130e OJT OBJ OTTBD I s _O 0 o 2 1 I- e S c 'e E ·e e - - e£ ·o I- C U a 'eo c I 1 I OP3 3b I OPU 5 f OP3 31 I 3c I TO P SECRET REL TO US VEY 99 TOP s ccnET RH TO YS O P Y • Example JQR Cont EB 2 8E ' C · u I- OP3 4 J O OP3 JOB QUALIFICATION STANDARD JQS OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD CERTIFICATION r- 'TASKSJKNOWLEOCE '° K JO TECHNICAL REFERENCE OBJECTIVE lii 'O 0 4 1 0 O g-c3 iii u lR- BS JOC v OCO CONOP t l -fTR b 3 10 U S C § 130e OBJ OTTBD k i r J3S llld ' ting br mcht m aq-er to etrecc pail 6 ·i- ' ' C ·- CO C - C ·- I- - Q l iii a -o c g 4 7J 8 o o- e Q l au t w 1tu uocu l ' · r e TIP awl up 1 w ty- to dI' c b v · JOS S JQS 3 S 3 -ovo- -r a u 0 i $l jorr b jorr TR J 3 S JOC S OCO CO OP S ITR b 3 10 U S C § 130e ODJ QTTDD Rene- r y me nt res oct OPSEC iiid confiiuntioc mm 1 l 'lllCI11 cooc of OCO i n d e2p i b ilui O cr c c p i bility cic ---clopm cnt to a i - o 'Ibo c 1 btlity wret i S CYDERCOM 1 quuotwmt JOS j S 4 TR· BS JOC S OCO CO O'P t MT R b 3 10 U S C § 130e OBJ OTTDD l'rtp ire for iud particip 3tt in t xerci t ud mk ion u- ir am s JQS l 9 TR J 3 S JOC S OCO CO OP S ITR b 3 10 U S C § 130e O BJ QTTBD Purie1J 1te in TIX nd - tr 0 011n tffon- JQS 3 9 0 TR HS JOC S OCO CO O - ·ITK b 3 10 U S C § 130e 3 1orr OPJ - 5 a jorr OPI 5 ' 6 lorr OBJ OTlBD OI'l S 1 7 P uuO 'tc iz com ad c a·ci c u d prcn-i cfc ic ob ck utc r xti- report JQS J 9 1 OP12 5 1 1S s 1 joJT TR HS JOC OCO CO OP 1TJL b 3 10 u s c § 130e OBJ QTTBD P1c vule in_pur ·ei'1 ll a wimeu 10 l G OQ Iwne l docl lUlWl tlu1 cou i - e uk or t DlC on - orwu ic 1ne JQS l 90 TR J 8 JOC OBJ QTIBD TOP SECRET RH TO US A f VeY oco CO OP Mnt fb 3 10 u s c § 130e 1orr 100 TOP SECRET REL TO Y S O P ' EV • Example JQR Cont c J IE' JOB QUALIFICATION STANDARD JQS l_J i - - ioi - --- OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD 1 - R i C - - CERflF_ICATION - TA 3K 3 KNO' ILEOGE ' JOS TECHNICAL REFERENCE· OBJECTIVE 41 al ' ••0 IC i5 Tar etins o O J mtL Doled exc oplioo it her d ir i to upport th-t srochro nit uioo or noa-llinttic tfftC'I into th-t joillt 1n t tio r ·dt 0 4 U JQS -1 0 TR J3S 10C OCOCO lOP MTI4b 3 10 u s c § 130e OPJ OBJ OTTBD l 0 0 OPl S 3 1 0 OP S 3 1 0 1i 91 ea 0 u 111 i - C 'j ' -03 v e c c I QO II VI ' 4• I- - t o- C b jorr hmt u n i nuti ul o - rc o ftho t u ct cic ol opmu r 2nd m rintcn eo cyclo oc cxi tu1 F UJ fl foldei 1n J feiltt l lfou of c w tJJ tel pl cbge JQS 4 0 1 TR· J3S 10C - OCOCO O ITR b 3 10 U S C § 130e DJ OT TDD W1th i nnc e oftbe Jl ' ub cut Rfl for till1bermfonn ioon on C'UJTHlt 11Ult1011 t ir ' et in onmtion H'-'1 md HVT' - 1 JQS 4 0 TR BS roe OCOCO lOP ftltfb 3 10 u s c § 130e jorr I a 9 3t lorr Sc OBT-OTTBD u uio S itlUtiocnl A ' rc e o ll brf c-1 lppt'O 'cd nomm ied a d wlut ctu in tugeting c yde they ue 2t llly r h-en time JQS 4 0 3 - _ _ ' ' '____-- TR J3S roe s oco co oP mt_fb 3 10 u s c § 130e OP S 3 3 t 1 Iorr DJ OTTDD lamtllll S1tu it1 ocu Awue1 e ofl 10 produenon u d 1 ppro - ll c blm to uwon C'Sf IIl b 11 ldantify pan- • timo of JO r roo 'uetion pro 21 in ord r for n1ins ttrut- to I ho t ' epucc IO ' JQS 4 0 3 -e- -- - - -- - ------- iR J3S TO OCO CO OP tTRfbJ 3 10 U S C § 130e OJT OBI QTTBD -le I TOP SECRET REL TO USA PIE¥ 101 TOP SECRET REL TO USA FV Y • Example JQR Cont n ii E - ' - E ' '- - ' t- 1 0 - OP 9 3 OP l I B I Joa ouAuACATION STANDARD JQS OFFENSIVE CYBER OPERATIONS OCO MISSION LEAD IL_J C-ERTIFICATION TASK S KNOWLEDGE JQ j Q TEC HNICA1 REFERENCE o 'JECT1ve· g • o U % a F JI LI c _ C - a · c _ ·e c t- - i 1il v _ uo - gt _- u £ 0 'ah A tHtUMar f O• f O a oor•d ext'endoa Y sUd 1• lnt tlig•aca• riauH 116 tuppart th• pl aolag I• JQS 0 r - - -- -- -- -- - - -- - - - - n · ns JOC oco CO OP f l MTRJb 3 10 u s c § 130e lorr b ODJ QTTDD l E ab J h md aum nn commmllc Ui D a-nh pi r oy coaror r on im g ro OCO GOC 'NaOC °' '-' SOC ROC COCO f Op c -01 • 0 1'J J C o 0 --- - - - - ---- - - - - -I JQS S O O TR JJS JOC s oco c o OP s -fT b 3 10 U S C § 130e OJT OBJ QTTBD t nu rti Aw of o 11 C N I r tioa m u r orT oft nUc IQ et1011 JOS 0 1 JJS oc S oco co op s MT K b 3 10 U S C § 130e O BJ OTTBD 01'J J 6 6 0 0 • OP 3 1 6 l I ' Coml 1 A c ca t R cpon BOA MOP I l tE t lQS 5 0 TR s 10c s oco co op Iorr s i rn- fb 3 10 U S C § 130e R 1 -' c p 1bt l11 • · · e-' ' Wenl' f le'c l lb1hry ro lf -' J 1tnnt JQS S 0 TR ns iOC S oco CO OP s MTR b 3 10 u s c § 130e 6 n IOJT OBJ OTTBD OP l '- _ Dd m l c cmm rxl lion- fo 64 0 t' 1 Mbilit r n Iorr n ns 10 c oco co oP s hrrr b 3J 10 u s c § 130e OnJ· OTTBD OP l 6 · ' IOJT OBJ QTTBD 0 -cr - A ·« mc r Plm ocntioc u d rmplc m oaoc JQS · 0 3 r - - - - - -- -- -- -- - - - - -- ----- 6 0 t b In d'f ctc p 111n I JOS 5 0 - - -- - - - - rr 1 oc S oco c o soP S MTiyb 3 10 u s c § 130e orr OPJ I 6 01' J 1 6 OBJ O T TOO £ 1 dtlAd od 11 •d ocn l 1100 11 n BOA i tOP t tE A d ra JOS 0 6 6 I 6 1 0 • OP3 l 6 6 I TI J JOC s oco c o soP OHJ QTIBD s i tnyb 3 10 U S C § 130e l t m ti o J t'I T ' r d i d P l O s-«oc m cb110 JQS · 0 7 TR us roe- oco CO OP S MTR b 3 10 u s c § 130e ODJ QTTBD IOJT SDA 0 10P M£A 1· orr cv Pra- lp p ro •od l s P 1· 1 1nsr ClPZ s - o ' D alr md 'OUr V o f aM Ona m k-rm r •h rm u n objON ·- d ruthooin - JQ S S OS TR ns JOC s oco CONOP MTR b 3 10 U S C § 130e OBT OTrnn TOP SECRET REL TO t JS ' i Vl Y b j orr 102 TOP SECRET REL TO USA pq y • Example JQR Cont WIJH RfffRfNCE WITHOUT REFERrnce CONDITION 1na1V1aua1 may reterence app1rcac1e trarn1ng rererences Individual mav not utilize trainine references STANDARD W ITH MIIUMAL cnnon WIIHOUl ERROR lndividu i l m iy m ikc minim il error th it do not ttcr the t itcd t3 k objective No error may oe c mm1tted •TASK PERFOR ·lANCE LE lELS 1 Can do simple parts of the task Needs to be held or sho n how to do most of the t is k EXTREMELY LThfITED __ _ 1 C m do most pms of the t isk Needs help only on h u'dcst p irt May not meet load dcm nds for pCt d or accuracy PARTILLY PROFICIENT 3 C m do ill p uts of the t isk eeds help only spot check of completed Olk Mccls winiunuu load dc wand fo1 ' 'Cd and accwacy COl' •rPETENT ' cl b TASK Kl' 'O VLEDGE LEVELS C d Can do the complete task quickly 3Dd accurately Can tell or show others how to do the t 1sk HIGHLY PROftC_IEN1 _ 1____ _ __ C m n m1e parts tools wd simpk facts about the task NOMENCL- TURE Can determine step-by-step procedures for doini the task PROCEDURES_ ___ C m c plain why ind when the t isl- mnst be done 31ld why c 1d1 step i s n«dcd OPERATING- PRINCIPLES _ _ _ _ _ _ _ __ Can pred1ct 1dent1fy and resoh·e problems about th task ADVANCED THEORY • A task knowledge scale value may be used alone or 1th a task perfonn 1 11ce scale to def111e a Jen• of knO vledge for a c pecific t lc k Ex tmple b u1d 1 b TOP SECRET RUH YS VE ¥ 103