Identification should include
- potential for human error (e.g., accidental deletion of data)
- physical access vulnerabilities (e.g., disrupting/damaging data delivery)
- distributed denial-of-service (DDoS)
- timing of equipment availability
- space-based and ground-based disruption to positioning, navigation, and timing (PNT)
- disruption to communication networks
- foreign supply chain access to equipment used in PA
- smart livestock production facility failure.
Process/Skill Questions:
- What safeguards need to be in place in case of a natural disaster and the destruction of data or resources?
- How can a DDoS attack on equipment affect PA?
- How might an attack on the power grid cause a disruption in data availability?
- What type of nonmalicious event might have a negative effect on data availability?
- What is a DoS attack?
- What are criteria for identifying key personnel who should have access to data?
- How should businesses validate the chain of transfer of data among authorized personnel?
- What would be the appropriate computer, technical, management, and policy/regulatory positions to include in the chain of transfer?