Determine secondary level tactical element
The secondary level tactical element the adversary seeks to attack is the specific network or area of a network that is vulnerable to attack. Within the corporate network example, the secondary level tactical element might be a SQL server or a domain controller with a known vulnerability.    
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Normally, defender is unable to detect. May change for special use cases or adversary and defender overlays.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: This is the normal adversary targeting cycle where they utilize our poor OPSEC practices to their advantage.
- Elizabeth Van Ruitenbeek, Ken Keefe, William H. Sanders, and Carol Muehrcke. (2010). Characterizing the Behavior of Cyber Adversaries: The Means, Motive, and Opportunity of Cyberattacks. Retrieved March 5, 2017.
- Joint Chiefs of Staff. (2013, January 31). Joint Targeting. Retrieved May 19, 2017.
- Joint Chiefs of Staff. (2013, February 5). Cyberspace Operations. Retrieved May 19, 2017.
- Department of Defense. (2015, April). The Department of Defense Cyber Strategy. Retrieved May 19, 2017.