FM 3-18 Contributions 2-35. CNA employs weapons that strike at the core attribute nf nu INFOSYS, eonneetivity, and its core function, C2 support. CNA has two ubjectrivesc deny or stop network service. and n·0mipt dum, Of these two, data oorruption has potentially the most disruptive eiiect on tactical C2, particularly if unde- muted. Staff Coordination 2-36. Corps G-7s request CNA support from their joint task fnrcn nr gen- graphic combatant command headquarters Lbmugh operations channels. The Secretary of Defense retains mlease authority for CNA execution. Upon ap» pmval. INSCOM initiates actions to begin Army CNA planning. (See ap— pendix F.) 2»37, CNA are executed after careful policy and legal review. Commanders ensure any use of it is consistent with US international obligations and the law uf war. Basic principles of the Law uf war—such as the requirements of military necessity, proportionality, and avoidance of undue sui·fe1·ing—app1y to CNA. COMPUTER NETWORK DEFENSE 2~38. Computer network de/ense consists of defensive measures to protect and defend information, computers and networks from disruption, denial, degra— dation, or destruction (JP 8-51). It includes all measures to detect unauthor- ized network activity and adversary CNA and defend computers and net- works agninst it. Such measures include access controls, malicious computer code and program detection, and intrusion-detection tools. CND is enabled by information assurance (IA). (See DODD 0·8530.1.) Contributions 239. To defend computer networks from unauthorized activity. each organization uses inherent capabilities to conduct CND, CND includes many responses m stop or minimize the effects of unauthorized activity. These in» clude- • Establishing protective measures within computer networks through network management (G~6) and information assurance (G~6 and G~7), pmoedurcst tools, and trained personnel. · Compiling and safeguarding information for tracking, apprehending and prosecuting perpeumurs of imaunborizcd activity. • lneorpm~at·ing intrusion software into networks. • Esmblishiug firewalls. • Increasing awareness training, including iumrmmiun from the G·2 on CND threats. Staff Coordination 240. The G6 has smifrespansibility for CND at the tmstical level. CND em— ploys the capabilities nf communications (G—6), law enforcement (Criminal Investigation Division (CID), and intelligence (G~2). System eidministruwrs ensure users follow appropriate procedures m prevent network intrusion. 2-10
