Which of the following best describes when offensive cyber operations may be authorized?

Offensive cyber actions are governed by Rules of Engagement, which spell out when such actions may be used. The best way to understand the question is that these operations require proper authorization, and they’re typically allowed in response to threats that are imminent or already in progress as defined by the ROE. This framework ensures actions are legal, proportional, and properly coordinated within the chain of command, even when speed is of the essence. The idea isn’t that you can act freely or without authorization, nor that offensive actions are universally prohibited or purely defensive with no authorization considerations. Authorization in the face of an imminent threat captures the intended balance between readiness to respond and adherence to legal and policy constraints.