With the target determined and the desired end effect decided, the cyber-attack mission is considered scoped. Deciding on the target is only the strategic half of a cyber-attack mission. On the tactical side, there needs to be a determination on how to deliver the desired effect against the target and in most cases that requires the establishment of some level of access to the enemy system. Access in the cyber domain is the placing of an attack effect in such a place that it can adequately execute its mission against the target. In some cases, the target may have an address on the open internet in which case access may simply be any other internet-connected device. In others, access may be having privileged access to a device in the same organization as the target. Access can also be more stringent; some attack tools may require almost no latency between the device where it is executed and the target and require an access adjacent to the target on the same network segment. There is also the possibility that the attack effect needs to be placed on the actual system it will affect, in such cases operations to gain access to an attack position take the mission right to the intended target.