2
Events Played
Cipher Lynx
@cipherlynx
Exploit dev and CTF veteran. Binary challenges first, everything else second.
Links
GitHub
Discord: cipherlynx#1337
Teams
- Null Pointers Captain
Career stats
2
Podium Finishes
1
Wins
2000
Career Points
9
Career Solves
5
Career First Bloods
#1
Best Finish
Red Wire CTF 2025
Best Event
Pwn
Most Improved Category
100%
Consistency Rating
Performance stats
Derived from imported solve data; metrics without source data are hidden.
9
Total Solves
2000
Total Points
100%
Solve Rate
21.9 hr
Average Solve Time
27.0 hr
Median Solve Time
5
First Bloods
9
Unique Solves
1 (450 pts)
High-Value Solves
7
Late-Game Solves
Competition stats
3
Competition entries
9
Challenge solves
2000
Points from recorded solves
Category breakdown
| Category | Solves | Points |
|---|---|---|
| Forensics | 2 | 550 |
| Web | 3 | 500 |
| Crypto | 2 | 450 |
| Pwn | 1 | 450 |
| Misc | 1 | 50 |
NICE/NIST framework stats
28
Knowledge solves across 16 mapped items
9
Task solves across 7 mapped items
2
Skill solves across 2 mapped items
Work role alignment & specialty area coverage
Derived from NICE TKSAs mapped to your solved challenges. Expand a specialty area to see which challenge categories contributed, then expand a work role to see the specific Tasks, Knowledge, and Skills you demonstrated.
PROTECTION and DEFENSE
31%
DESIGN and DEVELOPMENT
28%
OVERSIGHT and GOVERNANCE
25%
INVESTIGATION
9%
IMPLEMENTATION and OPERATION
8%
PROTECTION and DEFENSE 7 roles · 49 challenge hits 31%
Digital Forensics PD-WRL-002 10/182
Demonstrated — 10
Not yet demonstrated — 172
TASK
Perform file signature analysis
TASK
Perform data comparison against established database
TASK
Perform real-time forensic analysis (e.g., using Helix in conjunction with LiveView)
TASK
Perform timeline analysis
TASK
Perform static media analysis
TASK
Perform tier 1, 2, and 3 malware analysis
TASK
Perform Windows registry analysis
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Set up a forensic workstation
TASK
Identify anomalous network activity
TASK
Determine best methods for identifying the perpetrator(s) of a network intrusion
TASK
Identify intrusions
TASK
Document what is known about intrusions
TASK
Identify vulnerabilities
TASK
Recommend vulnerability remediation strategies
TASK
Create forensically sound duplicates of evidence
TASK
Decrypt seized data
TASK
Create technical summary of findings reports
TASK
Determine if digital media chain or custody processes meet Federal Rules of Evidence requirements
TASK
Determine relevance of recovered data
TASK
Identify digital evidence for analysis
TASK
Perform dynamic analysis on drives
TASK
Perform real-time cyber defense incident handling
TASK
Prepare digital media for imaging
TASK
Capture network traffic associated with malicious activities
TASK
Process digital evidence
TASK
Document digital evidence
TASK
Mitigate potential cyber defense incidents
TASK
Advise law enforcement personnel as technical expert
TASK
Scan digital media for viruses
TASK
Mount a drive image
TASK
Utilize deployable forensics toolkit
TASK
Validate intrusion detection system alerts
TASK
Correlate threat assessment data
TASK
Process forensic images
TASK
Perform file and registry monitoring on running systems
TASK
Enter digital media information into tracking databases
TASK
Correlate incident data
TASK
Prepare cyber defense toolkits
TASK
Preserve digital evidence
TASK
Recover information from forensic data sources
TASK
Prepare cyber defense reports
KNOWLEDGE
Knowledge of decryption
KNOWLEDGE
Knowledge of decryption tools and techniques
KNOWLEDGE
Knowledge of data repositories
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of server diagnostic tools and techniques
KNOWLEDGE
Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of physical computer components
KNOWLEDGE
Knowledge of computer peripherals
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of file extensions
KNOWLEDGE
Knowledge of file system implementation principles and practices
KNOWLEDGE
Knowledge of digital evidence seizure policies and procedures
KNOWLEDGE
Knowledge of digital evidence preservation policies and procedures
KNOWLEDGE
Knowledge of ethical hacking tools and techniques
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of chain of custody policies and procedures
KNOWLEDGE
Knowledge of persistent data principles and practices
KNOWLEDGE
Knowledge of machine virtualization tools and techniques
KNOWLEDGE
Knowledge of web mail tools and techniques
KNOWLEDGE
Knowledge of system file characteristics
KNOWLEDGE
Knowledge of deployable forensics principles and practices
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of event correlation tools and techniques
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of data carving tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of anti-forensics tools and techniques
KNOWLEDGE
Knowledge of forensics lab design principles and practices
KNOWLEDGE
Knowledge of forensics lab design systems and software
KNOWLEDGE
Knowledge of debugging tools and techniques
KNOWLEDGE
Knowledge of filename extension abuse
KNOWLEDGE
Knowledge of malware analysis tools and techniques
KNOWLEDGE
Knowledge of virtual machine detection tools and techniques
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of binary analysis tools and techniques
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of malware analysis principles and practices
KNOWLEDGE
Knowledge of operating system structures and internals
KNOWLEDGE
Knowledge of packet-level analysis tools and techniques
KNOWLEDGE
Knowledge of operational design principles and practices
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of intelligence collection management tools and techniques
KNOWLEDGE
Knowledge of information searching tools and techniques
KNOWLEDGE
Knowledge of intelligence collection sources
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of reporting policies and procedures
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of code obfuscation tools and techniques
KNOWLEDGE
Knowledge of digital forensics principles and practices
KNOWLEDGE
Knowledge of virtual machine tools and technologies
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of media forensics
KNOWLEDGE
Knowledge of digital forensics tools and techniques
KNOWLEDGE
Knowledge of Chain of Custody (CoC) processes and procedures
KNOWLEDGE
Knowledge of data integrity principles and practices
KNOWLEDGE
Knowledge of digital evidence cataloging tools and techniques
KNOWLEDGE
Knowledge of digital evidence extraction tools and techniques
KNOWLEDGE
Knowledge of digital evidence handling principles and practices
KNOWLEDGE
Knowledge of digital evidence packaging tools and techniques
KNOWLEDGE
Knowledge of digital evidence preservation tools and techniques
KNOWLEDGE
Knowledge of forensic image processing tools and techniques
KNOWLEDGE
Knowledge of network monitoring tools and techniques
KNOWLEDGE
Knowledge of packet analysis tools and techniques
SKILL
Skill in performing packet-level analysis
SKILL
Skill in decrypting information
SKILL
Skill in developing virtual machines
SKILL
Skill in maintaining virtual machines
SKILL
Skill in finding system files
SKILL
Skill in recognizing digital forensics data
SKILL
Skill in identifying filename extension abuse
SKILL
Skill in processing digital forensic data
SKILL
Skill in performing intelligence collection analysis
SKILL
Skill in developing network infrastructure contingency and recovery plans
SKILL
Skill in testing network infrastructure contingency and recovery plans
SKILL
Skill in preparing reports
SKILL
Skill in preserving digital evidence integrity
SKILL
Skill in identifying forensics data in diverse media
SKILL
Skill in extracting forensics data in diverse media
SKILL
Skill in storing digital evidence
SKILL
Skill in manipulating operating system components
SKILL
Skill in collecting digital evidence
SKILL
Skill in processing digital evidence
SKILL
Skill in transporting digital evidence
SKILL
Skill in disassembling Personal Computers (PCs)
SKILL
Skill in performing digital forensics analysis
SKILL
Skill in performing binary analysis
SKILL
Skill in implementing one-way hash functions
SKILL
Skill in performing source code analysis
SKILL
Skill in performing volatile data analysis
SKILL
Skill in interpreting debugger results
SKILL
Skill in performing malware analysis
SKILL
Skill in performing bit-level analysis
SKILL
Skill in creating digital evidence copies
SKILL
Skill in implementing network infrastructure contingency and recovery plans
SKILL
Skill in administering operating systems
SKILL
Skill in collaborating with internal and external stakeholders
SKILL
Skill in performing data analysis
SKILL
Skill in performing digital evidence analysis
SKILL
Skill in performing dynamic analysis
SKILL
Skill in performing file system forensic analysis
SKILL
Skill in performing log file analysis
SKILL
Skill in performing network traffic packet analysis
SKILL
Skill in performing static analysis
SKILL
Skill in performing static malware analysis
Defensive Cybersecurity PD-WRL-001 6/206
Demonstrated — 6
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 200
TASK
Develop content for cyber defense tools
TASK
Perform cyber defense trend analysis and reporting
TASK
Recommend computing environment vulnerability corrections
TASK
Identify network mapping and operating system (OS) fingerprinting activities
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review cyber defense service provider reporting structure
TASK
Identify anomalous network activity
TASK
Identify potential threats to network resources
TASK
Validate network alerts
TASK
Recommend vulnerability remediation strategies
TASK
Determine if cybersecurity-enabled products reduce identified risk to acceptable levels
TASK
Determine if security control technologies reduce identified risk to acceptable levels
TASK
Document cybersecurity incidents
TASK
Escalate incidents that may cause ongoing and immediate impact to the environment
TASK
Determine the effectiveness of an observed attack
TASK
Recommend risk mitigation strategies
TASK
Recommend system modifications
TASK
Communicate daily network event and activity reports
TASK
Determine causes of network alerts
TASK
Detect cybersecurity attacks and intrusions
TASK
Distinguish between benign and potentially malicious cybersecurity attacks and intrusions
TASK
Communicate cybersecurity attacks and intrusions alerts
TASK
Perform continuous monitoring of system activity
TASK
Determine impact of malicious activity on systems and information
TASK
Establish intrusion set procedures
TASK
Analyze network traffic anomalies
TASK
Validate intrusion detection system alerts
TASK
Isolate malware
TASK
Remove malware
TASK
Identify network device applications and operating systems
TASK
Reconstruct malicious attacks
TASK
Construct cyber defense network tool signatures
TASK
Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cybersecurity incidents
TASK
Analyze organizational cybersecurity posture trends
TASK
Develop organizational cybersecurity posture trend reports
TASK
Develop system security posture trend reports
TASK
Determine adequacy of access controls
TASK
Maintain currency of cyber defense threat conditions
TASK
Determine effectiveness of system implementation and testing processes
TASK
Recommend threat and vulnerability risk mitigation strategies
TASK
Advise stakeholders on vulnerability compliance
TASK
Resolve computer security incidents
TASK
Advise stakeholders on disaster recovery, contingency, and continuity of operations plans
KNOWLEDGE
Knowledge of programming language structures and logic
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of cyber defense tools and techniques
KNOWLEDGE
Knowledge of vulnerability assessment tools and techniques
KNOWLEDGE
Knowledge of computer algorithm capabilities and applications
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of vulnerability data sources
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of intrusion detection tools and techniques
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of security management principles and practices
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of data asset management principles and practices
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of systems testing and evaluation tools and techniques
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of virtual private network (VPN) systems and software
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of adversarial tactics principles and practices
KNOWLEDGE
Knowledge of adversarial tactics tools and techniques
KNOWLEDGE
Knowledge of adversarial tactics policies and procedures
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of network configurations
KNOWLEDGE
Knowledge of file extensions
KNOWLEDGE
Knowledge of command-line tools and techniques
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of interpreted and compiled programming language characteristics
KNOWLEDGE
Knowledge of intelligence collection management processes
KNOWLEDGE
Knowledge of front-end intelligence collection systems and software
KNOWLEDGE
Knowledge of account creation policies and procedures
KNOWLEDGE
Knowledge of password policies and procedures
KNOWLEDGE
Knowledge of network attack vectors
KNOWLEDGE
Knowledge of cyberattack characteristics
KNOWLEDGE
Knowledge of cyberattack actor characteristics
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of cyber attack stages
KNOWLEDGE
Knowledge of cyber intrusion activity phases
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of malware signature principles and practices
KNOWLEDGE
Knowledge of network port capabilities and applications
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of network analysis tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of countermeasure design principles and practices
KNOWLEDGE
Knowledge of network mapping principles and practices
KNOWLEDGE
Knowledge of packet-level analysis tools and techniques
KNOWLEDGE
Knowledge of subnet tools and techniques
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of Intrusion Detection System (IDS) tools and techniques
KNOWLEDGE
Knowledge of Intrusion Prevention System (IPS) tools and techniques
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of protocol analyzer tools and techniques
KNOWLEDGE
Knowledge of traceroute tools and techniques
KNOWLEDGE
Knowledge of cyber defense monitoring tools
KNOWLEDGE
Knowledge of cyber defense system analysis tools
KNOWLEDGE
Knowledge of data correlation tools and techniques
KNOWLEDGE
Knowledge of intrusion set tools and techniques
KNOWLEDGE
Knowledge of network topologies
KNOWLEDGE
Knowledge of organizational cybersecurity incident response plans
KNOWLEDGE
Knowledge of packet analysis tools and techniques
SKILL
Skill in performing packet-level analysis
SKILL
Skill in identifying software communications vulnerabilities
SKILL
Skill in recreating network topologies
SKILL
Skill in evaluating security products
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in developing signatures
SKILL
Skill in deploying signatures
SKILL
Skill in detecting host- and network-based intrusions
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in handling incidents
SKILL
Skill in collecting relevant data from a variety of sources
SKILL
Skill in categorizing types of vulnerabilities
SKILL
Skill in reading signatures
SKILL
Skill in performing malware analysis
SKILL
Skill in assessing security controls
SKILL
Skill in performing network data analysis
SKILL
Skill in evaluating data source quality
SKILL
Skill in interpreting traceroute results
SKILL
Skill in reconstructing a network
SKILL
Skill in utilizing cyber defense service provider information
SKILL
Skill in identifying anomalous activities
SKILL
Skill in identifying exploited system weaknesses
SKILL
Skill in identifying misuse activities
SKILL
Skill in monitoring system activity
SKILL
Skill in performing data analysis
SKILL
Skill in performing dynamic analysis
SKILL
Skill in performing event correlation
SKILL
Skill in performing incident analysis
SKILL
Skill in performing log file analysis
SKILL
Skill in performing malicious activity analysis
SKILL
Skill in performing metadata analysis
SKILL
Skill in performing network data flow analysis
SKILL
Skill in performing network traffic analysis
SKILL
Skill in performing network traffic packet analysis
SKILL
Skill in performing system activity analysis
SKILL
Skill in performing trend analysis
Vulnerability Analysis PD-WRL-007 6/97
Demonstrated — 6
TASK
Perform authorized penetration testing on enterprise network assets
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 91
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Determine impact of software configurations
TASK
Evaluate organizational cybersecurity policy regulatory compliance
TASK
Evaluate organizational cybersecurity policy alignment with organizational directives
TASK
Develop cybersecurity risk profiles
TASK
Identify anomalous network activity
TASK
Identify vulnerabilities
TASK
Recommend vulnerability remediation strategies
TASK
Maintain deployable cyber defense audit toolkits
TASK
Prepare audit reports
TASK
Perform required reviews
TASK
Correlate incident data
TASK
Perform risk and vulnerability assessments
TASK
Recommend cost-effective security controls
KNOWLEDGE
Knowledge of programming language structures and logic
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of server diagnostic tools and techniques
KNOWLEDGE
Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of ethical hacking tools and techniques
KNOWLEDGE
Knowledge of interpreted and compiled programming language characteristics
KNOWLEDGE
Knowledge of cyberattack characteristics
KNOWLEDGE
Knowledge of cyberattack actor characteristics
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of cyber attack stages
KNOWLEDGE
Knowledge of cyber intrusion activity phases
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of ethical hacking principles and practices
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of network analysis tools and techniques
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of packet-level analysis tools and techniques
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of risk scoring principles and practices
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of social engineering tools and techniques
KNOWLEDGE
Knowledge of cyber defense auditing laws and regulations
KNOWLEDGE
Knowledge of cyber defense auditing policies and practices
KNOWLEDGE
Knowledge of organizational cybersecurity policies and configurations
SKILL
Skill in identifying software communications vulnerabilities
SKILL
Skill in performing threat environment analysis
SKILL
Skill in analyzing software configurations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in detecting host- and network-based intrusions
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in performing threat modeling
SKILL
Skill in performing social engineering
SKILL
Skill in writing code in a currently supported programming language
SKILL
Skill in reviewing logs
SKILL
Skill in identifying evidence of past intrusions
SKILL
Skill in assessing application vulnerabilities
SKILL
Skill in optimizing system performance
SKILL
Skill in performing risk assessments
SKILL
Skill in performing network data analysis
SKILL
Skill in assessing an organization's threat environment
Threat Analysis PD-WRL-006 3/165
Demonstrated — 3
KNOWLEDGE
Knowledge of web security principles and practices
Not yet demonstrated — 162
TASK
Answer requests for information
TASK
Evaluate threat decision-making processes
TASK
Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers
TASK
Generate requests for information
TASK
Identify intelligence gaps and shortfalls
TASK
Monitor open source websites for hostile content directed towards organizational or partner interests
TASK
Identify cyber threat tactics and methodologies
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Determine how threat activity groups employ encryption to support their operations
TASK
Identify and characterize intrusion activities against a victim or target
TASK
Scope analysis reports to various audiences that accounts for data sharing classification restrictions
TASK
Determine if priority information requirements are satisfied
TASK
Determine effectiveness of intelligence collection operations
TASK
Recommend adjustments to intelligence collection strategies
TASK
Develop common operational pictures
TASK
Develop cyber operations indicators
TASK
Coordinate all-source collection activities
TASK
Validate all-source collection requirements and plans
TASK
Develop priority information requirements
TASK
Prepare threat and target briefings
TASK
Prepare threat and target situational updates
TASK
Identify intelligence requirements
TASK
Modify collection requirements
TASK
Determine effectiveness of collection requirements
TASK
Monitor changes to designated cyber operations warning problem sets
TASK
Prepare change reports for designated cyber operations warning problem sets
TASK
Monitor threat activities
TASK
Prepare threat activity reports
TASK
Report on adversarial activities that fulfill priority information requirements
TASK
Identify indications and warnings of target communication changes or processing failures
TASK
Prepare cyber operations intelligence reports
TASK
Prepare indications and warnings intelligence reports
TASK
Assess effectiveness of intelligence production
TASK
Assess effectiveness of intelligence reporting
TASK
Provide intelligence analysis and support
TASK
Notify appropriate personnel of imminent hostile intentions or activities
TASK
Prepare network intrusion reports
TASK
Determine if intelligence requirements and collection plans are accurate and up-to-date
KNOWLEDGE
Knowledge of malware
KNOWLEDGE
Knowledge of intelligence fusion
KNOWLEDGE
Knowledge of cognitive biases
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of requirements analysis principles and practices
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of human-computer interaction (HCI) principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of data asset management principles and practices
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of physical computer components
KNOWLEDGE
Knowledge of computer peripherals
KNOWLEDGE
Knowledge of adversarial tactics principles and practices
KNOWLEDGE
Knowledge of adversarial tactics tools and techniques
KNOWLEDGE
Knowledge of adversarial tactics policies and procedures
KNOWLEDGE
Knowledge of network configurations
KNOWLEDGE
Knowledge of machine virtualization tools and techniques
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of new and emerging cybersecurity risks
KNOWLEDGE
Knowledge of threat vector characteristics
KNOWLEDGE
Knowledge of network attack vectors
KNOWLEDGE
Knowledge of cyber attack stages
KNOWLEDGE
Knowledge of cyber intrusion activity phases
KNOWLEDGE
Knowledge of malware analysis tools and techniques
KNOWLEDGE
Knowledge of virtual machine detection tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of malware analysis principles and practices
KNOWLEDGE
Knowledge of wireless communication tools and techniques
KNOWLEDGE
Knowledge of signal jamming tools and techniques
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of content management system (CMS) capabilities and applications
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of intelligence information repositories
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of denial and deception tools and techniques
KNOWLEDGE
Knowledge of supervisory control and data acquisition (SCADA) systems and software
KNOWLEDGE
Knowledge of intelligence collection capabilities and applications
KNOWLEDGE
Knowledge of intelligence requirements tasking systems and software
KNOWLEDGE
Knowledge of intelligence support activities
KNOWLEDGE
Knowledge of threat intelligence principles and practices
KNOWLEDGE
Knowledge of intelligence policies and procedures
KNOWLEDGE
Knowledge of network addressing principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of operations security (OPSEC) principles and practices
KNOWLEDGE
Knowledge of decision-making policies and procedures
KNOWLEDGE
Knowledge of target development principles and practices
KNOWLEDGE
Knowledge of target research tools and techniques
KNOWLEDGE
Knowledge of routing protocols
KNOWLEDGE
Knowledge of request for information processes
KNOWLEDGE
Knowledge of threat behaviors
KNOWLEDGE
Knowledge of target behaviors
KNOWLEDGE
Knowledge of threat systems and software
KNOWLEDGE
Knowledge of virtual machine tools and technologies
KNOWLEDGE
Knowledge of analytical tools and techniques
KNOWLEDGE
Knowledge of analytics
KNOWLEDGE
Knowledge of virtual collaborative workspace tools and techniques
KNOWLEDGE
Knowledge of blue force tracking
KNOWLEDGE
Knowledge of priority intelligence requirements
SKILL
Skill in interfacing with customers
SKILL
Skill in conducting non-attributable research
SKILL
Skill in communicating complex concepts
SKILL
Skill in collaborating with others
SKILL
Skill in creating analytics
SKILL
Skill in extrapolating from incomplete data sets
SKILL
Skill in analyzing large data sets
SKILL
Skill in creating target intelligence products
SKILL
Skill in functioning effectively in a dynamic, fast-paced environment
SKILL
Skill in mitigating cognitive biases
SKILL
Skill in mitigating deception in reporting and analysis
SKILL
Skill in mimicking threat actors
SKILL
Skill in developing virtual machines
SKILL
Skill in maintaining virtual machines
SKILL
Skill in performing operational environment analysis
SKILL
Skill in performing intrusion data analysis
SKILL
Skill in identifying customer information needs
SKILL
Skill in evaluating security products
SKILL
Skill in establishing priorities
SKILL
Skill in extracting metadata
SKILL
Skill in preparing operational environments
SKILL
Skill in performing threat emulation tactics
SKILL
Skill in anticipating threats
SKILL
Skill in performing threat factor analysis
SKILL
Skill in designing wireless communications systems
SKILL
Skill in identifying network threats
SKILL
Skill in performing capabilities analysis
SKILL
Skill in performing requirements analysis
SKILL
Skill in preparing reports
SKILL
Skill in collecting relevant data from a variety of sources
SKILL
Skill in developing position qualification requirements
SKILL
Skill in translating operational requirements into security controls
SKILL
Skill in conducting deep web research
SKILL
Skill in defining an operational environment
SKILL
Skill in performing target analysis
SKILL
Skill in developing analytics
SKILL
Skill in evaluating data source quality
SKILL
Skill in evaluating information quality
SKILL
Skill in identifying cybersecurity threats
SKILL
Skill in identifying intelligence gaps
SKILL
Skill in managing client relationships
SKILL
Skill in preparing briefings
SKILL
Skill in querying data
SKILL
Skill in conducting open-source searches
SKILL
Skill in incorporating feedback
SKILL
Skill in converting intelligence requirements into intelligence production tasks
SKILL
Skill in developing collection strategies
SKILL
Skill in determining information requirements
SKILL
Skill in presenting to an audience
SKILL
Skill in performing metadata analysis
SKILL
Skill in performing nodal analysis
Incident Response PD-WRL-003 2/107
Demonstrated — 2
Not yet demonstrated — 105
TASK
Perform cyber defense trend analysis and reporting
TASK
Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)
TASK
Coordinate incident response functions
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Identify anomalous network activity
TASK
Identify potential threats to network resources
TASK
Resolve cyber defense incidents
TASK
Coordinate technical support to enterprise-wide cybersecurity defense technicians
TASK
Identify vulnerabilities
TASK
Recommend vulnerability remediation strategies
TASK
Perform cyber defense incident triage
TASK
Recommend incident remediation strategies
TASK
Determine the scope, urgency, and impact of cyber defense incidents
TASK
Perform forensically sound image collection
TASK
Recommend mitigation and remediation strategies for enterprise systems
TASK
Perform real-time cyber defense incident handling
TASK
Determine causes of network alerts
TASK
Track cyber defense incidents from initial detection through final resolution
TASK
Document cyber defense incidents from initial detection through final resolution
TASK
Produce incident findings reports
TASK
Communicate incident findings to appropriate constituencies
TASK
Mitigate potential cyber defense incidents
TASK
Advise law enforcement personnel as technical expert
TASK
Correlate threat assessment data
TASK
Prepare after action reviews (AARs)
TASK
Correlate incident data
TASK
Maintain currency of cyber defense threat conditions
TASK
Prepare cyber defense reports
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of intrusion detection tools and techniques
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of account creation policies and procedures
KNOWLEDGE
Knowledge of password policies and procedures
KNOWLEDGE
Knowledge of cyberattack characteristics
KNOWLEDGE
Knowledge of cyberattack actor characteristics
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of cyber attack stages
KNOWLEDGE
Knowledge of cyber intrusion activity phases
KNOWLEDGE
Knowledge of malware analysis tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of cloud service models and frameworks
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of malware analysis principles and practices
KNOWLEDGE
Knowledge of network analysis tools and techniques
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of routing protocols
KNOWLEDGE
Knowledge of web application security risks
SKILL
Skill in securing network communications
SKILL
Skill in performing damage assessments
SKILL
Skill in identifying software communications vulnerabilities
SKILL
Skill in evaluating security products
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in identifying malware
SKILL
Skill in capturing malware
SKILL
Skill in containing malware
SKILL
Skill in reporting malware
SKILL
Skill in detecting host- and network-based intrusions
SKILL
Skill in preserving digital evidence integrity
SKILL
Skill in collecting digital evidence
SKILL
Skill in processing digital evidence
SKILL
Skill in transporting digital evidence
SKILL
Skill in categorizing types of vulnerabilities
SKILL
Skill in protecting a network against malware
SKILL
Skill in performing malware analysis
SKILL
Skill in performing network data analysis
SKILL
Skill in designing incident responses
SKILL
Skill in performing incident responses
SKILL
Skill in collaborating with internal and external stakeholders
SKILL
Skill in performing data analysis
SKILL
Skill in performing log file analysis
Insider Threat Analysis PD-WRL-005 2/169
Demonstrated — 2
Not yet demonstrated — 167
TASK
Acquire resources to support cybersecurity program goals and objectives
TASK
Conduct an effective enterprise continuity of operations program
TASK
Contribute insider threat expertise to organizational cybersecurity awareness program
TASK
Identify anomalous network activity
TASK
Identify potential threats to network resources
TASK
Develop risk mitigation strategies
TASK
Recommend security changes to systems and system components
TASK
Manage cybersecurity budget, staffing, and contracting
TASK
Recommend risk mitigation strategies
TASK
Process digital evidence
TASK
Document digital evidence
TASK
Assess the behavior of individual victims, witnesses, or suspects during cybersecurity investigations
TASK
Preserve digital evidence
TASK
Conduct cybersecurity reviews
TASK
Identify exploitable technical or operational vulnerabilities
TASK
Recommend potential courses of action
TASK
Develop intelligence collection strategies
TASK
Identify information collection gaps
TASK
Notify appropriate personnel of imminent hostile intentions or activities
TASK
Determine validity and relevance of information
TASK
Document system alerts
TASK
Escalate system alerts that may indicate risks
TASK
Disseminate anomalous activity reports to the insider threat hub
TASK
Conduct independent comprehensive assessments of target-specific information
TASK
Conduct insider threat risk assessments
TASK
Prepare insider threat briefings
TASK
Recommend risk mitigation courses of action (CoA)
TASK
Coordinate with internal and external incident management partners across jurisdictions
TASK
Recommend improvements to insider threat detection processes
TASK
Collect digital evidence that meets priority intelligence requirements
TASK
Develop digital evidence reports for internal and external partners
TASK
Develop elicitation indicators
TASK
Identify high value assets
TASK
Identify potential insider threats
TASK
Identify imminent or hostile intentions or activities
TASK
Develop a continuously updated overview of an incident throughout the incident's life cycle
TASK
Develop insider threat cyber operations indicators
TASK
Integrate information from cyber resources, internal partners, and external partners
TASK
Advise insider threat hub inquiries
TASK
Conduct cybersecurity insider threat inquiries
TASK
Deliver all-source cyber operations and intelligence indications and warnings
TASK
Interpret network activity for intelligence value
TASK
Monitor network activity for vulnerabilities
TASK
Identify potential insider risks to networks
TASK
Document potential insider risks to networks
TASK
Report network vulnerabilities
TASK
Develop insider threat investigation plans
TASK
Investigate alleged insider threat cybersecurity policy violations
TASK
Refer cases on active insider threat activities to law enforcement investigators
TASK
Establish an insider threat risk management assessment program
TASK
Evaluate organizational insider risk response capabilities
TASK
Document insider threat information sources
TASK
Conduct insider threat studies
TASK
Identify potential targets for exploitation
TASK
Analyze potential targets for exploitation
TASK
Develop insider threat targets
TASK
Maintain User Activity Monitoring (UAM) tools
TASK
Monitor the output from User Activity Monitoring (UAM) tools
KNOWLEDGE
Knowledge of decryption
KNOWLEDGE
Knowledge of decryption tools and techniques
KNOWLEDGE
Knowledge of data repositories
KNOWLEDGE
Knowledge of network collection tools and techniques
KNOWLEDGE
Knowledge of network collection policies and procedures
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of chain of custody policies and procedures
KNOWLEDGE
Knowledge of data remediation tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of abnormal physical and physiological behaviors
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of risk mitigation tools and techniques
KNOWLEDGE
Knowledge of data analysis tools and techniques
KNOWLEDGE
Knowledge of digital evidence cataloging tools and techniques
KNOWLEDGE
Knowledge of digital evidence extraction tools and techniques
KNOWLEDGE
Knowledge of digital evidence packaging tools and techniques
KNOWLEDGE
Knowledge of digital evidence preservation tools and techniques
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
KNOWLEDGE
Knowledge of organizational policies and procedures
KNOWLEDGE
Knowledge of priority intelligence requirements
KNOWLEDGE
Knowledge of risk mitigation principles and practices
KNOWLEDGE
Knowledge of cultural, political, and organizational assets
KNOWLEDGE
Knowledge of cybersecurity review processes and procedures
KNOWLEDGE
Knowledge of cybersecurity threat remediation principles and practices
KNOWLEDGE
Knowledge of cybersecurity tools and techniques
KNOWLEDGE
Knowledge of data exfiltration tools and techniques
KNOWLEDGE
Knowledge of data handling tools and techniques
KNOWLEDGE
Knowledge of data monitoring tools and techniques
KNOWLEDGE
Knowledge of digital and physical security vulnerabilities
KNOWLEDGE
Knowledge of digital and physical security vulnerability remediation principles and practices
KNOWLEDGE
Knowledge of external organization roles and responsibilities
KNOWLEDGE
Knowledge of external referrals policies and procedures
KNOWLEDGE
Knowledge of high value asset characteristics
KNOWLEDGE
Knowledge of insider threat hub policies and procedures
KNOWLEDGE
Knowledge of insider threat hub operations
KNOWLEDGE
Knowledge of insider threat operational indicators
KNOWLEDGE
Knowledge of insider threat policies and procedures
KNOWLEDGE
Knowledge of insider threat tactics
KNOWLEDGE
Knowledge of insider threat targets
KNOWLEDGE
Knowledge of intelligence laws and regulations
KNOWLEDGE
Knowledge of known insider attacks
KNOWLEDGE
Knowledge of network endpoints
KNOWLEDGE
Knowledge of notification policies and procedures
KNOWLEDGE
Knowledge of organizational objectives, resources, and capabilities
KNOWLEDGE
Knowledge of previously referred potential insider threats
KNOWLEDGE
Knowledge of risk reduction metrics
KNOWLEDGE
Knowledge of security information and event management (SIEM) tools and techniques
KNOWLEDGE
Knowledge of suspicious activity response processes
KNOWLEDGE
Knowledge of system alert policies and procedures
KNOWLEDGE
Knowledge of system components
KNOWLEDGE
Knowledge of threat investigation policies and procedures
KNOWLEDGE
Knowledge of threat modeling tools and techniques
KNOWLEDGE
Knowledge of User Activity Monitoring (UAM) tools and techniques
SKILL
Skill in decrypting information
SKILL
Skill in creating technical documentation
SKILL
Skill in collecting network data
SKILL
Skill in identifying anomalous activity
SKILL
Skill in identifying network threats
SKILL
Skill in developing algorithms
SKILL
Skill in performing data structure analysis
SKILL
Skill in preparing reports
SKILL
Skill in performing threat modeling
SKILL
Skill in communicating effectively
SKILL
Skill in performing network data analysis
SKILL
Skill in performing midpoint collection data analysis
SKILL
Skill in preparing briefings
SKILL
Skill in querying data
SKILL
Skill in presenting to an audience
SKILL
Skill in building internal and external relationships
SKILL
Skill in collaborating with internal and external stakeholders
SKILL
Skill in performing behavioral analysis
SKILL
Skill in performing data analysis
SKILL
Skill in performing log file analysis
SKILL
Skill in performing network traffic analysis
SKILL
Skill in performing threat analysis
SKILL
Skill in recognizing behavioral patterns
SKILL
Skill in analyzing information from multiple sources
SKILL
Skill in building relationships remotely and in person
SKILL
Skill in correlating data from multiple tools
SKILL
Skill in determining what information may helpful to a specific audience
SKILL
Skill in identifying insider risk security gaps
SKILL
Skill in identifying insider threats
SKILL
Skill in determining the importance of assets
SKILL
Skill in integrating information from multiple sources
SKILL
Skill in performing cyberintelligence data analysis
SKILL
Skill in performing data queries
SKILL
Skill in performing human behavioral analysis
SKILL
Skill in performing link analysis
SKILL
Skill in recognizing recurring threat incidents
Infrastructure Support PD-WRL-004 1/75
Demonstrated — 1
Not yet demonstrated — 74
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Administer rule and signature updates for specialized cyber defense applications
TASK
Perform system administration on specialized cyber defense applications and systems
TASK
Administer Virtual Private Network (VPN) devices
TASK
Coordinate critical cyber defense infrastructure protection measures
TASK
Prioritize critical cyber defense infrastructure resources
TASK
Build dedicated cyber defense hardware
TASK
Install dedicated cyber defense hardware
TASK
Assess the impact of implementing and sustaining a dedicated cyber defense infrastructure
TASK
Evaluate platforms managed by service providers
TASK
Manage network access control lists on specialized cyber defense systems
TASK
Implement cyber defense tools
TASK
Implement dedicated cyber defense systems
TASK
Document system requirements
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of virtual private network (VPN) systems and software
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of network configurations
KNOWLEDGE
Knowledge of web filtering systems and software
KNOWLEDGE
Knowledge of account creation policies and procedures
KNOWLEDGE
Knowledge of password policies and procedures
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of learning assessment tools and techniques
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of wireless communication tools and techniques
KNOWLEDGE
Knowledge of signal jamming tools and techniques
KNOWLEDGE
Knowledge of Intrusion Detection System (IDS) tools and techniques
KNOWLEDGE
Knowledge of Intrusion Prevention System (IPS) tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of security assessment authorization requirements
SKILL
Skill in securing network communications
SKILL
Skill in applying host access controls
SKILL
Skill in applying network access controls
SKILL
Skill in tuning network sensors
SKILL
Skill in handling incidents
SKILL
Skill in encrypting network communications
SKILL
Skill in protecting a network against malware
SKILL
Skill in applying hardening techniques
SKILL
Skill in troubleshooting cyber defense infrastructure anomalies
SKILL
Skill in configuring hardware
SKILL
Skill in testing hardware
DESIGN and DEVELOPMENT 6 roles · 45 challenge hits 28%
Technology Research and Development DD-WRL-008 7/118
Demonstrated — 7
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 111
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Identify critical technology procurement requirements
TASK
Determine impact of software configurations
TASK
Develop cybersecurity risk profiles
TASK
Identify anomalous network activity
TASK
Identify vulnerabilities
TASK
Recommend vulnerability remediation strategies
TASK
Validate data mining and data warehousing programs, processes, and requirements
TASK
Identify system and network capabilities
TASK
Develop cybersecurity capability strategies for custom hardware and software development
TASK
Identify cybersecurity solutions tools and technologies
TASK
Design cybersecurity tools and technologies
TASK
Develop cybersecurity tools and technologies
TASK
Evaluate network infrastructure vulnerabilities
TASK
Recommend network infrastructure enhancements
TASK
Correlate incident data
TASK
Design data management systems
TASK
Troubleshoot prototype design and process issues
TASK
Recommend vulnerability exploitation functional and security-related features
TASK
Recommend vulnerability mitigation functional- and security-related features
TASK
Develop reverse engineering tools
TASK
Determine if hardware and software complies with defined specifications and requirements
KNOWLEDGE
Knowledge of Extensible Markup Language (XML) schemas
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of system life cycle management principles and practices
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of hardware maintenance policies and procedures
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of network configurations
KNOWLEDGE
Knowledge of ethical hacking tools and techniques
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of middleware software capabilities and applications
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of ethical hacking principles and practices
KNOWLEDGE
Knowledge of covert communication tools and techniques
KNOWLEDGE
Knowledge of computer architecture principles and practices
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of operating system structures and internals
KNOWLEDGE
Knowledge of network analysis tools and techniques
KNOWLEDGE
Knowledge of wireless communication tools and techniques
KNOWLEDGE
Knowledge of signal jamming tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of network hardware threats and vulnerabilities
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of operations security (OPSEC) principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of hardware asset management principles and practices
KNOWLEDGE
Knowledge of knowledge management tools and techniques
KNOWLEDGE
Knowledge of mission requirements
KNOWLEDGE
Knowledge of reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software and systems engineering life cycle standards
SKILL
Skill in applying secure coding techniques
SKILL
Skill in communicating complex concepts
SKILL
Skill in creating technical documentation
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in recognizing digital forensics data
SKILL
Skill in identifying forensic digital footprints
SKILL
Skill in performing forensic data analysis
SKILL
Skill in identifying software communications vulnerabilities
SKILL
Skill in analyzing software configurations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in applying information technologies into proposed solutions
SKILL
Skill in creating mathematical models
SKILL
Skill in creating statistical models
SKILL
Skill in performing systems engineering
SKILL
Skill in designing technology processes and solutions
SKILL
Skill in integrating technology processes and solutions
SKILL
Skill in optimizing system performance
SKILL
Skill in performing technical writing
SKILL
Skill in solving problems
SKILL
Skill in communicating with internal and external stakeholders
Cybersecurity Architecture DD-WRL-001 5/219
Demonstrated — 5
Not yet demonstrated — 214
TASK
Employ secure configuration management processes
TASK
Translate proposed capabilities into technical requirements
TASK
Communicate enterprise information technology architecture
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Integrate organizational goals and objectives into security architecture
TASK
Implement organizational evaluation and validation criteria
TASK
Assess the organization's cybersecurity architecture
TASK
Perform privacy impact assessments (PIAs)
TASK
Configure network hubs, routers, and switches
TASK
Optimize network hubs, routers, and switches
TASK
Determine essential system capabilities and business functions
TASK
Prioritize essential system capabilities and business functions
TASK
Restore essential system capabilities and business functions after catastrophic failure events
TASK
Define system availability levels
TASK
Determine disaster recovery and continuity of operations system requirements
TASK
Develop cybersecurity designs for systems and networks with multilevel security requirements
TASK
Develop cybersecurity designs for systems and networks that require processing of multiple data classification levels
TASK
Integrate cybersecurity designs for systems and networks
TASK
Define acquisition life cycle cybersecurity architecture requirements
TASK
Define acquisition life cycle systems security engineering requirements
TASK
Determine if systems and architecture are consistent with cybersecurity architecture guidelines
TASK
Perform security reviews
TASK
Identify gaps in security architecture
TASK
Develop a cybersecurity risk management plan
TASK
Advise on security requirements to be included in statements of work
TASK
Advise on Risk Management Framework process activities and documentation
TASK
Determine the impact of new system and interface implementations on organization's cybersecurity posture
TASK
Document impact of new system and interface implementations on organization's cybersecurity posture
TASK
Plan system security development
TASK
Conduct system security development
TASK
Allocate cybersecurity services
TASK
Select cybersecurity mechanisms
TASK
Develop system security contexts
TASK
Create system security concept of operations (ConOps) documents
TASK
Determine cybersecurity design and architecture effectiveness
TASK
Create cybersecurity architecture functional specifications
TASK
Determine user requirements
TASK
Plan cybersecurity architecture
TASK
Design system security measures
TASK
Update system security measures
TASK
Develop enterprise architecture
TASK
Define baseline system security requirements
TASK
Create definition activity documentation
TASK
Create architecture activity documentation
TASK
Identify system and network protection needs
TASK
Implement system security measures
TASK
Determine effectiveness of system implementation and testing processes
TASK
Conduct cybersecurity management assessments
TASK
Design cybersecurity management functions
KNOWLEDGE
Knowledge of microprocessors
KNOWLEDGE
Knowledge of technology integration processes
KNOWLEDGE
Knowledge of system optimization techniques
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of business operations standards and best practices
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of requirements analysis principles and practices
KNOWLEDGE
Knowledge of cyber defense tools and techniques
KNOWLEDGE
Knowledge of vulnerability assessment tools and techniques
KNOWLEDGE
Knowledge of computer algorithm capabilities and applications
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of electrical engineering principles and practices
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of human-computer interaction (HCI) principles and practices
KNOWLEDGE
Knowledge of Security Assessment and Authorization (SA&A) processes
KNOWLEDGE
Knowledge of analysis standards and best practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of mathematics principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of parallel and distributed computing principles and practices
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of remote access principles and practices
KNOWLEDGE
Knowledge of security management principles and practices
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of automated systems analysis tools and techniques
KNOWLEDGE
Knowledge of systems testing and evaluation tools and techniques
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of secure coding tools and techniques
KNOWLEDGE
Knowledge of risk assessment principles and practices
KNOWLEDGE
Knowledge of threat assessment principles and practices
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of secure software deployment principles and practices
KNOWLEDGE
Knowledge of secure software deployment tools and techniques
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of process improvement principles and practices
KNOWLEDGE
Knowledge of process maturity models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of service management principles and practices
KNOWLEDGE
Knowledge of service management standards and best practices
KNOWLEDGE
Knowledge of key management service (KMS) principles and practices
KNOWLEDGE
Knowledge of key management service (KMS) key rotation policies and procedures
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of computer architecture principles and practices
KNOWLEDGE
Knowledge of multi-level security (MLS) systems and software
KNOWLEDGE
Knowledge of cross-domain solutions
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of program protection plan (PPP) principles and practices
KNOWLEDGE
Knowledge of configuration management tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of N-tier architecture principles and practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of fault tolerance tools and techniques
KNOWLEDGE
Knowledge of information theory principles and practices
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of routing protocols
KNOWLEDGE
Knowledge of secure software update principles and practices
KNOWLEDGE
Knowledge of secure firmware update principles and practices
KNOWLEDGE
Knowledge of design modeling
KNOWLEDGE
Knowledge of design methods
KNOWLEDGE
Knowledge of acquisition cybersecurity requirements
KNOWLEDGE
Knowledge of application security design principles and practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of data classification levels
KNOWLEDGE
Knowledge of fail-over or alternate site requirements
KNOWLEDGE
Knowledge of material supportability requirements
KNOWLEDGE
Knowledge of multilevel security requirements
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) attributes
KNOWLEDGE
Knowledge of security controls
KNOWLEDGE
Knowledge of service-oriented security architecture practices and principles
KNOWLEDGE
Knowledge of system backup requirements
KNOWLEDGE
Knowledge of user requirements
SKILL
Skill in assessing security systems designs
SKILL
Skill in applying secure coding techniques
SKILL
Skill in analyzing an organization's enterprise information technology architecture
SKILL
Skill in communicating complex concepts
SKILL
Skill in communicating verbally
SKILL
Skill in communicating in writing
SKILL
Skill in applying secure network architectures
SKILL
Skill in designing systems
SKILL
Skill in designing architectures
SKILL
Skill in designing frameworks
SKILL
Skill in collaborating with others
SKILL
Skill in coordinating efforts between stakeholders
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in applying information technologies into proposed solutions
SKILL
Skill in designing security controls
SKILL
Skill in designing the integration of hardware solutions
SKILL
Skill in designing the integration of software solutions
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in building use cases
SKILL
Skill in encrypting network communications
SKILL
Skill in creating test plans
SKILL
Skill in configuring software-based computer protection tools
SKILL
Skill in designing Test and Evaluation Strategies (TES)
SKILL
Skill in designing multi-level security solutions
SKILL
Skill in designing cross-domain solutions
SKILL
Skill in designing secure test plans
SKILL
Skill in implementing Public Key Infrastructure (PKI) encryption
SKILL
Skill in implementing digital signatures
SKILL
Skill in applying security models
SKILL
Skill in translating operational requirements into security controls
SKILL
Skill in installing system and component upgrades
SKILL
Skill in optimizing system performance
SKILL
Skill in implementing network segregation
SKILL
Skill in configuring computer protection components
SKILL
Skill in performing risk assessments
SKILL
Skill in preparing briefings
SKILL
Skill in integrating organization objectives
SKILL
Skill in presenting to an audience
SKILL
Skill in identifying cybersecurity issues in external connections
SKILL
Skill in identifying privacy issues in partner interconnections
SKILL
Skill in collaborating with stakeholders
SKILL
Skill in performing cybersecurity architecture analysis
SKILL
Skill in performing security architecture analysis
SKILL
Skill in performing user needs analysis
Software Security Assessment DD-WRL-005 4/142
Demonstrated — 4
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 138
TASK
Consult with customers about software system design and maintenance
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Integrate black-box security testing tools into quality assurance processes
TASK
Perform code reviews
TASK
Prepare secure code documentation
TASK
Integrate software cybersecurity objectives into project plans and schedules
TASK
Determine project security controls
TASK
Develop threat models
TASK
Evaluate interfaces between hardware and software
TASK
Determine hardware configuration
TASK
Identify common coding flaws
TASK
Determine software development security implications within centralized and decentralized environments across the enterprise
TASK
Implement software development cybersecurity methodologies within centralized and decentralized environments across the enterprise
TASK
Determine cybersecurity measures for steady state operation and management of software
TASK
Incorporate product end-of-life cybersecurity measures
TASK
Determine security requirements for new information technologies
TASK
Determine security requirements for new operational technologies
TASK
Perform integrated quality assurance testing
TASK
Conduct risk analysis of applications and systems undergoing major changes
TASK
Address security implications in the software acceptance phase
TASK
Analyze system capabilities and requirements
TASK
Integrate security requirements into application design elements
TASK
Document software attack surface elements
TASK
Conduct threat modeling
TASK
Identify system cybersecurity requirements
TASK
Design and develop secure applications
TASK
Develop software documentation
TASK
Analyze feasibility of software design within time and cost constraints
TASK
Conduct trial runs of programs and software applications
TASK
Develop software system testing and validation procedures
TASK
Create software system documentation
TASK
Identify programming flaws
TASK
Conduct vulnerability analysis of software patches and updates
TASK
Prepare vulnerability analysis reports
TASK
Determine customer requirements
TASK
Identify system security requirements
KNOWLEDGE
Knowledge of programming language structures and logic
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of complex data structure capabilities and applications
KNOWLEDGE
Knowledge of programming principles and practices
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of evaluation and validation principles and practices
KNOWLEDGE
Knowledge of Local Area Networks (LAN)
KNOWLEDGE
Knowledge of Wide Area Networks (WAN)
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of software development principles and practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of bandwidth management tools and techniques
KNOWLEDGE
Knowledge of low-level programming languages
KNOWLEDGE
Knowledge of mathematics principles and practices
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of Privacy Impact Assessment (PIA) principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of configuration management (CM) tools and techniques
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software debugging principles and practices
KNOWLEDGE
Knowledge of software design tools and techniques
KNOWLEDGE
Knowledge of software development models and frameworks
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of structured analysis principles and practices
KNOWLEDGE
Knowledge of automated systems analysis tools and techniques
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of interpreted and compiled programming language characteristics
KNOWLEDGE
Knowledge of secure coding tools and techniques
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of software security principles and practices
KNOWLEDGE
Knowledge of software quality assurance (SQA) principles and practices
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of secure software deployment principles and practices
KNOWLEDGE
Knowledge of secure software deployment tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of risk management policies and procedures
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of root cause analysis tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of black-box software testing
KNOWLEDGE
Knowledge of code analysis tools and techniques
KNOWLEDGE
Knowledge of coding and testing standards
KNOWLEDGE
Knowledge of completion criteria
KNOWLEDGE
Knowledge of cost constraints
KNOWLEDGE
Knowledge of customer requirements
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of data manipulation principles and practices
KNOWLEDGE
Knowledge of data retrieval principles and practices
KNOWLEDGE
Knowledge of data storage principles and practices
KNOWLEDGE
Knowledge of enterprise-wide version control systems
KNOWLEDGE
Knowledge of independent testing methods
KNOWLEDGE
Knowledge of required reporting formats
KNOWLEDGE
Knowledge of risk acceptance and documentation
KNOWLEDGE
Knowledge of security restrictions
KNOWLEDGE
Knowledge of security testing tools and techniques
SKILL
Skill in performing root cause analysis
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in creating mathematical models
SKILL
Skill in creating statistical models
SKILL
Skill in designing security controls
SKILL
Skill in developing security system controls
SKILL
Skill in applying black-box software testing
SKILL
Skill in interpreting signatures
SKILL
Skill in designing secure test plans
SKILL
Skill in implementing Public Key Infrastructure (PKI) encryption
SKILL
Skill in implementing digital signatures
SKILL
Skill in communicating with engineering staff
SKILL
Skill in conducting customer interviews
SKILL
Skill in performing risk analysis
SKILL
Skill in performing static code analysis
Secure Software Development DD-WRL-003 3/161
Demonstrated — 3
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 158
TASK
Develop secure code and error handling
TASK
Consult with customers about software system design and maintenance
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Recommend development of new applications or modification of existing applications
TASK
Create development plans for new applications or modification of existing applications
TASK
Evaluate software design plan timelines and cost estimates
TASK
Perform code reviews
TASK
Prepare secure code documentation
TASK
Integrate software cybersecurity objectives into project plans and schedules
TASK
Determine project security controls
TASK
Create program documentation during initial development and subsequent revision phases
TASK
Determine system performance requirements
TASK
Design application interfaces
TASK
Evaluate interfaces between hardware and software
TASK
Correct program errors
TASK
Determine if desired program results are produced
TASK
Design and develop software systems
TASK
Determine hardware configuration
TASK
Identify common coding flaws
TASK
Determine software development security implications within centralized and decentralized environments across the enterprise
TASK
Implement software development cybersecurity methodologies within centralized and decentralized environments across the enterprise
TASK
Determine cybersecurity measures for steady state operation and management of software
TASK
Incorporate product end-of-life cybersecurity measures
TASK
Perform integrated quality assurance testing
TASK
Mitigate programming vulnerabilities
TASK
Identify programming code flaws
TASK
Conduct risk analysis of applications and systems undergoing major changes
TASK
Develop workflow charts and diagrams
TASK
Convert workflow charts and diagrams into coded computer language instructions
TASK
Address security implications in the software acceptance phase
TASK
Analyze system capabilities and requirements
TASK
Integrate security requirements into application design elements
TASK
Document software attack surface elements
TASK
Conduct threat modeling
TASK
Design programming language exploitation countermeasures and mitigations
TASK
Design and develop secure applications
TASK
Develop software documentation
TASK
Integrate public key cryptography into applications
TASK
Analyze feasibility of software design within time and cost constraints
TASK
Conduct trial runs of programs and software applications
TASK
Develop software system testing and validation procedures
TASK
Create software system documentation
TASK
Adapt software to new hardware
TASK
Upgrade software interfaces
TASK
Improve software performance
TASK
Conduct vulnerability analysis of software patches and updates
TASK
Prepare vulnerability analysis reports
KNOWLEDGE
Knowledge of programming language structures and logic
KNOWLEDGE
Knowledge of code tailoring tools and techniques
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of complex data structure capabilities and applications
KNOWLEDGE
Knowledge of programming principles and practices
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of evaluation and validation principles and practices
KNOWLEDGE
Knowledge of Local Area Networks (LAN)
KNOWLEDGE
Knowledge of Wide Area Networks (WAN)
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of software development principles and practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of bandwidth management tools and techniques
KNOWLEDGE
Knowledge of low-level programming languages
KNOWLEDGE
Knowledge of mathematics principles and practices
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of Privacy Impact Assessment (PIA) principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of configuration management (CM) tools and techniques
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software debugging principles and practices
KNOWLEDGE
Knowledge of software design tools and techniques
KNOWLEDGE
Knowledge of software development models and frameworks
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of structured analysis principles and practices
KNOWLEDGE
Knowledge of automated systems analysis tools and techniques
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of interpreted and compiled programming language characteristics
KNOWLEDGE
Knowledge of secure coding tools and techniques
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of software security principles and practices
KNOWLEDGE
Knowledge of software quality assurance (SQA) principles and practices
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of risk management policies and procedures
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of root cause analysis tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of code analysis tools and techniques
KNOWLEDGE
Knowledge of coding and testing standards
KNOWLEDGE
Knowledge of completion criteria
KNOWLEDGE
Knowledge of cost constraints
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of data manipulation principles and practices
KNOWLEDGE
Knowledge of data retrieval principles and practices
KNOWLEDGE
Knowledge of data storage principles and practices
KNOWLEDGE
Knowledge of enterprise-wide version control systems
KNOWLEDGE
Knowledge of independent testing methods
KNOWLEDGE
Knowledge of mathematical models
KNOWLEDGE
Knowledge of Public Key Infrastructure (PKI) libraries
KNOWLEDGE
Knowledge of required reporting formats
KNOWLEDGE
Knowledge of risk acceptance and documentation
KNOWLEDGE
Knowledge of secure programming tools and techniques
KNOWLEDGE
Knowledge of security restrictions
KNOWLEDGE
Knowledge of security testing tools and techniques
KNOWLEDGE
Knowledge of user requirements
KNOWLEDGE
Knowledge of certificate management principles and practices
SKILL
Skill in applying secure coding techniques
SKILL
Skill in performing root cause analysis
SKILL
Skill in tailoring code analysis
SKILL
Skill in deploying software securely
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in debugging software
SKILL
Skill in creating mathematical models
SKILL
Skill in creating statistical models
SKILL
Skill in implementing input validation
SKILL
Skill in designing security controls
SKILL
Skill in developing security system controls
SKILL
Skill in writing code in a currently supported programming language
SKILL
Skill in designing secure test plans
SKILL
Skill in implementing Public Key Infrastructure (PKI) encryption
SKILL
Skill in implementing digital signatures
SKILL
Skill in implementing error handling in applications
SKILL
Skill in communicating with engineering staff
SKILL
Skill in encrypting data
SKILL
Skill in performing risk analysis
SKILL
Skill in performing scientific analysis
SKILL
Skill in performing static code analysis
Secure Systems Development DD-WRL-004 3/232
Demonstrated — 3
Not yet demonstrated — 229
TASK
Employ secure configuration management processes
TASK
Implement security designs for new or existing systems
TASK
Incorporate cybersecurity vulnerability solutions into system designs (e.g., Cybersecurity Vulnerability Alerts)
TASK
Develop cybersecurity designs to meet specific operational needs and environmental factors (e.g., access controls, automated applications, networked operations, high integrity and availability requirements, multilevel security/processing of multiple classification levels, and processing Sensitive Compartmented Information)
TASK
Communicate enterprise information technology architecture
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Determine procurement requirements
TASK
Integrate organizational goals and objectives into security architecture
TASK
Estimate the impact of collateral damage
TASK
Determine impact of software configurations
TASK
Assess operation performance
TASK
Assess operation impact
TASK
Determine life cycle support requirements
TASK
Implement application cybersecurity policies
TASK
Determine effectiveness of system cybersecurity measures
TASK
Develop cybersecurity risk profiles
TASK
Create product prototypes using working and theoretical models
TASK
Identify anomalous network activity
TASK
Perform privacy impact assessments (PIAs)
TASK
Identify vulnerabilities
TASK
Recommend vulnerability remediation strategies
TASK
Determine essential system capabilities and business functions
TASK
Prioritize essential system capabilities and business functions
TASK
Restore essential system capabilities and business functions after catastrophic failure events
TASK
Design cybersecurity or cybersecurity-enabled products
TASK
Develop cybersecurity or cybersecurity-enabled products
TASK
Determine if hardware, operating systems, and software applications adequately address cybersecurity requirements
TASK
Design system data backup capabilities
TASK
Develop technical and procedural processes for integrity of stored backup data
TASK
Develop technical and procedural processes for backup data storage
TASK
Create system testing and validation procedures and documentation
TASK
Develop systems security design documentation
TASK
Develop disaster recovery and continuity of operations plans for systems under development
TASK
Test disaster recovery and continuity of operations plans for systems prior to deployment
TASK
Develop risk mitigation strategies
TASK
Resolve system vulnerabilities
TASK
Recommend security changes to systems and system components
TASK
Develop cybersecurity countermeasures for systems and applications
TASK
Develop risk mitigation strategies for systems and applications
TASK
Allocate security functions to components and elements
TASK
Remediate technical problems encountered during system testing and implementation
TASK
Direct the remediation of technical problems encountered during system testing and implementation
TASK
Recommend cybersecurity or cybersecurity-enabled products for use within a system
TASK
Conduct risk analysis of applications and systems undergoing major changes
TASK
Develop guidelines for implementing developed systems for customers and installation teams
TASK
Advise on Risk Management Framework process activities and documentation
TASK
Analyze system capabilities and requirements
TASK
Conduct test and evaluation activities
TASK
Develop system performance predictions for various operating conditions
TASK
Plan system security development
TASK
Conduct system security development
TASK
Document cybersecurity design and development activities
TASK
Integrate system development life cycle methodologies into development environment
TASK
Design secure interfaces between information systems, physical systems, and embedded technologies
TASK
Implement secure interfaces between information systems, physical systems, and embedded technologies
TASK
Correlate incident data
TASK
Determine user requirements
TASK
Plan cybersecurity architecture
TASK
Design system security measures
TASK
Update system security measures
TASK
Determine if systems meet minimum security requirements
TASK
Implement system security measures
TASK
Determine effectiveness of system implementation and testing processes
TASK
Establish minimum security requirements for applications
TASK
Determine if applications meet minimum security requirements
TASK
Conduct cybersecurity risk assessments
TASK
Conduct cybersecurity reviews
TASK
Identify cybersecurity gaps in enterprise architecture
TASK
Provide cybersecurity advice on implementation plans, standard operating procedures, maintenance documentation, and maintenance training materials
TASK
Determine if design components meet system requirements
TASK
Determine scalability of system architecture
KNOWLEDGE
Knowledge of microprocessors
KNOWLEDGE
Knowledge of programming language structures and logic
KNOWLEDGE
Knowledge of cybersecurity practices in the acquisition process
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of computer algorithm capabilities and applications
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of evaluation and validation principles and practices
KNOWLEDGE
Knowledge of Local Area Networks (LAN)
KNOWLEDGE
Knowledge of Wide Area Networks (WAN)
KNOWLEDGE
Knowledge of electrical engineering principles and practices
KNOWLEDGE
Knowledge of resiliency and redundancy principles and practices
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of human-computer interaction (HCI) principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of software development principles and practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of bandwidth management tools and techniques
KNOWLEDGE
Knowledge of mathematics principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of parallel and distributed computing principles and practices
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of Privacy Impact Assessment (PIA) principles and practices
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of configuration management (CM) tools and techniques
KNOWLEDGE
Knowledge of security management principles and practices
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software development models and frameworks
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of structured analysis principles and practices
KNOWLEDGE
Knowledge of automated systems analysis tools and techniques
KNOWLEDGE
Knowledge of system design standards and best practices
KNOWLEDGE
Knowledge of system life cycle management principles and practices
KNOWLEDGE
Knowledge of systems testing and evaluation tools and techniques
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of interpreted and compiled programming language characteristics
KNOWLEDGE
Knowledge of secure coding tools and techniques
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of secure software deployment principles and practices
KNOWLEDGE
Knowledge of secure software deployment tools and techniques
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of service management principles and practices
KNOWLEDGE
Knowledge of service management standards and best practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of the acquisition life cycle models and frameworks
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of countermeasure design principles and practices
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of information theory principles and practices
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of operation assessment processes
KNOWLEDGE
Knowledge of secure software update principles and practices
KNOWLEDGE
Knowledge of secure firmware update principles and practices
KNOWLEDGE
Knowledge of knowledge management tools and techniques
KNOWLEDGE
Knowledge of analytical tools and techniques
KNOWLEDGE
Knowledge of application security design principles and practices
KNOWLEDGE
Knowledge of component and interface specifications
KNOWLEDGE
Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices
KNOWLEDGE
Knowledge of data manipulation principles and practices
KNOWLEDGE
Knowledge of data retrieval principles and practices
KNOWLEDGE
Knowledge of data storage principles and practices
KNOWLEDGE
Knowledge of evaluation and validation requirements
KNOWLEDGE
Knowledge of hardware design principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) attributes
KNOWLEDGE
Knowledge of security controls
KNOWLEDGE
Knowledge of user needs and requirements
SKILL
Skill in assessing security systems designs
SKILL
Skill in applying secure coding techniques
SKILL
Skill in analyzing an organization's enterprise information technology architecture
SKILL
Skill in communicating complex concepts
SKILL
Skill in creating technical documentation
SKILL
Skill in deriving evaluative conclusions from data
SKILL
Skill in applying secure network architectures
SKILL
Skill in designing systems
SKILL
Skill in analyzing processes to ensure conformance with procedural requirements
SKILL
Skill in designing architectures
SKILL
Skill in designing frameworks
SKILL
Skill in collaborating with others
SKILL
Skill in integrating information security requirements in the acquisitions process
SKILL
Skill in implementing software quality control processes
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in analyzing software configurations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in designing security controls
SKILL
Skill in designing the integration of hardware solutions
SKILL
Skill in designing the integration of software solutions
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in auditing technical systems
SKILL
Skill in designing secure test plans
SKILL
Skill in applying policies that meet system security objectives
SKILL
Skill in installing system and component upgrades
SKILL
Skill in optimizing system performance
SKILL
Skill in performing design modeling
SKILL
Skill in performing risk assessments
SKILL
Skill in performing technical writing
SKILL
Skill in orchestrating planning teams
SKILL
Skill in coordinating collection support
SKILL
Skill in monitoring status
SKILL
Skill in communicating with customers
SKILL
Skill in performing gap analysis
SKILL
Skill in performing risk analysis
SKILL
Skill in performing user needs analysis
SKILL
Skill in testing interfaces
Systems Requirements Planning DD-WRL-006 3/138
Demonstrated — 3
Not yet demonstrated — 135
TASK
Translate functional requirements into technical solutions
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Identify critical technology procurement requirements
TASK
Determine procurement requirements
TASK
Implement intelligence collection requirements
TASK
Determine functional requirements and specifications
TASK
Evaluate functional requirements
TASK
Oversee the development of design solutions
TASK
Define project scope and objectives
TASK
Develop systems design procedures and processes
TASK
Determine if system analysis meets cybersecurity requirements
TASK
Oversee configuration management
TASK
Develop configuration management recommendations
TASK
Identify opportunities for new and improved business process solutions
TASK
Develop cybersecurity use cases
TASK
Identify supply chain risks for critical system elements
TASK
Document supply chain risks for critical system elements
TASK
Develop user experience requirements
TASK
Document user experience requirements
TASK
Develop quality standards
TASK
Document quality standards
TASK
Create system security concept of operations (ConOps) documents
TASK
Determine if system components can be aligned
TASK
Integrate system components
TASK
Define baseline system security requirements
TASK
Develop cost estimates for new or modified systems
TASK
Determine if developed solutions meet customer requirements
KNOWLEDGE
Knowledge of microprocessors
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of business operations standards and best practices
KNOWLEDGE
Knowledge of requirements analysis principles and practices
KNOWLEDGE
Knowledge of resiliency and redundancy principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of analysis standards and best practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of information technology (IT) architecture models and frameworks
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of parallel and distributed computing principles and practices
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of Privacy Impact Assessment (PIA) principles and practices
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of configuration management (CM) tools and techniques
KNOWLEDGE
Knowledge of security management principles and practices
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of automated systems analysis tools and techniques
KNOWLEDGE
Knowledge of system design standards and best practices
KNOWLEDGE
Knowledge of system life cycle management principles and practices
KNOWLEDGE
Knowledge of systems testing and evaluation tools and techniques
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of service management principles and practices
KNOWLEDGE
Knowledge of service management standards and best practices
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of risk management policies and procedures
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of information theory principles and practices
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of data security controls
KNOWLEDGE
Knowledge of data privacy controls
KNOWLEDGE
Knowledge of design modeling
KNOWLEDGE
Knowledge of configuration management principles and practices
KNOWLEDGE
Knowledge of customer requirements
KNOWLEDGE
Knowledge of security requirements
KNOWLEDGE
Knowledge of systems architecture
KNOWLEDGE
Knowledge of systems development
SKILL
Skill in identifying gaps in technical capabilities
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in developing client organization profiles
SKILL
Skill in identifying partner capabilities
SKILL
Skill in applying information technologies into proposed solutions
SKILL
Skill in performing systems analysis
SKILL
Skill in performing capabilities analysis
SKILL
Skill in performing requirements analysis
SKILL
Skill in building use cases
SKILL
Skill in conducting system reviews
SKILL
Skill in translating operational requirements into security controls
SKILL
Skill in installing system and component upgrades
SKILL
Skill in optimizing system performance
SKILL
Skill in managing client relationships
SKILL
Skill in identifying requirements
SKILL
Skill in assessing partner operations capabilities
SKILL
Skill in collaborating with stakeholders
SKILL
Skill in communicating with customers
SKILL
Skill in conducting feasibility studies
SKILL
Skill in performing needs analysis
SKILL
Skill in performing risk analysis
SKILL
Skill in performing system analysis
SKILL
Skill in performing trade-off analysis
OVERSIGHT and GOVERNANCE 9 roles · 39 challenge hits 25%
Security Control Assessment OG-WRL-012 6/307
Demonstrated — 6
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 301
TASK
Assess the effectiveness of security controls
TASK
Manage Accreditation Packages (e.g., ISO/IEC 15026-2)
TASK
Expand network access
TASK
Conduct technical exploitation of a target
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review cyber defense service provider reporting structure
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Identify critical technology procurement requirements
TASK
Determine procurement requirements
TASK
Estimate the impact of collateral damage
TASK
Integrate leadership priorities
TASK
Integrate organization objectives in intelligence collection
TASK
Determine impact of software configurations
TASK
Assess operation performance
TASK
Assess operation impact
TASK
Scope analysis reports to various audiences that accounts for data sharing classification restrictions
TASK
Determine if priority information requirements are satisfied
TASK
Develop cybersecurity risk profiles
TASK
Identify anomalous network activity
TASK
Identify vulnerabilities
TASK
Recommend vulnerability remediation strategies
TASK
Approve accreditation packages
TASK
Perform security reviews
TASK
Identify gaps in security architecture
TASK
Develop a cybersecurity risk management plan
TASK
Recommend risk mitigation strategies
TASK
Conduct risk analysis of applications and systems undergoing major changes
TASK
Plan security authorization reviews for system and network installations
TASK
Conduct security authorization reviews for system and network installations
TASK
Develop security assurance cases for system and network installations
TASK
Advise on Risk Management Framework process activities and documentation
TASK
Determine if authorization and assurance documents identify an acceptable level of risk for software applications, systems, and networks
TASK
Update security documentation to reflect current application and system security design features
TASK
Verify implementation of software, network, and system cybersecurity postures
TASK
Document software, network, and system deviations from implemented security postures
TASK
Recommend required actions to correct software, network, and system deviations from implemented security postures
TASK
Develop cybersecurity compliance processes for external services
TASK
Develop cybersecurity audit processes for external services
TASK
Provide cybersecurity guidance to organizational risk governance processes
TASK
Determine if vulnerability remediation plans are in place
TASK
Develop vulnerability remediation plans
TASK
Determine if cybersecurity requirements have been successfully implemented
TASK
Determine the effectiveness of organizational cybersecurity policies and procedures
TASK
Determine the impact of new system and interface implementations on organization's cybersecurity posture
TASK
Document impact of new system and interface implementations on organization's cybersecurity posture
TASK
Document cybersecurity design and development activities
TASK
Support cybersecurity compliance activities
TASK
Determine if acquisitions, procurement, and outsourcing efforts address cybersecurity requirements
TASK
Determine effectiveness of configuration management processes
TASK
Correlate incident data
TASK
Evaluate locally developed tools
KNOWLEDGE
Knowledge of language processing tools and techniques
KNOWLEDGE
Knowledge of cybersecurity practices in the acquisition process
KNOWLEDGE
Knowledge of intelligence fusion
KNOWLEDGE
Knowledge of cognitive biases
KNOWLEDGE
Knowledge of information privacy technologies
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of business operations standards and best practices
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of cyber defense tools and techniques
KNOWLEDGE
Knowledge of vulnerability assessment tools and techniques
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of data warehousing principles and practices
KNOWLEDGE
Knowledge of data mining principles and practices
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of evaluation and validation principles and practices
KNOWLEDGE
Knowledge of Local Area Networks (LAN)
KNOWLEDGE
Knowledge of Wide Area Networks (WAN)
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of Security Assessment and Authorization (SA&A) processes
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of vulnerability data sources
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of server diagnostic tools and techniques
KNOWLEDGE
Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of structured analysis principles and practices
KNOWLEDGE
Knowledge of collaboration tools and techniques
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of machine virtualization tools and techniques
KNOWLEDGE
Knowledge of secure coding tools and techniques
KNOWLEDGE
Knowledge of import and export control laws and regulations
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of federal agency roles and responsibilities
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of virtual machine detection tools and techniques
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of learning assessment tools and techniques
KNOWLEDGE
Knowledge of instructional design principles and practices
KNOWLEDGE
Knowledge of instructional design models and frameworks
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of the acquisition life cycle models and frameworks
KNOWLEDGE
Knowledge of network analysis tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of data mining tools and techniques
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of language analysis tools and techniques
KNOWLEDGE
Knowledge of voice analysis tools and techniques
KNOWLEDGE
Knowledge of graphic materials analysis tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of target selection criticality factors
KNOWLEDGE
Knowledge of target selection vulnerability factors
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of target language
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of operation assessment processes
KNOWLEDGE
Knowledge of virtual machine tools and technologies
KNOWLEDGE
Knowledge of risk scoring principles and practices
KNOWLEDGE
Knowledge of data security controls
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of data privacy controls
KNOWLEDGE
Knowledge of knowledge management tools and techniques
KNOWLEDGE
Knowledge of data analysis tools and techniques
KNOWLEDGE
Knowledge of personnel systems and software
KNOWLEDGE
Knowledge of code analysis tools and techniques
KNOWLEDGE
Knowledge of analytical tools and techniques
KNOWLEDGE
Knowledge of analytics
KNOWLEDGE
Knowledge of traceroute tools and techniques
KNOWLEDGE
Knowledge of virtual collaborative workspace tools and techniques
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
SKILL
Skill in conducting test events
SKILL
Skill in applying security controls
SKILL
Skill in interfacing with customers
SKILL
Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
SKILL
Skill in assessing security systems designs
SKILL
Skill in applying secure coding techniques
SKILL
Skill in performing root cause analysis
SKILL
Skill in performing network analysis on targets
SKILL
Skill in performing target system analysis
SKILL
Skill in processing collected data for follow-on analysis
SKILL
Skill in communicating complex concepts
SKILL
Skill in communicating verbally
SKILL
Skill in communicating in writing
SKILL
Skill in facilitating small group discussions
SKILL
Skill in facilitating group discussions
SKILL
Skill in creating technical documentation
SKILL
Skill in developing assessments
SKILL
Skill in developing security assessments
SKILL
Skill in collecting data
SKILL
Skill in verifying data
SKILL
Skill in validating data
SKILL
Skill in deriving evaluative conclusions from data
SKILL
Skill in evaluating laws
SKILL
Skill in evaluating regulations
SKILL
Skill in evaluating policies
SKILL
Skill in analyzing processes to ensure conformance with procedural requirements
SKILL
Skill in collaborating with others
SKILL
Skill in applying critical thinking
SKILL
Skill in analyzing large data sets
SKILL
Skill in creating target intelligence products
SKILL
Skill in identifying targets of interest
SKILL
Skill in functioning effectively in a dynamic, fast-paced environment
SKILL
Skill in identifying external partners
SKILL
Skill in identifying target vulnerabilities
SKILL
Skill in describing target vulnerabilities
SKILL
Skill in mitigating cognitive biases
SKILL
Skill in aligning privacy and cybersecurity objectives
SKILL
Skill in integrating information security requirements in the acquisitions process
SKILL
Skill in implementing software quality control processes
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in developing virtual machines
SKILL
Skill in maintaining virtual machines
SKILL
Skill in identifying software communications vulnerabilities
SKILL
Skill in selecting targets
SKILL
Skill in identifying vulnerabilities
SKILL
Skill in identifying customer information needs
SKILL
Skill in establishing priorities
SKILL
Skill in identifying partner capabilities
SKILL
Skill in analyzing software configurations
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in developing algorithms
SKILL
Skill in performing data structure analysis
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in preparing reports
SKILL
Skill in monitoring system performance
SKILL
Skill in configuring systems for performance enhancement
SKILL
Skill in developing curricula
SKILL
Skill in teaching training programs
SKILL
Skill in categorizing types of vulnerabilities
SKILL
Skill in developing learning activities
SKILL
Skill in designing Test and Evaluation Strategies (TES)
SKILL
Skill in identifying Test and Evaluation Strategies (TES) infrastructure requirements
SKILL
Skill in managing test assets
SKILL
Skill in reviewing logs
SKILL
Skill in identifying evidence of past intrusions
SKILL
Skill in troubleshooting cyber defense infrastructure anomalies
SKILL
Skill in managing a workforce
SKILL
Skill in conducting system reviews
SKILL
Skill in designing secure test plans
SKILL
Skill in assessing application vulnerabilities
SKILL
Skill in implementing Public Key Infrastructure (PKI) encryption
SKILL
Skill in implementing digital signatures
SKILL
Skill in applying policies that meet system security objectives
SKILL
Skill in assessing security controls
SKILL
Skill in translating operational requirements into security controls
SKILL
Skill in optimizing system performance
SKILL
Skill in performing risk assessments
SKILL
Skill in performing administrative planning activities
SKILL
Skill in performing network data analysis
SKILL
Skill in mining data
SKILL
Skill in performing data mining analysis
SKILL
Skill in performing target analysis
SKILL
Skill in developing analytics
SKILL
Skill in evaluating metadata
SKILL
Skill in interpreting metadata
SKILL
Skill in evaluating data source quality
SKILL
Skill in evaluating information quality
SKILL
Skill in generating operation plans
SKILL
Skill in identifying intelligence gaps
SKILL
Skill in identifying regional languages and dialects
SKILL
Skill in prioritizing information
SKILL
Skill in interpreting traceroute results
SKILL
Skill in interpreting vulnerability scanner results
SKILL
Skill in managing client relationships
SKILL
Skill in preparing briefings
SKILL
Skill in preparing plans
SKILL
Skill in producing after-action reports
SKILL
Skill in analyzing intelligence products
SKILL
Skill in identifying network anomalies
SKILL
Skill in performing technical writing
SKILL
Skill in reconstructing a network
SKILL
Skill in incorporating feedback
SKILL
Skill in performing wireless network analysis
SKILL
Skill in navigating databases
SKILL
Skill in performing strategic guidance analysis
SKILL
Skill in developing intelligence collection plans
SKILL
Skill in developing collection strategies
SKILL
Skill in fulfilling information requests
SKILL
Skill in orchestrating planning teams
SKILL
Skill in coordinating collection support
SKILL
Skill in monitoring status
SKILL
Skill in presenting to an audience
SKILL
Skill in analyzing organizational patterns and relationships
SKILL
Skill in assessing partner operations capabilities
SKILL
Skill in solving problems
SKILL
Skill in utilizing cyber defense service provider information
SKILL
Skill in identifying cybersecurity issues in external connections
SKILL
Skill in identifying privacy issues in partner interconnections
SKILL
Skill in performing network traffic analysis
SKILL
Skill in performing risk analysis
Systems Authorization OG-WRL-013 4/103
Demonstrated — 4
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 99
TASK
Manage Accreditation Packages (e.g., ISO/IEC 15026-2)
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Identify critical technology procurement requirements
TASK
Integrate leadership priorities
TASK
Integrate organization objectives in intelligence collection
TASK
Evaluate functional requirements
TASK
Approve accreditation packages
TASK
Determine if authorization and assurance documents identify an acceptable level of risk for software applications, systems, and networks
KNOWLEDGE
Knowledge of the organizational cybersecurity workforce
KNOWLEDGE
Knowledge of cybersecurity operation policies and procedures
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of cyber defense tools and techniques
KNOWLEDGE
Knowledge of vulnerability assessment tools and techniques
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of evaluation and validation principles and practices
KNOWLEDGE
Knowledge of Security Assessment and Authorization (SA&A) processes
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of vulnerability data sources
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of server diagnostic tools and techniques
KNOWLEDGE
Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
KNOWLEDGE
Knowledge of structured analysis principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of import and export control laws and regulations
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of federal agency roles and responsibilities
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of data security controls
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of data privacy controls
SKILL
Skill in forecasting requirements
SKILL
Skill in assessing requirements
SKILL
Skill in analyzing organizational objectives
SKILL
Skill in developing policy plans
SKILL
Skill in evaluating laws
SKILL
Skill in evaluating regulations
SKILL
Skill in evaluating policies
SKILL
Skill in collaborating with others
SKILL
Skill in coordinating cybersecurity operations across an organization
SKILL
Skill in identifying external partners
SKILL
Skill in aligning privacy and cybersecurity objectives
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in developing client organization profiles
SKILL
Skill in identifying partner capabilities
SKILL
Skill in performing risk assessments
SKILL
Skill in assessing partner operations capabilities
SKILL
Skill in solving problems
Systems Security Management OG-WRL-014 4/203
Demonstrated — 4
KNOWLEDGE
Knowledge of penetration testing principles and practices
Not yet demonstrated — 199
TASK
Determine special needs of cyber-physical systems
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Identify critical technology procurement requirements
TASK
Determine procurement requirements
TASK
Integrate black-box security testing tools into quality assurance processes
TASK
Acquire resources to support cybersecurity program goals and objectives
TASK
Conduct an effective enterprise continuity of operations program
TASK
Advise senior management on risk levels and security posture
TASK
Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
TASK
Advise senior management on organizational cybersecurity efforts
TASK
Advise senior leadership and authorizing official of changes affecting the organization's cybersecurity posture
TASK
Collect and maintain system cybersecurity report data
TASK
Create system cybersecurity reports
TASK
Communicate the value of cybersecurity to organizational stakeholders
TASK
Develop the enterprise continuity of operations strategy
TASK
Establish the enterprise continuity of operations program
TASK
Determine if security improvement actions are evaluated, validated, and implemented as required
TASK
Determine if cybersecurity inspections, tests, and reviews are coordinated for the network environment
TASK
Determine if cybersecurity requirements are integrated into continuity planning
TASK
Determine if security engineering is used when acquiring or developing protection and detection capabilities
TASK
Determine if protection and detection capabilities are consistent with organization-level cybersecurity architecture
TASK
Establish enterprise information security architecture
TASK
Determine if baseline security safeguards are appropriately installed
TASK
Determine implications of new and upgraded technologies to the cybersecurity program
TASK
Disseminate incident and other Computer Network Defense (CND) information
TASK
Determine security requirements for new information technologies
TASK
Determine security requirements for new operational technologies
TASK
Determine impact of noncompliance on organizational risk levels
TASK
Determine impact of noncompliance on effectiveness of the enterprise's cybersecurity program
TASK
Align cybersecurity priorities with organizational security strategy
TASK
Manage cybersecurity budget, staffing, and contracting
TASK
Monitor cybersecurity data sources
TASK
Develop Computer Network Defense (CND) guidance for organizational stakeholders
TASK
Manage threat and target analysis
TASK
Manage the production of threat information
TASK
Determine the effectiveness of enterprise cybersecurity safeguards
TASK
Oversee the cybersecurity training and awareness program
TASK
Establish Security Assessment and Authorization processes
TASK
Develop computer environment cybersecurity plans and requirements
TASK
Develop standard operating procedures for secure network system operations
TASK
Distribute standard operating procedures
TASK
Maintain standard operating procedures
TASK
Advise stakeholders on the development of continuity of operations plans
TASK
Advise on security requirements to be included in statements of work
TASK
Provide cybersecurity awareness and training
TASK
Communicate situational awareness information to leadership
TASK
Report cybersecurity incidents
TASK
Recommend organizational cybersecurity resource allocations
TASK
Develop cybersecurity policy recommendations
TASK
Coordinate cybersecurity policy review and approval processes
TASK
Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered
TASK
Determine if appropriate threat mitigation actions have been taken
TASK
Manage computing environment system operations
TASK
Promote cybersecurity awareness to management
TASK
Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
TASK
Oversee policy standards and implementation strategy development
TASK
Provide cybersecurity guidance to organizational risk governance processes
TASK
Determine if procurement activities sufficiently address supply chain risks
TASK
Recommend improvements to procurement activities to address cybersecurity requirements
TASK
Identify system cybersecurity requirements
TASK
Determine if vulnerability remediation plans are in place
TASK
Develop vulnerability remediation plans
TASK
Determine if cybersecurity requirements have been successfully implemented
TASK
Determine the effectiveness of organizational cybersecurity policies and procedures
TASK
Support cybersecurity compliance activities
TASK
Determine if acquisitions, procurement, and outsourcing efforts address cybersecurity requirements
TASK
Determine organizational compliance
TASK
Forecast ongoing service demands
TASK
Conduct periodic reviews of security assumptions
TASK
Develop critical infrastructure protection policies and procedures
TASK
Implement critical infrastructure protection policies and procedures
TASK
Promote awareness of cybersecurity policy and strategy among management
TASK
Conduct cybersecurity risk assessments
TASK
Advise stakeholders on enterprise cybersecurity risk management
TASK
Advise stakeholders on supply chain risk management
KNOWLEDGE
Knowledge of technology integration processes
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of business operations standards and best practices
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of vulnerability data sources
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of analysis standards and best practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of intrusion detection tools and techniques
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of system performance indicators
KNOWLEDGE
Knowledge of system availability measures
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of resource management principles and practices
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of system design standards and best practices
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of system life cycle management principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of program management principles and practices
KNOWLEDGE
Knowledge of project management principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of new and emerging cybersecurity risks
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of risk tolerance principles and practices
KNOWLEDGE
Knowledge of incident response policies and procedures
KNOWLEDGE
Knowledge of incident response roles and responsibilities
KNOWLEDGE
Knowledge of threat vector characteristics
KNOWLEDGE
Knowledge of software quality assurance (SQA) principles and practices
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of network attack vectors
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of data security controls
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of data privacy controls
KNOWLEDGE
Knowledge of black-box software testing
KNOWLEDGE
Knowledge of cybersecurity engineering
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of mission assurance practices and principles
KNOWLEDGE
Knowledge of organization's security strategy
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
KNOWLEDGE
Knowledge of organizational cybersecurity policies and procedures
KNOWLEDGE
Knowledge of organizational policies and procedures
KNOWLEDGE
Knowledge of organizational policy and procedures
KNOWLEDGE
Knowledge of risk mitigation principles and practices
KNOWLEDGE
Knowledge of system life cycles
SKILL
Skill in integrating information security requirements in the acquisitions process
SKILL
Skill in implementing software quality control processes
SKILL
Skill in identifying critical infrastructure systems
SKILL
Skill in identifying systems designed without security considerations
SKILL
Skill in evaluating supplier trustworthiness
SKILL
Skill in evaluating security products
SKILL
Skill in creating system security policies
SKILL
Skill in detecting host- and network-based intrusions
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in applying black-box software testing
SKILL
Skill in interpreting signatures
SKILL
Skill in communicating with external organizations
SKILL
Skill in identifying possible security violations
SKILL
Skill in performing cost/benefit analysis
SKILL
Skill in performing economic analysis
SKILL
Skill in performing risk analysis
Communications Security (COMSEC) Management OG-WRL-001 2/79
Demonstrated — 2
Not yet demonstrated — 77
TASK
Identify roles and responsibilities for appointed Communications Security (COMSEC) personnel
TASK
Identify Communications Security (COMSEC) incidents
TASK
Report Communications Security (COMSEC) incidents
TASK
Identify in-process accounting requirements for Communications Security (COMSEC)
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Identify critical technology procurement requirements
TASK
Advise senior management on risk levels and security posture
TASK
Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
TASK
Advise senior management on organizational cybersecurity efforts
TASK
Communicate the value of cybersecurity to organizational stakeholders
TASK
Develop the enterprise continuity of operations strategy
TASK
Establish the enterprise continuity of operations program
TASK
Determine if security improvement actions are evaluated, validated, and implemented as required
TASK
Establish enterprise information security architecture
TASK
Report cybersecurity incidents
TASK
Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered
KNOWLEDGE
Knowledge of Communications Security (COMSEC) policies and procedures
KNOWLEDGE
Knowledge of the Communications Security (COMSEC) Material Control System (CMCS)
KNOWLEDGE
Knowledge of types of Communications Security (COMSEC) incidents
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of system life cycle management principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of program management principles and practices
KNOWLEDGE
Knowledge of project management principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of data-at-rest encryption (DARE) standards and best practices
KNOWLEDGE
Knowledge of cryptographic key storage systems and software
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of data security controls
KNOWLEDGE
Knowledge of data privacy controls
KNOWLEDGE
Knowledge of mission assurance practices and principles
KNOWLEDGE
Knowledge of organization's security strategy
SKILL
Skill in implementing enterprise key escrow systems
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in encrypting network communications
SKILL
Skill in auditing technical systems
SKILL
Skill in implementing Public Key Infrastructure (PKI) encryption
SKILL
Skill in implementing digital signatures
SKILL
Skill in identifying possible security violations
SKILL
Skill in performing cost/benefit analysis
SKILL
Skill in performing economic analysis
SKILL
Skill in performing risk analysis
Cybersecurity Policy and Planning OG-WRL-002 2/68
Demonstrated — 2
Not yet demonstrated — 66
TASK
Serve on agency and interagency policy boards
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Research new vulnerabilities in emerging technologies
TASK
Evaluate functional requirements
TASK
Develop cybersecurity implementation policies and guidelines
TASK
Establish stakeholder communication channels
TASK
Maintain stakeholder communication channels
TASK
Conduct technology program and project audits
TASK
Promote cybersecurity awareness to management
TASK
Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
TASK
Determine if cybersecurity requirements have been successfully implemented
TASK
Determine the effectiveness of organizational cybersecurity policies and procedures
TASK
Develop independent cybersecurity audit processes for application software, networks, and systems
TASK
Implement independent cybersecurity audit processes for application software, networks, and systems
TASK
Oversee independent cybersecurity audits
TASK
Determine if research and design processes and procedures are in compliance with cybersecurity requirements
TASK
Determine if research and design processes and procedures are accurately followed by cybersecurity staff when performing their day-to-day activities
TASK
Acquire adequate funding for cybersecurity training
TASK
Determine if cybersecurity workforce management policies and procedures comply with legal and organizational requirements
TASK
Promote awareness of cybersecurity policy and strategy among management
TASK
Conduct cybersecurity workforce assessments
TASK
Integrate laws and regulations into policy
TASK
Develop organizational cybersecurity strategy
TASK
Develop cybersecurity policies and procedures
TASK
Advise management, staff, and users on cybersecurity policy
KNOWLEDGE
Knowledge of cybersecurity operation policies and procedures
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of cyber defense tools and techniques
KNOWLEDGE
Knowledge of vulnerability assessment tools and techniques
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of industry indicators
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
KNOWLEDGE
Knowledge of organizational cybersecurity policies and procedures
KNOWLEDGE
Knowledge of organizational human resource (HR) policies and procedures
KNOWLEDGE
Knowledge of research and design processes and procedures
SKILL
Skill in developing policy plans
SKILL
Skill in developing client organization profiles
SKILL
Skill in identifying partner capabilities
SKILL
Skill in performing administrative planning activities
SKILL
Skill in evaluating data source quality
SKILL
Skill in evaluating information quality
SKILL
Skill in preparing plans
SKILL
Skill in collaborating with internal and external stakeholders
Cybersecurity Workforce Management OG-WRL-003 2/132
Demonstrated — 2
Not yet demonstrated — 130
TASK
Identify organizational policy stakeholders
TASK
Serve on agency and interagency policy boards
TASK
Correlate training and learning to business or mission requirements
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Review enterprise information technology (IT) goals and objectives
TASK
Implement organizational training and education policies and procedures
TASK
Research new vulnerabilities in emerging technologies
TASK
Integrate leadership priorities
TASK
Integrate organization objectives in intelligence collection
TASK
Acquire resources to support cybersecurity program goals and objectives
TASK
Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
TASK
Advise senior management on organizational cybersecurity efforts
TASK
Communicate the value of cybersecurity to organizational stakeholders
TASK
Evaluate functional requirements
TASK
Develop the enterprise continuity of operations strategy
TASK
Establish the enterprise continuity of operations program
TASK
Develop cybersecurity implementation policies and guidelines
TASK
Establish stakeholder communication channels
TASK
Maintain stakeholder communication channels
TASK
Manage cybersecurity budget, staffing, and contracting
TASK
Conduct technology program and project audits
TASK
Promote cybersecurity awareness to management
TASK
Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
TASK
Determine if cybersecurity requirements have been successfully implemented
TASK
Determine the effectiveness of organizational cybersecurity policies and procedures
TASK
Develop independent cybersecurity audit processes for application software, networks, and systems
TASK
Implement independent cybersecurity audit processes for application software, networks, and systems
TASK
Oversee independent cybersecurity audits
TASK
Determine if research and design processes and procedures are in compliance with cybersecurity requirements
TASK
Determine if research and design processes and procedures are accurately followed by cybersecurity staff when performing their day-to-day activities
TASK
Acquire adequate funding for cybersecurity training
TASK
Conduct learning needs assessments
TASK
Identify training requirements
TASK
Determine if qualification standards meet organizational functional requirements and comply with industry standards
TASK
Allocate and distribute human capital assets
TASK
Develop standardized cybersecurity position descriptions using the NICE Framework
TASK
Develop recruiting, hiring, and retention processes
TASK
Determine cybersecurity position requirements
TASK
Develop cybersecurity training policies and procedures
TASK
Determine if cybersecurity workforce management policies and procedures comply with legal and organizational requirements
TASK
Establish cybersecurity workforce readiness metrics
TASK
Establish waiver processes for cybersecurity career field entry and training qualification requirements
TASK
Establish organizational cybersecurity career pathways
TASK
Develop cybersecurity workforce reporting requirements
TASK
Establish cybersecurity workforce management programs
TASK
Assess cybersecurity workforce management programs
TASK
Promote awareness of cybersecurity policy and strategy among management
TASK
Determine cybersecurity career field qualification requirements
TASK
Determine organizational policies related to or influencing the cyber workforce
TASK
Conduct cybersecurity workforce assessments
TASK
Integrate cybersecurity workforce personnel into information systems life cycle development processes
TASK
Integrate laws and regulations into policy
TASK
Develop organizational cybersecurity strategy
TASK
Develop cybersecurity policies and procedures
TASK
Identify cyber workforce planning and management issues
TASK
Address cyber workforce planning and management issues
TASK
Advise management, staff, and users on cybersecurity policy
TASK
Develop supply chain cybersecurity risk management policy
KNOWLEDGE
Knowledge of the organizational cybersecurity workforce
KNOWLEDGE
Knowledge of cybersecurity operation policies and procedures
KNOWLEDGE
Knowledge of career paths
KNOWLEDGE
Knowledge of organizational career progressions
KNOWLEDGE
Knowledge of workforce trends
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of cyber defense tools and techniques
KNOWLEDGE
Knowledge of vulnerability assessment tools and techniques
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of resource management principles and practices
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of new and emerging cybersecurity risks
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of threat vector characteristics
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of network attack vectors
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of learning assessment tools and techniques
KNOWLEDGE
Knowledge of training policies and procedures
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of training systems and software
KNOWLEDGE
Knowledge of the NIST Workforce Framework for Cybersecurity (NICE Framework)
KNOWLEDGE
Knowledge of human resources policies and procedures
KNOWLEDGE
Knowledge of industry indicators
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of personnel systems and software
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of cybersecurity workforce policies and procedures
KNOWLEDGE
Knowledge of mission assurance practices and principles
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
KNOWLEDGE
Knowledge of organizational cybersecurity policies and procedures
KNOWLEDGE
Knowledge of organizational cybersecurity workforce requirements
KNOWLEDGE
Knowledge of organizational human resource (HR) policies and procedures
KNOWLEDGE
Knowledge of research and design processes and procedures
KNOWLEDGE
Knowledge of risk mitigation principles and practices
SKILL
Skill in developing assessments
SKILL
Skill in developing security assessments
SKILL
Skill in forecasting requirements
SKILL
Skill in assessing requirements
SKILL
Skill in analyzing organizational objectives
SKILL
Skill in developing policy plans
SKILL
Skill in creating career path definitions
SKILL
Skill in developing career paths
SKILL
Skill in evaluating workforce trends
SKILL
Skill in developing client organization profiles
SKILL
Skill in identifying partner capabilities
SKILL
Skill in developing position qualification requirements
SKILL
Skill in managing a workforce
SKILL
Skill in performing risk assessments
SKILL
Skill in collaborating with internal and external stakeholders
SKILL
Skill in performing cost/benefit analysis
SKILL
Skill in performing economic analysis
SKILL
Skill in performing risk analysis
SKILL
Skill in performing trend analysis
Cybersecurity Legal Advice OG-WRL-006 1/59
Demonstrated — 1
Not yet demonstrated — 58
TASK
Advocate organization's official position in legal and legislative proceedings
TASK
Resolve conflicts in laws, regulations, policies, standards, or procedures
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Identify critical technology procurement requirements
TASK
Evaluate organizational cybersecurity policy regulatory compliance
TASK
Evaluate organizational cybersecurity policy alignment with organizational directives
TASK
Determine if contracts comply with funding, legal, and program requirements
TASK
Identify alleged violations of law, regulations, policy, or guidance
TASK
Develop implementation guidelines
TASK
Provide inspectors general, privacy officers, and oversight and compliance with legal analysis and decisions
TASK
Evaluate the impact of legal, regulatory, policy, standard, or procedural changes
TASK
Prepare legal documents
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of import and export control laws and regulations
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of federal agency roles and responsibilities
KNOWLEDGE
Knowledge of account creation policies and procedures
KNOWLEDGE
Knowledge of password policies and procedures
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of intelligence data gathering principles and practices
KNOWLEDGE
Knowledge of intelligence data gathering policies and procedures
KNOWLEDGE
Knowledge of foreign disclosure policies and procedures
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of privacy disclosure statement laws and regulations
KNOWLEDGE
Knowledge of cybersecurity standards and best practices
KNOWLEDGE
Knowledge of organizational cybersecurity policies and configurations
SKILL
Skill in evaluating laws
SKILL
Skill in evaluating regulations
SKILL
Skill in evaluating policies
SKILL
Skill in communicating effectively
SKILL
Skill in performing risk assessments
Executive Cybersecurity Leadership OG-WRL-007 1/100
Demonstrated — 1
Not yet demonstrated — 99
TASK
Advocate organization's official position in legal and legislative proceedings
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Integrate leadership priorities
TASK
Integrate organization objectives in intelligence collection
TASK
Scope analysis reports to various audiences that accounts for data sharing classification restrictions
TASK
Determine if priority information requirements are satisfied
TASK
Acquire resources to support cybersecurity program goals and objectives
TASK
Conduct an effective enterprise continuity of operations program
TASK
Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
TASK
Advise senior management on organizational cybersecurity efforts
TASK
Communicate the value of cybersecurity to organizational stakeholders
TASK
Develop strategic plans
TASK
Maintain strategic plans
TASK
Disseminate incident and other Computer Network Defense (CND) information
TASK
Align cybersecurity priorities with organizational security strategy
TASK
Manage cybersecurity budget, staffing, and contracting
TASK
Develop Computer Network Defense (CND) guidance for organizational stakeholders
TASK
Determine the effectiveness of enterprise cybersecurity safeguards
TASK
Develop cybersecurity policy recommendations
TASK
Coordinate cybersecurity policy review and approval processes
TASK
Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered
TASK
Promote cybersecurity awareness to management
TASK
Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
TASK
Oversee policy standards and implementation strategy development
TASK
Identify system cybersecurity requirements
TASK
Determine if vulnerability remediation plans are in place
TASK
Develop vulnerability remediation plans
TASK
Develop critical infrastructure protection policies and procedures
TASK
Implement critical infrastructure protection policies and procedures
TASK
Allocate and distribute human capital assets
TASK
Promote awareness of cybersecurity policy and strategy among management
TASK
Develop organizational cybersecurity strategy
TASK
Develop cybersecurity policies and procedures
TASK
Conduct cybersecurity risk assessments
TASK
Coordinate strategic planning efforts with internal and external partners
TASK
Establish cybersecurity risk assessment processes
TASK
Establish a cybersecurity risk management program
KNOWLEDGE
Knowledge of operational planning processes
KNOWLEDGE
Knowledge of cybersecurity operation policies and procedures
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of new and emerging cybersecurity risks
KNOWLEDGE
Knowledge of import and export control laws and regulations
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of federal agency roles and responsibilities
KNOWLEDGE
Knowledge of threat vector characteristics
KNOWLEDGE
Knowledge of network attack vectors
KNOWLEDGE
Knowledge of critical infrastructure systems and software
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of network hardware threats and vulnerabilities
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of cyber operations principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of decision-making policies and procedures
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of cybersecurity competitions
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
KNOWLEDGE
Knowledge of organizational cybersecurity policies and procedures
KNOWLEDGE
Knowledge of organizational policies and procedures
KNOWLEDGE
Knowledge of risk mitigation principles and practices
KNOWLEDGE
Knowledge of system life cycles
SKILL
Skill in interfacing with customers
SKILL
Skill in developing policy plans
SKILL
Skill in evaluating laws
SKILL
Skill in evaluating regulations
SKILL
Skill in evaluating policies
SKILL
Skill in applying critical thinking
SKILL
Skill in identifying customer information needs
SKILL
Skill in establishing priorities
SKILL
Skill in creating system security policies
SKILL
Skill in communicating effectively
SKILL
Skill in performing risk assessments
SKILL
Skill in developing comprehensive cyber operations assessment programs
SKILL
Skill in executing comprehensive cyber operations assessment programs
SKILL
Skill in anticipating new security threats
SKILL
Skill in analyzing organizational patterns and relationships
SKILL
Skill in solving problems
SKILL
Skill in collaborating with internal and external stakeholders
SKILL
Skill in communicating with external organizations
Product Support Management OG-WRL-009 1/113
Demonstrated — 1
Not yet demonstrated — 112
TASK
Resolve conflicts in laws, regulations, policies, standards, or procedures
TASK
Conduct import/export reviews for acquiring systems and software
TASK
Apply standards to identify safety risk and protect cyber-physical functions
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Identify critical technology procurement requirements
TASK
Determine procurement requirements
TASK
Implement intelligence collection requirements
TASK
Recommend development of new applications or modification of existing applications
TASK
Create development plans for new applications or modification of existing applications
TASK
Develop risk, compliance, and assurance monitoring strategies
TASK
Develop risk, compliance, and assurance measurement strategies
TASK
Manage cybersecurity budget, staffing, and contracting
TASK
Identify opportunities for new and improved business process solutions
TASK
Advise stakeholders on the development of continuity of operations plans
TASK
Conduct technology program and project audits
TASK
Determine if procurement activities sufficiently address supply chain risks
TASK
Recommend improvements to procurement activities to address cybersecurity requirements
TASK
Identify supply chain risks for critical system elements
TASK
Document supply chain risks for critical system elements
TASK
Determine if acquisitions, procurement, and outsourcing efforts address cybersecurity requirements
TASK
Develop independent cybersecurity audit processes for application software, networks, and systems
TASK
Implement independent cybersecurity audit processes for application software, networks, and systems
TASK
Oversee independent cybersecurity audits
TASK
Determine if research and design processes and procedures are in compliance with cybersecurity requirements
TASK
Determine if research and design processes and procedures are accurately followed by cybersecurity staff when performing their day-to-day activities
TASK
Develop supply chain, system, network, and operational security contract language
TASK
Determine if technology services are delivered successfully
TASK
Manage customer services
TASK
Define service-level agreements (SLAs)
TASK
Gather customer satisfaction and service performance feedback
TASK
Examine service performance reports for issues and variances
TASK
Initiate corrective actions to service performance issues and variances
TASK
Determine supply chain cybersecurity requirements
TASK
Advise stakeholders on enterprise cybersecurity risk management
TASK
Advise stakeholders on supply chain risk management
TASK
Provide cybersecurity advice on implementation plans, standard operating procedures, maintenance documentation, and maintenance training materials
TASK
Prepare supply chain security reports
TASK
Prepare risk management reports
KNOWLEDGE
Knowledge of operational planning processes
KNOWLEDGE
Knowledge of market research tools and techniques
KNOWLEDGE
Knowledge of pricing structures
KNOWLEDGE
Knowledge of supplier assessment criteria
KNOWLEDGE
Knowledge of trustworthiness principles
KNOWLEDGE
Knowledge of cybersecurity practices in the acquisition process
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of requirements analysis principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of analysis standards and best practices
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of new and emerging technologies
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of resource management principles and practices
KNOWLEDGE
Knowledge of system life cycle management principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of import and export control laws and regulations
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of federal agency roles and responsibilities
KNOWLEDGE
Knowledge of incident response policies and procedures
KNOWLEDGE
Knowledge of incident response roles and responsibilities
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of risk assessment principles and practices
KNOWLEDGE
Knowledge of threat assessment principles and practices
KNOWLEDGE
Knowledge of supply chain risk management policies and procedures
KNOWLEDGE
Knowledge of cloud computing principles and practices
KNOWLEDGE
Knowledge of knowledge management principles and practices
KNOWLEDGE
Knowledge of process improvement principles and practices
KNOWLEDGE
Knowledge of process maturity models and frameworks
KNOWLEDGE
Knowledge of service management principles and practices
KNOWLEDGE
Knowledge of service management standards and best practices
KNOWLEDGE
Knowledge of sustainment principles and practices
KNOWLEDGE
Knowledge of sustainment processes
KNOWLEDGE
Knowledge of risk management policies and procedures
KNOWLEDGE
Knowledge of the acquisition life cycle models and frameworks
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of cybersecurity requirements
KNOWLEDGE
Knowledge of organizational cybersecurity goals and objectives
KNOWLEDGE
Knowledge of research and design processes and procedures
SKILL
Skill in conducting market research
SKILL
Skill in pricing products
SKILL
Skill in analyzing processes to ensure conformance with procedural requirements
SKILL
Skill in integrating information security requirements in the acquisitions process
SKILL
Skill in implementing software quality control processes
SKILL
Skill in evaluating supplier trustworthiness
SKILL
Skill in performing capabilities analysis
SKILL
Skill in performing requirements analysis
SKILL
Skill in preparing reports
SKILL
Skill in monitoring system performance
SKILL
Skill in configuring systems for performance enhancement
SKILL
Skill in translating operational requirements into security controls
SKILL
Skill in performing administrative planning activities
SKILL
Skill in identifying requirements
SKILL
Skill in managing intelligence collection requirements
SKILL
Skill in collaborating with internal and external stakeholders
SKILL
Skill in performing needs analysis
INVESTIGATION 2 roles · 14 challenge hits 9%
Digital Evidence Analysis IN-WRL-002 10/175
Demonstrated — 10
TASK
Collect documentary or physical evidence of cyber intrusion incidents, investigations, and operations
Not yet demonstrated — 165
TASK
Perform file signature analysis
TASK
Perform data comparison against established database
TASK
Perform real-time forensic analysis (e.g., using Helix in conjunction with LiveView)
TASK
Perform timeline analysis
TASK
Perform static media analysis
TASK
Perform tier 1, 2, and 3 malware analysis
TASK
Determine data specifications
TASK
Determine data capacity requirements
TASK
Determine best methods for identifying the perpetrator(s) of a network intrusion
TASK
Identify intrusions
TASK
Document what is known about intrusions
TASK
Create forensically sound duplicates of evidence
TASK
Decrypt seized data
TASK
Create technical summary of findings reports
TASK
Determine if digital media chain or custody processes meet Federal Rules of Evidence requirements
TASK
Determine relevance of recovered data
TASK
Identify digital evidence for analysis
TASK
Perform dynamic analysis on drives
TASK
Perform forensically sound image collection
TASK
Prepare digital media for imaging
TASK
Capture network traffic associated with malicious activities
TASK
Process digital evidence
TASK
Document digital evidence
TASK
Produce incident findings reports
TASK
Scan digital media for viruses
TASK
Mount a drive image
TASK
Utilize deployable forensics toolkit
TASK
Process forensic images
TASK
Detect concealed data
TASK
Document original condition of digital evidence
TASK
Recover information from forensic data sources
TASK
Check network connections
TASK
Look for indicators of intrusions
TASK
Identify devices and networks on scene
TASK
Collect devices containing digital evidence
TASK
Identify areas of compromise
TASK
Acquire digital evidence
TASK
Create a digital footprint of raw or physical data
TASK
Process data into readable format
TASK
Prepare data for ingestion into application systems
TASK
Recover deleted or overwritten data files
TASK
Create derivative evidence from findings report
TASK
Serve as subject expert in training fact witnesses for testifying
TASK
Present factual causality to support attribution of criminal activity
TASK
Prepare technical materials for legal proceedings
TASK
Serve as liaison to prosecutors
TASK
Manage forensic laboratory accreditation processes
KNOWLEDGE
Knowledge of decryption tools and techniques
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of incident response tools and techniques
KNOWLEDGE
Knowledge of incident handling tools and techniques
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of server diagnostic tools and techniques
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of physical computer components
KNOWLEDGE
Knowledge of computer peripherals
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of file extensions
KNOWLEDGE
Knowledge of file system implementation principles and practices
KNOWLEDGE
Knowledge of digital evidence seizure policies and procedures
KNOWLEDGE
Knowledge of digital evidence preservation policies and procedures
KNOWLEDGE
Knowledge of ethical hacking tools and techniques
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of chain of custody policies and procedures
KNOWLEDGE
Knowledge of persistent data principles and practices
KNOWLEDGE
Knowledge of machine virtualization tools and techniques
KNOWLEDGE
Knowledge of system file characteristics
KNOWLEDGE
Knowledge of deployable forensics principles and practices
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of data carving tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of anti-forensics tools and techniques
KNOWLEDGE
Knowledge of forensics lab design principles and practices
KNOWLEDGE
Knowledge of forensics lab design systems and software
KNOWLEDGE
Knowledge of debugging tools and techniques
KNOWLEDGE
Knowledge of filename extension abuse
KNOWLEDGE
Knowledge of malware analysis tools and techniques
KNOWLEDGE
Knowledge of virtual machine detection tools and techniques
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of remote access tools and techniques
KNOWLEDGE
Knowledge of binary analysis tools and techniques
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of malware analysis principles and practices
KNOWLEDGE
Knowledge of operating system structures and internals
KNOWLEDGE
Knowledge of data concealment tools and techniques
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of information searching tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of reporting policies and procedures
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of code obfuscation tools and techniques
KNOWLEDGE
Knowledge of digital forensics principles and practices
KNOWLEDGE
Knowledge of virtual machine tools and technologies
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of media forensics
KNOWLEDGE
Knowledge of digital forensics tools and techniques
KNOWLEDGE
Knowledge of Chain of Custody (CoC) processes and procedures
KNOWLEDGE
Knowledge of data encryption practices and principles
KNOWLEDGE
Knowledge of data integrity principles and practices
KNOWLEDGE
Knowledge of digital evidence cataloging tools and techniques
KNOWLEDGE
Knowledge of digital evidence extraction tools and techniques
KNOWLEDGE
Knowledge of digital evidence handling principles and practices
KNOWLEDGE
Knowledge of digital evidence packaging tools and techniques
KNOWLEDGE
Knowledge of digital evidence preservation tools and techniques
KNOWLEDGE
Knowledge of forensic image processing tools and techniques
KNOWLEDGE
Knowledge of network monitoring tools and techniques
KNOWLEDGE
Knowledge of steganography practices and principles
KNOWLEDGE
Knowledge of approved data processing tools and techniques
KNOWLEDGE
Knowledge of data types and characteristics
KNOWLEDGE
Knowledge of predication requirements
KNOWLEDGE
Knowledge of court exhibit processes
KNOWLEDGE
Knowledge of testing and calibration in laboratory environment
SKILL
Skill in performing packet-level analysis
SKILL
Skill in decrypting information
SKILL
Skill in communicating complex concepts
SKILL
Skill in applying critical thinking
SKILL
Skill in developing virtual machines
SKILL
Skill in identifying filename extension abuse
SKILL
Skill in performing intelligence collection analysis
SKILL
Skill in preparing reports
SKILL
Skill in preserving digital evidence integrity
SKILL
Skill in storing digital evidence
SKILL
Skill in manipulating operating system components
SKILL
Skill in collecting digital evidence
SKILL
Skill in processing digital evidence
SKILL
Skill in performing digital forensics analysis
SKILL
Skill in implementing one-way hash functions
SKILL
Skill in performing source code analysis
SKILL
Skill in performing volatile data analysis
SKILL
Skill in interpreting debugger results
SKILL
Skill in performing malware analysis
SKILL
Skill in performing data analysis
SKILL
Skill in performing digital evidence analysis
SKILL
Skill in performing dynamic analysis
SKILL
Skill in performing file system forensic analysis
SKILL
Skill in performing log file analysis
SKILL
Skill in performing static malware analysis
SKILL
Skill in live acquisition
SKILL
Skill in deadbox acquisition
SKILL
Skill in inspecting data for ingestion
SKILL
Skill in interacting with live systems to identify active and historical networks
Cybercrime Investigation IN-WRL-001 1/107
Demonstrated — 1
TASK
Collect documentary or physical evidence of cyber intrusion incidents, investigations, and operations
Not yet demonstrated — 106
TASK
Perform timeline analysis
TASK
Process crime scenes
TASK
Determine best methods for identifying the perpetrator(s) of a network intrusion
TASK
Conduct victim and witness interviews
TASK
Conduct suspect interrogations
TASK
Investigate suspicious activity and alleged digital crimes
TASK
Establish internal and external cross-team relationships
TASK
Conduct analysis of computer network attacks
TASK
Determine if security incidents are indicative of a violation of law that requires specific legal action
TASK
Identify data or intelligence of evidentiary value
TASK
Identify digital evidence for analysis
TASK
Identify elements of proof of cybersecurity crimes
TASK
Document cybersecurity incidents
TASK
Escalate incidents that may cause ongoing and immediate impact to the environment
TASK
Process digital evidence
TASK
Document digital evidence
TASK
Assess the behavior of individual victims, witnesses, or suspects during cybersecurity investigations
TASK
Determine the impact of threats on cybersecurity
TASK
Advise trial counsel as technical expert
TASK
Analyze cybersecurity threats for counter intelligence or criminal activity
TASK
Preserve digital evidence
TASK
Identify responsible parties for intrusions and other crimes
TASK
Prepare investigative reports
TASK
Assess target vulnerabilities and operational capabilities
TASK
Recommend potential courses of action
TASK
Disseminate investigative report findings
TASK
Deconflict investigative activity with other law enforcement agencies
TASK
Determine appropriate jurisdiction for legal action
TASK
Collect physical evidence of cyber intrusion incidents, investigations, and operations
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of intrusion detection tools and techniques
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of insider threat laws and regulations
KNOWLEDGE
Knowledge of insider threat tools and techniques
KNOWLEDGE
Knowledge of adversarial tactics principles and practices
KNOWLEDGE
Knowledge of adversarial tactics tools and techniques
KNOWLEDGE
Knowledge of adversarial tactics policies and procedures
KNOWLEDGE
Knowledge of digital evidence seizure policies and procedures
KNOWLEDGE
Knowledge of digital evidence preservation policies and procedures
KNOWLEDGE
Knowledge of evidence admissibility laws and regulations
KNOWLEDGE
Knowledge of chain of custody policies and procedures
KNOWLEDGE
Knowledge of persistent data principles and practices
KNOWLEDGE
Knowledge of federal agency roles and responsibilities
KNOWLEDGE
Knowledge of cyberattack actor characteristics
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of covert communication tools and techniques
KNOWLEDGE
Knowledge of cyber defense laws and regulations
KNOWLEDGE
Knowledge of crisis management protocols
KNOWLEDGE
Knowledge of crisis management processes
KNOWLEDGE
Knowledge of crisis management tools and techniques
KNOWLEDGE
Knowledge of abnormal physical and physiological behaviors
KNOWLEDGE
Knowledge of operating system structures and internals
KNOWLEDGE
Knowledge of targeting laws and regulations
KNOWLEDGE
Knowledge of exploitation laws and regulations
KNOWLEDGE
Knowledge of cyber-attack tools and techniques
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of web application security risks
KNOWLEDGE
Knowledge of cybersecurity standards and best practices
KNOWLEDGE
Knowledge of digital evidence cataloging tools and techniques
KNOWLEDGE
Knowledge of digital evidence extraction tools and techniques
KNOWLEDGE
Knowledge of digital evidence handling principles and practices
KNOWLEDGE
Knowledge of digital evidence packaging tools and techniques
KNOWLEDGE
Knowledge of digital evidence preservation tools and techniques
KNOWLEDGE
Knowledge of required reporting formats
KNOWLEDGE
Knowledge of human source tasking
KNOWLEDGE
Knowledge of disruption, dismantlement, and deterrence strategies
KNOWLEDGE
Knowledge of obfuscation tools and techniques
SKILL
Skill in navigating the dark web
SKILL
Skill in using the TOR network
SKILL
Skill in examining digital media
SKILL
Skill in identifying anomalous activity
SKILL
Skill in evaluating supplier trustworthiness
SKILL
Skill in evaluating security products
SKILL
Skill in preserving digital evidence integrity
SKILL
Skill in collecting digital evidence
SKILL
Skill in processing digital evidence
SKILL
Skill in transporting digital evidence
SKILL
Skill in performing malware analysis
SKILL
Skill in performing Open Source Intelligence (OSINT) research
SKILL
Skill in solving problems
SKILL
Skill in performing data analysis
SKILL
Skill in performing digital evidence analysis
SKILL
Skill in performing incident analysis
SKILL
Skill in performing log file analysis
SKILL
Skill in performing threat analysis
SKILL
Skill in recognizing behavioral patterns
IMPLEMENTATION and OPERATION 3 roles · 12 challenge hits 8%
Database Administration IO-WRL-002 3/85
Demonstrated — 3
Not yet demonstrated — 82
TASK
Maintain database management systems software
TASK
Maintain assured message delivery systems
TASK
Implement data management standards, requirements, and specifications
TASK
Implement data mining and data warehousing applications
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Determine data capacity requirements
TASK
Plan for anticipated changes in data capacity requirements
TASK
Maintain directory replication services
TASK
Maintain information exchanges through publish, subscribe, and alert functions
TASK
Perform backup and recovery of databases
TASK
Recommend new database technologies and architectures
TASK
Manage databases and data management systems
TASK
Install database management systems and software
TASK
Configure database management systems and software
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of data administration policies and procedures
KNOWLEDGE
Knowledge of data standardization policies and procedures
KNOWLEDGE
Knowledge of data backup and recovery policies and procedures
KNOWLEDGE
Knowledge of data warehousing principles and practices
KNOWLEDGE
Knowledge of data mining principles and practices
KNOWLEDGE
Knowledge of database management system (DBMS) principles and practices
KNOWLEDGE
Knowledge of database query language capabilities and applications
KNOWLEDGE
Knowledge of database schema capabilities and applications
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of digital rights management (DRM) tools and techniques
KNOWLEDGE
Knowledge of host access control (HAC) systems and software
KNOWLEDGE
Knowledge of network access control (NAC) systems and software
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of query languages
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of data asset management principles and practices
KNOWLEDGE
Knowledge of data storage media characteristics
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data remediation tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of database application programming interfaces (APIs)
KNOWLEDGE
Knowledge of key management service (KMS) principles and practices
KNOWLEDGE
Knowledge of key management service (KMS) key rotation policies and procedures
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of database administration principles and practices
KNOWLEDGE
Knowledge of database maintenance principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of capacity management
KNOWLEDGE
Knowledge of configuration management
KNOWLEDGE
Knowledge of data integrity principles and practices
KNOWLEDGE
Knowledge of financial management
SKILL
Skill in optimizing database performance
SKILL
Skill in designing data storage solutions
SKILL
Skill in implementing data storage solutions
SKILL
Skill in developing algorithms
SKILL
Skill in performing data structure analysis
SKILL
Skill in preparing reports
SKILL
Skill in administering databases
SKILL
Skill in preparing briefings
SKILL
Skill in presenting to an audience
SKILL
Skill in caching data
SKILL
Skill in cataloging data
SKILL
Skill in compiling data
SKILL
Skill in distributing data
SKILL
Skill in retrieving data
Systems Security Analysis IO-WRL-006 3/150
Demonstrated — 3
Not yet demonstrated — 147
TASK
Assess the effectiveness of security controls
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Identify critical technology procurement requirements
TASK
Implement application cybersecurity policies
TASK
Implement system cybersecurity policies
TASK
Assess the organization's cybersecurity architecture
TASK
Determine if systems security operations and maintenance activities are property documented and updated
TASK
Determine that the application of security patches for commercial products meets timeline requirements
TASK
Document commercial product timeline requirements dictated by the management authority for intended operational environments
TASK
Determine if cybersecurity-enabled products reduce identified risk to acceptable levels
TASK
Determine if security control technologies reduce identified risk to acceptable levels
TASK
Implement cybersecurity countermeasures for systems and applications
TASK
Integrate automated capabilities for updating or patching system software
TASK
Develop processes and procedures for manual updating and patching of system software
TASK
Perform cybersecurity testing of developed applications and systems
TASK
Perform security reviews
TASK
Identify gaps in security architecture
TASK
Develop a cybersecurity risk management plan
TASK
Recommend system modifications
TASK
Document systems security activities
TASK
Advise on Risk Management Framework process activities and documentation
TASK
Update security documentation to reflect current application and system security design features
TASK
Determine effectiveness of configuration management processes
TASK
Determine if systems meet minimum security requirements
TASK
Develop procedures for system operations transfer to alternate sites
TASK
Test failover for system operations transfer to alternative sites
TASK
Analyze organizational cybersecurity posture trends
TASK
Develop organizational cybersecurity posture trend reports
TASK
Develop system security posture trend reports
TASK
Determine adequacy of access controls
TASK
Execute disaster recovery and continuity of operations processes
TASK
Implement security measures for systems and system components
TASK
Resolve vulnerabilities in systems and system components
TASK
Mitigate risks in systems and system components
TASK
Implement system security measures
TASK
Implement cross-domain solutions
TASK
Develop risk acceptance documentation for senior leaders and authorized representatives
TASK
Determine effectiveness of system implementation and testing processes
TASK
Establish minimum security requirements for applications
TASK
Determine if applications meet minimum security requirements
TASK
Recommend threat and vulnerability risk mitigation strategies
TASK
Advise stakeholders on vulnerability compliance
TASK
Resolve computer security incidents
TASK
Advise stakeholders on disaster recovery, contingency, and continuity of operations plans
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of computer algorithm capabilities and applications
KNOWLEDGE
Knowledge of database systems and software
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of human-computer interaction (HCI) principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of vulnerability data sources
KNOWLEDGE
Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
KNOWLEDGE
Knowledge of non-repudiation principles and practices
KNOWLEDGE
Knowledge of cyber safety principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of Risk Management Framework (RMF) requirements
KNOWLEDGE
Knowledge of risk management models and frameworks
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of mathematics principles and practices
KNOWLEDGE
Knowledge of identity and access management (IAM) principles and practices
KNOWLEDGE
Knowledge of operating system (OS) systems and software
KNOWLEDGE
Knowledge of parallel and distributed computing principles and practices
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of security management principles and practices
KNOWLEDGE
Knowledge of system design tools and techniques
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of client and server architecture
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of systems testing and evaluation tools and techniques
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of supply chain risk management principles and practices
KNOWLEDGE
Knowledge of supply chain risks
KNOWLEDGE
Knowledge of supply chain risk management standards and best practices
KNOWLEDGE
Knowledge of technology procurement principles and practices
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of service management principles and practices
KNOWLEDGE
Knowledge of service management standards and best practices
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of computer architecture principles and practices
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of risk management policies and procedures
KNOWLEDGE
Knowledge of network analysis tools and techniques
KNOWLEDGE
Knowledge of configuration management tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of credential management systems and software
KNOWLEDGE
Knowledge of data-at-rest encryption (DARE) standards and best practices
KNOWLEDGE
Knowledge of cryptographic key storage systems and software
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of countermeasure design principles and practices
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of embedded systems and software
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of critical information requirements
KNOWLEDGE
Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices
KNOWLEDGE
Knowledge of service-oriented security architecture practices and principles
KNOWLEDGE
Knowledge of system availability requirements
SKILL
Skill in assessing security systems designs
SKILL
Skill in evaluating supplier trustworthiness
SKILL
Skill in evaluating product trustworthiness
SKILL
Skill in identifying software communications vulnerabilities
SKILL
Skill in developing user credential management systems
SKILL
Skill in implementing user credential management systems
SKILL
Skill in implementing enterprise key escrow systems
SKILL
Skill in scanning for vulnerabilities
SKILL
Skill in recognizing vulnerabilities
SKILL
Skill in designing the integration of hardware solutions
SKILL
Skill in designing the integration of software solutions
SKILL
Skill in developing security system controls
SKILL
Skill in evaluating security designs
SKILL
Skill in writing code in a currently supported programming language
SKILL
Skill in assessing security controls
SKILL
Skill in installing system and component upgrades
SKILL
Skill in optimizing system performance
SKILL
Skill in performing network data analysis
Network Operations IO-WRL-004 1/122
Demonstrated — 1
Not yet demonstrated — 121
TASK
Diagnose network connectivity problems
TASK
Install or replace network hubs, routers, and switches
TASK
Integrate new systems into existing network architecture
TASK
Monitor network capacity and performance
TASK
Determine the operational and safety impacts of cybersecurity lapses
TASK
Improve network security practices
TASK
Configure network hubs, routers, and switches
TASK
Optimize network hubs, routers, and switches
TASK
Develop network backup and recovery procedures
TASK
Implement network backup and recovery procedures
TASK
Implement new system design procedures
TASK
Implement new system test procedures
TASK
Implement new system quality standards
TASK
Install network infrastructure device operating system software
TASK
Maintain network infrastructure device operating system software
TASK
Patch network vulnerabilities
TASK
Test network infrastructure, including software and hardware devices
TASK
Maintain network infrastructure, including software and hardware devices
KNOWLEDGE
Knowledge of Voice over IP (VoIP)
KNOWLEDGE
Knowledge of computer networking protocols
KNOWLEDGE
Knowledge of risk management processes
KNOWLEDGE
Knowledge of cybersecurity laws and regulations
KNOWLEDGE
Knowledge of cybersecurity policies and procedures
KNOWLEDGE
Knowledge of privacy laws and regulations
KNOWLEDGE
Knowledge of privacy policies and procedures
KNOWLEDGE
Knowledge of cybersecurity principles and practices
KNOWLEDGE
Knowledge of privacy principles and practices
KNOWLEDGE
Knowledge of cybersecurity threats
KNOWLEDGE
Knowledge of cybersecurity vulnerabilities
KNOWLEDGE
Knowledge of cybersecurity threat characteristics
KNOWLEDGE
Knowledge of access control principles and practices
KNOWLEDGE
Knowledge of authentication and authorization tools and techniques
KNOWLEDGE
Knowledge of network infrastructure principles and practices
KNOWLEDGE
Knowledge of enterprise cybersecurity architecture principles and practices
KNOWLEDGE
Knowledge of Local Area Networks (LAN)
KNOWLEDGE
Knowledge of Wide Area Networks (WAN)
KNOWLEDGE
Knowledge of network communications principles and practices
KNOWLEDGE
Knowledge of risk management principles and practices
KNOWLEDGE
Knowledge of systems security engineering (SSE) principles and practices
KNOWLEDGE
Knowledge of information technology (IT) security principles and practices
KNOWLEDGE
Knowledge of bandwidth management tools and techniques
KNOWLEDGE
Knowledge of system performance indicators
KNOWLEDGE
Knowledge of system availability measures
KNOWLEDGE
Knowledge of policy-based access controls
KNOWLEDGE
Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
KNOWLEDGE
Knowledge of process engineering principles and practices
KNOWLEDGE
Knowledge of system threats
KNOWLEDGE
Knowledge of system vulnerabilities
KNOWLEDGE
Knowledge of remote access principles and practices
KNOWLEDGE
Knowledge of server administration principles and practices
KNOWLEDGE
Knowledge of software engineering principles and practices
KNOWLEDGE
Knowledge of system administration principles and practices
KNOWLEDGE
Knowledge of telecommunications principles and practices
KNOWLEDGE
Knowledge of enterprise information technology (IT) architecture principles and practices
KNOWLEDGE
Knowledge of systems engineering processes
KNOWLEDGE
Knowledge of virtual private network (VPN) systems and software
KNOWLEDGE
Knowledge of network attack characteristics
KNOWLEDGE
Knowledge of defense-in-depth principles and practices
KNOWLEDGE
Knowledge of network configurations
KNOWLEDGE
Knowledge of command-line tools and techniques
KNOWLEDGE
Knowledge of web filtering systems and software
KNOWLEDGE
Knowledge of digital communication systems and software
KNOWLEDGE
Knowledge of network attack vectors
KNOWLEDGE
Knowledge of hardening tools and techniques
KNOWLEDGE
Knowledge of hardware reverse engineering tools and techniques
KNOWLEDGE
Knowledge of software reverse engineering tools and techniques
KNOWLEDGE
Knowledge of network systems management principles and practices
KNOWLEDGE
Knowledge of network systems management tools and techniques
KNOWLEDGE
Knowledge of reverse engineering principles and practices
KNOWLEDGE
Knowledge of encryption tools and techniques
KNOWLEDGE
Knowledge of data classification standards and best practices
KNOWLEDGE
Knowledge of data classification tools and techniques
KNOWLEDGE
Knowledge of enterprise architecture (EA) reference models and frameworks
KNOWLEDGE
Knowledge of enterprise architecture (EA) principles and practices
KNOWLEDGE
Knowledge of service management principles and practices
KNOWLEDGE
Knowledge of service management standards and best practices
KNOWLEDGE
Knowledge of key management service (KMS) principles and practices
KNOWLEDGE
Knowledge of key management service (KMS) key rotation policies and procedures
KNOWLEDGE
Knowledge of application firewall principles and practices
KNOWLEDGE
Knowledge of network firewall principles and practices
KNOWLEDGE
Knowledge of industry cybersecurity models and frameworks
KNOWLEDGE
Knowledge of access control models and frameworks
KNOWLEDGE
Knowledge of the Open Systems Interconnect (OSI) reference model
KNOWLEDGE
Knowledge of network architecture principles and practices
KNOWLEDGE
Knowledge of Personally Identifiable Information (PII) data security standards and best practices
KNOWLEDGE
Knowledge of Payment Card Industry (PCI) data security standards and best practices
KNOWLEDGE
Knowledge of Personal Health Information (PHI) data security standards and best practices
KNOWLEDGE
Knowledge of operating system structures and internals
KNOWLEDGE
Knowledge of wireless communication tools and techniques
KNOWLEDGE
Knowledge of signal jamming tools and techniques
KNOWLEDGE
Knowledge of systems engineering principles and practices
KNOWLEDGE
Knowledge of data classification policies and procedures
KNOWLEDGE
Knowledge of network hardware threats and vulnerabilities
KNOWLEDGE
Knowledge of computer engineering principles and practices
KNOWLEDGE
Knowledge of computer networking principles and practices
KNOWLEDGE
Knowledge of network security principles and practices
KNOWLEDGE
Knowledge of satellite-based communication systems and software
KNOWLEDGE
Knowledge of data security controls
KNOWLEDGE
Knowledge of data privacy controls
KNOWLEDGE
Knowledge of traceroute tools and techniques
SKILL
Skill in establishing a routing schema
SKILL
Skill in securing network communications
SKILL
Skill in operating network equipment
SKILL
Skill in executing command line tools
SKILL
Skill in operating network systems
SKILL
Skill in deploying continuous monitoring technologies
SKILL
Skill in developing network infrastructure contingency and recovery plans
SKILL
Skill in testing network infrastructure contingency and recovery plans
SKILL
Skill in troubleshooting system performance
SKILL
Skill in implementing established network security practices
SKILL
Skill in configuring network devices
SKILL
Skill in installing network devices
SKILL
Skill in protecting a network against malware
SKILL
Skill in configuring network protection components
SKILL
Skill in implementing network infrastructure contingency and recovery plans
SKILL
Skill in optimizing system performance
SKILL
Skill in applying subnet techniques
SKILL
Skill in configuring computer protection components
SKILL
Skill in interpreting traceroute results
SKILL
Skill in reconstructing a network
SKILL
Skill in troubleshooting network equipment
Recorded solves
Open the challenge or competition name to jump straight into the solve context. Click a header to sort — filtering and sorting happen instantly, no page reload.
| Challenge | Competition | Category | Solved | Writeup | Points |
|---|---|---|---|---|---|
| Heap Lantern | Neon Harbor Invitational | Pwn | June 1, 2026, 12:08 a.m. | No writeup linked | 450 |
| Session Mirage | Neon Harbor Invitational | Web | May 31, 2026, 11:43 p.m. | No writeup linked | 150 |
| Base64 All The Way Down | Red Wire CTF 2025 | Misc | Feb. 12, 2026, 7:33 a.m. | No writeup linked | 50 |
| Memory Lane | Red Wire CTF 2025 | Forensics | Feb. 12, 2026, 6:33 a.m. | No writeup linked | 350 |
| Lost Artifact | Red Wire CTF 2025 | Forensics | Feb. 12, 2026, 5:33 a.m. | No writeup linked | 200 |
| Broken CBC | Red Wire CTF 2025 | Crypto | Feb. 12, 2026, 4:33 a.m. | No writeup linked | 300 |
| Off By One Bit | Red Wire CTF 2025 | Crypto | Feb. 12, 2026, 3:33 a.m. | No writeup linked | 150 |
| SSRF Sandwich | Red Wire CTF 2025 | Web | Feb. 12, 2026, 2:33 a.m. | No writeup linked | 250 |
| Cookie Monster | Red Wire CTF 2025 | Web | Feb. 12, 2026, 1:33 a.m. | No writeup linked | 100 |
Writeups
No published writeups yet.