1109

1109 (NIST ID: T0295)

Task

Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

No Work Roles with Core KSAT 1109

Additional KSAT for the following Work Roles

Cyber Defense Analyst (Additional) ID: 511 (NIST ID: PR-DA-001) Workforce Element: Cybersecurity

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.