Cyber Defense Infrastructure Support Specialist
Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
Qualification Matrix
Basic | Intermediate | Advanced | Notes | ||
---|---|---|---|---|---|
Foundational Qualification Options | Education | A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC | A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC | TBD | For additional information pertaining to ABET: www.abet.org or CAE: www.caecommunity.org |
Foundational Qualification Options | OR | OR | OR | ||
Foundational Qualification Options | DoD/Military Training | 230-25D30 (CP) or CYB 5640/CYB 5640V/WSS 010 | A-150-1980 or A-150-1202 or A-150-1203 or A-150-1250 or A-531-1900 or WSS 011 or WSS 012 | 4C-255N (CP) or 4C-255A (CP) or M0923X1 or A-531-0045 or A-531-0022 or A-531-4417 | See TAB C (DCWF Training Repository) below for additional course information. |
Foundational Qualification Options | Commercial Training | TBD | TBD | TBD | |
Foundational Qualification Options | OR | OR | OR | ||
Foundational Qualification Options | Personnel Certification | A+ or CND or Network+ | GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC | GCIA or GCLD or GDSA or GICSP or CISSP-ISSAP or CISSP-ISSEP | See TAB B (Certification Index) below for certification vendor information. Courses at higher proficiency levels qualify lower levels. |
Foundational Qualification Alternative | Experience | Conditional Alternative | Conditional Alternative | Conditional Alternative | Refer to Section 3 of the DoD 8140 Manual for more information. |
Residential Qualification | On-the-Job Qualification | Always Required | Always Required | Always Required | Individuals must demonstrate capability to perform their duties in their resident environment. |
Residential Qualification | Environment-Specific Requirements | Component Discretion | Component Discretion | Component Discretion | |
Annual Maintenance | Continuous Professional Development | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. | Minimum of 20 hours annually or what is required to maintain certification; whichever is greater. |
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
49 | Knowledge of host/network access control mechanisms (e.g., access control list). |
Knowledge |
59A | Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. |
Knowledge |
61 | Knowledge of incident response and handling methodologies. |
Knowledge |
63 | Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
Knowledge |
81A | Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
Knowledge |
87A | Knowledge of network traffic analysis (tools, methodologies, processes). |
Knowledge |
92B | Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI)). |
Knowledge |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
148 | Knowledge of Virtual Private Network (VPN) security. |
Knowledge |
150 | Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities. |
Knowledge |
643A | Identify potential conflicts with implementation of any cyber defense tools(e.g., tool and signature testing and optimization). |
Task |
960 | Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources. |
Task |
984 | Knowledge of cyber defense policies, procedures, and regulations. |
Knowledge |
1012A | Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)). |
Knowledge |
1072 | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
2772 | Build, install, configure, and test dedicated cyber defense hardware. |
Task |
5090 | Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure. |
Task |
6700 | Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. |
Skill |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
29 | Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools. |
Knowledge |
93 | Knowledge of packet-level analysis. |
Knowledge |
157 | Skill in applying host/network access controls (e.g., access control list). |
Skill |
227 | Skill in tuning sensors. |
Skill |
229 | Skill in using incident handling methodologies. |
Skill |
237 | Skill in using Virtual Private Network (VPN) devices and encryption. |
Skill |
393B | Coordinate with system administrators to create cyber defense tools, test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s). |
Task |
471 | Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized cyber defense applications. |
Task |
481A | Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems). |
Task |
654B | Implement risk assessment and authorization requirements per the Risk Management Framework (RMF) process for dedicated cyber defense systems within the enterprise, and document and maintain records for them. |
Task |
769 | Perform system administration on specialized cyber defense applications and systems (e.g., anti-virus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup and restoration. |
Task |
893 | Skill in securing network communications. |
Skill |
896 | Skill in protecting a network against malware. |
Skill |
900 | Knowledge of web filtering technologies. |
Knowledge |
1074A | Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. |
Knowledge |
1125 | Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration. |
Knowledge |
3143 | Knowledge of basic system, network, and OS hardening techniques. |
Knowledge |
6210 | Knowledge of cloud service models and possible limitations for an incident response. |
Knowledge |
6670 | Skill in system, network, and OS hardening techniques. |
Skill |
6918 | Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments. |
Ability |
6919 | Ability to determine the best cloud deployment model for the appropriate operating environment. |
Ability |
6942 | Skill in designing or implementing cloud computing deployment models. |
Skill |
6945 | Skill in migrating workloads to, from, and among the different cloud computing service models. |
Skill |