1030

1030 (NIST ID: T0278)

Task

Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

Cyber Defense Incident Responder (Core) ID: 531 (NIST ID: PR-IR-001) Category/Specialty Area: Protect & Defend / Incident Response
Workforce Element: Cybersecurity

Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Additional KSAT for the following Work Roles

No Work Roles with Additional KSAT 1030