1098

1098 (NIST ID: S0090)

Skill

Skill in analyzing anomalous code as malicious or benign.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

Cyber Defense Forensics Analyst (Core) ID: 212 (NIST ID: IN-FO-002) Workforce Element: Cybersecurity

Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.

Additional KSAT for the following Work Roles

Forensics Analyst (Additional) ID: 211 (NIST ID: IN-FO-001) Workforce Element: Cyberspace Enablers / Legal/Law Enforcement

Conducts deep-dive investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.