1111
May 21, 2020
KSATs
1111 (NIST ID: T0297)
Task
Identify applications and operating systems of a network device based on network traffic.
Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.
Core KSAT for the following Work Roles
Cyber Defense Analyst (Core)
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.
Additional KSAT for the following Work Roles
Cyber Defense Analyst (Additional)
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.