61

May 21, 2020
KSATs
61 (NIST ID: K0042)

Knowledge

Knowledge of incident response and handling methodologies.
Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSAT for the following Work Roles

COMSEC Manager (Core) ID: 723 (NIST ID: OV-MG-002) Workforce Element: Cybersecurity

Manages the Communications Security (COMSEC) resources of an organization (CNSSI No. 4009).
Cyber Defense Incident Responder (Core) ID: 531 (NIST ID: PR-IR-001) Workforce Element: Cybersecurity

Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
Cyber Defense Infrastructure Support Specialist (Core) ID: 521 (NIST ID: PR-INF-001) Workforce Element: Cybersecurity

Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
Forensics Analyst (Core) ID: 211 (NIST ID: IN-FO-001) Workforce Element: Cyberspace Enablers / Legal/Law Enforcement

Conducts deep-dive investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
Information Systems Security Manager (Core) ID: 722 (NIST ID: OV-MG-001) Workforce Element: Cybersecurity

Responsible for the cybersecurity of a program, organization, system, or enclave.

Additional KSAT for the following Work Roles

Cyber Defense Analyst (Additional) ID: 511 (NIST ID: PR-DA-001) Workforce Element: Cybersecurity

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.
Cyber Defense Forensics Analyst (Additional) ID: 212 (NIST ID: IN-FO-002) Workforce Element: Cybersecurity

Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.