Knowledge of incident response and handling methodologies.
Core KSAT for the following Work Roles
Manages the Communications Security (COMSEC) resources of an organization (CNSSI No. 4009).
Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
Conducts deep-dive investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
Responsible for the cybersecurity of a program, organization, system, or enclave.
Additional KSAT for the following Work Roles
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.
Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.