738

738 (NIST ID: T0161)

Task

Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

No Work Roles with Core KSAT 738

Additional KSAT for the following Work Roles

Cyber Defense Incident Responder (Additional) ID: 531 (NIST ID: PR-IR-001) Category/Specialty Area: Protect & Defend / Incident Response
Workforce Element: Cybersecurity

Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.