87

87 (NIST ID: K0058)

Knowledge

Knowledge of network traffic analysis methods.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

All-Source Analyst (Core) ID: 111 (NIST ID: AN-ASA-001) Category/Specialty Area: Analyze / All Source Analysis
Workforce Element: Intelligence (Cyberspace)

Analyzes data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.

Cyber Defense Analyst (Core) ID: 511 (NIST ID: PR-DA-001) Category/Specialty Area: Protect & Defend / Cyber Defense Analysis
Workforce Element: Cybersecurity

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.

Mission Assessment Specialist (Core) ID: 112 (NIST ID: AN-AN-002) Category/Specialty Area: Analyze / All Source Analysis
Workforce Element: Cyberspace Effects

Develops assessment plans and measures of performance/effectiveness. Conducts strategic and operational effectiveness assessments as required for cyber events. Determines whether systems performed as expected and provides input to the determination of operational effectiveness.

Warning Analyst (Core) ID: 141 (NIST ID: AN-TA-001) Category/Specialty Area: Analyze / Threat Analysis
Workforce Element: Cyberspace Effects

Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments.

Additional KSAT for the following Work Roles

All-Source Collection Manager (Additional) ID: 311 (NIST ID: CO-CL-001) Category/Specialty Area: Collect & Operate / Collections Operations
Workforce Element: Intelligence (Cyberspace)

Identifies collection authorities and environment; incorporates priority information requirements into collection management; develops concepts to meet leadership’s intent. Determines capabilities of available collection assets, identifies new collection capabilities; and constructs and disseminates collection plans. Monitors execution of tasked collection to ensure effective execution of the collection plan.

All-Source Collection Requirements Manager (Additional) ID: 312 (NIST ID: CO-CL-002) Category/Specialty Area: Collect & Operate / Collections Operations
Workforce Element: Intelligence (Cyberspace)

Evaluates collection operations and develops effects-based collection requirements strategies using available sources and methods to improve collection. Develops, processes, validates, and coordinates submission of collection requirements. Evaluates performance of collection assets and collection operations.

Cyber Defense Incident Responder (Additional) ID: 531 (NIST ID: PR-IR-001) Category/Specialty Area: Protect & Defend / Incident Response
Workforce Element: Cybersecurity

Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Information Systems Security Manager (Additional) ID: 722 (NIST ID: OV-MG-001) Category/Specialty Area: Oversee & Govern / Cybersecurity Management
Workforce Element: Cybersecurity

Responsible for the cybersecurity of a program, organization, system, or enclave.

Target Developer (Additional) ID: 131 (NIST ID: AN-TD-001) Category/Specialty Area: Analyze / Targets
Workforce Element: Cyberspace Effects

Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.