Cyber Defense Infrastructure Support
Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities.
Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
49 | Knowledge of host/network access control mechanisms (e.g., access control list). |
Knowledge |
59A | Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. |
Knowledge |
61 | Knowledge of incident response and handling methodologies. |
Knowledge |
63 | Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
Knowledge |
81A | Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
Knowledge |
87A | Knowledge of network traffic analysis (tools, methodologies, processes). |
Knowledge |
92B | Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI)). |
Knowledge |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
148 | Knowledge of Virtual Private Network (VPN) security. |
Knowledge |
150 | Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities. |
Knowledge |
643A | Identify potential conflicts with implementation of any cyber defense tools(e.g., tool and signature testing and optimization). |
Task |
960 | Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources. |
Task |
984 | Knowledge of cyber defense policies, procedures, and regulations. |
Knowledge |
1012A | Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)). |
Knowledge |
1072 | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
2772 | Build, install, configure, and test dedicated cyber defense hardware. |
Task |
5090 | Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure. |
Task |
6700 | Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. |
Skill |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
29 | Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools. |
Knowledge |
93 | Knowledge of packet-level analysis. |
Knowledge |
157 | Skill in applying host/network access controls (e.g., access control list). |
Skill |
227 | Skill in tuning sensors. |
Skill |
229 | Skill in using incident handling methodologies. |
Skill |
237 | Skill in using Virtual Private Network (VPN) devices and encryption. |
Skill |
393B | Coordinate with system administrators to create cyber defense tools, test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s). |
Task |
471 | Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized cyber defense applications. |
Task |
481A | Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems). |
Task |
654B | Implement risk assessment and authorization requirements per the Risk Management Framework (RMF) process for dedicated cyber defense systems within the enterprise, and document and maintain records for them. |
Task |
769 | Perform system administration on specialized cyber defense applications and systems (e.g., anti-virus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup and restoration. |
Task |
893 | Skill in securing network communications. |
Skill |
896 | Skill in protecting a network against malware. |
Skill |
900 | Knowledge of web filtering technologies. |
Knowledge |
1074A | Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. |
Knowledge |
1125 | Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration. |
Knowledge |
3143 | Knowledge of basic system, network, and OS hardening techniques. |
Knowledge |
6210 | Knowledge of cloud service models and possible limitations for an incident response. |
Knowledge |
6670 | Skill in system, network, and OS hardening techniques. |
Skill |
6918 | Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments. |
Ability |
6919 | Ability to determine the best cloud deployment model for the appropriate operating environment. |
Ability |
6942 | Skill in designing or implementing cloud computing deployment models. |
Skill |
6945 | Skill in migrating workloads to, from, and among the different cloud computing service models. |
Skill |