Network Services

Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor systems) and software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems.
Plans, implements, and operates network services/systems, to include hardware and virtual environments.
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
12 | Knowledge of communication methods, principles, and concepts (e.g., crypto, dual hubs, time multiplexers) that support the network infrastructure. |
Knowledge |
15B | Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. |
Ability |
15 | Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. |
Knowledge |
22 | * Knowledge of computer networking concepts and protocols, and network security methodologies. |
Knowledge |
41 | Knowledge of organization’s LAN/WAN pathways. |
Knowledge |
55 | Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data. |
Knowledge |
70 | Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). |
Knowledge |
72 | Knowledge of local area and wide area networking principles and concepts including bandwidth management. |
Knowledge |
76 | Knowledge of measures or indicators of system performance and availability. |
Knowledge |
81A | Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
Knowledge |
92 | Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
106 | Knowledge of remote access technology concepts. |
Knowledge |
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
112 | Knowledge of server administration and systems engineering theories, concepts, and methods. |
Knowledge |
133 | Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers). |
Knowledge |
148 | Knowledge of Virtual Private Network (VPN) security. |
Knowledge |
154 | Skill in analyzing network traffic capacity and performance characteristics. |
Skill |
193A | Skill in implementing and testing network infrastructure contingency and recovery plans. |
Skill |
198 | Skill in establishing a routing schema. |
Skill |
205 | Skill in implementing, maintaining, and improving established network security practices. |
Skill |
207 | Skill in installing, configuring, and troubleshooting LAN and WAN components such as routers, hubs, and switches. |
Skill |
234A | Skill in sub-netting. |
Skill |
261 | Knowledge of basic concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless). |
Knowledge |
271 | Knowledge of common network tools (e.g., ping, traceroute, nslookup). |
Knowledge |
271B | Ability to operate common network tools (e.g., ping, traceroute, nslookup). |
Ability |
278 | Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN). |
Knowledge |
347A | Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat). |
Ability |
462 | Configure and optimize network hubs, routers, and switches (e.g., higher-level protocols, tunneling). |
Task |
522 | Develop and implement network backup and recovery procedures. |
Task |
555 | Diagnose network connectivity problem. |
Task |
666 | Install and maintain network infrastructure device operating system software (e.g., IOS, firmware). |
Task |
667 | Install or replace network hubs, routers, and switches. |
Task |
718 | Monitor network capacity and performance. |
Task |
736 | Patch network vulnerabilities to ensure information is safeguarded against outside parties. |
Task |
857 | Test and maintain network infrastructure including software and hardware devices. |
Task |
891A | Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate). |
Skill |
893 | Skill in securing network communications. |
Skill |
896 | Skill in protecting a network against malware. |
Skill |
900 | Knowledge of web filtering technologies. |
Knowledge |
901 | Knowledge of the capabilities of different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts). |
Knowledge |
901A | Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts). |
Ability |
902 | Knowledge of the range of existing networks (e.g., PBX, LANs, WANs, WIFI, SCADA). |
Knowledge |
985 | Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems). |
Skill |
1072 | Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
Knowledge |
1073 | Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
41A | Ability to operate the organization’s LAN/WAN pathways. |
Ability |
76A | Ability to monitor measures or indicators of system performance and availability. |
Ability |
92A | Ability to monitor traffic flows across the network. |
Ability |
231A | Skill in using network management tools (e.g., simple network management protocol (SNMP), (GrassMarlin)) to analyze network traffic patterns (e.g., including control system network analysis). |
Skill |
572 | Ensure application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment. |
Task |
656 | Implement new system design procedures, test procedures, and quality standards. |
Task |
673 | Integrate new systems into existing network architecture. |
Task |
802 | Provide feedback on network requirements, including network architecture and infrastructure. |
Task |
903 | Knowledge of Wi-Fi. |
Knowledge |
989 | Knowledge of Voice over IP (VoIP). |
Knowledge |
990 | Knowledge of the common attack vectors on the network layer. |
Knowledge |
1034C | Knowledge of Personal Health Information (PHI) data security standards. |
Knowledge |
1034B | Knowledge of Payment Card Industry (PCI) data security standards. |
Knowledge |
1034A | Knowledge of Personally Identifiable Information (PII) data security standards. |
Knowledge |
1074A | Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. |
Knowledge |
1133 | Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). |
Knowledge |
1134 | Knowledge of symmetric key rotation techniques and concepts. |
Knowledge |
1141A | Knowledge of an organization’s information classification program and procedures for information compromise. |
Knowledge |
1142 | Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model). |
Knowledge |
6918 | Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments. |
Ability |
6919 | Ability to determine the best cloud deployment model for the appropriate operating environment. |
Ability |