Systems Administration

Systems Administration

Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Manages accounts, firewalls, and patches. Responsible for access control, passwords, and account creation and administration.



Below are the associated Work Roles. Click the arrow to expand/collapse the Work Role information and view the associated Core and Additional KSATs (Knowledge, Skills, Abilties, and Tasks). Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role. Click on the other blue links to further explore the information.
System Administrator Work Role ID: 451 (NIST: OM-SA-001) Workforce Element: IT (Cyberspace)

Installs, configures, troubleshoots, and maintains hardware, software, and administers system accounts.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
76

Knowledge of measures or indicators of system performance and availability.

Knowledge
96

Knowledge of performance tuning tools and techniques.

Knowledge
99A

Knowledge of principles and methods for integrating system components.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
127

Knowledge of systems administration concepts.

Knowledge
171A

Skill in correcting physical and technical problems that impact system/server performance.

Skill
211A

Skill in monitoring and optimizing system/server performance.

Skill
216A

Skill in recovering failed systems/servers.

Skill
219A

Skill in operating system administration.

Skill
344

Knowledge of virtualization technologies and virtual machine development and maintenance.

Knowledge
452

Conduct functional and connectivity testing to ensure continuing operability.

Task
518

Develop and document systems administration standard operating procedures.

Task
518A

Comply with organization systems administration standard operating procedures.

Task
521A

Implement and enforce local network usage policies and procedures.

Task
683

Maintain baseline system security according to organizational policies.

Task
695

Manage accounts, network rights, and access to systems and equipment.

Task
701A

Manage system/server resources including performance, capacity, availability, serviceability, and recoverability.

Task
713A

Monitor and maintain system/server configuration.

Task
763B

Perform repairs on faulty system/server hardware.

Task
781

Plan, execute, and verify data redundancy and system recovery procedures.

Task
835A

Troubleshoot hardware/software interface and interoperability problems.

Task
986

Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).

Knowledge
1033

Knowledge of basic system administration, network, and operating system hardening techniques.

Knowledge
1153A

Install, update, and troubleshoot systems/servers.

Task
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge
6935

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

Knowledge
6938

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge

Additional KSATs

KSAT ID Description KSAT
70

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
79

Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
112A

Knowledge of systems engineering theories, concepts, and methods.

Knowledge
113

Knowledge of server and client operating systems.

Knowledge
114A

Knowledge of system/server diagnostic tools and fault identification techniques.

Knowledge
141

Knowledge of the enterprise information technology (IT) architecture.

Knowledge
145

Knowledge of the type and frequency of routine maintenance needed to keep equipment functioning properly.

Knowledge
148

Knowledge of Virtual Private Network (VPN) security.

Knowledge
167A

Skill in conducting system/server planning, management, and maintenance.

Skill
170

Skill in configuring and optimizing software.

Skill
194

Skill in diagnosing connectivity problems.

Skill
195A

Skill in troubleshooting failed system components (i.e., servers)

Skill
202A

Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.

Skill
206A

Skill in installing system and component upgrades.

Skill
209

Skill in maintaining directory services.

Skill
287

Knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]).

Knowledge
342A

Knowledge of operating system command line/prompt.

Knowledge
386

Skill in using virtual machines.

Skill
434A

Check system hardware availability, functionality, integrity, and efficiency.

Task
456A

Conduct periodic system maintenance including cleaning (both physically and electronically), disk checks, routine reboots, data dumps, and testing.

Task
499

Design group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs.

Task
572

Ensure application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment.

Task
728A

Oversee installation, implementation, configuration, and support of system components.

Task
763A

Diagnose faulty system/server hardware.

Task
811

Provide ongoing optimization and problem solving support.

Task
892

Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, anti-virus software, anti-spyware).

Skill
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1074A

Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.

Knowledge
6590

Skill in interfacing with customers.

Skill
6918

Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments.

Ability
6919

Ability to determine the best cloud deployment model for the appropriate operating environment.

Ability
6942

Skill in designing or implementing cloud computing deployment models.

Skill
6945

Skill in migrating workloads to, from, and among the different cloud computing service models.

Skill