Access Network Operator

Access Network Operator Work Role ID: 321 (NIST: CO-OP-001) Workforce Element:

Conducts access collection, processing, and/or geolocation of wired or wireless computer and digital networks in order to exploit, locate, and/or track targets of interest.


Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
264

Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).

Knowledge
912

Knowledge of collection management processes, capabilities, and limitations.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
2020A

Analyze target operational architecture for ways to gain access.

Task
2105

Conduct access enabling of wireless computer and digital networks.

Task
2106

Conduct collection and processing of wireless computer and digital networks.

Task
2109

Conduct exploitation of wireless computer and digital networks.

Task
2119

Conduct network scouting and vulnerability analyses of systems within a network.

Task
2123

Conduct on-net and off-net activities to control, and exfiltrate data from deployed, automated technologies.

Task
2124

Conduct open source data collection via various online tools.

Task
2133

Conduct survey of computer and digital networks.

Task
2205

Deploy tools to a target and utilize them once deployed (e.g., backdoors, sniffers).

Task
2408

Exploit network devices, security devices, and/or terminals or environments using various methods or tools.

Task
2412

Facilitate access enabling by physical and/or wireless means.

Task
2477

Identify potential points of strength and vulnerability within a network.

Task
2612

Operate and maintain automated systems for gaining and maintaining access to target systems.

Task
3059

Ability to interpret and translate customer requirements into operational action.

Ability
3130

Knowledge of auditing and logging procedures (including server-based logging).

Knowledge
3140

Knowledge of basic programming concepts (e.g., levels, structures, compiled vs. interpreted languages).

Knowledge
3144

Knowledge of basic wireless applications, including vulnerabilities in various types of wireless applications.

Knowledge
3206

Knowledge of current software and methodologies for active defense and system hardening.

Knowledge
3253

Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).

Knowledge
3254

Knowledge of encryption algorithms and tools for WLANs.

Knowledge
3261

Knowledge of evasion strategies and techniques.

Knowledge
3267

Knowledge of deconfliction reporting to include external organization interaction.

Knowledge
3270

Knowledge of forensic implications of operating system structure and operations.

Knowledge
3280

Knowledge of Global Systems for Mobile Communications (GSM) architecture.

Knowledge
3286

Knowledge of host-based security products and how they affect exploitation and vulnerability.

Knowledge
3317

Knowledge of implementing Unix and Windows systems that provide radius authentication and logging, DNS, mail, web service, FTP server, DHCP, firewall, and SNMP.

Knowledge
3374

Knowledge of malware.

Knowledge
3399

Knowledge of network administration.

Knowledge
3402

Knowledge of network construction and topology.

Knowledge
3441

Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.

Knowledge
3473

Knowledge of satellite-based communication systems.

Knowledge
3479

Knowledge of security hardware and software options, including the network artifacts they induce and their effects on exploitation.

Knowledge
3480

Knowledge of security implications of software configurations.

Knowledge
3508

Knowledge of structure, approach, and strategy of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis of other systems in the network).

Knowledge
3513

Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems.

Knowledge
3543

Knowledge of the basic structure, architecture, and design of modern communication networks.

Knowledge
3561

Knowledge of the common networking and routing protocols(e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Knowledge
3579

Knowledge of the fundamentals of digital forensics in order to extract actionable intelligence.

Knowledge
3627

Knowledge of cryptologic capabilities, limitations, and contributions to cyber operations.

Knowledge
3637

Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).

Knowledge
3644

Knowledge of virtual machine technologies.

Knowledge
3658

Knowledge of network collection procedures to include decryption capabilities/tools, techniques, and procedures.

Knowledge
3658B

Ability to perform network collection tactics, techniques, and procedures to include decryption capabilities/tools.

Ability
3658A

Ability to perform wireless collection procedures to include decryption capabilities/tools.

Ability
3670

Skill in analyzing terminal or environment collection data.

Skill
3677

Skill in analyzing target communications internals and externals collected from wireless LANs.

Skill
3690

Skill in assessing current tools to identify needed improvements.

Skill
3740

Skill in determining installed patches on various operating systems and identifying patch signatures.

Skill
3779

Skill in extracting information from packet captures.

Skill
3801

Skill in identifying the devices that work at each level of protocol models.

Skill
3815

Skill in interpreting vulnerability scanner results to identify vulnerabilities.

Skill
3817

Skill in knowledge management, including technical documentation techniques (e.g., Wiki page).

Skill
3848

Skill in processing collected data for follow-on analysis.

Skill
3871

Skill in remote command line and Graphic User Interface (GUI) tool usage.

Skill
3889

Skill in survey, collection, and analysis of wireless LAN metadata.

Skill
3929A

Skill in using tools, techniques, and procedures to exploit a target.

Skill
3948

Skill in verifying the integrity of all files.

Skill
3949

Skill in wireless network target analysis, templating, and geolocation.

Skill
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge
6935

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

Knowledge
6938

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge

Additional KSATs

KSAT ID Description KSAT
2088

Collaborate with development organizations to create and deploy the tools needed to achieve objectives.

Task
2294

Develop new techniques for gaining and keeping access to target systems.

Task
2708

Process exfiltrated data for analysis and/or dissemination to customers.

Task
2762

Provide real-time actionable geolocation information.

Task
2846

Test and evaluate locally developed tools for operational use.

Task
3141

Knowledge of basic software applications (e.g., data storage and backup, database applications) and their vulnerabilities.

Knowledge
3155

Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc.

Knowledge
3883

Skill in server administration.

Skill
3899

Skill in testing and evaluating tools for implementation.

Skill
3931

Skill in using various open source data collection tools (online trade, DNS, mail, etc.).

Skill