Access Network Operator
Conducts access collection, processing, and/or geolocation of wired or wireless computer and digital networks in order to exploit, locate, and/or track targets of interest.
Core KSATs
KSAT ID | Description | KSAT |
---|---|---|
108 | * Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
Knowledge |
264 | Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). |
Knowledge |
912 | Knowledge of collection management processes, capabilities, and limitations. |
Knowledge |
1157 | * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. |
Knowledge |
1158 | * Knowledge of cybersecurity principles. |
Knowledge |
1159 | * Knowledge of cyber threats and vulnerabilities. |
Knowledge |
2020A | Analyze target operational architecture for ways to gain access. |
Task |
2105 | Conduct access enabling of wireless computer and digital networks. |
Task |
2106 | Conduct collection and processing of wireless computer and digital networks. |
Task |
2109 | Conduct exploitation of wireless computer and digital networks. |
Task |
2119 | Conduct network scouting and vulnerability analyses of systems within a network. |
Task |
2123 | Conduct on-net and off-net activities to control, and exfiltrate data from deployed, automated technologies. |
Task |
2124 | Conduct open source data collection via various online tools. |
Task |
2133 | Conduct survey of computer and digital networks. |
Task |
2205 | Deploy tools to a target and utilize them once deployed (e.g., backdoors, sniffers). |
Task |
2408 | Exploit network devices, security devices, and/or terminals or environments using various methods or tools. |
Task |
2412 | Facilitate access enabling by physical and/or wireless means. |
Task |
2477 | Identify potential points of strength and vulnerability within a network. |
Task |
2612 | Operate and maintain automated systems for gaining and maintaining access to target systems. |
Task |
3059 | Ability to interpret and translate customer requirements into operational action. |
Ability |
3130 | Knowledge of auditing and logging procedures (including server-based logging). |
Knowledge |
3140 | Knowledge of basic programming concepts (e.g., levels, structures, compiled vs. interpreted languages). |
Knowledge |
3144 | Knowledge of basic wireless applications, including vulnerabilities in various types of wireless applications. |
Knowledge |
3206 | Knowledge of current software and methodologies for active defense and system hardening. |
Knowledge |
3253 | Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP). |
Knowledge |
3254 | Knowledge of encryption algorithms and tools for WLANs. |
Knowledge |
3261 | Knowledge of evasion strategies and techniques. |
Knowledge |
3267 | Knowledge of deconfliction reporting to include external organization interaction. |
Knowledge |
3270 | Knowledge of forensic implications of operating system structure and operations. |
Knowledge |
3280 | Knowledge of Global Systems for Mobile Communications (GSM) architecture. |
Knowledge |
3286 | Knowledge of host-based security products and how they affect exploitation and vulnerability. |
Knowledge |
3317 | Knowledge of implementing Unix and Windows systems that provide radius authentication and logging, DNS, mail, web service, FTP server, DHCP, firewall, and SNMP. |
Knowledge |
3374 | Knowledge of malware. |
Knowledge |
3399 | Knowledge of network administration. |
Knowledge |
3402 | Knowledge of network construction and topology. |
Knowledge |
3441 | Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. |
Knowledge |
3473 | Knowledge of satellite-based communication systems. |
Knowledge |
3479 | Knowledge of security hardware and software options, including the network artifacts they induce and their effects on exploitation. |
Knowledge |
3480 | Knowledge of security implications of software configurations. |
Knowledge |
3508 | Knowledge of structure, approach, and strategy of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis of other systems in the network). |
Knowledge |
3513 | Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems. |
Knowledge |
3543 | Knowledge of the basic structure, architecture, and design of modern communication networks. |
Knowledge |
3561 | Knowledge of the common networking and routing protocols(e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. |
Knowledge |
3579 | Knowledge of the fundamentals of digital forensics in order to extract actionable intelligence. |
Knowledge |
3627 | Knowledge of cryptologic capabilities, limitations, and contributions to cyber operations. |
Knowledge |
3637 | Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications). |
Knowledge |
3644 | Knowledge of virtual machine technologies. |
Knowledge |
3658 | Knowledge of network collection procedures to include decryption capabilities/tools, techniques, and procedures. |
Knowledge |
3658B | Ability to perform network collection tactics, techniques, and procedures to include decryption capabilities/tools. |
Ability |
3658A | Ability to perform wireless collection procedures to include decryption capabilities/tools. |
Ability |
3670 | Skill in analyzing terminal or environment collection data. |
Skill |
3677 | Skill in analyzing target communications internals and externals collected from wireless LANs. |
Skill |
3690 | Skill in assessing current tools to identify needed improvements. |
Skill |
3740 | Skill in determining installed patches on various operating systems and identifying patch signatures. |
Skill |
3779 | Skill in extracting information from packet captures. |
Skill |
3801 | Skill in identifying the devices that work at each level of protocol models. |
Skill |
3815 | Skill in interpreting vulnerability scanner results to identify vulnerabilities. |
Skill |
3817 | Skill in knowledge management, including technical documentation techniques (e.g., Wiki page). |
Skill |
3848 | Skill in processing collected data for follow-on analysis. |
Skill |
3871 | Skill in remote command line and Graphic User Interface (GUI) tool usage. |
Skill |
3889 | Skill in survey, collection, and analysis of wireless LAN metadata. |
Skill |
3929A | Skill in using tools, techniques, and procedures to exploit a target. |
Skill |
3948 | Skill in verifying the integrity of all files. |
Skill |
3949 | Skill in wireless network target analysis, templating, and geolocation. |
Skill |
6900 | * Knowledge of specific operational impacts of cybersecurity lapses. |
Knowledge |
6935 | * Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). |
Knowledge |
6938 | * Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments. |
Knowledge |
Additional KSATs
KSAT ID | Description | KSAT |
---|---|---|
2088 | Collaborate with development organizations to create and deploy the tools needed to achieve objectives. |
Task |
2294 | Develop new techniques for gaining and keeping access to target systems. |
Task |
2708 | Process exfiltrated data for analysis and/or dissemination to customers. |
Task |
2762 | Provide real-time actionable geolocation information. |
Task |
2846 | Test and evaluate locally developed tools for operational use. |
Task |
3141 | Knowledge of basic software applications (e.g., data storage and backup, database applications) and their vulnerabilities. |
Knowledge |
3155 | Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc. |
Knowledge |
3883 | Skill in server administration. |
Skill |
3899 | Skill in testing and evaluating tools for implementation. |
Skill |
3931 | Skill in using various open source data collection tools (online trade, DNS, mail, etc.). |
Skill |