Cyber Defense Infrastructure Support Specialist

Cyber Defense Infrastructure Support Specialist Work Role ID: 521 (NIST: PR-INF-001) Workforce Element: Cybersecurity

Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.


Qualification Matrix

  BasicIntermediateAdvancedNotes
Foundational Qualification OptionsEducation A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRCA BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRCTBDFor additional information pertaining to ABET: www.abet.org or CAE: www.caecommunity.org
Foundational Qualification OptionsOR OR OR
Foundational Qualification OptionsDoD/Military Training230-25D30 (CP) or CYB 5640/CYB 5640V/WSS 010A-150-1980 or A-150-1202 or A-150-1203 or A-150-1250 or A-531-1900 or WSS 011 or WSS 0124C-255N (CP) or 4C-255A (CP) or M0923X1 or A-531-0045 or A-531-0022 or A-531-4417See TAB C (DCWF Training Repository) below for additional course information.
Foundational Qualification OptionsCommercial TrainingTBDTBDTBD
Foundational Qualification OptionsOR OR OR
Foundational Qualification OptionsPersonnel CertificationA+ or CND or Network+GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSECGCIA or GCLD or GDSA or GICSP or CISSP-ISSAP or CISSP-ISSEPSee TAB B (Certification Index) below for certification vendor information. Courses at higher proficiency levels qualify lower levels.
Foundational Qualification AlternativeExperienceConditional AlternativeConditional AlternativeConditional AlternativeRefer to Section 3 of the DoD 8140 Manual for more information.
Residential QualificationOn-the-Job QualificationAlways RequiredAlways RequiredAlways RequiredIndividuals must demonstrate capability to perform their duties in their resident environment.
Residential QualificationEnvironment-Specific RequirementsComponent DiscretionComponent DiscretionComponent Discretion
Annual Maintenance Continuous Professional Development Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
49

Knowledge of host/network access control mechanisms (e.g., access control list).

Knowledge
59A

Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.

Knowledge
61

Knowledge of incident response and handling methodologies.

Knowledge
63

Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
87A

Knowledge of network traffic analysis (tools, methodologies, processes).

Knowledge
92B

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI)).

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
148

Knowledge of Virtual Private Network (VPN) security.

Knowledge
150

Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.

Knowledge
643A

Identify potential conflicts with implementation of any cyber defense tools(e.g., tool and signature testing and optimization).

Task
960

Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.

Task
984

Knowledge of cyber defense policies, procedures, and regulations.

Knowledge
1012A

Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).

Knowledge
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
2772

Build, install, configure, and test dedicated cyber defense hardware.

Task
5090

Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.

Task
6700

Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.

Skill
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge
6935

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

Knowledge
6938

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge

Additional KSATs

KSAT ID Description KSAT
29

Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.

Knowledge
93

Knowledge of packet-level analysis.

Knowledge
157

Skill in applying host/network access controls (e.g., access control list).

Skill
227

Skill in tuning sensors.

Skill
229

Skill in using incident handling methodologies.

Skill
237

Skill in using Virtual Private Network (VPN) devices and encryption.

Skill
393B

Coordinate with system administrators to create cyber defense tools, test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s).

Task
471

Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized cyber defense applications.

Task
481A

Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems).

Task
654B

Implement risk assessment and authorization requirements per the Risk Management Framework (RMF) process for dedicated cyber defense systems within the enterprise, and document and maintain records for them.

Task
769

Perform system administration on specialized cyber defense applications and systems (e.g., anti-virus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup and restoration.

Task
893

Skill in securing network communications.

Skill
896

Skill in protecting a network against malware.

Skill
900

Knowledge of web filtering technologies.

Knowledge
1074A

Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.

Knowledge
1125

Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.

Knowledge
3143

Knowledge of basic system, network, and OS hardening techniques.

Knowledge
6210

Knowledge of cloud service models and possible limitations for an incident response.

Knowledge
6670

Skill in system, network, and OS hardening techniques.

Skill
6918

Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments.

Ability
6919

Ability to determine the best cloud deployment model for the appropriate operating environment.

Ability
6942

Skill in designing or implementing cloud computing deployment models.

Skill
6945

Skill in migrating workloads to, from, and among the different cloud computing service models.

Skill