Network Operations Specialist

Network Operations Specialist Work Role ID: 441 (NIST: OM-NET-001) Workforce Element: IT (Cyberspace)

Plans, implements, and operates network services/systems, to include hardware and virtual environments.


Qualification Matrix

  BasicIntermediateAdvancedNotes
Foundational Qualification OptionsEducation A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRCA BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRCTBDFor additional information pertaining to ABET: www.abet.org or CAE: www.caecommunity.org
Foundational Qualification OptionsOR OR OR
Foundational Qualification OptionsDoD/Military TrainingE3AQR3D132 02AA or E3AQR3D132 01AC or C-150-2011 or M09CVS1 or W-101-3500 or A-202-2100F07DZZ1 or M03KBSG or M10KBSB or M22KBS4 or A-260-0034 or J-201-0816 or A-260-0061 or A-260-0100 or DISA-US13754C-FA26B or M0923W1 or M0923X1 or A-202-0039 or A-202-0008See TAB C (DCWF Training Repository) below for additional course information.
Foundational Qualification OptionsCommercial TrainingTBDTBDTBD
Foundational Qualification OptionsOR OR OR
Foundational Qualification OptionsPersonnel CertificationCND or Network+CEH or CFR or Cloud+ or GICSP or SSCP or Security+ or GSECCCNA or GCIA or GCLD or GDSA or GFACT or CASP+ or CCNP Security or CCSP or GCED or GCIHSee TAB B (Certification Index) below for certification vendor information. Courses at higher proficiency levels qualify lower levels.
Foundational Qualification AlternativeExperienceConditional AlternativeConditional AlternativeConditional AlternativeRefer to Section 3 of the DoD 8140 Manual for more information.
Residential QualificationOn-the-Job QualificationAlways RequiredAlways RequiredAlways RequiredIndividuals must demonstrate capability to perform their duties in their resident environment.
Residential QualificationEnvironment-Specific RequirementsComponent DiscretionComponent DiscretionComponent Discretion
Annual Maintenance Continuous Professional Development Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.Minimum of 20 hours annually or what is required to maintain certification; whichever is greater.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.

Core KSATs

KSAT ID Description KSAT
12

Knowledge of communication methods, principles, and concepts (e.g., crypto, dual hubs, time multiplexers) that support the network infrastructure.

Knowledge
15B

Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.

Ability
15

Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.

Knowledge
22

* Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge
41

Knowledge of organization’s LAN/WAN pathways.

Knowledge
55

Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.

Knowledge
70

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge
72

Knowledge of local area and wide area networking principles and concepts including bandwidth management.

Knowledge
76

Knowledge of measures or indicators of system performance and availability.

Knowledge
81A

Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Knowledge
92

Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
106

Knowledge of remote access technology concepts.

Knowledge
108

* Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge
112

Knowledge of server administration and systems engineering theories, concepts, and methods.

Knowledge
133

Knowledge of key telecommunications concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers).

Knowledge
148

Knowledge of Virtual Private Network (VPN) security.

Knowledge
154

Skill in analyzing network traffic capacity and performance characteristics.

Skill
193A

Skill in implementing and testing network infrastructure contingency and recovery plans.

Skill
198

Skill in establishing a routing schema.

Skill
205

Skill in implementing, maintaining, and improving established network security practices.

Skill
207

Skill in installing, configuring, and troubleshooting LAN and WAN components such as routers, hubs, and switches.

Skill
234A

Skill in sub-netting.

Skill
261

Knowledge of basic concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless).

Knowledge
271

Knowledge of common network tools (e.g., ping, traceroute, nslookup).

Knowledge
271B

Ability to operate common network tools (e.g., ping, traceroute, nslookup).

Ability
278

Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).

Knowledge
347A

Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).

Ability
462

Configure and optimize network hubs, routers, and switches (e.g., higher-level protocols, tunneling).

Task
522

Develop and implement network backup and recovery procedures.

Task
555

Diagnose network connectivity problem.

Task
666

Install and maintain network infrastructure device operating system software (e.g., IOS, firmware).

Task
667

Install or replace network hubs, routers, and switches.

Task
718

Monitor network capacity and performance.

Task
736

Patch network vulnerabilities to ensure information is safeguarded against outside parties.

Task
857

Test and maintain network infrastructure including software and hardware devices.

Task
891A

Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).

Skill
893

Skill in securing network communications.

Skill
896

Skill in protecting a network against malware.

Skill
900

Knowledge of web filtering technologies.

Knowledge
901

Knowledge of the capabilities of different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).

Knowledge
901A

Ability to operate different electronic communication systems and methods (e.g., e-mail, VOIP, IM, web forums, Direct Video Broadcasts).

Ability
902

Knowledge of the range of existing networks (e.g., PBX, LANs, WANs, WIFI, SCADA).

Knowledge
985

Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).

Skill
1072

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Knowledge
1073

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.

Knowledge
1157

* Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.

Knowledge
1158

* Knowledge of cybersecurity principles.

Knowledge
1159

* Knowledge of cyber threats and vulnerabilities.

Knowledge
6900

* Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge
6935

* Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).

Knowledge
6938

* Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Knowledge

Additional KSATs

KSAT ID Description KSAT
41A

Ability to operate the organization’s LAN/WAN pathways.

Ability
76A

Ability to monitor measures or indicators of system performance and availability.

Ability
92A

Ability to monitor traffic flows across the network.

Ability
231A

Skill in using network management tools (e.g., simple network management protocol (SNMP), (GrassMarlin)) to analyze network traffic patterns (e.g., including control system network analysis).​

Skill
572

Ensure application of security patches for commercial products integrated into system design meet the timelines dictated by the management authority for the intended operational environment.

Task
656

Implement new system design procedures, test procedures, and quality standards.

Task
673

Integrate new systems into existing network architecture.

Task
802

Provide feedback on network requirements, including network architecture and infrastructure.

Task
903

Knowledge of Wi-Fi.

Knowledge
989

Knowledge of Voice over IP (VoIP).

Knowledge
990

Knowledge of the common attack vectors on the network layer.

Knowledge
1034C

Knowledge of Personal Health Information (PHI) data security standards.

Knowledge
1034B

Knowledge of Payment Card Industry (PCI) data security standards.

Knowledge
1034A

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge
1074A

Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.

Knowledge
1133

Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

Knowledge
1134

Knowledge of symmetric key rotation techniques and concepts.

Knowledge
1141A

Knowledge of an organization’s information classification program and procedures for information compromise.

Knowledge
1142

Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).

Knowledge
6918

Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments.

Ability
6919

Ability to determine the best cloud deployment model for the appropriate operating environment.

Ability