Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 3 |
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 3 |
Skill in recognizing vulnerabilities in security systems.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 3A |
Additional KSAT for the following Work Roles
- Control Systems Security Specialist – 462 (NIST: N/A)
Skill in conducting vulnerability scans and recognizing vulnerabilities in information systems and networks.
Core KSAT for the following Work Roles
- DevSecOps Specialist – 627 (NIST: N/A)
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Additional KSAT for the following Work Roles
- Information Systems Security Developer – 631 (NIST: SP-SYS-001)
- Secure Software Assessor – 622 (NIST: SP-DEV-002)
- Security Control Assessor – 612 (NIST: SP-RM-002)
- Software Developer – 621 (NIST: SP-DEV-001)
Skill in recognizing vulnerabilities in information and/or data systems.
Core KSAT for the following Work Roles
- DevSecOps Specialist – 627 (NIST: N/A)
- Systems Security Analyst – 461 (NIST: OM-AN-001)
Additional KSAT for the following Work Roles
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
Core KSAT for the following Work Roles
- DevSecOps Specialist – 627 (NIST: N/A)
Additional KSAT for the following Work Roles
- Research & Development Specialist – 661 (NIST: SP-RD-001)
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Ability to match the appropriate knowledge repository technology for a given application or environment.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 5 |
Additional KSAT for the following Work Roles
- Knowledge Manager – 431 (NIST: OM-KM-001)
Knowledge of successful capabilities to identify the solutions to less common and more complex system problems.
Core KSAT for the following Work Roles
- Technical Support Specialist – 411 (NIST: OM-TS-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 7A |
Knowledge of authentication, authorization, and access control methods.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 8 |
Additional KSAT for the following Work Roles
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
- Security Architect – 652 (NIST: SP-ARC-002)
Knowledge of access authentication methods.
Core KSAT for the following Work Roles
- Information Systems Security Developer – 631 (NIST: SP-SYS-001)
Additional KSAT for the following Work Roles
- Systems Developer – 632 (NIST: SP-SYS-002)
Prepare COAs to address CCIR events.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 8154 |
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 8154 |
Knowledge of applicable business processes and operations of customer organizations.
Core KSAT for the following Work Roles
- Systems Requirements Planner – 641 (NIST: SP-RP-001)
Additional KSAT for the following Work Roles
- Information Systems Security Manager – 722 (NIST: OV-MG-001)
- Privacy Compliance Manager – 732 (NIST: OV-LG-002)
- Product Manager – 806 (NIST: N/A)
Knowledge of application vulnerabilities.
Core KSAT for the following Work Roles
- Executive Cyber Leader – 901 (NIST: OV-EX-001)
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Additional KSAT for the following Work Roles
- Research & Development Specialist – 661 (NIST: SP-RD-001)
Skill in conducting application vulnerability assessments.
Core KSAT for the following Work Roles
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 10A |
Knowledge of communication methods, principles, and concepts (e.g., crypto, dual hubs, time multiplexers) that support the network infrastructure.
Core KSAT for the following Work Roles
- Network Operations Specialist – 441 (NIST: OM-NET-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 12 |
Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
Core KSAT for the following Work Roles
- Network Operations Specialist – 441 (NIST: OM-NET-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 15B |
Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
Core KSAT for the following Work Roles
- Network Operations Specialist – 441 (NIST: OM-NET-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 15 |
Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
Core KSAT for the following Work Roles
- Executive Cyber Leader – 901 (NIST: OV-EX-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 15A |
Knowledge of capabilities and requirements analysis.
Core KSAT for the following Work Roles
- IT Project Manager – 802 (NIST: OV-PM-002)
- Product Designer User Interface (UI) – 625 (NIST: N/A)
- Product Manager – 806 (NIST: N/A)
- Service Designer User Experience (UX) – 626 (NIST: N/A)
- Software Test & Evaluation Specialist – 673 (NIST: N/A)
- Systems Requirements Planner – 641 (NIST: SP-RP-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 16 |
Knowledge of cyber defense and vulnerability assessment tools, including open source tools, and their capabilities.
Core KSAT for the following Work Roles
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
- Security Control Assessor – 612 (NIST: SP-RM-002)
Additional KSAT for the following Work Roles
- Authorizing Official/Designated Representative – 611 (NIST: SP-RM-001)
- Knowledge Manager – 431 (NIST: OM-KM-001)
Knowledge of complex data structures.
Core KSAT for the following Work Roles
- Software Developer – 621 (NIST: SP-DEV-001)
Additional KSAT for the following Work Roles
- Secure Software Assessor – 622 (NIST: SP-DEV-002)
Viewing page 1 of 155