Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 3 |
Additional KSAT for the following Work Roles
- Software Developer – 621 (NIST: SP-DEV-001)
Skill in recognizing vulnerabilities in security systems.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 3A |
Additional KSAT for the following Work Roles
- Control Systems Security Specialist – 462 (NIST: N/A)
Skill in conducting vulnerability scans and recognizing vulnerabilities in information systems and networks.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 3B |
Additional KSAT for the following Work Roles
- DevSecOps Specialist – 627 (NIST: N/A)
- Information Systems Security Developer – 631 (NIST: SP-SYS-001)
- Secure Software Assessor – 622 (NIST: SP-DEV-002)
- Security Control Assessor – 612 (NIST: SP-RM-002)
- Software Developer – 621 (NIST: SP-DEV-001)
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Skill in recognizing vulnerabilities in information and/or data systems.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 3C |
Additional KSAT for the following Work Roles
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
- DevSecOps Specialist – 627 (NIST: N/A)
- Systems Security Analyst – 461 (NIST: OM-AN-001)
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 4 |
Additional KSAT for the following Work Roles
- DevSecOps Specialist – 627 (NIST: N/A)
- Research & Development Specialist – 661 (NIST: SP-RD-001)
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Ability to match the appropriate knowledge repository technology for a given application or environment.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 5 |
Additional KSAT for the following Work Roles
- Knowledge Manager – 431 (NIST: OM-KM-001)
Knowledge of successful capabilities to identify the solutions to less common and more complex system problems.
Core KSAT for the following Work Roles
- Technical Support Specialist – 411 (NIST: OM-TS-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 7A |
Knowledge of authentication, authorization, and access control methods.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 8 |
Additional KSAT for the following Work Roles
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
- Security Architect – 652 (NIST: SP-ARC-002)
Knowledge of access authentication methods.
Core KSAT for the following Work Roles
- Information Systems Security Developer – 631 (NIST: SP-SYS-001)
Additional KSAT for the following Work Roles
- Systems Developer – 632 (NIST: SP-SYS-002)
Knowledge of applicable business processes and operations of customer organizations.
Core KSAT for the following Work Roles
- Systems Requirements Planner – 641 (NIST: SP-RP-001)
Additional KSAT for the following Work Roles
- Information Systems Security Manager – 722 (NIST: OV-MG-001)
- Privacy Compliance Manager – 732 (NIST: OV-LG-002)
- Product Manager – 806 (NIST: N/A)
Knowledge of application vulnerabilities.
Core KSAT for the following Work Roles
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Additional KSAT for the following Work Roles
- Executive Cyber Leader – 901 (NIST: OV-EX-001)
- Research & Development Specialist – 661 (NIST: SP-RD-001)
Skill in conducting application vulnerability assessments.
Core KSAT for the following Work Roles
- Vulnerability Assessment Analyst – 541 (NIST: PR-VA-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 10A |
Knowledge of communication methods, principles, and concepts (e.g., crypto, dual hubs, time multiplexers) that support the network infrastructure.
Core KSAT for the following Work Roles
- Network Operations Specialist – 441 (NIST: OM-NET-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 12 |
Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
Core KSAT for the following Work Roles
- Network Operations Specialist – 441 (NIST: OM-NET-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 15B |
Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
Core KSAT for the following Work Roles
- Network Operations Specialist – 441 (NIST: OM-NET-001)
Additional KSAT for the following Work Roles
No Work Roles with Additional KSAT 15 |
Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 15A |
Additional KSAT for the following Work Roles
- Executive Cyber Leader – 901 (NIST: OV-EX-001)
Knowledge of capabilities and requirements analysis.
Core KSAT for the following Work Roles
- IT Project Manager – 802 (NIST: OV-PM-002)
- Systems Requirements Planner – 641 (NIST: SP-RP-001)
Additional KSAT for the following Work Roles
- Product Designer User Interface (UI) – 625 (NIST: N/A)
- Product Manager – 806 (NIST: N/A)
- Service Designer User Experience (UX) – 626 (NIST: N/A)
- Software Test & Evaluation Specialist – 673 (NIST: N/A)
Knowledge of cyber defense and vulnerability assessment tools, including open source tools, and their capabilities.
Core KSAT for the following Work Roles
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
- Security Control Assessor – 612 (NIST: SP-RM-002)
Additional KSAT for the following Work Roles
- Authorizing Official/Designating Representative – 611 (NIST: SP-RM-001)
- Knowledge Manager – 431 (NIST: OM-KM-001)
Knowledge of complex data structures.
Core KSAT for the following Work Roles
No Work Roles with Core KSAT 20 |
Additional KSAT for the following Work Roles
- Secure Software Assessor – 622 (NIST: SP-DEV-002)
- Software Developer – 621 (NIST: SP-DEV-001)
Knowledge of computer algorithms.
Core KSAT for the following Work Roles
- Information Systems Security Developer – 631 (NIST: SP-SYS-001)
Additional KSAT for the following Work Roles
- AI/ML Specialist – 623 (NIST: N/A)
- Cyber Defense Analyst – 511 (NIST: PR-DA-001)
- DevSecOps Specialist – 627 (NIST: N/A)
- Security Architect – 652 (NIST: SP-ARC-002)
- Systems Security Analyst – 461 (NIST: OM-AN-001)
Viewing page 1 of 119