NICE Framework ID
NF-COM-007
- K0092: Knowledge of technology integration processes
- K0644: Knowledge of cybersecurity operation policies and procedures
- K0651: Knowledge of trustworthiness principles
- K0653: Knowledge of cybersecurity practices in the acquisition process
- K0677: Knowledge of cybersecurity policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0689: Knowledge of network infrastructure principles and practices
- K0701: Knowledge of data backup and recovery policies and procedures
- K0702: Knowledge of data warehousing principles and practices
- K0709: Knowledge of business continuity and disaster recovery (BCDR) policies and procedures
- K0710: Knowledge of enterprise cybersecurity architecture principles and practices
- K0715: Knowledge of resiliency and redundancy principles and practices
- K0721: Knowledge of risk management principles and practices
- K0724: Knowledge of incident response principles and practices
- K0731: Knowledge of systems security engineering (SSE) principles and practices
- K0733: Knowledge of information technology (IT) architecture models and frameworks
- K0745: Knowledge of parallel and distributed computing principles and practices
- K0749: Knowledge of process engineering principles and practices
- K0751: Knowledge of system threats
- K0756: Knowledge of security management principles and practices
- K0771: Knowledge of system life cycle management principles and practices
- K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
- K0780: Knowledge of hardware maintenance policies and procedures
- K0789: Knowledge of adversarial tactics tools and techniques
- K0791: Knowledge of defense-in-depth principles and practices
- K0798: Knowledge of program management principles and practices
- K0806: Knowledge of machine virtualization tools and techniques
- K0820: Knowledge of supply chain risks
- K0822: Knowledge of risk tolerance principles and practices
- K0834: Knowledge of technology procurement principles and practices
- K0835: Knowledge of risk assessment principles and practices
- K0837: Knowledge of hardening tools and techniques
- K0848: Knowledge of network systems management principles and practices
- K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
- K0871: Knowledge of enterprise architecture (EA) principles and practices
- K0898: Knowledge of cloud service models and frameworks
- K0912: Knowledge of sustainment principles and practices
- K0920: Knowledge of risk management policies and procedures
- K0928: Knowledge of systems engineering principles and practices
- K0958: Knowledge of system integration principles and practices
- K0994: Knowledge of denial and deception tools and techniques
- K1014: Knowledge of network security principles and practices
- K1017: Knowledge of operational effectiveness assessment principles and practices
- K1021: Knowledge of resource and asset readiness reporting policies and procedures
- K1054: Knowledge of red team functions and capabilities
- K1065: Knowledge of network operations principles and practices
- K1072: Knowledge of automated security control testing tools and techniques
- K1077: Knowledge of data security controls
- K1159: Knowledge of fail-over or alternate site requirements
- K1179: Knowledge of organization's security strategy
- K1209: Knowledge of risk mitigation principles and practices
- K1212: Knowledge of security controls
- K1276: Knowledge of advanced persistent threats (APTs)
- K1277: Knowledge of cyber resiliency goals and objectives
- K1278: Knowledge of data vaulting principles and practices
- K1279: Knowledge of threat-informed defense
- S0136: Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
- S0141: Skill in assessing security systems designs
- S0383: Skill in analyzing an organization's enterprise information technology architecture
- S0384: Skill in applying standards
- S0391: Skill in creating technical documentation
- S0396: Skill in forecasting requirements
- S0418: Skill in applying secure network architectures
- S0419: Skill in designing systems
- S0428: Skill in designing architectures
- S0432: Skill in coordinating cybersecurity operations across an organization
- S0438: Skill in functioning effectively in a dynamic, fast-paced environment
- S0449: Skill in maintaining automated security control systems
- S0451: Skill in deploying continuous monitoring technologies
- S0453: Skill in creating a risk management strategy
- S0458: Skill in coordinating efforts between stakeholders
- S0459: Skill in creating security assessment reports
- S0464: Skill in applying stakeholder management within a system development life cycle
- S0495: Skill in determining asset availability, capabilities, and limitations
- S0508: Skill in managing enterprise-wide information
- S0545: Skill in designing data storage solutions
- S0551: Skill in applying information technologies into proposed solutions
- S0564: Skill in creating system security policies
- S0574: Skill in developing security system controls
- S0575: Skill in developing network infrastructure contingency and recovery plans
- S0576: Skill in testing network infrastructure contingency and recovery plans
- S0578: Skill in evaluating security designs
- S0580: Skill in monitoring system performance
- S0583: Skill in implementing established network security practices
- S0619: Skill in auditing technical systems
- S0620: Skill in evaluating the trustworthiness of a supply chain
- S0637: Skill in designing multi-level security solutions
- S0654: Skill in conducting system reviews
- S0664: Skill in applying policies that meet system security objectives
- S0666: Skill in defining performance objectives
- S0671: Skill in implementing network infrastructure contingency and recovery plans
- S0673: Skill in translating operational requirements into security controls
- S0681: Skill in performing design modeling
- S0723: Skill in interpreting vulnerability scanner results
- S0744: Skill in performing technical writing
- S0771: Skill in creating planning documents
- S0772: Skill in maintaining planning documents
- S0804: Skill in assessing an organization's threat environment
- S0808: Skill in assessing an organization’s data assets
- S0818: Skill in building internal and external stakeholder relationships
- S0821: Skill in collaborating with internal and external stakeholders
- S0834: Skill in developing technical reports
- S0839: Skill in identifying exploited system weaknesses
- S0853: Skill in performing cybersecurity architecture analysis
- S0880: Skill in performing security architecture analysis
- S0917: Skill in forecasting likely impacts on mission or business functions resulting from adversity
- S0918: Skill in conducting ongoing monitoring of system properties and behaviors
- S0919: Skill in evaluating threats, events, and courses of action in the context of mission or business functions
- S0920: Skill in establishing segmentation of system assets based on criticality and trustworthiness
- S0921: Skill in performing telemetry analysis
- S0922: Skill in making decisions under conditions of uncertainty
- S0923: Skill in communicating at varying levels of technical detail with stakeholders of various backgrounds
- S0924: Skill in crisis management
- S0925: Skill in developing and analyzing attack paths
- S0926: Skill in designing and maintaining threat catalogs
- S0927: Skill in defining contingency plans
- S0928: Skill in defining loss scenarios
- S0929: Skill in designing air-gapped data vault solutions
- S0930: Skill in defining impact tolerance statements
- S0931: Skill in conducting technical business impact analysis
- S0932: Skill in protecting critical assets
- S0933: Skill in designing enhanced controls for critical assets
- S0934: Skill in performing Fault Tree Analysis (FTA)
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 2.0.0)