Knowledge ID: K0724
Knowledge of incident response principles and practices
Work roles with this Knowledge
Communications Security (COMSEC) Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-001Responsible for managing the Communications Security (COMSEC) resources of an organization.
Product Support Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-009Responsible for planning, estimating costs, budgeting, developing, implementing, and managing product support strategies in order to field and maintain the readiness and operational capability of systems and components.
Systems Security Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-014Responsible for managing the cybersecurity of a program, organization, system, or enclave.
Defensive Cybersecurity
Category: Protection and DefenseNICE Framework ID: PD-WRL-001Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Digital Forensics
Category: Protection and DefenseNICE Framework ID: PD-WRL-002Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.
Incident Response
Category: Protection and DefenseNICE Framework ID: PD-WRL-003Responsible for investigating, analyzing, and responding to network cybersecurity incidents.
Infrastructure Support
Category: Protection and DefenseNICE Framework ID: PD-WRL-004Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.
Digital Evidence Analysis
Category: InvestigationNICE Framework ID: IN-WRL-002Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)