Knowledge of incident handling tools and techniques
Work roles with this Knowledge
Communications Security (COMSEC) Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-001Responsible for managing the Communications Security (COMSEC) resources of an organization.
Systems Security Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-014Responsible for managing the cybersecurity of a program, organization, system, or enclave.
Technical Support
Category: Implementation and OperationNICE Framework ID: IO-WRL-007Responsible for providing technical support to customers who need assistance utilizing client-level hardware and software in accordance with established or approved organizational policies and processes.
Defensive Cybersecurity
Category: Protection and DefenseNICE Framework ID: PD-WRL-001Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Digital Forensics
Category: Protection and DefenseNICE Framework ID: PD-WRL-002Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.
Incident Response
Category: Protection and DefenseNICE Framework ID: PD-WRL-003Responsible for investigating, analyzing, and responding to network cybersecurity incidents.
Infrastructure Support
Category: Protection and DefenseNICE Framework ID: PD-WRL-004Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.
Digital Evidence Analysis
Category: InvestigationNICE Framework ID: IN-WRL-002Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)