Knowledge ID: K0728

Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices

Work roles with this Knowledge

  • Cybersecurity Instruction

    NICE Framework ID: OG-WRL-005

    Responsible for developing and conducting cybersecurity awareness, training, or education.

  • Executive Cybersecurity Leadership

    NICE Framework ID: OG-WRL-007

    Responsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.

  • Product Support Management

    NICE Framework ID: OG-WRL-009

    Responsible for planning, estimating costs, budgeting, developing, implementing, and managing product support strategies in order to field and maintain the readiness and operational capability of systems and components.

  • Program Management

    NICE Framework ID: OG-WRL-010

    Responsible for leading, coordinating, and the overall success of a defined program. Includes communicating about the program and ensuring alignment with agency or organizational priorities.

  • Secure Project Management

    NICE Framework ID: OG-WRL-011

    Responsible for overseeing and directly managing technology projects. Ensures cybersecurity is built into projects to protect the organization’s critical infrastructure and assets, reduce risk, and meet organizational goals. Tracks and communicates project status and demonstrates project value to the organization.

  • Security Control Assessment

    NICE Framework ID: OG-WRL-012

    Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.

  • Systems Authorization

    NICE Framework ID: OG-WRL-013

    Responsible for operating an information system at an acceptable level of risk to organizational operations, organizational assets, individuals, other organizations, and the nation.

  • Cybersecurity Architecture

    NICE Framework ID: DD-WRL-001

    Responsible for ensuring that security requirements are adequately addressed in all aspects of enterprise architecture, including reference models, segment and solution architectures, and the resulting systems that protect and support organizational mission and business processes.

  • Enterprise Architecture

    NICE Framework ID: DD-WRL-002

    Responsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.

  • Secure Software Development

    NICE Framework ID: DD-WRL-003

    Responsible for developing, creating, modifying, and maintaining computer applications, software, or specialized utility programs.

  • Secure Systems Development

    NICE Framework ID: DD-WRL-004

    Responsible for the secure design, development, and testing of systems and the evaluation of system security throughout the systems development life cycle.

  • Software Security Assessment

    NICE Framework ID: DD-WRL-005

    Responsible for analyzing the security of new or existing computer applications, software, or specialized utility programs and delivering actionable results.

  • Systems Requirements Planning

    NICE Framework ID: DD-WRL-006

    Responsible for consulting with internal and external customers to evaluate and translate functional requirements and integrating security policies into technical solutions.

  • Systems Testing and Evaluation

    NICE Framework ID: DD-WRL-007

    Responsible for planning, preparing, and executing system tests; evaluating test results against specifications and requirements; and reporting test results and findings.

  • Systems Administration

    NICE Framework ID: IO-WRL-005

    Responsible for setting up and maintaining a system or specific components of a system in adherence with organizational security policies and procedures. Includes hardware and software installation, configuration, and updates; user account management; backup and recovery management; and security control implementation.

  • Systems Security Analysis

    NICE Framework ID: IO-WRL-006

    Responsible for developing and analyzing the integration, testing, operations, and maintenance of systems security. Prepares, performs, and manages the security aspects of implementing and operating a system.

  • Defensive Cybersecurity

    NICE Framework ID: PD-WRL-001

    Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.

  • Infrastructure Support

    NICE Framework ID: PD-WRL-004

    Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.

  • Vulnerability Analysis

    NICE Framework ID: PD-WRL-007

    Responsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.

  • Exploitation Analysis

    NICE Framework ID: CE-WRL-003

    Responsible for identifying access and intelligence collection gaps that can be satisfied through cyber collection and/or preparation activities. Leverages all authorized resources and analytic techniques to penetrate targeted networks.