Attention: November 11th is the last day to access FedVTE. Users may access FedVTE until 6PM EST on November 11th. After this time FedVTE will be permanently decommissioned. Starting November 15th, users will be able to access all the same learning content through CISA Learning. Stay tuned for more details about the CISA Learning platform.

Knowledge ID: K0858

Knowledge of virtual machine detection tools and techniques

Work roles with this Knowledge

  • Cybersecurity Instruction

    NICE Framework ID: OG-WRL-005

    Responsible for developing and conducting cybersecurity awareness, training, or education.

  • Security Control Assessment

    NICE Framework ID: OG-WRL-012

    Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.

  • Systems Administration

    NICE Framework ID: IO-WRL-005

    Responsible for setting up and maintaining a system or specific components of a system in adherence with organizational security policies and procedures. Includes hardware and software installation, configuration, and updates; user account management; backup and recovery management; and security control implementation.

  • Digital Forensics

    NICE Framework ID: PD-WRL-002

    Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.

  • Threat Analysis

    NICE Framework ID: PD-WRL-006

    Responsible for collecting, processing, analyzing, and disseminating cybersecurity threat assessments. Develops cybersecurity indicators to maintain awareness of the status of the highly dynamic operating environment.

  • Digital Evidence Analysis

    Category: Investigation
    NICE Framework ID: IN-WRL-002

    Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.

  • All-Source Analysis

    NICE Framework ID: CI-WRL-001

    Responsible for analyzing data and information from one or multiple sources to conduct preparation of the operational environment, respond to requests for information, and submit intelligence collection and production requirements in support of intelligence planning and operations.

  • All-Source Collection Management

    NICE Framework ID: CI-WRL-002

    Responsible for identifying intelligence collection authorities and environment; incorporating priority information requirements into intelligence collection management; and developing concepts to meet leadership's intent. Determines capabilities of available intelligence collection assets; constructs and disseminates intelligence collection plans; and monitors execution of intelligence collection tasks to ensure effective execution of collection plans.

  • All-Source Collection Requirements Management

    NICE Framework ID: CI-WRL-003

    Responsible for evaluating intelligence collection operations and developing effects-based collection requirements strategies using available sources and methods to improve collection. Develops, processes, validates, and coordinates submission of intelligence collection requirements. Evaluates performance of intelligence collection assets and operations.

  • Cyber Intelligence Planning

    NICE Framework ID: CI-WRL-004

    Responsible for developing intelligence plans to satisfy cyber operation requirements. Identifies, validates, and levies requirements for intelligence collection and analysis. Participates in targeting selection, validation, synchronization, and execution of cyber actions. Synchronizes intelligence activities to support organization objectives in cyberspace.

  • Cyberspace Operations

    NICE Framework ID: CE-WRL-001

    Responsible for gathering evidence on criminal or foreign intelligence entities to mitigate and protect against possible or real-time threats. Conducts collection, processing, and geolocation of systems to exploit, locate, and track targets. Performs network navigation and tactical forensic analysis and executes on-net operations when directed.

  • Cyber Operations Planning

    NICE Framework ID: CE-WRL-002

    Responsible for developing cybersecurity operations plans; participating in targeting selection, validation, and synchronization; and enabling integration during the execution of cyber actions.

  • Mission Assessment

    NICE Framework ID: CE-WRL-004

    Responsible for developing assessment plans and performance measures; conducting strategic and operational effectiveness assessments for cyber events; determining whether systems perform as expected; and providing input to the determination of operational effectiveness.