Knowledge ID: K0879
Knowledge of industry cybersecurity models and frameworks
Work roles with this Knowledge
Security Control Assessment
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-012Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.
Systems Authorization
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-013Responsible for operating an information system at an acceptable level of risk to organizational operations, organizational assets, individuals, other organizations, and the nation.
Enterprise Architecture
Category: Design and DevelopmentNICE Framework ID: DD-WRL-002Responsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.
Secure Systems Development
Category: Design and DevelopmentNICE Framework ID: DD-WRL-004Responsible for the secure design, development, and testing of systems and the evaluation of system security throughout the systems development life cycle.
Systems Testing and Evaluation
Category: Design and DevelopmentNICE Framework ID: DD-WRL-007Responsible for planning, preparing, and executing system tests; evaluating test results against specifications and requirements; and reporting test results and findings.
Network Operations
Category: Implementation and OperationNICE Framework ID: IO-WRL-004Responsible for planning, implementing, and operating network services and systems, including hardware and virtual environments.
Systems Security Analysis
Category: Implementation and OperationNICE Framework ID: IO-WRL-006Responsible for developing and analyzing the integration, testing, operations, and maintenance of systems security. Prepares, performs, and manages the security aspects of implementing and operating a system.
Defensive Cybersecurity
Category: Protection and DefenseNICE Framework ID: PD-WRL-001Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Vulnerability Analysis
Category: Protection and DefenseNICE Framework ID: PD-WRL-007Responsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)