Knowledge ID: K0009

Knowledge Description: Knowledge of application vulnerabilities. 

Work Roles with this Knowledge:

  • Work Role ID: AN-EXP-001
    Work Role Name: Exploitation Analyst
    Work Role Description: Collaborates to identify access and collection gaps that can be satisfied through cyber collection and/or preparation activities. Leverages all authorized resources and analytic techniques to penetrate targeted networks.
    Category: Analyze
    Specialty Area(s): Exploitation Analysis
  • Work Role ID: CO-OPS-001
    Work Role Name: Cyber Operator
    Work Role Description: Conducts collection, processing, and/or geolocation of systems to exploit, locate, and/or track targets of interest. Performs network navigation, tactical forensic analysis, and, when directed, executes on-net operations.
    Specialty Area(s): Cyber Operations
  • Work Role ID: OV-EXL-001
    Work Role Description: Executes decision-making authorities and establishes vision and direction for an organization's cyber and cyber-related resources and/or operations.
    Specialty Area(s): Executive Cyber Leadership
  • Work Role ID: PR-VAM-001
    Work Role Description: Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
  • Work Role ID: SP-ARC-002
    Work Role Name: Security Architect
    Work Role Description: Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.
    Specialty Area(s): Systems Architecture
  • Work Role ID: SP-RSK-002
    Work Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
    Specialty Area(s): Risk Management
  • Work Role ID: SP-TRD-001
    Work Role Description: Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
    Specialty Area(s): Technology R&D