Knowledge ID: K0013
Knowledge Description: Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
Work Roles with this Knowledge:
- Work Role ID: OM-KMG-001Work Roles: Knowledge ManagerWork Role Description: Responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content.Category: Operate and MaintainSpecialty Area(s): Knowledge Management
- Work Role ID: PR-CDA-001Work Roles: Cyber Defense AnalystWork Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.Category: Protect and DefendSpecialty Area(s): Cyber Defense Analysis
- Work Role ID: SP-ARC-002Work Roles: Security ArchitectWork Role Description: Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.Specialty Area(s): Systems Architecture
- Work Role ID: SP-RSK-001Work Roles: Authorizing Official/Designating RepresentativeWork Role Description: Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).Specialty Area(s): Risk Management
- Work Role ID: SP-RSK-002Work Roles: Security Control AssessorWork Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).Specialty Area(s): Risk Management