Knowledge ID: K0042

Knowledge Description: Knowledge of incident response and handling methodologies.

Work Roles with this Knowledge:

Work Role ID: IN-FOR-001
Work Roles: Law Enforcement/Counterintelligence Forensics Analyst
Work Role Description: Conducts detailed investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
Category: Investigate
Specialty Area(s): Digital Forensics
Work Role ID: IN-FOR-002
Work Roles: Cyber Defense Forensics Analyst
Work Role Description: Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.
Category: Investigate
Specialty Area(s): Digital Forensics
Work Role ID: OV-MGT-001
Work Roles: Information Systems Security Manager
Work Role Description: Responsible for the cybersecurity of a program, organization, system, or enclave.
Category: Oversee and Govern
Specialty Area(s): Cybersecurity Management
Work Role ID: OV-MGT-002
Work Roles: Communications Security (COMSEC) Manager
Work Role Description: Individual who manages the Communications Security (COMSEC) resources of an organization (CNSSI 4009) or key custodian for a Crypto Key Management System (CKMS).
Category: Oversee and Govern
Specialty Area(s): Cybersecurity Management
Work Role ID: PR-CDA-001
Work Roles: Cyber Defense Analyst
Work Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Category: Protect and Defend
Specialty Area(s): Cyber Defense Analysis
Work Role ID: PR-CIR-001
Work Roles: Cyber Defense Incident Responder
Work Role Description: Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
Category: Protect and Defend
Specialty Area(s): Incident Response
Work Role ID: PR-INF-001
Work Roles: Cyber Defense Infrastructure Support Specialist
Work Role Description: Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
Category: Protect and Defend
Specialty Area(s): Cyber Defense Infrastructure Support

The NICE Framework data presented on these pages was last updated by NIST on July 7, 2020 and will be updated when the official Revision 1 data is released.