Knowledge ID: K0042
Knowledge Description: Knowledge of incident response and handling methodologies.
Work Roles with this Knowledge:
- Work Role ID: IN-FOR-001Work Role Description: Conducts detailed investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.Category: InvestigateSpecialty Area(s): Digital Forensics
- Work Role ID: IN-FOR-002Work Roles: Cyber Defense Forensics AnalystWork Role Description: Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.Category: InvestigateSpecialty Area(s): Digital Forensics
- Work Role ID: OV-MGT-001Work Roles: Information Systems Security ManagerWork Role Description: Responsible for the cybersecurity of a program, organization, system, or enclave.Category: Oversee and GovernSpecialty Area(s): Cybersecurity Management
- Work Role ID: OV-MGT-002Work Roles: Communications Security (COMSEC) ManagerWork Role Description: Individual who manages the Communications Security (COMSEC) resources of an organization (CNSSI 4009) or key custodian for a Crypto Key Management System (CKMS).Category: Oversee and GovernSpecialty Area(s): Cybersecurity Management
- Work Role ID: PR-CDA-001Work Roles: Cyber Defense AnalystWork Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.Category: Protect and DefendSpecialty Area(s): Cyber Defense Analysis
- Work Role ID: PR-CIR-001Work Roles: Cyber Defense Incident ResponderWork Role Description: Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.Category: Protect and DefendSpecialty Area(s): Incident Response
- Work Role ID: PR-INF-001Work Roles: Cyber Defense Infrastructure Support SpecialistWork Role Description: Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.Category: Protect and DefendSpecialty Area(s): Cyber Defense Infrastructure Support