Knowledge ID: K0042

Knowledge Description: Knowledge of incident response and handling methodologies. 

Work Roles with this Knowledge:

• Work Role ID: IN-FOR-001
  Work Roles: Law Enforcement/Counterintelligence Forensics Analyst
  Work Role Description: Conducts detailed investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
  Category: Investigate
  Specialty Area(s): Digital Forensics
• Work Role ID: IN-FOR-002
  Work Roles: Cyber Defense Forensics Analyst
  Work Role Description: Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.
  Category: Investigate
  Specialty Area(s): Digital Forensics
• Work Role ID: OV-MGT-001
  Work Roles: Information Systems Security Manager
  Work Role Description: Responsible for the cybersecurity of a program, organization, system, or enclave.
  Category: Oversee and Govern
  Specialty Area(s): Cybersecurity Management
• Work Role ID: OV-MGT-002
  Work Roles: Communications Security (COMSEC) Manager
  Work Role Description: Individual who manages the Communications Security (COMSEC) resources of an organization (CNSSI 4009) or key custodian for a Crypto Key Management System (CKMS).
  Category: Oversee and Govern
  Specialty Area(s): Cybersecurity Management
• Work Role ID: PR-CDA-001
  Work Roles: Cyber Defense Analyst
  Work Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
  Category: Protect and Defend
  Specialty Area(s): Cyber Defense Analysis
• Work Role ID: PR-CIR-001
  Work Roles: Cyber Defense Incident Responder
  Work Role Description: Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
  Category: Protect and Defend
  Specialty Area(s): Incident Response
• Work Role ID: PR-INF-001
  Work Roles: Cyber Defense Infrastructure Support Specialist
  Work Role Description: Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
  Category: Protect and Defend
  Specialty Area(s): Cyber Defense Infrastructure Support