Knowledge ID: K0107

Knowledge Description: Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations. 

Work Roles with this Knowledge:

• Work Role ID: IN-FOR-001
  Work Roles: Law Enforcement/Counterintelligence Forensics Analyst
  Work Role Description: Conducts detailed investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
  Category: Investigate
  Specialty Area(s): Digital Forensics
• Work Role ID: IN-INV-001
  Work Roles: Cyber Crime Investigator
  Work Role Description: Identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative techniques.
  Category: Investigate
  Specialty Area(s): Cyber Investigation
• Work Role ID: OV-LGA-001
  Work Roles: Cyber Legal Advisor
  Work Role Description: Provides legal advice and recommendations on relevant topics related to cyber law.
  Category: Oversee and Govern
  Specialty Area(s): Legal Advice and Advocacy
• Work Role ID: PR-CDA-001
  Work Roles: Cyber Defense Analyst
  Work Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
  Category: Protect and Defend
  Specialty Area(s): Cyber Defense Analysis