Skill in performing log file analysis
Work roles with this Skill
Defensive Cybersecurity
Category: Protection and DefenseNICE Framework ID: PD-WRL-001Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Digital Forensics
Category: Protection and DefenseNICE Framework ID: PD-WRL-002Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.
Incident Response
Category: Protection and DefenseNICE Framework ID: PD-WRL-003Responsible for investigating, analyzing, and responding to network cybersecurity incidents.
Insider Threat Analysis
Category: Protection and DefenseNICE Framework ID: PD-WRL-005Responsible for identifying and assessing the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.
Cybercrime Investigation
Category: InvestigationNICE Framework ID: IN-WRL-001Responsible for investigating cyberspace intrusion incidents and crimes. Applies tactics, techniques, and procedures for a full range of investigative tools and processes and appropriately balances the benefits of prosecution versus intelligence gathering.
Digital Evidence Analysis
Category: InvestigationNICE Framework ID: IN-WRL-002Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 2.0.0)