Task ID: T0166

Task Description: Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

Work Roles with this Task:

• Work Role ID: PR-CDA-001
  Work Roles: Cyber Defense Analyst
  Work Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
  Category: Protect and Defend
  Specialty Area(s): Cyber Defense Analysis