Task ID: T0166

Task Description: Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

Work Roles with this Task:

  • Work Role ID: PR-CDA-001
    Work Role Name: Cyber Defense Analyst
    Work Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
    Specialty Area(s): Cyber Defense Analysis