OG-WRL-005

Cybersecurity Instruction

Responsible for developing and conducting cybersecurity awareness, training, or education.

Task statements

T0101: Evaluate the effectiveness and comprehensiveness of existing training programs
T1008: Prepare and deliver education and awareness briefings
T1009: Create a cybersecurity awareness program
T1020: Determine the operational and safety impacts of cybersecurity lapses
T1025: Implement organizational training and education policies and procedures
T1036: Integrate leadership priorities
T1038: Integrate organization objectives in intelligence collection
T1054: Scope analysis reports to various audiences that accounts for data sharing classification restrictions
T1093: Conduct interactive training exercises
T1156: Develop awareness and training materials
T1157: Identify pertinent awareness and training materials
T1311: Design and execute exercise scenarios
T1334: Produce cybersecurity instructional materials
T1411: Develop technical training curriculum and resources
T1412: Deliver technical training to customers
T1413: Develop training modules and classes
T1414: Develop training assignments
T1415: Develop training evaluations
T1416: Develop grading and proficiency standards
T1417: Create learner development, training, and remediation plans
T1418: Develop learning objectives and goals
T1419: Develop organizational training materials
T1421: Develop proficiency assessments
T1446: Conduct learning needs assessments
T1447: Identify training requirements
T1462: Develop cybersecurity training policies and procedures
T1463: Develop cybersecurity curriculum goals and objectives
T1485: Prepare after action reviews (AARs)
T1517: Deliver training courses
T1537: Determine if cybersecurity training, education, and awareness meet established goals
T1594: Plan classroom learning sessions
T1595: Coordinate training and education
T1596: Plan delivery of non-classroom learning
T1609: Recommend revisions to learning materials and curriculum
T1870: Create privacy training materials
T1871: Prepare privacy awareness communications
T1873: Deliver privacy awareness trainings

Knowledge statements

K0638: Knowledge of security awareness programs
K0643: Knowledge of virtual learning environments
K0654: Knowledge of target audience requirements
K0659: Knowledge of information privacy technologies
K0674: Knowledge of computer networking protocols
K0675: Knowledge of risk management processes
K0676: Knowledge of cybersecurity laws and regulations
K0677: Knowledge of cybersecurity policies and procedures
K0678: Knowledge of privacy laws and regulations
K0679: Knowledge of privacy policies and procedures
K0680: Knowledge of cybersecurity principles and practices
K0681: Knowledge of privacy principles and practices
K0682: Knowledge of cybersecurity threats
K0683: Knowledge of cybersecurity vulnerabilities
K0684: Knowledge of cybersecurity threat characteristics
K0685: Knowledge of access control principles and practices
K0686: Knowledge of authentication and authorization tools and techniques
K0689: Knowledge of network infrastructure principles and practices
K0718: Knowledge of network communications principles and practices
K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
K0729: Knowledge of non-repudiation principles and practices
K0730: Knowledge of cyber safety principles and practices
K0736: Knowledge of information technology (IT) security principles and practices
K0743: Knowledge of new and emerging technologies
K0744: Knowledge of operating system (OS) systems and software
K0751: Knowledge of system threats
K0752: Knowledge of system vulnerabilities
K0759: Knowledge of client and server architecture
K0766: Knowledge of data asset management principles and practices
K0770: Knowledge of system administration principles and practices
K0773: Knowledge of telecommunications principles and practices
K0792: Knowledge of network configurations
K0801: Knowledge of cognitive domain models and frameworks
K0805: Knowledge of command-line tools and techniques
K0806: Knowledge of machine virtualization tools and techniques
K0810: Knowledge of deployable forensics principles and practices
K0812: Knowledge of digital communication systems and software
K0818: Knowledge of new and emerging cybersecurity risks
K0825: Knowledge of threat vector characteristics
K0831: Knowledge of network attack vectors
K0837: Knowledge of hardening tools and techniques
K0839: Knowledge of critical infrastructure systems and software
K0858: Knowledge of virtual machine detection tools and techniques
K0863: Knowledge of cloud computing principles and practices
K0864: Knowledge of knowledge management principles and practices
K0865: Knowledge of data classification standards and best practices
K0866: Knowledge of data classification tools and techniques
K0881: Knowledge of learning assessment tools and techniques
K0885: Knowledge of instructional design principles and practices
K0886: Knowledge of instructional design models and frameworks
K0887: Knowledge of training policies and procedures
K0888: Knowledge of Bloom's Taxonomy learning levels
K0889: Knowledge of learning management system (LMS) systems and software
K0890: Knowledge of learning modes
K0893: Knowledge of training systems and software
K0905: Knowledge of media production tool and techniques
K0910: Knowledge of needs assessment principles and practices
K0923: Knowledge of operating system structures and internals
K0924: Knowledge of network analysis tools and techniques
K0934: Knowledge of data classification policies and procedures
K0983: Knowledge of computer networking principles and practices
K1014: Knowledge of network security principles and practices
K1032: Knowledge of satellite-based communication systems and software
K1055: Knowledge of digital forensics principles and practices
K1069: Knowledge of virtual machine tools and technologies
K1083: Knowledge of cybersecurity competitions
K1087: Knowledge of social engineering tools and techniques
K1088: Knowledge of knowledge management tools and techniques
K1089: Knowledge of protocol analyzer tools and techniques

Skill statements

S0097: Skill in applying security controls
S0156: Skill in performing packet-level analysis
S0379: Skill in verifying participation in a security awareness program
S0380: Skill in facilitating cybersecurity awareness briefings
S0381: Skill in developing training programs
S0385: Skill in communicating complex concepts
S0386: Skill in communicating verbally
S0387: Skill in communicating in writing
S0388: Skill in facilitating small group discussions
S0389: Skill in facilitating group discussions
S0390: Skill in assessing learner comprehension
S0391: Skill in creating technical documentation
S0392: Skill in providing training and education feedback to learners
S0393: Skill in developing assessments
S0394: Skill in developing security assessments
S0395: Skill in developing instructional materials
S0424: Skill in executing command line tools
S0430: Skill in collaborating with others
S0431: Skill in applying critical thinking
S0467: Skill in conducting an education needs assessment
S0468: Skill in conducting a training needs assessment
S0472: Skill in developing virtual machines
S0473: Skill in maintaining virtual machines
S0483: Skill in identifying software communications vulnerabilities
S0530: Skill in conducting research
S0543: Skill in scanning for vulnerabilities
S0544: Skill in recognizing vulnerabilities
S0572: Skill in detecting host- and network-based intrusions
S0591: Skill in performing social engineering
S0592: Skill in tuning network sensors
S0597: Skill in writing code in a currently supported programming language
S0600: Skill in collecting relevant data from a variety of sources
S0601: Skill in developing curricula
S0602: Skill in teaching training programs
S0610: Skill in communicating effectively
S0612: Skill in performing digital forensics analysis
S0613: Skill in configuring software-based computer protection tools
S0618: Skill in configuring network protection components
S0628: Skill in developing learning activities
S0629: Skill in applying technologies for instructional purposes
S0643: Skill in applying hardening techniques
S0651: Skill in performing malware analysis
S0686: Skill in performing risk assessments
S0688: Skill in performing network data analysis
S0712: Skill in evaluating data source quality
S0713: Skill in evaluating information quality
S0738: Skill in performing reverse engineering of software
S0739: Skill in analyzing intelligence products
S0744: Skill in performing technical writing
S0754: Skill in establishing persistence
S0756: Skill in incorporating feedback
S0791: Skill in presenting to an audience
S0800: Skill in analyzing organizational patterns and relationships
S0807: Skill in solving problems
S0874: Skill in performing network traffic analysis

Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)