Design and Development
DD-WRL-002
Enterprise Architecture
Responsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.
- T0084: Employ secure configuration management processes
- T0542: Translate proposed capabilities into technical requirements
- T1010: Communicate enterprise information technology architecture
- T1019: Determine special needs of cyber-physical systems
- T1020: Determine the operational and safety impacts of cybersecurity lapses
- T1027: Integrate organizational goals and objectives into security architecture
- T1077: Assess the organization's cybersecurity architecture
- T1096: Perform privacy impact assessments (PIAs)
- T1100: Configure network hubs, routers, and switches
- T1101: Optimize network hubs, routers, and switches
- T1122: Determine essential system capabilities and business functions
- T1123: Prioritize essential system capabilities and business functions
- T1124: Restore essential system capabilities and business functions after catastrophic failure events
- T1125: Define system availability levels
- T1126: Determine disaster recovery and continuity of operations system requirements
- T1179: Determine if systems and architecture are consistent with cybersecurity architecture guidelines
- T1294: Advise on Risk Management Framework process activities and documentation
- T1363: Plan system security development
- T1364: Conduct system security development
- T1403: Allocate cybersecurity services
- T1404: Select cybersecurity mechanisms
- T1410: Develop system security contexts
- T1423: Create system security concept of operations (ConOps) documents
- T1426: Determine cybersecurity design and architecture effectiveness
- T1429: Prepare trend analysis reports
- T1434: Create cybersecurity architecture functional specifications
- T1507: Determine user requirements
- T1508: Plan cybersecurity architecture
- T1519: Design system security measures
- T1520: Update system security measures
- T1521: Develop enterprise architecture
- T1527: Define baseline system security requirements
- T1544: Create definition activity documentation
- T1545: Create architecture activity documentation
- T1563: Implement system security measures
- T1583: Determine effectiveness of system implementation and testing processes
- T1591: Address security architecture gaps
- T1597: Plan implementation strategies
- T1598: Assess the integration and alignment capabilities of enterprise components
- T1606: Prepare impact reports
- T1626: Determine impact of new systems and system interfaces on current and target environments
- K0646: Knowledge of system optimization techniques
- K0674: Knowledge of computer networking protocols
- K0675: Knowledge of risk management processes
- K0676: Knowledge of cybersecurity laws and regulations
- K0677: Knowledge of cybersecurity policies and procedures
- K0678: Knowledge of privacy laws and regulations
- K0679: Knowledge of privacy policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0681: Knowledge of privacy principles and practices
- K0682: Knowledge of cybersecurity threats
- K0683: Knowledge of cybersecurity vulnerabilities
- K0684: Knowledge of cybersecurity threat characteristics
- K0685: Knowledge of access control principles and practices
- K0686: Knowledge of authentication and authorization tools and techniques
- K0707: Knowledge of database systems and software
- K0710: Knowledge of enterprise cybersecurity architecture principles and practices
- K0711: Knowledge of evaluation and validation principles and practices
- K0714: Knowledge of electrical engineering principles and practices
- K0720: Knowledge of Security Assessment and Authorization (SA&A) processes
- K0727: Knowledge of analysis standards and best practices
- K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
- K0729: Knowledge of non-repudiation principles and practices
- K0730: Knowledge of cyber safety principles and practices
- K0731: Knowledge of systems security engineering (SSE) principles and practices
- K0739: Knowledge of mathematics principles and practices
- K0742: Knowledge of identity and access management (IAM) principles and practices
- K0744: Knowledge of operating system (OS) systems and software
- K0745: Knowledge of parallel and distributed computing principles and practices
- K0749: Knowledge of process engineering principles and practices
- K0751: Knowledge of system threats
- K0752: Knowledge of system vulnerabilities
- K0756: Knowledge of security management principles and practices
- K0757: Knowledge of system design tools and techniques
- K0758: Knowledge of server administration principles and practices
- K0759: Knowledge of client and server architecture
- K0765: Knowledge of software engineering principles and practices
- K0772: Knowledge of systems testing and evaluation tools and techniques
- K0773: Knowledge of telecommunications principles and practices
- K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
- K0779: Knowledge of systems engineering processes
- K0791: Knowledge of defense-in-depth principles and practices
- K0835: Knowledge of risk assessment principles and practices
- K0836: Knowledge of threat assessment principles and practices
- K0839: Knowledge of critical infrastructure systems and software
- K0840: Knowledge of hardware reverse engineering tools and techniques
- K0842: Knowledge of software reverse engineering tools and techniques
- K0848: Knowledge of network systems management principles and practices
- K0849: Knowledge of network systems management tools and techniques
- K0851: Knowledge of reverse engineering principles and practices
- K0865: Knowledge of data classification standards and best practices
- K0866: Knowledge of data classification tools and techniques
- K0868: Knowledge of process improvement principles and practices
- K0869: Knowledge of process maturity models and frameworks
- K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
- K0871: Knowledge of enterprise architecture (EA) principles and practices
- K0872: Knowledge of service management principles and practices
- K0873: Knowledge of service management standards and best practices
- K0879: Knowledge of industry cybersecurity models and frameworks
- K0880: Knowledge of access control models and frameworks
- K0883: Knowledge of circuit analysis tools and techniques
- K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
- K0894: Knowledge of computer architecture principles and practices
- K0906: Knowledge of multi-level security (MLS) systems and software
- K0907: Knowledge of cross-domain solutions
- K0915: Knowledge of network architecture principles and practices
- K0921: Knowledge of program protection plan (PPP) principles and practices
- K0927: Knowledge of configuration management tools and techniques
- K0928: Knowledge of systems engineering principles and practices
- K0933: Knowledge of N-tier architecture principles and practices
- K0934: Knowledge of data classification policies and procedures
- K0947: Knowledge of computer engineering principles and practices
- K0948: Knowledge of embedded systems and software
- K0949: Knowledge of fault tolerance tools and techniques
- K0952: Knowledge of information theory principles and practices
- K0983: Knowledge of computer networking principles and practices
- K1014: Knowledge of network security principles and practices
- K1086: Knowledge of design modeling
- K1095: Knowledge of design methods
- K1110: Knowledge of acquisition cybersecurity requirements
- K1111: Knowledge of application security design principles and practices
- K1120: Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices
- K1159: Knowledge of fail-over or alternate site requirements
- K1169: Knowledge of material supportability requirements
- K1191: Knowledge of organizational security posture
- K1194: Knowledge of Personally Identifiable Information (PII) attributes
- K1212: Knowledge of security controls
- K1216: Knowledge of service-oriented security architecture practices and principles
- K1223: Knowledge of system backup requirements
- K1236: Knowledge of user requirements
- S0383: Skill in analyzing an organization's enterprise information technology architecture
- S0420: Skill in integrating multiple technologies
- S0426: Skill in building architectures
- S0427: Skill in building frameworks
- S0465: Skill in identifying critical infrastructure systems
- S0466: Skill in identifying systems designed without security considerations
- S0543: Skill in scanning for vulnerabilities
- S0544: Skill in recognizing vulnerabilities
- S0551: Skill in applying information technologies into proposed solutions
- S0570: Skill in designing the integration of hardware solutions
- S0571: Skill in designing the integration of software solutions
- S0574: Skill in developing security system controls
- S0578: Skill in evaluating security designs
- S0590: Skill in building use cases
- S0597: Skill in writing code in a currently supported programming language
- S0674: Skill in installing system and component upgrades
- S0675: Skill in optimizing system performance
- S0683: Skill in implementing network segregation
- S0686: Skill in performing risk assessments
- S0762: Skill in integrating organization objectives
- S0813: Skill in identifying cybersecurity issues in external connections
- S0814: Skill in identifying privacy issues in partner interconnections
- S0822: Skill in collaborating with stakeholders
- S0853: Skill in performing cybersecurity architecture analysis
- S0880: Skill in performing security architecture analysis
- S0893: Skill in performing user needs analysis
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)