DD-WRL-002

Enterprise Architecture

Responsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.

Tasks

T0084: Employ secure configuration management processes
T0542: Translate proposed capabilities into technical requirements
T1010: Communicate enterprise information technology architecture
T1019: Determine special needs of cyber-physical systems
T1020: Determine the operational and safety impacts of cybersecurity lapses
T1027: Integrate organizational goals and objectives into security architecture
T1077: Assess the organization's cybersecurity architecture
T1096: Perform privacy impact assessments (PIAs)
T1100: Configure network hubs, routers, and switches
T1101: Optimize network hubs, routers, and switches
T1122: Determine essential system capabilities and business functions
T1123: Prioritize essential system capabilities and business functions
T1124: Restore essential system capabilities and business functions after catastrophic failure events
T1125: Define system availability levels
T1126: Determine disaster recovery and continuity of operations system requirements
T1179: Determine if systems and architecture are consistent with cybersecurity architecture guidelines
T1294: Advise on Risk Management Framework process activities and documentation
T1363: Plan system security development
T1364: Conduct system security development
T1403: Allocate cybersecurity services
T1404: Select cybersecurity mechanisms
T1410: Develop system security contexts
T1423: Create system security concept of operations (ConOps) documents
T1426: Determine cybersecurity design and architecture effectiveness
T1429: Prepare trend analysis reports
T1434: Create cybersecurity architecture functional specifications
T1507: Determine user requirements
T1508: Plan cybersecurity architecture
T1519: Design system security measures
T1520: Update system security measures
T1521: Develop enterprise architecture
T1527: Define baseline system security requirements
T1544: Create definition activity documentation
T1545: Create architecture activity documentation
T1563: Implement system security measures
T1583: Determine effectiveness of system implementation and testing processes
T1591: Address security architecture gaps
T1597: Plan implementation strategies
T1598: Assess the integration and alignment capabilities of enterprise components
T1606: Prepare impact reports
T1626: Determine impact of new systems and system interfaces on current and target environments

Knowledges

K0646: Knowledge of system optimization techniques
K0674: Knowledge of computer networking protocols
K0675: Knowledge of risk management processes
K0676: Knowledge of cybersecurity laws and regulations
K0677: Knowledge of cybersecurity policies and procedures
K0678: Knowledge of privacy laws and regulations
K0679: Knowledge of privacy policies and procedures
K0680: Knowledge of cybersecurity principles and practices
K0681: Knowledge of privacy principles and practices
K0682: Knowledge of cybersecurity threats
K0683: Knowledge of cybersecurity vulnerabilities
K0684: Knowledge of cybersecurity threat characteristics
K0685: Knowledge of access control principles and practices
K0686: Knowledge of authentication and authorization tools and techniques
K0707: Knowledge of database systems and software
K0710: Knowledge of enterprise cybersecurity architecture principles and practices
K0711: Knowledge of evaluation and validation principles and practices
K0714: Knowledge of electrical engineering principles and practices
K0720: Knowledge of Security Assessment and Authorization (SA&A) processes
K0727: Knowledge of analysis standards and best practices
K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
K0729: Knowledge of non-repudiation principles and practices
K0730: Knowledge of cyber safety principles and practices
K0731: Knowledge of systems security engineering (SSE) principles and practices
K0739: Knowledge of mathematics principles and practices
K0742: Knowledge of identity and access management (IAM) principles and practices
K0744: Knowledge of operating system (OS) systems and software
K0745: Knowledge of parallel and distributed computing principles and practices
K0749: Knowledge of process engineering principles and practices
K0751: Knowledge of system threats
K0752: Knowledge of system vulnerabilities
K0756: Knowledge of security management principles and practices
K0757: Knowledge of system design tools and techniques
K0758: Knowledge of server administration principles and practices
K0759: Knowledge of client and server architecture
K0765: Knowledge of software engineering principles and practices
K0772: Knowledge of systems testing and evaluation tools and techniques
K0773: Knowledge of telecommunications principles and practices
K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
K0779: Knowledge of systems engineering processes
K0791: Knowledge of defense-in-depth principles and practices
K0835: Knowledge of risk assessment principles and practices
K0836: Knowledge of threat assessment principles and practices
K0839: Knowledge of critical infrastructure systems and software
K0840: Knowledge of hardware reverse engineering tools and techniques
K0842: Knowledge of software reverse engineering tools and techniques
K0848: Knowledge of network systems management principles and practices
K0849: Knowledge of network systems management tools and techniques
K0851: Knowledge of reverse engineering principles and practices
K0865: Knowledge of data classification standards and best practices
K0866: Knowledge of data classification tools and techniques
K0868: Knowledge of process improvement principles and practices
K0869: Knowledge of process maturity models and frameworks
K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
K0871: Knowledge of enterprise architecture (EA) principles and practices
K0872: Knowledge of service management principles and practices
K0873: Knowledge of service management standards and best practices
K0879: Knowledge of industry cybersecurity models and frameworks
K0880: Knowledge of access control models and frameworks
K0883: Knowledge of circuit analysis tools and techniques
K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
K0894: Knowledge of computer architecture principles and practices
K0906: Knowledge of multi-level security (MLS) systems and software
K0907: Knowledge of cross-domain solutions
K0915: Knowledge of network architecture principles and practices
K0921: Knowledge of program protection plan (PPP) principles and practices
K0927: Knowledge of configuration management tools and techniques
K0928: Knowledge of systems engineering principles and practices
K0933: Knowledge of N-tier architecture principles and practices
K0934: Knowledge of data classification policies and procedures
K0947: Knowledge of computer engineering principles and practices
K0948: Knowledge of embedded systems and software
K0949: Knowledge of fault tolerance tools and techniques
K0952: Knowledge of information theory principles and practices
K0983: Knowledge of computer networking principles and practices
K1014: Knowledge of network security principles and practices
K1086: Knowledge of design modeling
K1095: Knowledge of design methods
K1110: Knowledge of acquisition cybersecurity requirements
K1111: Knowledge of application security design principles and practices
K1120: Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices
K1159: Knowledge of fail-over or alternate site requirements
K1169: Knowledge of material supportability requirements
K1191: Knowledge of organizational security posture
K1194: Knowledge of Personally Identifiable Information (PII) attributes
K1212: Knowledge of security controls
K1216: Knowledge of service-oriented security architecture practices and principles
K1223: Knowledge of system backup requirements
K1236: Knowledge of user requirements

Skills

S0383: Skill in analyzing an organization's enterprise information technology architecture
S0420: Skill in integrating multiple technologies
S0426: Skill in building architectures
S0427: Skill in building frameworks
S0465: Skill in identifying critical infrastructure systems
S0466: Skill in identifying systems designed without security considerations
S0543: Skill in scanning for vulnerabilities
S0544: Skill in recognizing vulnerabilities
S0551: Skill in applying information technologies into proposed solutions
S0570: Skill in designing the integration of hardware solutions
S0571: Skill in designing the integration of software solutions
S0574: Skill in developing security system controls
S0578: Skill in evaluating security designs
S0590: Skill in building use cases
S0597: Skill in writing code in a currently supported programming language
S0674: Skill in installing system and component upgrades
S0675: Skill in optimizing system performance
S0683: Skill in implementing network segregation
S0686: Skill in performing risk assessments
S0762: Skill in integrating organization objectives
S0813: Skill in identifying cybersecurity issues in external connections
S0814: Skill in identifying privacy issues in partner interconnections
S0822: Skill in collaborating with stakeholders
S0853: Skill in performing cybersecurity architecture analysis
S0880: Skill in performing security architecture analysis
S0893: Skill in performing user needs analysis

Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)