Cyberspace Effects
CE-WRL-003

Exploitation Analysis

Responsible for identifying access and intelligence collection gaps that can be satisfied through cyber collection and/or preparation activities. Leverages all authorized resources and analytic techniques to penetrate targeted networks.

  • T0591: Perform analysis for target infrastructure exploitation activities
  • T0775: Produce network reconstructions
  • T1012: Expand network access
  • T1013: Conduct technical exploitation of a target
  • T1020: Determine the operational and safety impacts of cybersecurity lapses
  • T1023: Identify critical technology procurement requirements
  • T1026: Determine procurement requirements
  • T1031: Implement intelligence collection requirements
  • T1077: Assess the organization's cybersecurity architecture
  • T1091: Perform authorized penetration testing on enterprise network assets
  • T1096: Perform privacy impact assessments (PIAs)
  • T1107: Evaluate functional requirements
  • T1211: Track targets
  • T1359: Perform penetration testing
  • T1519: Design system security measures
  • T1520: Update system security measures
  • T1563: Implement system security measures
  • T1635: Access targeted networks
  • T1663: Identify potential avenues of access in digital technologies
  • T1667: Conduct independent in-depth target and technical analysis
  • T1677: Develop intelligence collection plans
  • T1689: Create comprehensive exploitation strategies
  • T1690: Identify exploitable technical or operational vulnerabilities
  • T1736: Communicate tool requirements to developers
  • T1745: Identify gaps in understanding of target technology
  • T1751: Locate targets
  • T1757: Coordinate exploitation operations
  • T1758: Determine potential implications of new and emerging hardware and software technologies
  • T1772: Identify indications and warnings of target communication changes or processing failures
  • T1785: Profile network administrators and their activities
  • K0470: Knowledge of Internet and routing protocols
  • K0551: Knowledge of targeting cycles
  • K0655: Knowledge of intelligence fusion
  • K0674: Knowledge of computer networking protocols
  • K0675: Knowledge of risk management processes
  • K0676: Knowledge of cybersecurity laws and regulations
  • K0677: Knowledge of cybersecurity policies and procedures
  • K0678: Knowledge of privacy laws and regulations
  • K0679: Knowledge of privacy policies and procedures
  • K0680: Knowledge of cybersecurity principles and practices
  • K0681: Knowledge of privacy principles and practices
  • K0682: Knowledge of cybersecurity threats
  • K0683: Knowledge of cybersecurity vulnerabilities
  • K0684: Knowledge of cybersecurity threat characteristics
  • K0689: Knowledge of network infrastructure principles and practices
  • K0690: Knowledge of requirements analysis principles and practices
  • K0691: Knowledge of cyber defense tools and techniques
  • K0692: Knowledge of vulnerability assessment tools and techniques
  • K0695: Knowledge of programming principles and practices
  • K0710: Knowledge of enterprise cybersecurity architecture principles and practices
  • K0716: Knowledge of host access control (HAC) systems and software
  • K0717: Knowledge of network access control (NAC) systems and software
  • K0718: Knowledge of network communications principles and practices
  • K0721: Knowledge of risk management principles and practices
  • K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
  • K0729: Knowledge of non-repudiation principles and practices
  • K0730: Knowledge of cyber safety principles and practices
  • K0732: Knowledge of intrusion detection tools and techniques
  • K0734: Knowledge of Risk Management Framework (RMF) requirements
  • K0735: Knowledge of risk management models and frameworks
  • K0744: Knowledge of operating system (OS) systems and software
  • K0751: Knowledge of system threats
  • K0752: Knowledge of system vulnerabilities
  • K0759: Knowledge of client and server architecture
  • K0766: Knowledge of data asset management principles and practices
  • K0770: Knowledge of system administration principles and practices
  • K0773: Knowledge of telecommunications principles and practices
  • K0786: Knowledge of physical computer components
  • K0787: Knowledge of computer peripherals
  • K0791: Knowledge of defense-in-depth principles and practices
  • K0792: Knowledge of network configurations
  • K0807: Knowledge of web mail tools and techniques
  • K0812: Knowledge of digital communication systems and software
  • K0815: Knowledge of intelligence collection management processes
  • K0816: Knowledge of front-end intelligence collection systems and software
  • K0828: Knowledge of supply chain risk management standards and best practices
  • K0834: Knowledge of technology procurement principles and practices
  • K0837: Knowledge of hardening tools and techniques
  • K0838: Knowledge of supply chain risk management policies and procedures
  • K0844: Knowledge of cyber attack stages
  • K0845: Knowledge of cyber intrusion activity phases
  • K0860: Knowledge of malware signature principles and practices
  • K0915: Knowledge of network architecture principles and practices
  • K0920: Knowledge of risk management policies and procedures
  • K0923: Knowledge of operating system structures and internals
  • K0960: Knowledge of content management system (CMS) capabilities and applications
  • K0962: Knowledge of targeting laws and regulations
  • K0963: Knowledge of exploitation laws and regulations
  • K0969: Knowledge of cyber-attack tools and techniques
  • K0973: Knowledge of system persistence tools and techniques
  • K0974: Knowledge of intelligence collection development processes
  • K0977: Knowledge of intelligence collection management tools and techniques
  • K0979: Knowledge of information searching tools and techniques
  • K0980: Knowledge of intelligence collection sources
  • K0983: Knowledge of computer networking principles and practices
  • K0984: Knowledge of web security principles and practices
  • K0986: Knowledge of target selection criticality factors
  • K0987: Knowledge of target selection vulnerability factors
  • K1000: Knowledge of evasion principles and practices
  • K1001: Knowledge of evasion tools and techniques
  • K1004: Knowledge of reporting policies and procedures
  • K1011: Knowledge of network addressing principles and practices
  • K1013: Knowledge of midpoint collection principles and practices
  • K1014: Knowledge of network security principles and practices
  • K1015: Knowledge of network topology principles and practices
  • K1024: Knowledge of partnership policies and procedures
  • K1033: Knowledge of scripting principles and practices
  • K1035: Knowledge of target research tools and techniques
  • K1041: Knowledge of target intelligence gathering tools and techniques
  • K1042: Knowledge of target selection policies and procedures
  • K1046: Knowledge of terminal collection
  • K1047: Knowledge of environmental collection
  • K1100: Knowledge of analytical tools and techniques
  • K1101: Knowledge of analytics
  • K1105: Knowledge of non-attributable networks
  • K1108: Knowledge of traceroute tools and techniques
  • K1187: Knowledge of organizational objectives
  • K1221: Knowledge of supply chain risk management practices
  • K1231: Knowledge of target requirements
  • S0066: Skill in identifying gaps in technical capabilities
  • S0156: Skill in performing packet-level analysis
  • S0214: Skill in evaluating accesses for intelligence value
  • S0221: Skill in extracting information from packet captures
  • S0248: Skill in performing target system analysis
  • S0385: Skill in communicating complex concepts
  • S0430: Skill in collaborating with others
  • S0433: Skill in creating analytics
  • S0434: Skill in extrapolating from incomplete data sets
  • S0435: Skill in analyzing large data sets
  • S0436: Skill in creating target intelligence products
  • S0437: Skill in identifying targets of interest
  • S0440: Skill in identifying target vulnerabilities
  • S0441: Skill in describing target vulnerabilities
  • S0497: Skill in developing client organization profiles
  • S0499: Skill in performing intelligence collection analysis
  • S0503: Skill in selecting targets
  • S0504: Skill in identifying vulnerabilities
  • S0505: Skill in performing intrusion data analysis
  • S0507: Skill in collecting terminal or environment data
  • S0509: Skill in evaluating security products
  • S0512: Skill in extracting metadata
  • S0515: Skill in identifying partner capabilities
  • S0543: Skill in scanning for vulnerabilities
  • S0544: Skill in recognizing vulnerabilities
  • S0555: Skill in performing capabilities analysis
  • S0556: Skill in performing requirements analysis
  • S0558: Skill in developing algorithms
  • S0559: Skill in performing data structure analysis
  • S0566: Skill in developing signatures
  • S0567: Skill in deploying signatures
  • S0579: Skill in preparing reports
  • S0584: Skill in configuring network devices
  • S0585: Skill in installing network devices
  • S0600: Skill in collecting relevant data from a variety of sources
  • S0673: Skill in translating operational requirements into security controls
  • S0690: Skill in performing midpoint collection data analysis
  • S0698: Skill in creating intelligence collection requirements
  • S0699: Skill in creating plans in support of remote operations
  • S0703: Skill in depicting data on a network map
  • S0704: Skill in performing target analysis
  • S0709: Skill in developing analytics
  • S0712: Skill in evaluating data source quality
  • S0715: Skill in generating operation plans
  • S0723: Skill in interpreting vulnerability scanner results
  • S0725: Skill in performing network visualization
  • S0727: Skill in performing data fusion
  • S0732: Skill in recognizing malicious network activity in traffic
  • S0733: Skill in interpreting malicious network activity in traffic
  • S0736: Skill in researching software vulnerabilities
  • S0737: Skill in researching software exploits
  • S0749: Skill in determining relevant information
  • S0752: Skill in evading network detection
  • S0755: Skill in reconstructing a network
  • S0758: Skill in performing wireless network analysis
  • S0759: Skill in identifying requirements
  • S0791: Skill in presenting to an audience
  • S0824: Skill in communicating with customers
  • S0854: Skill in performing data analysis
  • S0862: Skill in performing geospatial analysis
  • S0864: Skill in performing intercept related information (IRI) analysis
  • S0869: Skill in performing metadata analysis
  • S0874: Skill in performing network traffic analysis