Protection and Defense
PD-WRL-004
Infrastructure Support
Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.
- T1020: Determine the operational and safety impacts of cybersecurity lapses
- T1111: Administer rule and signature updates for specialized cyber defense applications
- T1267: Perform system administration on specialized cyber defense applications and systems
- T1268: Administer Virtual Private Network (VPN) devices
- T1352: Coordinate critical cyber defense infrastructure protection measures
- T1353: Prioritize critical cyber defense infrastructure resources
- T1432: Build dedicated cyber defense hardware
- T1433: Install dedicated cyber defense hardware
- T1442: Assess the impact of implementing and sustaining a dedicated cyber defense infrastructure
- T1503: Evaluate platforms managed by service providers
- T1515: Manage network access control lists on specialized cyber defense systems
- T1555: Implement cyber defense tools
- T1561: Implement dedicated cyber defense systems
- T1562: Document system requirements
- K0674: Knowledge of computer networking protocols
- K0675: Knowledge of risk management processes
- K0676: Knowledge of cybersecurity laws and regulations
- K0677: Knowledge of cybersecurity policies and procedures
- K0678: Knowledge of privacy laws and regulations
- K0679: Knowledge of privacy policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0681: Knowledge of privacy principles and practices
- K0682: Knowledge of cybersecurity threats
- K0683: Knowledge of cybersecurity vulnerabilities
- K0684: Knowledge of cybersecurity threat characteristics
- K0685: Knowledge of access control principles and practices
- K0686: Knowledge of authentication and authorization tools and techniques
- K0701: Knowledge of data backup and recovery policies and procedures
- K0710: Knowledge of enterprise cybersecurity architecture principles and practices
- K0716: Knowledge of host access control (HAC) systems and software
- K0717: Knowledge of network access control (NAC) systems and software
- K0724: Knowledge of incident response principles and practices
- K0725: Knowledge of incident response tools and techniques
- K0726: Knowledge of incident handling tools and techniques
- K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
- K0729: Knowledge of non-repudiation principles and practices
- K0730: Knowledge of cyber safety principles and practices
- K0746: Knowledge of policy-based access controls
- K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
- K0751: Knowledge of system threats
- K0752: Knowledge of system vulnerabilities
- K0770: Knowledge of system administration principles and practices
- K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
- K0781: Knowledge of virtual private network (VPN) systems and software
- K0783: Knowledge of network attack characteristics
- K0791: Knowledge of defense-in-depth principles and practices
- K0792: Knowledge of network configurations
- K0811: Knowledge of web filtering systems and software
- K0829: Knowledge of account creation policies and procedures
- K0830: Knowledge of password policies and procedures
- K0837: Knowledge of hardening tools and techniques
- K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
- K0871: Knowledge of enterprise architecture (EA) principles and practices
- K0881: Knowledge of learning assessment tools and techniques
- K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
- K0915: Knowledge of network architecture principles and practices
- K0925: Knowledge of wireless communication tools and techniques
- K0926: Knowledge of signal jamming tools and techniques
- K0950: Knowledge of Intrusion Detection System (IDS) tools and techniques
- K0951: Knowledge of Intrusion Prevention System (IPS) tools and techniques
- K0983: Knowledge of computer networking principles and practices
- K1014: Knowledge of network security principles and practices
- K1177: Knowledge of NIST Risk Management Framework authorization requirements
- K1211: Knowledge of security assessment authorization requirements
- K1237: Knowledge of Virtual Private Network (VPN) devices
- S0077: Skill in securing network communications
- S0552: Skill in applying host access controls
- S0553: Skill in applying network access controls
- S0592: Skill in tuning network sensors
- S0593: Skill in handling incidents
- S0596: Skill in encrypting network communications
- S0615: Skill in protecting a network against malware
- S0643: Skill in applying hardening techniques
- S0645: Skill in troubleshooting cyber defense infrastructure anomalies
- S0831: Skill in configuring hardware
- S0898: Skill in testing hardware
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)