Protection and Defense
PD-WRL-004

Infrastructure Support

Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.

  • T1020: Determine the operational and safety impacts of cybersecurity lapses
  • T1111: Administer rule and signature updates for specialized cyber defense applications
  • T1267: Perform system administration on specialized cyber defense applications and systems
  • T1268: Administer Virtual Private Network (VPN) devices
  • T1352: Coordinate critical cyber defense infrastructure protection measures
  • T1353: Prioritize critical cyber defense infrastructure resources
  • T1432: Build dedicated cyber defense hardware
  • T1433: Install dedicated cyber defense hardware
  • T1442: Assess the impact of implementing and sustaining a dedicated cyber defense infrastructure
  • T1503: Evaluate platforms managed by service providers
  • T1515: Manage network access control lists on specialized cyber defense systems
  • T1555: Implement cyber defense tools
  • T1561: Implement dedicated cyber defense systems
  • T1562: Document system requirements
  • K0674: Knowledge of computer networking protocols
  • K0675: Knowledge of risk management processes
  • K0676: Knowledge of cybersecurity laws and regulations
  • K0677: Knowledge of cybersecurity policies and procedures
  • K0678: Knowledge of privacy laws and regulations
  • K0679: Knowledge of privacy policies and procedures
  • K0680: Knowledge of cybersecurity principles and practices
  • K0681: Knowledge of privacy principles and practices
  • K0682: Knowledge of cybersecurity threats
  • K0683: Knowledge of cybersecurity vulnerabilities
  • K0684: Knowledge of cybersecurity threat characteristics
  • K0685: Knowledge of access control principles and practices
  • K0686: Knowledge of authentication and authorization tools and techniques
  • K0701: Knowledge of data backup and recovery policies and procedures
  • K0710: Knowledge of enterprise cybersecurity architecture principles and practices
  • K0716: Knowledge of host access control (HAC) systems and software
  • K0717: Knowledge of network access control (NAC) systems and software
  • K0724: Knowledge of incident response principles and practices
  • K0725: Knowledge of incident response tools and techniques
  • K0726: Knowledge of incident handling tools and techniques
  • K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
  • K0729: Knowledge of non-repudiation principles and practices
  • K0730: Knowledge of cyber safety principles and practices
  • K0746: Knowledge of policy-based access controls
  • K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
  • K0751: Knowledge of system threats
  • K0752: Knowledge of system vulnerabilities
  • K0770: Knowledge of system administration principles and practices
  • K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
  • K0781: Knowledge of virtual private network (VPN) systems and software
  • K0783: Knowledge of network attack characteristics
  • K0791: Knowledge of defense-in-depth principles and practices
  • K0792: Knowledge of network configurations
  • K0811: Knowledge of web filtering systems and software
  • K0829: Knowledge of account creation policies and procedures
  • K0830: Knowledge of password policies and procedures
  • K0837: Knowledge of hardening tools and techniques
  • K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
  • K0871: Knowledge of enterprise architecture (EA) principles and practices
  • K0881: Knowledge of learning assessment tools and techniques
  • K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
  • K0915: Knowledge of network architecture principles and practices
  • K0925: Knowledge of wireless communication tools and techniques
  • K0926: Knowledge of signal jamming tools and techniques
  • K0950: Knowledge of Intrusion Detection System (IDS) tools and techniques
  • K0951: Knowledge of Intrusion Prevention System (IPS) tools and techniques
  • K0983: Knowledge of computer networking principles and practices
  • K1014: Knowledge of network security principles and practices
  • K1177: Knowledge of NIST Risk Management Framework authorization requirements
  • K1211: Knowledge of security assessment authorization requirements
  • K1237: Knowledge of Virtual Private Network (VPN) devices
  • S0077: Skill in securing network communications
  • S0552: Skill in applying host access controls
  • S0553: Skill in applying network access controls
  • S0592: Skill in tuning network sensors
  • S0593: Skill in handling incidents
  • S0596: Skill in encrypting network communications
  • S0615: Skill in protecting a network against malware
  • S0643: Skill in applying hardening techniques
  • S0645: Skill in troubleshooting cyber defense infrastructure anomalies
  • S0831: Skill in configuring hardware
  • S0898: Skill in testing hardware