Attention: CISA Learning is now available for External Users! The Federal Virtual Training Environment (FedVTE) has been permanently decommissioned and replaced by CISA Learning. Please reference the CISA Learning page for the latest information. Please note: CISA Users should wait to access CISA Learning until the system is ready for internal use in the coming days.

IO-WRL-004

Network Operations

Responsible for planning, implementing, and operating network services and systems, including hardware and virtual environments.

Task statements

T0081: Diagnose network connectivity problems
T0126: Install or replace network hubs, routers, and switches
T0129: Integrate new systems into existing network architecture
T0153: Monitor network capacity and performance
T1020: Determine the operational and safety impacts of cybersecurity lapses
T1050: Improve network security practices
T1100: Configure network hubs, routers, and switches
T1101: Optimize network hubs, routers, and switches
T1143: Develop network backup and recovery procedures
T1144: Implement network backup and recovery procedures
T1208: Implement new system design procedures
T1209: Implement new system test procedures
T1210: Implement new system quality standards
T1214: Install network infrastructure device operating system software
T1215: Maintain network infrastructure device operating system software
T1248: Patch network vulnerabilities
T1313: Test network infrastructure, including software and hardware devices
T1314: Maintain network infrastructure, including software and hardware devices

Knowledge statements

K0159: Knowledge of Voice over IP (VoIP)
K0674: Knowledge of computer networking protocols
K0675: Knowledge of risk management processes
K0676: Knowledge of cybersecurity laws and regulations
K0677: Knowledge of cybersecurity policies and procedures
K0678: Knowledge of privacy laws and regulations
K0679: Knowledge of privacy policies and procedures
K0680: Knowledge of cybersecurity principles and practices
K0681: Knowledge of privacy principles and practices
K0682: Knowledge of cybersecurity threats
K0683: Knowledge of cybersecurity vulnerabilities
K0684: Knowledge of cybersecurity threat characteristics
K0685: Knowledge of access control principles and practices
K0686: Knowledge of authentication and authorization tools and techniques
K0689: Knowledge of network infrastructure principles and practices
K0710: Knowledge of enterprise cybersecurity architecture principles and practices
K0712: Knowledge of Local Area Networks (LAN)
K0713: Knowledge of Wide Area Networks (WAN)
K0718: Knowledge of network communications principles and practices
K0721: Knowledge of risk management principles and practices
K0731: Knowledge of systems security engineering (SSE) principles and practices
K0736: Knowledge of information technology (IT) security principles and practices
K0737: Knowledge of bandwidth management tools and techniques
K0740: Knowledge of system performance indicators
K0741: Knowledge of system availability measures
K0746: Knowledge of policy-based access controls
K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
K0749: Knowledge of process engineering principles and practices
K0751: Knowledge of system threats
K0752: Knowledge of system vulnerabilities
K0753: Knowledge of remote access principles and practices
K0758: Knowledge of server administration principles and practices
K0765: Knowledge of software engineering principles and practices
K0770: Knowledge of system administration principles and practices
K0773: Knowledge of telecommunications principles and practices
K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
K0779: Knowledge of systems engineering processes
K0781: Knowledge of virtual private network (VPN) systems and software
K0783: Knowledge of network attack characteristics
K0791: Knowledge of defense-in-depth principles and practices
K0792: Knowledge of network configurations
K0805: Knowledge of command-line tools and techniques
K0811: Knowledge of web filtering systems and software
K0812: Knowledge of digital communication systems and software
K0831: Knowledge of network attack vectors
K0837: Knowledge of hardening tools and techniques
K0840: Knowledge of hardware reverse engineering tools and techniques
K0842: Knowledge of software reverse engineering tools and techniques
K0848: Knowledge of network systems management principles and practices
K0849: Knowledge of network systems management tools and techniques
K0851: Knowledge of reverse engineering principles and practices
K0859: Knowledge of encryption tools and techniques
K0865: Knowledge of data classification standards and best practices
K0866: Knowledge of data classification tools and techniques
K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
K0871: Knowledge of enterprise architecture (EA) principles and practices
K0872: Knowledge of service management principles and practices
K0873: Knowledge of service management standards and best practices
K0874: Knowledge of key management service (KMS) principles and practices
K0875: Knowledge of symmetric encryption principles and practices
K0876: Knowledge of key management service (KMS) key rotation policies and procedures
K0877: Knowledge of application firewall principles and practices
K0878: Knowledge of network firewall principles and practices
K0879: Knowledge of industry cybersecurity models and frameworks
K0880: Knowledge of access control models and frameworks
K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
K0915: Knowledge of network architecture principles and practices
K0917: Knowledge of Personally Identifiable Information (PII) data security standards and best practices
K0918: Knowledge of Payment Card Industry (PCI) data security standards and best practices
K0919: Knowledge of Personal Health Information (PHI) data security standards and best practices
K0923: Knowledge of operating system structures and internals
K0925: Knowledge of wireless communication tools and techniques
K0926: Knowledge of signal jamming tools and techniques
K0928: Knowledge of systems engineering principles and practices
K0934: Knowledge of data classification policies and procedures
K0936: Knowledge of network hardware threats and vulnerabilities
K0947: Knowledge of computer engineering principles and practices
K0983: Knowledge of computer networking principles and practices
K1014: Knowledge of network security principles and practices
K1032: Knowledge of satellite-based communication systems and software
K1077: Knowledge of data security controls
K1084: Knowledge of data privacy controls
K1108: Knowledge of traceroute tools and techniques

Skill statements

S0035: Skill in establishing a routing schema
S0077: Skill in securing network communications
S0421: Skill in operating network equipment
S0424: Skill in executing command line tools
S0425: Skill in operating network systems
S0451: Skill in deploying continuous monitoring technologies
S0575: Skill in developing network infrastructure contingency and recovery plans
S0576: Skill in testing network infrastructure contingency and recovery plans
S0582: Skill in troubleshooting system performance
S0583: Skill in implementing established network security practices
S0584: Skill in configuring network devices
S0585: Skill in installing network devices
S0615: Skill in protecting a network against malware
S0618: Skill in configuring network protection components
S0671: Skill in implementing network infrastructure contingency and recovery plans
S0675: Skill in optimizing system performance
S0682: Skill in applying subnet techniques
S0685: Skill in configuring computer protection components
S0722: Skill in interpreting traceroute results
S0755: Skill in reconstructing a network
S0815: Skill in troubleshooting network equipment

Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)