Implementation and Operation
IO-WRL-005
Systems Administration
Responsible for setting up and maintaining a system or specific components of a system in adherence with organizational security policies and procedures. Includes hardware and software installation, configuration, and updates; user account management; backup and recovery management; and security control implementation.
- T0431: Check system hardware availability, functionality, integrity, and efficiency
- T0531: Troubleshoot hardware/software interface and interoperability problems
- T1020: Determine the operational and safety impacts of cybersecurity lapses
- T1092: Conduct functional and connectivity testing
- T1130: Develop group policies and access control lists
- T1140: Develop systems administration standard operating procedures
- T1141: Document systems administration standard operating procedures
- T1228: Maintain baseline system security
- T1275: Determine the effectiveness of data redundancy and system recovery procedures
- T1276: Develop data redundancy and system recovery procedures
- T1277: Execute data redundancy and system recovery procedures
- T1334: Produce cybersecurity instructional materials
- T1500: Install systems and servers
- T1501: Update systems and servers
- T1502: Troubleshoot systems and servers
- T1512: Perform periodic system maintenance
- T1527: Define baseline system security requirements
- T1530: Develop local network usage policies and procedures
- T1531: Determine compliance with local network usage policies and procedures
- T1569: Administer system and network user accounts
- T1570: Establish system and network rights processes and procedures
- T1571: Establish systems and equipment access protocols
- T1578: Monitor system and server configurations
- T1579: Maintain system and server configurations
- T1588: Diagnose faulty system and server hardware
- T1589: Repair faulty system and server hardware
- K0064: Knowledge of performance tuning tools and techniques
- K0645: Knowledge of standard operating procedures (SOPs)
- K0674: Knowledge of computer networking protocols
- K0675: Knowledge of risk management processes
- K0676: Knowledge of cybersecurity laws and regulations
- K0677: Knowledge of cybersecurity policies and procedures
- K0678: Knowledge of privacy laws and regulations
- K0679: Knowledge of privacy policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0681: Knowledge of privacy principles and practices
- K0682: Knowledge of cybersecurity threats
- K0683: Knowledge of cybersecurity vulnerabilities
- K0684: Knowledge of cybersecurity threat characteristics
- K0685: Knowledge of access control principles and practices
- K0686: Knowledge of authentication and authorization tools and techniques
- K0710: Knowledge of enterprise cybersecurity architecture principles and practices
- K0712: Knowledge of Local Area Networks (LAN)
- K0713: Knowledge of Wide Area Networks (WAN)
- K0716: Knowledge of host access control (HAC) systems and software
- K0717: Knowledge of network access control (NAC) systems and software
- K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
- K0729: Knowledge of non-repudiation principles and practices
- K0730: Knowledge of cyber safety principles and practices
- K0731: Knowledge of systems security engineering (SSE) principles and practices
- K0736: Knowledge of information technology (IT) security principles and practices
- K0737: Knowledge of bandwidth management tools and techniques
- K0740: Knowledge of system performance indicators
- K0741: Knowledge of system availability measures
- K0744: Knowledge of operating system (OS) systems and software
- K0746: Knowledge of policy-based access controls
- K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
- K0749: Knowledge of process engineering principles and practices
- K0751: Knowledge of system threats
- K0752: Knowledge of system vulnerabilities
- K0758: Knowledge of server administration principles and practices
- K0759: Knowledge of client and server architecture
- K0760: Knowledge of server diagnostic tools and techniques
- K0761: Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
- K0765: Knowledge of software engineering principles and practices
- K0770: Knowledge of system administration principles and practices
- K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
- K0779: Knowledge of systems engineering processes
- K0780: Knowledge of hardware maintenance policies and procedures
- K0781: Knowledge of virtual private network (VPN) systems and software
- K0791: Knowledge of defense-in-depth principles and practices
- K0792: Knowledge of network configurations
- K0794: Knowledge of file system implementation principles and practices
- K0805: Knowledge of command-line tools and techniques
- K0806: Knowledge of machine virtualization tools and techniques
- K0829: Knowledge of account creation policies and procedures
- K0830: Knowledge of password policies and procedures
- K0837: Knowledge of hardening tools and techniques
- K0840: Knowledge of hardware reverse engineering tools and techniques
- K0842: Knowledge of software reverse engineering tools and techniques
- K0851: Knowledge of reverse engineering principles and practices
- K0858: Knowledge of virtual machine detection tools and techniques
- K0859: Knowledge of encryption tools and techniques
- K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
- K0871: Knowledge of enterprise architecture (EA) principles and practices
- K0877: Knowledge of application firewall principles and practices
- K0878: Knowledge of network firewall principles and practices
- K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
- K0915: Knowledge of network architecture principles and practices
- K0917: Knowledge of Personally Identifiable Information (PII) data security standards and best practices
- K0918: Knowledge of Payment Card Industry (PCI) data security standards and best practices
- K0919: Knowledge of Personal Health Information (PHI) data security standards and best practices
- K0925: Knowledge of wireless communication tools and techniques
- K0926: Knowledge of signal jamming tools and techniques
- K0928: Knowledge of systems engineering principles and practices
- K0935: Knowledge of incident, event, and problem management policies and procedures
- K0946: Knowledge of incident reporting policies and procedures
- K0947: Knowledge of computer engineering principles and practices
- K0958: Knowledge of system integration principles and practices
- K0983: Knowledge of computer networking principles and practices
- K1014: Knowledge of network security principles and practices
- K1069: Knowledge of virtual machine tools and technologies
- K1072: Knowledge of automated security control testing tools and techniques
- K1188: Knowledge of organizational policies and procedures
- K1226: Knowledge of systems administration standard operating policies and procedures
- S0045: Skill in optimizing database performance
- S0111: Skill in interfacing with customers
- S0407: Skill in developing standard operating procedures (SOPs)
- S0408: Skill in maintaining standard operating procedures (SOPs)
- S0430: Skill in collaborating with others
- S0438: Skill in functioning effectively in a dynamic, fast-paced environment
- S0448: Skill in creating automated security control systems
- S0449: Skill in maintaining automated security control systems
- S0451: Skill in deploying continuous monitoring technologies
- S0472: Skill in developing virtual machines
- S0473: Skill in maintaining virtual machines
- S0487: Skill in operating IT systems
- S0488: Skill in maintaining IT systems
- S0561: Skill in configuring software
- S0577: Skill in troubleshooting computer networks
- S0582: Skill in troubleshooting system performance
- S0587: Skill in maintaining directory services
- S0593: Skill in handling incidents
- S0606: Skill in manipulating operating system components
- S0613: Skill in configuring software-based computer protection tools
- S0662: Skill in managing servers
- S0663: Skill in managing workstations
- S0672: Skill in troubleshooting failed system components
- S0674: Skill in installing system and component upgrades
- S0675: Skill in optimizing system performance
- S0677: Skill in recovering failed systems
- S0678: Skill in administering operating systems
- S0687: Skill in performing administrative planning activities
- S0729: Skill in preparing plans
- S0741: Skill in administering servers
- S0762: Skill in integrating organization objectives
- S0844: Skill in managing account access rights
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)