Attention: CISA Learning is now available! If you are an EXTERNAL (non-CISA) user access the new system using this url: CISA Learning. The Federal Virtual Training Environment (FedVTE) has been permanently decommissioned and replaced by CISA Learning. Please reference the CISA Learning page for the latest information. Please note: CISA Users (staff and contractors) should access CISA Learning through the internal site. You should have received an email on December 4, 2024, titled “CISA Learning is LIVE!” with more information.

IO-WRL-005

Systems Administration

Responsible for setting up and maintaining a system or specific components of a system in adherence with organizational security policies and procedures. Includes hardware and software installation, configuration, and updates; user account management; backup and recovery management; and security control implementation.

Task statements

T0431: Check system hardware availability, functionality, integrity, and efficiency
T0531: Troubleshoot hardware/software interface and interoperability problems
T1020: Determine the operational and safety impacts of cybersecurity lapses
T1092: Conduct functional and connectivity testing
T1130: Develop group policies and access control lists
T1140: Develop systems administration standard operating procedures
T1141: Document systems administration standard operating procedures
T1228: Maintain baseline system security
T1275: Determine the effectiveness of data redundancy and system recovery procedures
T1276: Develop data redundancy and system recovery procedures
T1277: Execute data redundancy and system recovery procedures
T1334: Produce cybersecurity instructional materials
T1500: Install systems and servers
T1501: Update systems and servers
T1502: Troubleshoot systems and servers
T1512: Perform periodic system maintenance
T1527: Define baseline system security requirements
T1530: Develop local network usage policies and procedures
T1531: Determine compliance with local network usage policies and procedures
T1569: Administer system and network user accounts
T1570: Establish system and network rights processes and procedures
T1571: Establish systems and equipment access protocols
T1578: Monitor system and server configurations
T1579: Maintain system and server configurations
T1588: Diagnose faulty system and server hardware
T1589: Repair faulty system and server hardware

Knowledge statements

K0064: Knowledge of performance tuning tools and techniques
K0645: Knowledge of standard operating procedures (SOPs)
K0674: Knowledge of computer networking protocols
K0675: Knowledge of risk management processes
K0676: Knowledge of cybersecurity laws and regulations
K0677: Knowledge of cybersecurity policies and procedures
K0678: Knowledge of privacy laws and regulations
K0679: Knowledge of privacy policies and procedures
K0680: Knowledge of cybersecurity principles and practices
K0681: Knowledge of privacy principles and practices
K0682: Knowledge of cybersecurity threats
K0683: Knowledge of cybersecurity vulnerabilities
K0684: Knowledge of cybersecurity threat characteristics
K0685: Knowledge of access control principles and practices
K0686: Knowledge of authentication and authorization tools and techniques
K0710: Knowledge of enterprise cybersecurity architecture principles and practices
K0712: Knowledge of Local Area Networks (LAN)
K0713: Knowledge of Wide Area Networks (WAN)
K0716: Knowledge of host access control (HAC) systems and software
K0717: Knowledge of network access control (NAC) systems and software
K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
K0729: Knowledge of non-repudiation principles and practices
K0730: Knowledge of cyber safety principles and practices
K0731: Knowledge of systems security engineering (SSE) principles and practices
K0736: Knowledge of information technology (IT) security principles and practices
K0737: Knowledge of bandwidth management tools and techniques
K0740: Knowledge of system performance indicators
K0741: Knowledge of system availability measures
K0744: Knowledge of operating system (OS) systems and software
K0746: Knowledge of policy-based access controls
K0747: Knowledge of Risk Adaptive (Adaptable) Access Controls (RAdAC)
K0749: Knowledge of process engineering principles and practices
K0751: Knowledge of system threats
K0752: Knowledge of system vulnerabilities
K0758: Knowledge of server administration principles and practices
K0759: Knowledge of client and server architecture
K0760: Knowledge of server diagnostic tools and techniques
K0761: Knowledge of Fault Detection and Diagnostics (FDD) tools and techniques
K0765: Knowledge of software engineering principles and practices
K0770: Knowledge of system administration principles and practices
K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
K0779: Knowledge of systems engineering processes
K0780: Knowledge of hardware maintenance policies and procedures
K0781: Knowledge of virtual private network (VPN) systems and software
K0791: Knowledge of defense-in-depth principles and practices
K0792: Knowledge of network configurations
K0794: Knowledge of file system implementation principles and practices
K0805: Knowledge of command-line tools and techniques
K0806: Knowledge of machine virtualization tools and techniques
K0829: Knowledge of account creation policies and procedures
K0830: Knowledge of password policies and procedures
K0837: Knowledge of hardening tools and techniques
K0840: Knowledge of hardware reverse engineering tools and techniques
K0842: Knowledge of software reverse engineering tools and techniques
K0851: Knowledge of reverse engineering principles and practices
K0858: Knowledge of virtual machine detection tools and techniques
K0859: Knowledge of encryption tools and techniques
K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
K0871: Knowledge of enterprise architecture (EA) principles and practices
K0877: Knowledge of application firewall principles and practices
K0878: Knowledge of network firewall principles and practices
K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
K0915: Knowledge of network architecture principles and practices
K0917: Knowledge of Personally Identifiable Information (PII) data security standards and best practices
K0918: Knowledge of Payment Card Industry (PCI) data security standards and best practices
K0919: Knowledge of Personal Health Information (PHI) data security standards and best practices
K0925: Knowledge of wireless communication tools and techniques
K0926: Knowledge of signal jamming tools and techniques
K0928: Knowledge of systems engineering principles and practices
K0935: Knowledge of incident, event, and problem management policies and procedures
K0946: Knowledge of incident reporting policies and procedures
K0947: Knowledge of computer engineering principles and practices
K0958: Knowledge of system integration principles and practices
K0983: Knowledge of computer networking principles and practices
K1014: Knowledge of network security principles and practices
K1069: Knowledge of virtual machine tools and technologies
K1072: Knowledge of automated security control testing tools and techniques
K1188: Knowledge of organizational policies and procedures
K1226: Knowledge of systems administration standard operating policies and procedures

Skill statements

S0045: Skill in optimizing database performance
S0111: Skill in interfacing with customers
S0407: Skill in developing standard operating procedures (SOPs)
S0408: Skill in maintaining standard operating procedures (SOPs)
S0430: Skill in collaborating with others
S0438: Skill in functioning effectively in a dynamic, fast-paced environment
S0448: Skill in creating automated security control systems
S0449: Skill in maintaining automated security control systems
S0451: Skill in deploying continuous monitoring technologies
S0472: Skill in developing virtual machines
S0473: Skill in maintaining virtual machines
S0487: Skill in operating IT systems
S0488: Skill in maintaining IT systems
S0561: Skill in configuring software
S0577: Skill in troubleshooting computer networks
S0582: Skill in troubleshooting system performance
S0587: Skill in maintaining directory services
S0593: Skill in handling incidents
S0606: Skill in manipulating operating system components
S0613: Skill in configuring software-based computer protection tools
S0662: Skill in managing servers
S0663: Skill in managing workstations
S0672: Skill in troubleshooting failed system components
S0674: Skill in installing system and component upgrades
S0675: Skill in optimizing system performance
S0677: Skill in recovering failed systems
S0678: Skill in administering operating systems
S0687: Skill in performing administrative planning activities
S0729: Skill in preparing plans
S0741: Skill in administering servers
S0762: Skill in integrating organization objectives
S0844: Skill in managing account access rights

Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)