Design and Development
DD-WRL-007
Systems Testing and Evaluation
Responsible for planning, preparing, and executing system tests; evaluating test results against specifications and requirements; and reporting test results and findings.
- T0080: Develop test plans to address specifications and requirements
- T0274: Create auditable evidence of security measures
- T0512: Perform interoperability testing on systems exchanging electronic information with other systems
- T0513: Perform operational testing
- T1020: Determine the operational and safety impacts of cybersecurity lapses
- T1049: Determine appropriate level of test rigor for a given system
- T1136: Determine level of assurance of developed capabilities
- T1138: Create system testing and validation procedures and documentation
- T1208: Implement new system design procedures
- T1209: Implement new system test procedures
- T1210: Implement new system quality standards
- T1214: Install network infrastructure device operating system software
- T1215: Maintain network infrastructure device operating system software
- T1255: Perform cybersecurity testing of developed applications and systems
- T1346: Determine if system requirements are adequately demonstrated in data samples
- T1484: Establish testing specifications and requirements
- T1506: Analyze software and hardware testing results
- T1587: Perform cybersecurity testing on systems in development
- T1610: Determine if hardware and software complies with defined specifications and requirements
- T1611: Record test data
- T1612: Manage test data
- T1829: Evaluate locally developed tools
- K0068: Knowledge of programming language structures and logic
- K0674: Knowledge of computer networking protocols
- K0675: Knowledge of risk management processes
- K0676: Knowledge of cybersecurity laws and regulations
- K0677: Knowledge of cybersecurity policies and procedures
- K0678: Knowledge of privacy laws and regulations
- K0679: Knowledge of privacy policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0681: Knowledge of privacy principles and practices
- K0682: Knowledge of cybersecurity threats
- K0683: Knowledge of cybersecurity vulnerabilities
- K0684: Knowledge of cybersecurity threat characteristics
- K0685: Knowledge of access control principles and practices
- K0686: Knowledge of authentication and authorization tools and techniques
- K0710: Knowledge of enterprise cybersecurity architecture principles and practices
- K0711: Knowledge of evaluation and validation principles and practices
- K0720: Knowledge of Security Assessment and Authorization (SA&A) processes
- K0721: Knowledge of risk management principles and practices
- K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
- K0729: Knowledge of non-repudiation principles and practices
- K0730: Knowledge of cyber safety principles and practices
- K0731: Knowledge of systems security engineering (SSE) principles and practices
- K0749: Knowledge of process engineering principles and practices
- K0751: Knowledge of system threats
- K0752: Knowledge of system vulnerabilities
- K0758: Knowledge of server administration principles and practices
- K0765: Knowledge of software engineering principles and practices
- K0770: Knowledge of system administration principles and practices
- K0772: Knowledge of systems testing and evaluation tools and techniques
- K0778: Knowledge of enterprise information technology (IT) architecture principles and practices
- K0779: Knowledge of systems engineering processes
- K0791: Knowledge of defense-in-depth principles and practices
- K0803: Knowledge of supply chain risk management principles and practices
- K0813: Knowledge of interpreted and compiled programming language characteristics
- K0820: Knowledge of supply chain risks
- K0828: Knowledge of supply chain risk management standards and best practices
- K0837: Knowledge of hardening tools and techniques
- K0838: Knowledge of supply chain risk management policies and procedures
- K0839: Knowledge of critical infrastructure systems and software
- K0840: Knowledge of hardware reverse engineering tools and techniques
- K0842: Knowledge of software reverse engineering tools and techniques
- K0851: Knowledge of reverse engineering principles and practices
- K0865: Knowledge of data classification standards and best practices
- K0866: Knowledge of data classification tools and techniques
- K0870: Knowledge of enterprise architecture (EA) reference models and frameworks
- K0871: Knowledge of enterprise architecture (EA) principles and practices
- K0879: Knowledge of industry cybersecurity models and frameworks
- K0880: Knowledge of access control models and frameworks
- K0881: Knowledge of learning assessment tools and techniques
- K0891: Knowledge of the Open Systems Interconnect (OSI) reference model
- K0915: Knowledge of network architecture principles and practices
- K0917: Knowledge of Personally Identifiable Information (PII) data security standards and best practices
- K0918: Knowledge of Payment Card Industry (PCI) data security standards and best practices
- K0919: Knowledge of Personal Health Information (PHI) data security standards and best practices
- K0928: Knowledge of systems engineering principles and practices
- K0934: Knowledge of data classification policies and procedures
- K0947: Knowledge of computer engineering principles and practices
- K0983: Knowledge of computer networking principles and practices
- K1014: Knowledge of network security principles and practices
- K1100: Knowledge of analytical tools and techniques
- S0015: Skill in conducting test events
- S0048: Skill in systems integration testing
- S0401: Skill in collecting data
- S0402: Skill in verifying data
- S0403: Skill in validating data
- S0409: Skill in deriving evaluative conclusions from data
- S0558: Skill in developing algorithms
- S0559: Skill in performing data structure analysis
- S0568: Skill in designing data analysis structures
- S0573: Skill in developing testing scenarios
- S0579: Skill in preparing reports
- S0597: Skill in writing code in a currently supported programming language
- S0598: Skill in creating test plans
- S0630: Skill in conducting Test Readiness Reviews (TRR)
- S0632: Skill in designing Test and Evaluation Strategies (TES)
- S0634: Skill in identifying Test and Evaluation Strategies (TES) infrastructure requirements
- S0635: Skill in managing test assets
- S0639: Skill in providing test and evaluation resource estimates
- S0791: Skill in presenting to an audience
- S0842: Skill in interpreting test results
- S0889: Skill in performing test result analysis
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)