K0070

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Related NICE Work Roles 13

Code	Name	Knowledge	Skills	Abilities	Tasks
SP-RSK-001 [611]	Authorizing Official/Designating Representative	39	2	11	4
SP-RSK-002 [612]	Security Control Assessor	53	68	49	21
SP-DEV-001 [621]	Software Developer	44	14	5	34
SP-DEV-002 [622]	Secure Software Assessor	44	10	3	25
OV-MGT-001 [722]	Information Systems Security Manager	53	3	3	53
OV-SPP-002 [752]	Cyber Policy and Strategy Planner	17	2	3	19
OV-EXL-001 [901]	Executive Cyber Leadership	14	5	12	29
PR-CDA-001 [511]	Cyber Defense Analyst	70	15	6	34
PR-CIR-001 [531]	Cyber Defense Incident Responder	30	8	2	17
PR-VAM-001 [541]	Vulnerability Assessment Analyst	35	12	4	8
IN-INV-001 [221]	Cyber Crime Investigator	25	4	2	24
IN-FOR-001 [211]	Law Enforcement /CounterIntelligence Forensics Analyst	42	19	2	10
IN-FOR-002 [212]	Cyber Defense Forensics Analyst	46	22	2	39