|
S0001
|
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. |
6 |
|
S0002
|
Skill in allocating storage capacity in the design of data management systems. |
1 |
|
S0003
|
Skill of identifying, capturing, containing, and reporting malware. |
1 |
|
S0004
|
Skill in analyzing network traffic capacity and performance characteristics. |
2 |
|
S0005
|
Skill in applying and incorporating information technologies into proposed solutions. |
4 |
|
S0006
|
Skill in applying confidentiality, integrity, and availability principles. |
3 |
|
S0007
|
Skill in applying host/network access controls (e.g., access control list). |
1 |
|
S0008
|
Skill in applying organization-specific systems analysis principles and techniques. |
1 |
|
S0009
|
WITHDRAWN: Skill in assessing the robustness of security systems and designs. (See S0027) |
1 |
|
S0010
|
Skill in conducting capabilities and requirements analysis. |
1 |
|
S0011
|
Skill in conducting information searches. |
1 |
|
S0012
|
Skill in conducting knowledge mapping (e.g., map of knowledge repositories). |
1 |
|
S0013
|
Skill in conducting queries and developing algorithms to analyze data structures. |
2 |
|
S0014
|
Skill in conducting software debugging. |
1 |
|
S0015
|
Skill in conducting test events. |
1 |
|
S0016
|
Skill in configuring and optimizing software. |
1 |
|
S0017
|
Skill in creating and utilizing mathematical or statistical models. |
3 |
|
S0018
|
Skill in creating policies that reflect system security objectives. |
3 |
|
S0019
|
Skill in creating programs that validate and process multiple inputs including command line arguments, environmental variables, and input streams. |
1 |
|
S0020
|
Skill in developing and deploying signatures. |
1 |
|
S0021
|
Skill in designing a data analysis structure (i.e., the types of data a test must generate and how to analyze that data). |
1 |
|
S0022
|
Skill in designing countermeasures to identified security risks. |
5 |
|
S0023
|
Skill in designing security controls based on cybersecurity principles and tenets. |
2 |
|
S0024
|
Skill in designing the integration of hardware and software solutions. |
5 |
|
S0025
|
Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort). |
3 |
|
S0026
|
Skill in determining an appropriate level of test rigor for a given system. |
1 |
|
S0027
|
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
7 |
|
S0028
|
Skill in developing data dictionaries. |
1 |
|
S0029
|
Skill in developing data models. |
1 |
|
S0030
|
Skill in developing operations-based testing scenarios. |
1 |
|
S0031
|
Skill in developing and applying security system access controls. |
5 |
|
S0032
|
Skill in developing, testing, and implementing network infrastructure contingency and recovery plans. |
2 |
|
S0033
|
Skill in diagnosing connectivity problems. |
1 |
|
S0034
|
Skill in discerning the protection needs (i.e., security controls) of information systems and networks. |
6 |
|
S0035
|
Skill in establishing a routing schema. |
1 |
|
S0036
|
Skill in evaluating the adequacy of security designs. |
4 |
|
S0037
|
Skill in generating queries and reports. |
2 |
|
S0038
|
Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system. |
5 |
|
S0039
|
Skill in identifying possible causes of degradation of system performance or availability and initiating actions needed to mitigate this degradation. |
1 |
|
S0040
|
Skill in implementing, maintaining, and improving established network security practices. |
1 |
|
S0041
|
Skill in installing, configuring, and troubleshooting LAN and WAN components such as routers, hubs, and switches. |
1 |
|
S0042
|
Skill in maintaining databases. (i.e., backup, restore, delete data, transaction log files, etc.). |
1 |
|
S0043
|
Skill in maintaining directory services. (e.g., Microsoft Active Directory, LDAP, etc.). |
1 |
|
S0044
|
Skill in mimicking threat behaviors. |
1 |
|
S0045
|
Skill in optimizing database performance. |
1 |
|
S0046
|
Skill in performing packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump). |
1 |
|
S0047
|
Skill in preserving evidence integrity according to standard operating procedures or national standards. |
4 |
|
S0048
|
Skill in systems integration testing. |
1 |
|
S0049
|
Skill in the measuring and reporting of intellectual capital. |
1 |
|
S0050
|
Skill in design modeling and building use cases (e.g., unified modeling language). |
3 |
|
S0051
|
Skill in the use of penetration testing tools and techniques. |
2 |
|
S0052
|
Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.). |
2 |
|
S0053
|
Skill in tuning sensors. |
2 |
|
S0054
|
Skill in using incident handling methodologies. |
2 |
|
S0055
|
Skill in using knowledge management technologies. |
2 |
|
S0056
|
Skill in using network management tools to analyze network traffic patterns (e.g., simple network management protocol). |
2 |
|
S0057
|
Skill in using protocol analyzers. |
2 |
|
S0058
|
Skill in using the appropriate tools for repairing software, hardware, and peripheral equipment of a system. |
1 |
|
S0059
|
Skill in using Virtual Private Network (VPN) devices and encryption. |
3 |
|
S0060
|
Skill in writing code in a currently supported programming language (e.g., Java, C++). |
7 |
|
S0061
|
Skill in writing test plans. |
2 |
|
S0062
|
Skill in analyzing memory dumps to extract information. |
3 |
|
S0063
|
Skill in collecting data from a variety of cyber defense resources. |
1 |
|
S0064
|
Skill in developing and executing technical training programs and curricula. |
2 |
|
S0065
|
Skill in identifying and extracting data of forensic interest in diverse media (i.e., media forensics). |
2 |
|
S0066
|
Skill in identifying gaps in technical capabilities. |
2 |
|
S0067
|
Skill in identifying, modifying, and manipulating applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files). |
2 |
|
S0068
|
Skill in collecting, processing, packaging, transporting, and storing electronic evidence to avoid alteration, loss, physical damage, or destruction of data. |
3 |
|
S0069
|
Skill in setting up a forensic workstation. |
2 |
|
S0070
|
Skill in talking to others to convey information effectively. |
2 |
|
S0071
|
Skill in using forensic tool suites (e.g., EnCase, Sleuthkit, FTK). |
2 |
|
S0072
|
Skill in using scientific rules and methods to solve problems. |
2 |
|
S0073
|
Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.). |
5 |
|
S0074
|
Skill in physically disassembling PCs. |
2 |
|
S0075
|
Skill in conducting forensic analyses in multiple operating system environments (e.g., mobile device systems). |
3 |
|
S0076
|
Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware). |
3 |
|
S0077
|
Skill in securing network communications. |
3 |
|
S0078
|
Skill in recognizing and categorizing types of vulnerabilities and associated attacks. |
3 |
|
S0079
|
Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). |
3 |
|
S0080
|
Skill in performing damage assessments. |
1 |
|
S0081
|
Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.). |
2 |
|
S0082
|
Skill in evaluating test plans for applicability and completeness. |
1 |
|
S0083
|
Skill in integrating black box security testing tools into quality assurance process of software releases. |
1 |
|
S0084
|
Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems). |
2 |
|
S0085
|
Skill in conducting audits or reviews of technical systems. |
3 |
|
S0086
|
Skill in evaluating the trustworthiness of the supplier and/or product. |
2 |
|
S0087
|
Skill in deep analysis of captured malicious code (e.g., malware forensics). |
2 |
|
S0088
|
Skill in using binary analysis tools (e.g., Hexedit, command code xxd, hexdump). |
3 |
|
S0089
|
Skill in one-way hash functions (e.g., Secure Hash Algorithm [SHA], Message Digest Algorithm [MD5]). |
3 |
|
S0090
|
Skill in analyzing anomalous code as malicious or benign. |
2 |
|
S0091
|
Skill in analyzing volatile data. |
2 |
|
S0092
|
Skill in identifying obfuscation techniques. |
2 |
|
S0093
|
Skill in interpreting results of debugger to ascertain tactics, techniques, and procedures. |
2 |
|
S0094
|
Skill in reading Hexadecimal data. |
1 |
|
S0095
|
Skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode). |
1 |
|
S0096
|
Skill in reading and interpreting signatures (e.g., snort). |
1 |
|
S0097
|
Skill in applying security controls. |
3 |
|
S0098
|
WITHDRAWN: Skill in detecting host and network based intrusions via intrusion detection technologies. (See S0025) |
1 |
|
S0099
|
WITHDRAWN: Skill in determining how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes. (See S0027) |
0 |
|
S0100
|
Skill in utilizing or developing learning activities (e.g., scenarios, instructional games, interactive exercises). |
2 |
|
S0101
|
Skill in utilizing technologies (e.g., SmartBoards, websites, computers, projectors) for instructional purposes. |
1 |
|
S0102
|
Skill in applying technical delivery capabilities. |
1 |
|
S0103
|
Skill in assessing the predictive power and subsequent generalizability of a model. |
1 |
|
S0104
|
Skill in conducting Test Readiness Reviews. |
1 |
|
S0105
|
WITHDRAWN: Skill in data mining techniques. (See S0202) |
0 |
|
S0106
|
Skill in data pre-processing (e.g., imputation, dimensionality reduction, normalization, transformation, extraction, filtering, smoothing). |
1 |
|
S0107
|
Skill in designing and documenting overall program Test & Evaluation strategies. |
1 |
|
S0108
|
Skill in developing workforce and position qualification standards. |
1 |
|
S0109
|
Skill in identifying hidden patterns or relationships. |
1 |
|
S0110
|
Skill in identifying Test & Evaluation infrastructure (people, ranges, tools, instrumentation) requirements. |
2 |
|
S0111
|
Skill in interfacing with customers. |
2 |
|
S0112
|
Skill in managing test assets, test resources, and test personnel to ensure effective completion of test events. |
2 |
|
S0113
|
Skill in performing format conversions to create a standard representation of the data. |
1 |
|
S0114
|
Skill in performing sensitivity analysis. |
1 |
|
S0115
|
Skill in preparing Test & Evaluation reports. |
2 |
|
S0116
|
Skill in designing multi-level security/cross domain solutions. |
1 |
|
S0117
|
Skill in providing Test & Evaluation resource estimate. |
1 |
|
S0118
|
Skill in developing machine understandable semantic ontologies. |
1 |
|
S0119
|
Skill in Regression Analysis (e.g., Hierarchical Stepwise, Generalized Linear Model, Ordinary Least Squares, Tree-Based Methods, Logistic). |
1 |
|
S0120
|
Skill in reviewing logs to identify evidence of past intrusions. |
2 |
|
S0121
|
Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.). |
2 |
|
S0122
|
Skill in the use of design methods. |
2 |
|
S0123
|
Skill in transformation analytics (e.g., aggregation, enrichment, processing). |
1 |
|
S0124
|
Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. |
2 |
|
S0125
|
Skill in using basic descriptive statistics and techniques (e.g., normality, model distribution, scatter plots). |
1 |
|
S0126
|
Skill in using data analysis tools (e.g., Excel, STATA SAS, SPSS). |
1 |
|
S0127
|
Skill in using data mapping tools. |
1 |
|
S0128
|
Skill in using manpower and personnel IT systems. |
2 |
|
S0129
|
Skill in using outlier identification and removal techniques. |
1 |
|
S0130
|
Skill in writing scripts using R, Python, PIG, HIVE, SQL, etc. |
1 |
|
S0131
|
Skill in analyzing malware. |
2 |
|
S0132
|
Skill in conducting bit-level analysis. |
1 |
|
S0133
|
Skill in processing digital evidence, to include protecting and making legally sound copies of evidence. |
1 |
|
S0134
|
Skill in conducting reviews of systems. |
2 |
|
S0135
|
Skill in secure test plan design (e. g. unit, integration, system, acceptance). |
3 |
|
S0136
|
Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
2 |
|
S0137
|
Skill in conducting application vulnerability assessments. |
2 |
|
S0138
|
Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic). |
5 |
|
S0139
|
Skill in applying security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model). |
1 |
|
S0140
|
Skill in applying the systems engineering process. |
1 |
|
S0141
|
Skill in assessing security systems designs. |
2 |
|
S0142
|
Skill in conducting research for troubleshooting novel client-level problems. |
1 |
|
S0143
|
Skill in conducting system/server planning, management, and maintenance. |
1 |
|
S0144
|
Skill in correcting physical and technical problems that impact system/server performance. |
1 |
|
S0145
|
Skill in integrating and applying policies that meet system security objectives. |
3 |
|
S0146
|
Skill in creating policies that enable systems to meet performance objectives (e.g. traffic routing, SLA's, CPU specifications). |
1 |
|
S0147
|
Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). |
3 |
|
S0148
|
Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages. |
1 |
|
S0149
|
Skill in developing applications that can log and handle errors, exceptions, and application faults and logging. |
1 |
|
S0150
|
Skill in implementing and testing network infrastructure contingency and recovery plans. |
1 |
|
S0151
|
Skill in troubleshooting failed system components (i.e., servers) |
1 |
|
S0152
|
Skill in translating operational requirements into protection needs (i.e., security controls). |
1 |
|
S0153
|
Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems. |
1 |
|
S0154
|
Skill in installing system and component upgrades. (i.e., servers, appliances, network devices). |
1 |
|
S0155
|
Skill in monitoring and optimizing system/server performance. |
1 |
|
S0156
|
Skill in performing packet-level analysis. |
3 |
|
S0157
|
Skill in recovering failed systems/servers. (e.g., recovery software, failover clusters, replication, etc.). |
1 |
|
S0158
|
Skill in operating system administration. (e.g., account maintenance, data backups, maintain system performance, install and configure new hardware/software). |
1 |
|
S0159
|
Skill in configuring and validating network workstations and peripherals in accordance with approved standards and/or specifications. |
1 |
|
S0160
|
Skill in the use of design modeling (e.g., unified modeling language). |
3 |
|
S0161
|
WITHDRAWN: Integrated into S0160 |
0 |
|
S0162
|
Skill in applying various subnet techniques (e.g., CIDR) |
1 |
|
S0163
|
WITHDRAWN: Integrated into S0060 |
0 |
|
S0164
|
Skill in assessing the application of cryptographic standards. |
0 |
|
S0165
|
WITHDRAWN: Skill in collecting, packaging, transporting, and storing electronic evidence to avoid alteration, loss, physical damage, or destruction of data. (See S0068) |
0 |
|
S0166
|
Skill in identifying gaps in technical delivery capabilities. |
1 |
|
S0167
|
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning). |
2 |
|
S0168
|
Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks. |
1 |
|
S0169
|
Skill in conducting trend analysis. |
1 |
|
S0170
|
Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate). |
2 |
|
S0171
|
Skill in performing impact/risk assessments. |
2 |
|
S0172
|
Skill in applying secure coding techniques. |
2 |
|
S0173
|
Skill in using security event correlation tools. |
2 |
|
S0174
|
Skill in using code analysis tools. |
3 |
|
S0175
|
Skill in performing root cause analysis. |
3 |
|
S0176
|
Skill in administrative planning activities, to include preparation of functional and specific support plans, preparing and managing correspondence, and staffing procedures. |
4 |
|
S0177
|
Skill in analyzing a target's communication networks. |
2 |
|
S0178
|
Skill in analyzing essential network data (e.g., router configuration files, routing protocols). |
1 |
|
S0179
|
Skill in analyzing language processing tools to provide feedback to enhance tool development. |
1 |
|
S0180
|
WITHDRAWN: Integrated into S0062 |
0 |
|
S0181
|
Skill in analyzing midpoint collection data. |
1 |
|
S0182
|
Skill in analyzing target communications internals and externals collected from wireless LANs. |
1 |
|
S0183
|
Skill in analyzing terminal or environment collection data. |
2 |
|
S0184
|
Skill in analyzing traffic to identify network devices. |
4 |
|
S0185
|
Skill in applying analytical methods typically employed to support planning and to justify recommended strategies and courses of action. |
3 |
|
S0186
|
Skill in applying crisis planning procedures. |
3 |
|
S0187
|
Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses). |
3 |
|
S0188
|
Skill in assessing a target's frame of reference (e.g., motivation, technical capability, organizational structure, sensitivities). |
1 |
|
S0189
|
Skill in assessing and/or estimating effects generated during and after cyber operations. |
3 |
|
S0190
|
Skill in assessing current tools to identify needed improvements. |
1 |
|
S0191
|
Skill in assessing the applicability of available analytical tools to various situations. |
1 |
|
S0192
|
Skill in auditing firewalls, perimeters, routers, and intrusion detection systems. |
1 |
|
S0193
|
Skill in complying with the legal restrictions for targeted information. |
1 |
|
S0194
|
Skill in conducting non-attributable research. |
5 |
|
S0195
|
Skill in conducting research using all available sources. |
1 |
|
S0196
|
Skill in conducting research using deep web. |
3 |
|
S0197
|
Skill in conducting social network analysis, buddy list analysis, and/or cookie analysis. |
1 |
|
S0198
|
Skill in conducting social network analysis. |
1 |
|
S0199
|
Skill in creating and extracting important information from packet captures. |
1 |
|
S0200
|
Skill in creating collection requirements in support of data acquisition activities. |
1 |
|
S0201
|
Skill in creating plans in support of remote operations. (i.e., hot/warm/cold/alternative sites, disaster recovery). |
1 |
|
S0202
|
Skill in data mining techniques (e.g., searching file systems) and analysis. |
2 |
|
S0203
|
Skill in defining and characterizing all pertinent aspects of the operational environment. |
6 |
|
S0204
|
Skill in depicting source or collateral data on a network map. |
1 |
|
S0205
|
Skill in determining appropriate targeting options through the evaluation of available capabilities against desired effects. |
2 |
|
S0206
|
Skill in determining installed patches on various operating systems and identifying patch signatures. |
1 |
|
S0207
|
Skill in determining the effect of various router and firewall configurations on traffic patterns and network performance in both LAN and WAN environments. |
1 |
|
S0208
|
Skill in determining the physical location of network devices. |
2 |
|
S0209
|
Skill in developing and executing comprehensive cyber operations assessment programs for assessing and validating operational performance characteristics. |
1 |
|
S0210
|
Skill in developing intelligence reports. |
1 |
|
S0211
|
Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. |
3 |
|
S0212
|
Skill in disseminating items of highest intelligence value in a timely manner. |
1 |
|
S0213
|
Skill in documenting and communicating complex technical and programmatic information. |
3 |
|
S0214
|
Skill in evaluating accesses for intelligence value. |
1 |
|
S0215
|
Skill in evaluating and interpreting metadata. |
1 |
|
S0216
|
Skill in evaluating available capabilities against desired effects to provide effective courses of action. |
2 |
|
S0217
|
Skill in evaluating data sources for relevance, reliability, and objectivity. |
2 |
|
S0218
|
Skill in evaluating information for reliability, validity, and relevance. |
8 |
|
S0219
|
Skill in evaluating information to recognize relevance, priority, etc. |
1 |
|
S0220
|
Skill in exploiting/querying organizational and/or partner collection databases. |
1 |
|
S0221
|
Skill in extracting information from packet captures. |
1 |
|
S0222
|
Skill in fusion analysis |
2 |
|
S0223
|
Skill in generating operation plans in support of mission and target requirements. |
1 |
|
S0224
|
Skill in gisting target communications. |
1 |
|
S0225
|
Skill in identifying a target’s communications networks. |
1 |
|
S0226
|
Skill in identifying a target's network characteristics. |
1 |
|
S0227
|
Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes. |
4 |
|
S0228
|
Skill in identifying critical target elements, to include critical target elements for the cyber domain. |
4 |
|
S0229
|
Skill in identifying cyber threats which may jeopardize organization and/or partner interests. |
5 |
|
S0230
|
WITHDRAWN: Integrated into S0066 |
0 |
|
S0231
|
Skill in identifying how a target communicates. |
1 |
|
S0232
|
Skill in identifying intelligence gaps and limitations. |
2 |
|
S0233
|
Skill in identifying language issues that may have an impact on organization objectives. |
2 |
|
S0234
|
Skill in identifying leads for target development. |
2 |
|
S0235
|
Skill in identifying non-target regional languages and dialects |
2 |
|
S0236
|
Skill in identifying the devices that work at each level of protocol models. |
3 |
|
S0237
|
Skill in identifying, locating, and tracking targets via geospatial analysis techniques |
2 |
|
S0238
|
Skill in information prioritization as it relates to operations. |
2 |
|
S0239
|
Skill in interpreting compiled and interpretive programming languages. |
2 |
|
S0240
|
Skill in interpreting metadata and content as applied by collection systems. |
2 |
|
S0241
|
Skill in interpreting traceroute results, as they apply to network analysis and reconstruction. |
2 |
|
S0242
|
Skill in interpreting vulnerability scanner results to identify vulnerabilities. |
2 |
|
S0243
|
Skill in knowledge management, including technical documentation techniques (e.g., Wiki page). |
2 |
|
S0244
|
Skill in managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results. |
3 |
|
S0245
|
Skill in navigating network visualization software. |
1 |
|
S0246
|
Skill in number normalization. |
1 |
|
S0247
|
Skill in performing data fusion from existing intelligence for enabling new and continued collection. |
1 |
|
S0248
|
Skill in performing target system analysis. |
3 |
|
S0249
|
Skill in preparing and presenting briefings. |
8 |
|
S0250
|
Skill in preparing plans and related correspondence. |
5 |
|
S0251
|
Skill in prioritizing target language material. |
2 |
|
S0252
|
Skill in processing collected data for follow-on analysis. |
2 |
|
S0253
|
Skill in providing analysis on target-related matters (e.g., language, cultural, communications). |
1 |
|
S0254
|
Skill in providing analysis to aid writing phased after action reports. |
3 |
|
S0255
|
Skill in providing real-time, actionable geolocation information utilizing target infrastructures. |
1 |
|
S0256
|
Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships. |
5 |
|
S0257
|
Skill in reading, interpreting, writing, modifying, and executing simple scripts (e.g., PERL, VBS) on Windows and Unix systems (e.g., those that perform tasks like parsing large data files, automating manual tasks, and fetching/processing remote data). |
1 |
|
S0258
|
Skill in recognizing and interpreting malicious network activity in traffic. |
1 |
|
S0259
|
Skill in recognizing denial and deception techniques of the target. |
2 |
|
S0260
|
Skill in recognizing midpoint opportunities and essential information. |
1 |
|
S0261
|
Skill in recognizing relevance of information. |
1 |
|
S0262
|
Skill in recognizing significant changes in a target’s communication patterns. |
2 |
|
S0263
|
Skill in recognizing technical information that may be used for leads for metadata analysis. |
1 |
|
S0264
|
Skill in recognizing technical information that may be used for leads to enable remote operations (data includes users, passwords, email addresses, IP ranges of the target, frequency in DNI behavior, mail servers, domain servers, SMTP header information). |
1 |
|
S0265
|
Skill in recognizing technical information that may be used for target development including intelligence development. |
1 |
|
S0266
|
Skill in relevant programming languages (e.g., C++, Python, etc.). |
1 |
|
S0267
|
Skill in remote command line and Graphic User Interface (GUI) tool usage. |
1 |
|
S0268
|
Skill in researching essential information. |
1 |
|
S0269
|
Skill in researching vulnerabilities and exploits utilized in traffic. |
1 |
|
S0270
|
Skill in reverse engineering (e.g., hex editing, binary packaging utilities, debugging, and strings analysis) to identify function and ownership of remote tools. |
2 |
|
S0271
|
Skill in reviewing and editing assessment products. |
3 |
|
S0272
|
Skill in reviewing and editing intelligence products from various sources for cyber operations. |
1 |
|
S0273
|
Skill in reviewing and editing plans. |
3 |
|
S0274
|
Skill in reviewing and editing target materials. |
2 |
|
S0275
|
Skill in server administration. |
1 |
|
S0276
|
Skill in survey, collection, and analysis of wireless LAN metadata. |
1 |
|
S0277
|
Skill in synthesizing, analyzing, and prioritizing meaning across data sets. |
2 |
|
S0278
|
Skill in tailoring analysis to the necessary levels (e.g., classification and organizational). |
6 |
|
S0279
|
Skill in target development in direct support of collection operations. |
2 |
|
S0280
|
Skill in target network anomaly identification (e.g., intrusions, dataflow or processing, target implementation of new technologies). |
2 |
|
S0281
|
Skill in technical writing. |
3 |
|
S0282
|
Skill in testing and evaluating tools for implementation. |
1 |
|
S0283
|
Skill in transcribing target language communications. |
1 |
|
S0284
|
Skill in translating target graphic and/or voice language materials. |
1 |
|
S0285
|
Skill in using Boolean operators to construct simple and complex queries. |
4 |
|
S0286
|
Skill in using databases to identify target-relevant information. |
1 |
|
S0287
|
Skill in using geospatial data and applying geospatial resources. |
2 |
|
S0288
|
Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.). |
4 |
|
S0289
|
Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches. |
4 |
|
S0290
|
Skill in using non-attributable networks. |
2 |
|
S0291
|
Skill in using research methods including multiple, different sources to reconstruct a target network. |
1 |
|
S0292
|
Skill in using targeting databases and software packages. |
2 |
|
S0293
|
Skill in using tools, techniques, and procedures to remotely exploit and establish persistence on a target. |
2 |
|
S0294
|
Skill in using trace route tools and interpreting the results as they apply to network analysis and reconstruction. |
1 |
|
S0295
|
Skill in using various open source data collection tools (online trade, DNS, mail, etc.). |
1 |
|
S0296
|
Skill in utilizing feedback to improve processes, products, and services. |
9 |
|
S0297
|
Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint). |
7 |
|
S0298
|
Skill in verifying the integrity of all files. (e.g., checksums, Exclusive OR, secure hashes, check constraints, etc.). |
1 |
|
S0299
|
Skill in wireless network target analysis, templating, and geolocation. |
1 |
|
S0300
|
Skill in writing (and submitting) requirements to meet gaps in technical capabilities. |
1 |
|
S0301
|
Skill in writing about facts and ideas in a clear, convincing, and organized manner. |
2 |
|
S0302
|
Skill in writing effectiveness reports. |
1 |
|
S0303
|
Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources. |
3 |
|
S0304
|
Skill to access information on current assets available, usage. |
3 |
|
S0305
|
Skill to access the databases where plans/directives/guidance are maintained. |
3 |
|
S0306
|
Skill to analyze strategic guidance for issues requiring clarification and/or additional guidance. |
2 |
|
S0307
|
Skill to analyze target or threat sources of strength and morale. |
2 |
|
S0308
|
Skill to anticipate intelligence capability employment requirements. |
1 |
|
S0309
|
Skill to anticipate key target or threat activities which are likely to prompt a leadership decision. |
2 |
|
S0310
|
Skill to apply analytical standards to evaluate intelligence products. |
1 |
|
S0311
|
Skill to apply the capabilities, limitations and tasking methodologies of available platforms, sensors, architectures and apparatus as they apply to organization objectives. |
1 |
|
S0312
|
Skill to apply the process used to assess the performance and impact of cyber operations. |
2 |
|
S0313
|
Skill to articulate a needs statement/requirement and integrate new and emerging collection capabilities, accesses and/or processes into collection operations. |
1 |
|
S0314
|
Skill to articulate intelligence capabilities available to support execution of the plan. |
1 |
|
S0315
|
Skill to articulate the needs of joint planners to all-source analysts. |
1 |
|
S0316
|
Skill to associate Intelligence gaps to priority information requirements and observables. |
2 |
|
S0317
|
Skill to compare indicators/observables with requirements. |
2 |
|
S0318
|
Skill to conceptualize the entirety of the intelligence process in the multiple domains and dimensions. |
1 |
|
S0319
|
Skill to convert intelligence requirements into intelligence production tasks. |
1 |
|
S0320
|
Skill to coordinate the development of tailored intelligence products. |
1 |
|
S0321
|
Skill to correlate intelligence priorities to the allocation of intelligence resources/assets. |
1 |
|
S0322
|
Skill to craft indicators of operational progress/success. |
2 |
|
S0323
|
Skill to create and maintain up-to-date planning documents and tracking of services/production. |
1 |
|
S0324
|
Skill to determine feasibility of collection. |
1 |
|
S0325
|
Skill to develop a collection plan that clearly shows the discipline that can be used to collect the information needed. |
2 |
|
S0326
|
Skill to distinguish between notional and actual resources and their applicability to the plan under development. |
2 |
|
S0327
|
Skill to ensure that the collection strategy leverages all available resources. |
2 |
|
S0328
|
Skill to evaluate factors of the operational environment to objectives, and information requirements. |
1 |
|
S0329
|
Skill to evaluate requests for information to determine if response information exists. |
2 |
|
S0330
|
Skill to evaluate the capabilities, limitations and tasking methodologies of organic, theater, national, coalition and other collection capabilities. |
2 |
|
S0331
|
Skill to express orally and in writing the relationship between intelligence capability limitations and decision-making risk and impacts on the overall operation. |
1 |
|
S0332
|
Skill to extract information from available tools and applications associated with collection requirements and collection operations management. |
2 |
|
S0333
|
Skill to graphically depict decision support materials containing intelligence and partner capability estimates. |
2 |
|
S0334
|
Skill to identify and apply tasking, collection, processing, exploitation and dissemination to associated collection disciplines. |
2 |
|
S0335
|
Skill to identify Intelligence gaps. |
2 |
|
S0336
|
Skill to identify when priority information requirements are satisfied. |
2 |
|
S0337
|
Skill to implement established procedures for evaluating collection management and operations activities. |
1 |
|
S0338
|
Skill to interpret planning guidance to discern level of analytical support required. |
1 |
|
S0339
|
Skill to interpret readiness reporting, its operational relevance and intelligence collection impact. |
2 |
|
S0340
|
Skill to monitor target or threat situation and environmental factors. |
1 |
|
S0341
|
Skill to monitor threat effects to partner capabilities and maintain a running estimate. |
1 |
|
S0342
|
Skill to optimize collection system performance through repeated adjustment, testing, and re-adjustment. |
1 |
|
S0343
|
Skill to orchestrate intelligence planning teams, coordinate collection and production support, and monitor status. |
1 |
|
S0344
|
Skill to prepare and deliver reports, presentations and briefings, to include using visual aids or presentation technology. |
2 |
|
S0345
|
Skill to relate intelligence resources/assets to anticipated intelligence requirements. |
1 |
|
S0346
|
Skill to resolve conflicting collection requirements. |
1 |
|
S0347
|
Skill to review performance specifications and historical information about collection assets. |
2 |
|
S0348
|
Skill to specify collections and/or taskings that must be conducted in the near term. |
1 |
|
S0349
|
Skill to synchronize operational assessment procedures with the critical information requirement process. |
1 |
|
S0350
|
Skill to synchronize planning activities and required intelligence support. |
1 |
|
S0351
|
Skill to translate the capabilities, limitations and tasking methodologies of organic, theater, national, coalition and other collection capabilities. |
1 |
|
S0352
|
Skill to use collaborative tools and environments for collection operations. |
2 |
|
S0353
|
Skill to use systems and/or tools to track collection requirements and determine if they are satisfied. |
1 |
|
S0354
|
Skill in creating policies that reflect the business’s core privacy objectives. |
1 |
|
S0355
|
Skill in negotiating vendor agreements and evaluating vendor privacy practices. |
1 |
|
S0356
|
Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience). |
4 |
|
S0357
|
Skill to anticipate new security threats. |
1 |
|
S0358
|
Skill to remain aware of evolving technical infrastructures. |
2 |
|
S0359
|
Skill to use critical thinking to analyze organizational patterns and relationships. |
1 |
|
S0360
|
Skill to analyze and assess internal and external partner cyber operations capabilities and tools. |
6 |
|
S0361
|
Skill to analyze and assess internal and external partner intelligence processes and the development of information requirements and essential information. |
1 |
|
S0362
|
Skill to analyze and assess internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities). |
2 |
|
S0363
|
Skill to analyze and assess internal and external partner reporting. |
1 |
|
S0364
|
Skill to develop insights about the context of an organization’s threat environment |
1 |
|
S0365
|
Skill to design incident response for cloud service models. |
2 |
|
S0366
|
Skill to identify successful capabilities to find solutions to less common and more complex system problems. |
0 |
|
S0367
|
Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
14 |
|
S0368
|
Skill to use risk scoring to inform performance-based and cost-effective approaches to help organizations to identify, assess, and manage cybersecurity risk. |
0 |
|
S0369
|
Skill to identify sources, characteristics, and uses of the organization’s data assets. |
1 |
|
S0370
|
Skill to use cyber defense Service Provider reporting structure and processes within one’s own organization. |
2 |
|
S0371
|
Skill to respond and take local actions in response to threat sharing alerts from service providers. |
0 |
|
S0372
|
Skill to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise. |
5 |
|
S0373
|
Skill to ensure that accountability information is collected for information system and information and communications technology supply chain infrastructure components. |
0 |
|
S0374
|
Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations. |
3 |