PR-INF-001 Cyber Defense Infrastructure Support Specialist

Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks.

Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities.

Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.

Knowledges 24

Code Description Work Roles
K0001 Knowledge of computer networking concepts and protocols, and network security methodologies. 52
K0002 Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 52
K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 52
K0004 Knowledge of cybersecurity and privacy principles. 52
K0005 Knowledge of cyber threats and vulnerabilities. 52
K0006 Knowledge of specific operational impacts of cybersecurity lapses. 52
K0021 Knowledge of data backup and recovery. 9
K0033 Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). 5
K0042 Knowledge of incident response and handling methodologies. 7
K0044 Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 14
K0058 Knowledge of network traffic analysis methods. 10
K0061 Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). 11
K0062 Knowledge of packet-level analysis. 2
K0104 Knowledge of Virtual Private Network (VPN) security. 4
K0106 Knowledge of what constitutes a network attack and a network attackā€™s relationship to both threats and vulnerabilities. 6
K0135 Knowledge of web filtering technologies. 2
K0157 Knowledge of cyber defense and information security policies, procedures, and regulations. 4
K0179 Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). 19
K0205 Knowledge of basic system, network, and OS hardening techniques. 1
K0258 Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)). 1
K0274 Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. 3
K0324 Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. 2
K0332 Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. 14
K0334 Knowledge of network traffic analysis (tools, methodologies, processes). 1

Skills 9

Code Description Work Roles
S0007 Skill in applying host/network access controls (e.g., access control list). 1
S0053 Skill in tuning sensors. 2
S0054 Skill in using incident handling methodologies. 2
S0059 Skill in using Virtual Private Network (VPN) devices and encryption. 3
S0077 Skill in securing network communications. 3
S0079 Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). 3
S0121 Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.). 2
S0124 Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. 2
S0367 Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 14

Abilities 1

Code Description Work Roles
A0123 Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 15

Tasks 9

Code Description Work Roles
T0042 Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications. 1
T0180 Perform system administration on specialized cyber defense applications and systems (e.g., antivirus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup, and restoration. 1
T0261 Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources. 1
T0335 Build, install, configure, and test dedicated cyber defense hardware. 1
T0348 Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure. 1
T0420 Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s). 1
T0438 Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems). 1
T0483 Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization). 1
T0486 Implement Risk Management Framework (RMF)/Security Assessment and Authorization (SA&A) requirements for dedicated cyber defense systems within the enterprise, and document and maintain records for them. 1