Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

All Source-Collection Requirements Manager

Home NICE Framework Collect and Operate (CO) All Source-Collection Requirements Manager
NICE Work Role Description:
Evaluates collection operations and develops effects-based collection requirements strategies using available sources and methods to improve collection. Develops, processes, validates, and coordinates submission of collection requirements. Evaluates performance of collection assets and collection operations.
*Certification Declaration
Certification Declaration
Each certification is mapped to the NICE Framework, which organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks.  These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas.   Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.

Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps.  The CCE® Program does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.

NICE Framework Category
CCE® Concentration Area:
Collect and Operate (CO)
NICE Specialty Area:
Collection Operations (CLO)
NICE Work Role ID:
CO-CLO-002
OPM Code | DCWF Code:
312
School of Cybersecurity Training
School of Cybersecurity Training
Mission Assessment Specialist (AN201-RBT)
CCE® Program
Certified Expert Fusion Analyst (CEFA)®

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

ID & Description

  • K0001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0036 - Knowledge of human-computer interaction principles.
  • K0058 - Knowledge of network traffic analysis methods.
  • K0109 - Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
  • K0177Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0353 - Knowledge of possible circumstances that would result in changing collection management authorities.
  • K0361Knowledge of asset availability, capabilities and limitations.
  • K0364 Knowledge of available databases and tools necessary to assess appropriate collection tasking.
  • K0380 - Knowledge of collaborative tools and environments.
  • K0382 - Knowledge of collection capabilities and limitations.
  • K0383 - Knowledge of collection capabilities, accesses, performance specifications, and constraints utilized to satisfy collection plan.
  • K0384 - Knowledge of collection management functionality (e.g., positions, functions, responsibilities, products, reporting requirements).
  • K0386 - Knowledge of collection management tools.
  • K0387 - Knowledge of collection planning process and collection plan.
  • K0390 - Knowledge of collection strategies.
  • K0395 - Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
  • K0401 - Knowledge of criteria for evaluating collection products.
  • K0404 - Knowledge of current collection requirements.
  • K0412 Knowledge of cyber lexicon/terminology
  • K0417 - Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
  • K0419 - Knowledge of database administration and maintenance.
  • K0421 - Knowledge of databases, portals and associated dissemination vehicles.
  • K0425 Knowledge of different organization objectives at all levels, including subordinate, lateral and higher.
  • K0427 Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
  • K0431 Knowledge of evolving/emerging communications technologies.
  • K0435 Knowledge of fundamental cyber concepts, principles, limitations, and effects.
  • K0444 Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
  • K0445 Knowledge of how modern digital and telephony networks impact cyber operations.
  • K0446 Knowledge of how modern wireless communications systems impact cyber operations.
  • K0448 Knowledge of how to establish priorities for resources.
  • K0453 Knowledge of indications and warning.
  • K0454 -  Knowledge of information needs.
  • K0467 -  Knowledge of internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
  • K0474 Knowledge of key cyber threat actors and their equities.
  • K0475 Knowledge of key factors of the operational environment and threat.
  • K0477 Knowledge of leadership’s Intent and objectives.
  • K0480 Knowledge of malware.
  • K0482 Knowledge of methods for ascertaining collection asset posture and availability.
  • K0492 Knowledge of non-traditional collection methodologies.
  • K0495 Knowledge of ongoing and future operations.
  • K0496 Knowledge of operational asset constraints.
  • K0498 Knowledge of operational planning processes.
  • K0505 Knowledge of organization objectives and associated demand on collection management.
  • K0513 Knowledge of organizational priorities, legal authorities and requirements submission processes.
  • K0516 Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0521 Knowledge of priority information, how it is derived, where it is published, how to access, etc.
  • K0526 Knowledge of research strategies and knowledge management.
  • K0527 Knowledge of risk management and mitigation strategies.
  • K0552 Knowledge of tasking mechanisms.
  • K0554 Knowledge of tasking, collection, processing, exploitation and dissemination.
  • K0558 Knowledge of the available tools and applications associated with collection requirements and collection management.
  • K0560 Knowledge of the basic structure, architecture, and design of modern communication networks.
  • K0561 Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0562 Knowledge of the capabilities and limitations of new and emerging collection capabilities, accesses and/or processes.
  • K0563 Knowledge of the capabilities, limitations and tasking methodologies of internal and external collections as they apply to planned cyber activities.
  • K0565 Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
  • K0568 Knowledge of the definition of collection management and collection management authority.
  • K0569 Knowledge of the existent tasking, collection, processing, exploitation and dissemination architecture.
  • K0570 Knowledge of the factors of threat that could impact collection operations.
  • K0579 Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
  • K0580 Knowledge of the organization’s established format for collection plan.
  • K0581 Knowledge of the organization’s planning, operations and targeting cycles.
  • K0584 Knowledge of the organizational policies/procedures for temporary transfer of collection authority.
  • K0587 Knowledge of the POC’s, databases, tools and applications necessary to establish environment preparation and surveillance products.
  • K0588 Knowledge of the priority information requirements from subordinate, lateral and higher levels of the organization.
  • K0596 Knowledge of the request for information process.
  • K0605 Knowledge of tipping, cueing, mixing, and redundancy.
  • K0610 Knowledge of virtualization products (VMware, Virtual PC).
  • K0612 Knowledge of what constitutes a “threat” to a network.

ID & Description

  • S0189 - Skill in assessing and/or estimating effects generated during and after cyber operations.
  • S0194 Skill in conducting non-attributable research.
  • S0203 - Skill in defining and characterizing all pertinent aspects of the operational environment.
  • S0211 - Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
  • S0216 - Skill in evaluating available capabilities against desired effects to provide effective courses of action.
  • S0218 Skill in evaluating information for reliability, validity, and relevance.
  • S0227 - Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.
  • S0228 - Skill in identifying critical target elements, to include critical target elements for the cyber domain.
  • S0229 Skill in identifying cyber threats which may jeopardize organization and/or partner interests.
  • S0249 Skill in preparing and presenting briefings.
  • S0254 Skill in providing analysis to aid writing phased after action reports.
  • S0256 Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
  • S0271 Skill in reviewing and editing assessment products.
  • S0278 Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).
  • S0285 - Skill in using Boolean operators to construct simple and complex queries.
  • S0288 Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).
  • S0289 Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.
  • S0292 Skill in using targeting databases and software packages.
  • S0296 Skill in utilizing feedback to improve processes, products, and services.
  • S0297 Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
  • S0303 Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources.
  • S0360 Skill to analyze and assess internal and external partner cyber operations capabilities and tools.

ID & Description

  • A0069 - Ability to apply collaborative skills and strategies.
  • A0070 Ability to apply critical reading/thinking skills.
  • A0078 Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.

ID & Description

  • T0564 Analyze feedback to determine extent to which collection products and services are meeting requirements.
  • T0565 Analyze incoming collection requests.
  • T0568 - Analyze plans, directives, guidance and policy for factors that would influence collection management’s operational structure and requirement s (e.g., duration, scope, communication requirements, interagency/international agreements).
  • T0577 - Assess efficiency of existing information exchange and management systems.
  • T0578 - Assess performance of collection assets against prescribed specifications.
  • T0580 - Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly.
  • T0596 - Close requests for information once satisfied.
  • T0602 - Collaborate with customer to define information requirements.
  • T0605 Compile lessons learned from collection management activity’s execution of organization collection objectives.
  • T0613 - Conduct formal and informal coordination of collection requirements in accordance with established guidelines and procedures.
  • T0651 - Develop a method for comparing collection reports to outstanding requirements to identify information gaps.
  • T0668 - Develop procedures for providing feedback to collection managers, asset managers, and processing, exploitation and dissemination centers.
  • T0675 - Disseminate reports to inform decision makers on collection issues.
  • T0675 - Conduct and document an assessment of the collection results using established procedures.
  • T0682 - Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership.
  • T0689 - Evaluate extent to which collected information and/or produced intelligence satisfy information requests.
  • T0693 - Evaluate extent to which collection operations are synchronized with operational requirements.
  • T0694 - Evaluate the effectiveness of collection operations against the collection plan.
  • T0714 - Identify collaboration forums that can serve as mechanisms for coordinating processes, functions, and outputs with specified organizations and functional groups.
  • T0725 - Identify and mitigate risks to collection management ability to support the plan, operations and target cycle.
  • T0730 - Inform stakeholders (e.g., collection managers, asset managers, processing, exploitation and dissemination centers) of evaluation results using established procedures.
  • T0734 - Issue requests for information.
  • T0746 - Modify collection requirements as necessary.
  • T0780 - Provide advisory and advocacy support to promote collection planning as an integrated component of the strategic campaign plans and other adaptive plans.
  • T0809 - Review capabilities of allocated collection assets.
  • T0810 - Review intelligence collection guidance for accuracy/applicability 
  • T0811 - Review list of prioritized collection requirements and essential information.
  • T0819 - Solicit and manage to completion feedback from requestors on quality, timeliness, and effectiveness of collection against collection requirements.
  • T0822 - Submit information requests to collection requirement management section for processing as collection requests.
  • T0830 - Track status of information requests, including those processed as collection requests and production requirements, using established procedures.
  • T0831 - Translate collection requests into applicable discipline-specific collection requirements.
  • T0832 - Use feedback results (e.g., lesson learned) to identify opportunities to improve collection management efficiency and effectiveness.
  • T0833 - Validate requests for information according to established criteria.
Knowledge

ID & Description

  • K0001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0036 - Knowledge of human-computer interaction principles.
  • K0058 - Knowledge of network traffic analysis methods.
  • K0109 - Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
  • K0177Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0353 - Knowledge of possible circumstances that would result in changing collection management authorities.
  • K0361Knowledge of asset availability, capabilities and limitations.
  • K0364 Knowledge of available databases and tools necessary to assess appropriate collection tasking.
  • K0380 - Knowledge of collaborative tools and environments.
  • K0382 - Knowledge of collection capabilities and limitations.
  • K0383 - Knowledge of collection capabilities, accesses, performance specifications, and constraints utilized to satisfy collection plan.
  • K0384 - Knowledge of collection management functionality (e.g., positions, functions, responsibilities, products, reporting requirements).
  • K0386 - Knowledge of collection management tools.
  • K0387 - Knowledge of collection planning process and collection plan.
  • K0390 - Knowledge of collection strategies.
  • K0395 - Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
  • K0401 - Knowledge of criteria for evaluating collection products.
  • K0404 - Knowledge of current collection requirements.
  • K0412 Knowledge of cyber lexicon/terminology
  • K0417 - Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
  • K0419 - Knowledge of database administration and maintenance.
  • K0421 - Knowledge of databases, portals and associated dissemination vehicles.
  • K0425 Knowledge of different organization objectives at all levels, including subordinate, lateral and higher.
  • K0427 Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
  • K0431 Knowledge of evolving/emerging communications technologies.
  • K0435 Knowledge of fundamental cyber concepts, principles, limitations, and effects.
  • K0444 Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
  • K0445 Knowledge of how modern digital and telephony networks impact cyber operations.
  • K0446 Knowledge of how modern wireless communications systems impact cyber operations.
  • K0448 Knowledge of how to establish priorities for resources.
  • K0453 Knowledge of indications and warning.
  • K0454 -  Knowledge of information needs.
  • K0467 -  Knowledge of internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
  • K0474 Knowledge of key cyber threat actors and their equities.
  • K0475 Knowledge of key factors of the operational environment and threat.
  • K0477 Knowledge of leadership’s Intent and objectives.
  • K0480 Knowledge of malware.
  • K0482 Knowledge of methods for ascertaining collection asset posture and availability.
  • K0492 Knowledge of non-traditional collection methodologies.
  • K0495 Knowledge of ongoing and future operations.
  • K0496 Knowledge of operational asset constraints.
  • K0498 Knowledge of operational planning processes.
  • K0505 Knowledge of organization objectives and associated demand on collection management.
  • K0513 Knowledge of organizational priorities, legal authorities and requirements submission processes.
  • K0516 Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0521 Knowledge of priority information, how it is derived, where it is published, how to access, etc.
  • K0526 Knowledge of research strategies and knowledge management.
  • K0527 Knowledge of risk management and mitigation strategies.
  • K0552 Knowledge of tasking mechanisms.
  • K0554 Knowledge of tasking, collection, processing, exploitation and dissemination.
  • K0558 Knowledge of the available tools and applications associated with collection requirements and collection management.
  • K0560 Knowledge of the basic structure, architecture, and design of modern communication networks.
  • K0561 Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0562 Knowledge of the capabilities and limitations of new and emerging collection capabilities, accesses and/or processes.
  • K0563 Knowledge of the capabilities, limitations and tasking methodologies of internal and external collections as they apply to planned cyber activities.
  • K0565 Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
  • K0568 Knowledge of the definition of collection management and collection management authority.
  • K0569 Knowledge of the existent tasking, collection, processing, exploitation and dissemination architecture.
  • K0570 Knowledge of the factors of threat that could impact collection operations.
  • K0579 Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
  • K0580 Knowledge of the organization’s established format for collection plan.
  • K0581 Knowledge of the organization’s planning, operations and targeting cycles.
  • K0584 Knowledge of the organizational policies/procedures for temporary transfer of collection authority.
  • K0587 Knowledge of the POC’s, databases, tools and applications necessary to establish environment preparation and surveillance products.
  • K0588 Knowledge of the priority information requirements from subordinate, lateral and higher levels of the organization.
  • K0596 Knowledge of the request for information process.
  • K0605 Knowledge of tipping, cueing, mixing, and redundancy.
  • K0610 Knowledge of virtualization products (VMware, Virtual PC).
  • K0612 Knowledge of what constitutes a “threat” to a network.
Skills

ID & Description

  • S0189 - Skill in assessing and/or estimating effects generated during and after cyber operations.
  • S0194 Skill in conducting non-attributable research.
  • S0203 - Skill in defining and characterizing all pertinent aspects of the operational environment.
  • S0211 - Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
  • S0216 - Skill in evaluating available capabilities against desired effects to provide effective courses of action.
  • S0218 Skill in evaluating information for reliability, validity, and relevance.
  • S0227 - Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.
  • S0228 - Skill in identifying critical target elements, to include critical target elements for the cyber domain.
  • S0229 Skill in identifying cyber threats which may jeopardize organization and/or partner interests.
  • S0249 Skill in preparing and presenting briefings.
  • S0254 Skill in providing analysis to aid writing phased after action reports.
  • S0256 Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
  • S0271 Skill in reviewing and editing assessment products.
  • S0278 Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).
  • S0285 - Skill in using Boolean operators to construct simple and complex queries.
  • S0288 Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).
  • S0289 Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.
  • S0292 Skill in using targeting databases and software packages.
  • S0296 Skill in utilizing feedback to improve processes, products, and services.
  • S0297 Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
  • S0303 Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources.
  • S0360 Skill to analyze and assess internal and external partner cyber operations capabilities and tools.
Abilities

ID & Description

  • A0069 - Ability to apply collaborative skills and strategies.
  • A0070 Ability to apply critical reading/thinking skills.
  • A0078 Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.
Tasks

ID & Description

  • T0564 Analyze feedback to determine extent to which collection products and services are meeting requirements.
  • T0565 Analyze incoming collection requests.
  • T0568 - Analyze plans, directives, guidance and policy for factors that would influence collection management’s operational structure and requirement s (e.g., duration, scope, communication requirements, interagency/international agreements).
  • T0577 - Assess efficiency of existing information exchange and management systems.
  • T0578 - Assess performance of collection assets against prescribed specifications.
  • T0580 - Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly.
  • T0596 - Close requests for information once satisfied.
  • T0602 - Collaborate with customer to define information requirements.
  • T0605 Compile lessons learned from collection management activity’s execution of organization collection objectives.
  • T0613 - Conduct formal and informal coordination of collection requirements in accordance with established guidelines and procedures.
  • T0651 - Develop a method for comparing collection reports to outstanding requirements to identify information gaps.
  • T0668 - Develop procedures for providing feedback to collection managers, asset managers, and processing, exploitation and dissemination centers.
  • T0675 - Disseminate reports to inform decision makers on collection issues.
  • T0675 - Conduct and document an assessment of the collection results using established procedures.
  • T0682 - Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership.
  • T0689 - Evaluate extent to which collected information and/or produced intelligence satisfy information requests.
  • T0693 - Evaluate extent to which collection operations are synchronized with operational requirements.
  • T0694 - Evaluate the effectiveness of collection operations against the collection plan.
  • T0714 - Identify collaboration forums that can serve as mechanisms for coordinating processes, functions, and outputs with specified organizations and functional groups.
  • T0725 - Identify and mitigate risks to collection management ability to support the plan, operations and target cycle.
  • T0730 - Inform stakeholders (e.g., collection managers, asset managers, processing, exploitation and dissemination centers) of evaluation results using established procedures.
  • T0734 - Issue requests for information.
  • T0746 - Modify collection requirements as necessary.
  • T0780 - Provide advisory and advocacy support to promote collection planning as an integrated component of the strategic campaign plans and other adaptive plans.
  • T0809 - Review capabilities of allocated collection assets.
  • T0810 - Review intelligence collection guidance for accuracy/applicability 
  • T0811 - Review list of prioritized collection requirements and essential information.
  • T0819 - Solicit and manage to completion feedback from requestors on quality, timeliness, and effectiveness of collection against collection requirements.
  • T0822 - Submit information requests to collection requirement management section for processing as collection requests.
  • T0830 - Track status of information requests, including those processed as collection requests and production requirements, using established procedures.
  • T0831 - Translate collection requests into applicable discipline-specific collection requirements.
  • T0832 - Use feedback results (e.g., lesson learned) to identify opportunities to improve collection management efficiency and effectiveness.
  • T0833 - Validate requests for information according to established criteria.
Menu