Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

All Source-Collection Requirements Manager

Home NICE Framework Collect and Operate (CO) All Source-Collection Requirements Manager
NICE Work Role Description:
Evaluates collection operations and develops effects-based collection requirements strategies using available sources and methods to improve collection. Develops, processes, validates, and coordinates submission of collection requirements. Evaluates performance of collection assets and collection operations.
*Certification Declaration
Certification Declaration
Each certification is mapped to the NICE Framework, which organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks.  These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas.   Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.

Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps.  The CCE® Program does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.

NICE Framework Category
CCE® Concentration Area:
Collect and Operate (CO)
NICE Specialty Area:
Collection Operations (CLO)
NICE Work Role ID:
CO-CLO-002
OPM Code | DCWF Code:
312
School of Cybersecurity Training
School of Cybersecurity Training
Mission Assessment Specialist (AN201-RBT)
CCE® Program
CCE® Program
Certified Expert Fusion Analyst (CEFA)®

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

ID & Description

  • K0001 – Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 – Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 – Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 – Knowledge of cybersecurity and privacy principles.
  • K0005 – Knowledge of cyber threats and vulnerabilities.
  • K0006 – Knowledge of specific operational impacts of cybersecurity lapses.
  • K0036 – Knowledge of human-computer interaction principles.
  • K0058 – Knowledge of network traffic analysis methods.
  • K0109 – Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
  • K0177 – Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0353 – Knowledge of possible circumstances that would result in changing collection management authorities.
  • K0361– Knowledge of asset availability, capabilities and limitations.
  • K0364 – Knowledge of available databases and tools necessary to assess appropriate collection tasking.
  • K0380 – Knowledge of collaborative tools and environments.
  • K0382 – Knowledge of collection capabilities and limitations.
  • K0383 – Knowledge of collection capabilities, accesses, performance specifications, and constraints utilized to satisfy collection plan.
  • K0384 – Knowledge of collection management functionality (e.g., positions, functions, responsibilities, products, reporting requirements).
  • K0386 – Knowledge of collection management tools.
  • K0387 – Knowledge of collection planning process and collection plan.
  • K0390 – Knowledge of collection strategies.
  • K0395 – Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
  • K0401 – Knowledge of criteria for evaluating collection products.
  • K0404 – Knowledge of current collection requirements.
  • K0412 – Knowledge of cyber lexicon/terminology
  • K0417 – Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
  • K0419 – Knowledge of database administration and maintenance.
  • K0421 – Knowledge of databases, portals and associated dissemination vehicles.
  • K0425 – Knowledge of different organization objectives at all levels, including subordinate, lateral and higher.
  • K0427 – Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
  • K0431 – Knowledge of evolving/emerging communications technologies.
  • K0435 – Knowledge of fundamental cyber concepts, principles, limitations, and effects.
  • K0444 – Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
  • K0445 – Knowledge of how modern digital and telephony networks impact cyber operations.
  • K0446 – Knowledge of how modern wireless communications systems impact cyber operations.
  • K0448 – Knowledge of how to establish priorities for resources.
  • K0453 – Knowledge of indications and warning.
  • K0454 –  Knowledge of information needs.
  • K0467 –  Knowledge of internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
  • K0474 – Knowledge of key cyber threat actors and their equities.
  • K0475 – Knowledge of key factors of the operational environment and threat.
  • K0477 – Knowledge of leadership’s Intent and objectives.
  • K0480 – Knowledge of malware.
  • K0482 – Knowledge of methods for ascertaining collection asset posture and availability.
  • K0492 – Knowledge of non-traditional collection methodologies.
  • K0495 – Knowledge of ongoing and future operations.
  • K0496 – Knowledge of operational asset constraints.
  • K0498 – Knowledge of operational planning processes.
  • K0505 – Knowledge of organization objectives and associated demand on collection management.
  • K0513 – Knowledge of organizational priorities, legal authorities and requirements submission processes.
  • K0516 – Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0521 – Knowledge of priority information, how it is derived, where it is published, how to access, etc.
  • K0526 – Knowledge of research strategies and knowledge management.
  • K0527 – Knowledge of risk management and mitigation strategies.
  • K0552 – Knowledge of tasking mechanisms.
  • K0554 – Knowledge of tasking, collection, processing, exploitation and dissemination.
  • K0558 – Knowledge of the available tools and applications associated with collection requirements and collection management.
  • K0560 – Knowledge of the basic structure, architecture, and design of modern communication networks.
  • K0561 – Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0562 – Knowledge of the capabilities and limitations of new and emerging collection capabilities, accesses and/or processes.
  • K0563 – Knowledge of the capabilities, limitations and tasking methodologies of internal and external collections as they apply to planned cyber activities.
  • K0565 – Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
  • K0568 – Knowledge of the definition of collection management and collection management authority.
  • K0569 – Knowledge of the existent tasking, collection, processing, exploitation and dissemination architecture.
  • K0570 – Knowledge of the factors of threat that could impact collection operations.
  • K0579 – Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
  • K0580 – Knowledge of the organization’s established format for collection plan.
  • K0581 – Knowledge of the organization’s planning, operations and targeting cycles.
  • K0584 – Knowledge of the organizational policies/procedures for temporary transfer of collection authority.
  • K0587 – Knowledge of the POC’s, databases, tools and applications necessary to establish environment preparation and surveillance products.
  • K0588 – Knowledge of the priority information requirements from subordinate, lateral and higher levels of the organization.
  • K0596 – Knowledge of the request for information process.
  • K0605 – Knowledge of tipping, cueing, mixing, and redundancy.
  • K0610 – Knowledge of virtualization products (VMware, Virtual PC).
  • K0612 – Knowledge of what constitutes a “threat” to a network.

ID & Description

  • S0189 – Skill in assessing and/or estimating effects generated during and after cyber operations.
  • S0194 –  Skill in conducting non-attributable research.
  • S0203 – Skill in defining and characterizing all pertinent aspects of the operational environment.
  • S0211 – Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
  • S0216 – Skill in evaluating available capabilities against desired effects to provide effective courses of action.
  • S0218 – Skill in evaluating information for reliability, validity, and relevance.
  • S0227 – Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.
  • S0228 – Skill in identifying critical target elements, to include critical target elements for the cyber domain.
  • S0229 – Skill in identifying cyber threats which may jeopardize organization and/or partner interests.
  • S0249 – Skill in preparing and presenting briefings.
  • S0254 – Skill in providing analysis to aid writing phased after action reports.
  • S0256 – Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
  • S0271 – Skill in reviewing and editing assessment products.
  • S0278 – Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).
  • S0285 Skill in using Boolean operators to construct simple and complex queries.
  • S0288 – Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).
  • S0289 – Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.
  • S0292 – Skill in using targeting databases and software packages.
  • S0296 – Skill in utilizing feedback to improve processes, products, and services.
  • S0297 – Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
  • S0303 – Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources.
  • S0360 – Skill to analyze and assess internal and external partner cyber operations capabilities and tools.

ID & Description

  • A0069 – Ability to apply collaborative skills and strategies.
  • A0070 – Ability to apply critical reading/thinking skills.
  • A0078 – Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.

ID & Description

  • T0564 – Analyze feedback to determine extent to which collection products and services are meeting requirements.
  • T0565 – Analyze incoming collection requests.
  • T0568 – Analyze plans, directives, guidance and policy for factors that would influence collection management’s operational structure and requirement s (e.g., duration, scope, communication requirements, interagency/international agreements).
  • T0577 – Assess efficiency of existing information exchange and management systems.
  • T0578 – Assess performance of collection assets against prescribed specifications.
  • T0580 – Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly.
  • T0596 – Close requests for information once satisfied.
  • T0602 – Collaborate with customer to define information requirements.
  • T0605 – Compile lessons learned from collection management activity’s execution of organization collection objectives.
  • T0613 – Conduct formal and informal coordination of collection requirements in accordance with established guidelines and procedures.
  • T0651 – Develop a method for comparing collection reports to outstanding requirements to identify information gaps.
  • T0668 – Develop procedures for providing feedback to collection managers, asset managers, and processing, exploitation and dissemination centers.
  • T0675 – Disseminate reports to inform decision makers on collection issues.
  • T0675 – Conduct and document an assessment of the collection results using established procedures.
  • T0682 – Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership.
  • T0689 – Evaluate extent to which collected information and/or produced intelligence satisfy information requests.
  • T0693 – Evaluate extent to which collection operations are synchronized with operational requirements.
  • T0694 – Evaluate the effectiveness of collection operations against the collection plan.
  • T0714 – Identify collaboration forums that can serve as mechanisms for coordinating processes, functions, and outputs with specified organizations and functional groups.
  • T0725 – Identify and mitigate risks to collection management ability to support the plan, operations and target cycle.
  • T0730 – Inform stakeholders (e.g., collection managers, asset managers, processing, exploitation and dissemination centers) of evaluation results using established procedures.
  • T0734 – Issue requests for information.
  • T0746 – Modify collection requirements as necessary.
  • T0780 – Provide advisory and advocacy support to promote collection planning as an integrated component of the strategic campaign plans and other adaptive plans.
  • T0809 – Review capabilities of allocated collection assets.
  • T0810 – Review intelligence collection guidance for accuracy/applicability 
  • T0811 – Review list of prioritized collection requirements and essential information.
  • T0819 – Solicit and manage to completion feedback from requestors on quality, timeliness, and effectiveness of collection against collection requirements.
  • T0822 – Submit information requests to collection requirement management section for processing as collection requests.
  • T0830 – Track status of information requests, including those processed as collection requests and production requirements, using established procedures.
  • T0831 – Translate collection requests into applicable discipline-specific collection requirements.
  • T0832 – Use feedback results (e.g., lesson learned) to identify opportunities to improve collection management efficiency and effectiveness.
  • T0833 – Validate requests for information according to established criteria.
Knowledge

ID & Description

  • K0001 – Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 – Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 – Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 – Knowledge of cybersecurity and privacy principles.
  • K0005 – Knowledge of cyber threats and vulnerabilities.
  • K0006 – Knowledge of specific operational impacts of cybersecurity lapses.
  • K0036 – Knowledge of human-computer interaction principles.
  • K0058 – Knowledge of network traffic analysis methods.
  • K0109 – Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage).
  • K0177 – Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0353 – Knowledge of possible circumstances that would result in changing collection management authorities.
  • K0361– Knowledge of asset availability, capabilities and limitations.
  • K0364 – Knowledge of available databases and tools necessary to assess appropriate collection tasking.
  • K0380 – Knowledge of collaborative tools and environments.
  • K0382 – Knowledge of collection capabilities and limitations.
  • K0383 – Knowledge of collection capabilities, accesses, performance specifications, and constraints utilized to satisfy collection plan.
  • K0384 – Knowledge of collection management functionality (e.g., positions, functions, responsibilities, products, reporting requirements).
  • K0386 – Knowledge of collection management tools.
  • K0387 – Knowledge of collection planning process and collection plan.
  • K0390 – Knowledge of collection strategies.
  • K0395 – Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.).
  • K0401 – Knowledge of criteria for evaluating collection products.
  • K0404 – Knowledge of current collection requirements.
  • K0412 – Knowledge of cyber lexicon/terminology
  • K0417 – Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).
  • K0419 – Knowledge of database administration and maintenance.
  • K0421 – Knowledge of databases, portals and associated dissemination vehicles.
  • K0425 – Knowledge of different organization objectives at all levels, including subordinate, lateral and higher.
  • K0427 – Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP).
  • K0431 – Knowledge of evolving/emerging communications technologies.
  • K0435 – Knowledge of fundamental cyber concepts, principles, limitations, and effects.
  • K0444 – Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP).
  • K0445 – Knowledge of how modern digital and telephony networks impact cyber operations.
  • K0446 – Knowledge of how modern wireless communications systems impact cyber operations.
  • K0448 – Knowledge of how to establish priorities for resources.
  • K0453 – Knowledge of indications and warning.
  • K0454 –  Knowledge of information needs.
  • K0467 –  Knowledge of internal and external partner organization capabilities and limitations (those with tasking, collection, processing, exploitation and dissemination responsibilities).
  • K0474 – Knowledge of key cyber threat actors and their equities.
  • K0475 – Knowledge of key factors of the operational environment and threat.
  • K0477 – Knowledge of leadership’s Intent and objectives.
  • K0480 – Knowledge of malware.
  • K0482 – Knowledge of methods for ascertaining collection asset posture and availability.
  • K0492 – Knowledge of non-traditional collection methodologies.
  • K0495 – Knowledge of ongoing and future operations.
  • K0496 – Knowledge of operational asset constraints.
  • K0498 – Knowledge of operational planning processes.
  • K0505 – Knowledge of organization objectives and associated demand on collection management.
  • K0513 – Knowledge of organizational priorities, legal authorities and requirements submission processes.
  • K0516 – Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0521 – Knowledge of priority information, how it is derived, where it is published, how to access, etc.
  • K0526 – Knowledge of research strategies and knowledge management.
  • K0527 – Knowledge of risk management and mitigation strategies.
  • K0552 – Knowledge of tasking mechanisms.
  • K0554 – Knowledge of tasking, collection, processing, exploitation and dissemination.
  • K0558 – Knowledge of the available tools and applications associated with collection requirements and collection management.
  • K0560 – Knowledge of the basic structure, architecture, and design of modern communication networks.
  • K0561 – Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0562 – Knowledge of the capabilities and limitations of new and emerging collection capabilities, accesses and/or processes.
  • K0563 – Knowledge of the capabilities, limitations and tasking methodologies of internal and external collections as they apply to planned cyber activities.
  • K0565 – Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
  • K0568 – Knowledge of the definition of collection management and collection management authority.
  • K0569 – Knowledge of the existent tasking, collection, processing, exploitation and dissemination architecture.
  • K0570 – Knowledge of the factors of threat that could impact collection operations.
  • K0579 – Knowledge of the organization, roles and responsibilities of higher, lower and adjacent sub-elements.
  • K0580 – Knowledge of the organization’s established format for collection plan.
  • K0581 – Knowledge of the organization’s planning, operations and targeting cycles.
  • K0584 – Knowledge of the organizational policies/procedures for temporary transfer of collection authority.
  • K0587 – Knowledge of the POC’s, databases, tools and applications necessary to establish environment preparation and surveillance products.
  • K0588 – Knowledge of the priority information requirements from subordinate, lateral and higher levels of the organization.
  • K0596 – Knowledge of the request for information process.
  • K0605 – Knowledge of tipping, cueing, mixing, and redundancy.
  • K0610 – Knowledge of virtualization products (VMware, Virtual PC).
  • K0612 – Knowledge of what constitutes a “threat” to a network.
Skills

ID & Description

  • S0189 – Skill in assessing and/or estimating effects generated during and after cyber operations.
  • S0194 –  Skill in conducting non-attributable research.
  • S0203 – Skill in defining and characterizing all pertinent aspects of the operational environment.
  • S0211 – Skill in developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
  • S0216 – Skill in evaluating available capabilities against desired effects to provide effective courses of action.
  • S0218 – Skill in evaluating information for reliability, validity, and relevance.
  • S0227 – Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.
  • S0228 – Skill in identifying critical target elements, to include critical target elements for the cyber domain.
  • S0229 – Skill in identifying cyber threats which may jeopardize organization and/or partner interests.
  • S0249 – Skill in preparing and presenting briefings.
  • S0254 – Skill in providing analysis to aid writing phased after action reports.
  • S0256 – Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
  • S0271 – Skill in reviewing and editing assessment products.
  • S0278 – Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).
  • S0285 Skill in using Boolean operators to construct simple and complex queries.
  • S0288 – Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).
  • S0289 – Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches.
  • S0292 – Skill in using targeting databases and software packages.
  • S0296 – Skill in utilizing feedback to improve processes, products, and services.
  • S0297 – Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint).
  • S0303 – Skill in writing, reviewing and editing cyber-related Intelligence/assessment products from multiple sources.
  • S0360 – Skill to analyze and assess internal and external partner cyber operations capabilities and tools.
Abilities

ID & Description

  • A0069 – Ability to apply collaborative skills and strategies.
  • A0070 – Ability to apply critical reading/thinking skills.
  • A0078 – Ability to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.
Tasks

ID & Description

  • T0564 – Analyze feedback to determine extent to which collection products and services are meeting requirements.
  • T0565 – Analyze incoming collection requests.
  • T0568 – Analyze plans, directives, guidance and policy for factors that would influence collection management’s operational structure and requirement s (e.g., duration, scope, communication requirements, interagency/international agreements).
  • T0577 – Assess efficiency of existing information exchange and management systems.
  • T0578 – Assess performance of collection assets against prescribed specifications.
  • T0580 – Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly.
  • T0596 – Close requests for information once satisfied.
  • T0602 – Collaborate with customer to define information requirements.
  • T0605 – Compile lessons learned from collection management activity’s execution of organization collection objectives.
  • T0613 – Conduct formal and informal coordination of collection requirements in accordance with established guidelines and procedures.
  • T0651 – Develop a method for comparing collection reports to outstanding requirements to identify information gaps.
  • T0668 – Develop procedures for providing feedback to collection managers, asset managers, and processing, exploitation and dissemination centers.
  • T0675 – Disseminate reports to inform decision makers on collection issues.
  • T0675 – Conduct and document an assessment of the collection results using established procedures.
  • T0682 – Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership.
  • T0689 – Evaluate extent to which collected information and/or produced intelligence satisfy information requests.
  • T0693 – Evaluate extent to which collection operations are synchronized with operational requirements.
  • T0694 – Evaluate the effectiveness of collection operations against the collection plan.
  • T0714 – Identify collaboration forums that can serve as mechanisms for coordinating processes, functions, and outputs with specified organizations and functional groups.
  • T0725 – Identify and mitigate risks to collection management ability to support the plan, operations and target cycle.
  • T0730 – Inform stakeholders (e.g., collection managers, asset managers, processing, exploitation and dissemination centers) of evaluation results using established procedures.
  • T0734 – Issue requests for information.
  • T0746 – Modify collection requirements as necessary.
  • T0780 – Provide advisory and advocacy support to promote collection planning as an integrated component of the strategic campaign plans and other adaptive plans.
  • T0809 – Review capabilities of allocated collection assets.
  • T0810 – Review intelligence collection guidance for accuracy/applicability 
  • T0811 – Review list of prioritized collection requirements and essential information.
  • T0819 – Solicit and manage to completion feedback from requestors on quality, timeliness, and effectiveness of collection against collection requirements.
  • T0822 – Submit information requests to collection requirement management section for processing as collection requests.
  • T0830 – Track status of information requests, including those processed as collection requests and production requirements, using established procedures.
  • T0831 – Translate collection requests into applicable discipline-specific collection requirements.
  • T0832 – Use feedback results (e.g., lesson learned) to identify opportunities to improve collection management efficiency and effectiveness.
  • T0833 – Validate requests for information according to established criteria.
Menu