Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

Cyber Defense Infrastructure Support Specialist

Home NICE Framework Protect and Defend (PR) Cyber Defense Infrastructure Support Specialist
NICE Work Role Description:
Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.
*Certification Declaration
*Certification Declaration
Each certification is mapped to the NICE Framework, which organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks.  These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas.   Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.

Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps.  The CCE® Program does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.

NICE Framework Category
CCE® Concentration Area:
Protect and Defend (PR)
NICE Specialty Area:
Cybersecurity Defense Infrastructure Support (INF)
NICE Work Role ID:
PR-INF-001
OPM Code | DCWF Code:
521
School of Cybersecurity Training
School of Cybersecurity Training
Cyber Defense Infrastructure Support Specialist (PR102-RBT)
Implementing and Securing Your Virtual Environment (OM112)
Implementing and Securing Your Virtual Environment - WBT (OM012-WBT)
Intrusion Detection - WBT (PR051-WBT)
System Exploits and Intrusion Detection (AN211)
CCE® Program
Certified Expert Cloud Security (CECS)®

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

ID & Description

  • K0001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0021 - Knowledge of data backup and recovery.
  • K0033 - Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0042 - Knowledge of incident response and handling methodologies.
  • K0044 - Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0058 - Knowledge of network traffic analysis methods.
  • K0061 - Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0062 - Knowledge of packet-level analysis.
  • K0104 - Knowledge of Virtual Private Network (VPN) security.
  • K0106 - Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0135 - Knowledge of web filtering technologies.
  • K0157 - Knowledge of cyber defense and information security policies, procedures, and regulations.
  • K0179 - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0205 - Knowledge of basic system, network, and OS hardening techniques.
  • K0258 - Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).
  • K0274 - Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
  • K0324 - Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0332 - Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0334 - Knowledge of network traffic analysis (tools, methodologies, processes).

ID & Description

  • S0007 - Skill in applying host/network access controls (e.g., access control list).
  • S0053 - Skill in tuning sensors.
  • S0054 - Skill in using incident handling methodologies.
  • S0059 - Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0077 - Skill in securing network communications.
  • S0079 - Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0121 - Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • S0124 - Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • S0367- Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

ID & Description

  • A0123 - Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

ID & Description

  • T0042 - Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
  • T0180 - Perform system administration on specialized cyber defense applications and systems (e.g., antivirus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup, and restoration.
  • T0261 - Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
  • T0335 - Build, install, configure, and test dedicated cyber defense hardware.
  • T0348 - Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
  • T0420 - Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s).
  • T0438 - Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems).
  • T0483 - Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
  • T0486 - Implement Risk Management Framework (RMF)/Security Assessment and Authorization (SA&A) requirements for dedicated cyber defense systems within the enterprise, and document and maintain records for them.
Knowledge

ID & Description

  • K0001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0021 - Knowledge of data backup and recovery.
  • K0033 - Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0042 - Knowledge of incident response and handling methodologies.
  • K0044 - Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0058 - Knowledge of network traffic analysis methods.
  • K0061 - Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0062 - Knowledge of packet-level analysis.
  • K0104 - Knowledge of Virtual Private Network (VPN) security.
  • K0106 - Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0135 - Knowledge of web filtering technologies.
  • K0157 - Knowledge of cyber defense and information security policies, procedures, and regulations.
  • K0179 - Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0205 - Knowledge of basic system, network, and OS hardening techniques.
  • K0258 - Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).
  • K0274 - Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
  • K0324 - Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0332 - Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0334 - Knowledge of network traffic analysis (tools, methodologies, processes).
Skills

ID & Description

  • S0007 - Skill in applying host/network access controls (e.g., access control list).
  • S0053 - Skill in tuning sensors.
  • S0054 - Skill in using incident handling methodologies.
  • S0059 - Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0077 - Skill in securing network communications.
  • S0079 - Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0121 - Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • S0124 - Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • S0367- Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Abilities

ID & Description

  • A0123 - Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Tasks

ID & Description

  • T0042 - Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
  • T0180 - Perform system administration on specialized cyber defense applications and systems (e.g., antivirus, audit and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup, and restoration.
  • T0261 - Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
  • T0335 - Build, install, configure, and test dedicated cyber defense hardware.
  • T0348 - Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
  • T0420 - Administer test bed(s), and test and evaluate applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by service provider(s).
  • T0438 - Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., firewalls and intrusion prevention systems).
  • T0483 - Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
  • T0486 - Implement Risk Management Framework (RMF)/Security Assessment and Authorization (SA&A) requirements for dedicated cyber defense systems within the enterprise, and document and maintain records for them.
Menu