Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

Systems Requirements Planner

Home NICE Framework Cybersecurity Work Roles Systems Requirements Planner
NICE Work Role Description:
Designs, develops, tests, and evaluates information systems throughout the systems development life cycle.
*Read our disclaimer
Disclaimer
Each certification is mapped to the NICE Framework, which organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks.  These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas.   Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.

Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps.  The CCE® Program does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.

NICE Framework Category
CCE® Concentration Area:
Securely Provision (SP)
NICE Specialty Area:
Systems Requirements Planning (SRP)
NICE Work Role ID:
SP-SRP-001
OPM Code | DCWF Code:
641
School of Cybersecurity Training
School of Cybersecurity Training
Cloud Security and FedRAMP (PR108)
Cloud Security and FedRAMP – SP (PR108-SP)
Cloud Security Fundamentals (PR109)
Healthcare Security & Privacy for IT Professionals (OV105)
HIPAA / HITECH Compliance (OV110)
HIPAA / HITECH Compliance – WBT (OV010-WBT)
Implementing and Securing Your Virtual Environment (OM112)
Implementing and Securing Your Virtual Environment – WBT (OM012-WBT)
Privacy for IT/ISS Professionals (OV231)
Privacy for IT/ISS Professionals – SP (OV231-SP)
System Administration and Development (OM267)
Systems Requirements Planner (SP303-RBT)
CCE® Program
CCE® Program
Certified Expert Acquisition Professional (CEAP)®

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

ID & Description

  • K0001 – Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 – Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 – Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 – Knowledge of cybersecurity and privacy principles.
  • K0005 – Knowledge of cyber threats and vulnerabilities.
  • K0006 – Knowledge of specific operational impacts of cybersecurity lapses.
  • K0008 – Knowledge of applicable business processes and operations of customer organizations.
  • K0012 – Knowledge of capabilities and requirements analysis.
  • K0018 – Knowledge of encryption algorithms.
  • K0019 – Knowledge of cryptography and cryptographic key management concepts.
  • K0032 – Knowledge of resiliency and redundancy.
  • K0035 – Knowledge of installation, integration, and optimization of system components.
  • K0038 – Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0043 – Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0044 – Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0045 – Knowledge of information security systems engineering principles (NIST SP 800-160).
  • K0047 – Knowledge of information technology (IT) architectural concepts and frameworks.
  • K0055 – Knowledge of microprocessors.
  • K0056 – Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0059 – Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0060 – Knowledge of operating systems.
  • K0061 – Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0063 – Knowledge of parallel and distributed computing concepts.
  • K0066 – Knowledge of Privacy Impact Assessments.
  • K0067 – Knowledge of process engineering concepts.
  • K0073 – Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
  • K0074 – Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • K0086 – Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.
  • K0087 – Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0090 – Knowledge of system life cycle management principles, including software security and usability.
  • K0091 – Knowledge of systems testing and evaluation methods.
  • K0093 – Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
  • K0101 – Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • K0102 – Knowledge of the systems engineering process.
  • K0126 – Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161).
  • K0163 – Knowledge of critical information technology (IT) procurement requirements.
  • K0164 – Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
  • K0168 – Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
  • K0169 – Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0170 – Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0180 – Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0200 – Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • K0267 – Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • K0287 – Knowledge of an organization’s information classification program and procedures for information compromise.
  • K0325 – Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
  • K0332 – Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333 – Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0622 – Knowledge of controls related to the use, processing, storage, and transmission of data.

ID & Description

  • S0005 – Skill in applying and incorporating information technologies into proposed solutions.
  • S0006 – Skill in applying confidentiality, integrity, and availability principles.
  • S0008 – Skill in applying organization-specific systems analysis principles and techniques.
  • S0010 – Skill in conducting capabilities and requirements analysis.
  • S0050 – Skill in design modeling and building use cases (e.g., unified modeling language).
  • S0134 – Skill in conducting reviews of systems.
  • S0367 – Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

ID & Description

  • A0064 – Ability to interpret and translate customer requirements into operational capabilities.
  • A0123 – Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0170 – Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.

ID & Description

  • T0033 – Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications.
  • T0039 – Consult with customers to evaluate functional requirements.
  • T0045 – Coordinate with systems architects and developers, as needed, to provide oversight in the development of design solutions.
  • T0052 – Define project scope and objectives based on customer requirements.
  • T0062 – Develop and document requirements, capabilities, and constraints for design procedures and processes.
  • T0127 – Integrate and align information security and/or cybersecurity policies to ensure that system analysis meets security requirements.
  • T0156 – Oversee and make recommendations regarding configuration management.
  • T0174 – Perform needs analysis to determine opportunities for new and improved business process solutions.
  • T0191 – Prepare use cases to justify the need for specific information technology (IT) solutions.
  • T0235 – Translate functional requirements into technical solutions.
  • T0273 – Develop and document supply chain risks for critical system elements, as appropriate.
  • T0300 – Develop and document User Experience (UX) requirements including information architecture and user interface requirements.
  • T0313 – Design and document quality standards.
  • T0325 – Document a system’s purpose and preliminary system security concept of operations.
  • T0334 – Ensure that all systems components can be integrated and aligned (e.g., procedures, databases, policies, software, and hardware).
  • T0454 – Define baseline security requirements in accordance with applicable guidelines.
  • T0463 – Develop cost estimates for new or modified system(s).
  • T0497 – Manage the information technology (IT) planning process to ensure that developed solutions meet customer requirements.
Knowledge

ID & Description

  • K0001 – Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 – Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 – Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 – Knowledge of cybersecurity and privacy principles.
  • K0005 – Knowledge of cyber threats and vulnerabilities.
  • K0006 – Knowledge of specific operational impacts of cybersecurity lapses.
  • K0008 – Knowledge of applicable business processes and operations of customer organizations.
  • K0012 – Knowledge of capabilities and requirements analysis.
  • K0018 – Knowledge of encryption algorithms.
  • K0019 – Knowledge of cryptography and cryptographic key management concepts.
  • K0032 – Knowledge of resiliency and redundancy.
  • K0035 – Knowledge of installation, integration, and optimization of system components.
  • K0038 – Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0043 – Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0044 – Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0045 – Knowledge of information security systems engineering principles (NIST SP 800-160).
  • K0047 – Knowledge of information technology (IT) architectural concepts and frameworks.
  • K0055 – Knowledge of microprocessors.
  • K0056 – Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0059 – Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0060 – Knowledge of operating systems.
  • K0061 – Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0063 – Knowledge of parallel and distributed computing concepts.
  • K0066 – Knowledge of Privacy Impact Assessments.
  • K0067 – Knowledge of process engineering concepts.
  • K0073 – Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
  • K0074 – Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • K0086 – Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.
  • K0087 – Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0090 – Knowledge of system life cycle management principles, including software security and usability.
  • K0091 – Knowledge of systems testing and evaluation methods.
  • K0093 – Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
  • K0101 – Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • K0102 – Knowledge of the systems engineering process.
  • K0126 – Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161).
  • K0163 – Knowledge of critical information technology (IT) procurement requirements.
  • K0164 – Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
  • K0168 – Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
  • K0169 – Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0170 – Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0180 – Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0200 – Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • K0267 – Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • K0287 – Knowledge of an organization’s information classification program and procedures for information compromise.
  • K0325 – Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
  • K0332 – Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333 – Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0622 – Knowledge of controls related to the use, processing, storage, and transmission of data.
Skills

ID & Description

  • S0005 – Skill in applying and incorporating information technologies into proposed solutions.
  • S0006 – Skill in applying confidentiality, integrity, and availability principles.
  • S0008 – Skill in applying organization-specific systems analysis principles and techniques.
  • S0010 – Skill in conducting capabilities and requirements analysis.
  • S0050 – Skill in design modeling and building use cases (e.g., unified modeling language).
  • S0134 – Skill in conducting reviews of systems.
  • S0367 – Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Abilities

ID & Description

  • A0064 – Ability to interpret and translate customer requirements into operational capabilities.
  • A0123 – Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0170 – Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Tasks

ID & Description

  • T0033 – Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications.
  • T0039 – Consult with customers to evaluate functional requirements.
  • T0045 – Coordinate with systems architects and developers, as needed, to provide oversight in the development of design solutions.
  • T0052 – Define project scope and objectives based on customer requirements.
  • T0062 – Develop and document requirements, capabilities, and constraints for design procedures and processes.
  • T0127 – Integrate and align information security and/or cybersecurity policies to ensure that system analysis meets security requirements.
  • T0156 – Oversee and make recommendations regarding configuration management.
  • T0174 – Perform needs analysis to determine opportunities for new and improved business process solutions.
  • T0191 – Prepare use cases to justify the need for specific information technology (IT) solutions.
  • T0235 – Translate functional requirements into technical solutions.
  • T0273 – Develop and document supply chain risks for critical system elements, as appropriate.
  • T0300 – Develop and document User Experience (UX) requirements including information architecture and user interface requirements.
  • T0313 – Design and document quality standards.
  • T0325 – Document a system’s purpose and preliminary system security concept of operations.
  • T0334 – Ensure that all systems components can be integrated and aligned (e.g., procedures, databases, policies, software, and hardware).
  • T0454 – Define baseline security requirements in accordance with applicable guidelines.
  • T0463 – Develop cost estimates for new or modified system(s).
  • T0497 – Manage the information technology (IT) planning process to ensure that developed solutions meet customer requirements.
Menu