Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

Systems Requirements Planner

Home NICE Framework Cybersecurity Work Roles Systems Requirements Planner
NICE Work Role Description:
Designs, develops, tests, and evaluates information systems throughout the systems development life cycle.
*Read our disclaimer
Disclaimer
Each certification is mapped to the NICE Framework, which organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks.  These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas.   Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.

Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps.  The CCE® Program does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.

NICE Framework Category
CCE® Concentration Area:
Securely Provision (SP)
NICE Specialty Area:
Systems Requirements Planning (SRP)
NICE Work Role ID:
SP-SRP-001
OPM Code | DCWF Code:
641
School of Cybersecurity Training
School of Cybersecurity Training
Cloud Security and FedRAMP (PR108)
Cloud Security and FedRAMP - SP (PR108-SP)
Cloud Security Fundamentals (PR109)
Healthcare Security & Privacy for IT Professionals (OV105)
HIPAA / HITECH Compliance (OV110)
HIPAA / HITECH Compliance - WBT (OV010-WBT)
Implementing and Securing Your Virtual Environment (OM112)
Implementing and Securing Your Virtual Environment - WBT (OM012-WBT)
Privacy for IT/ISS Professionals (OV231)
Privacy for IT/ISS Professionals - SP (OV231-SP)
System Administration and Development (OM267)
Systems Requirements Planner (SP303-RBT)
CCE® Program
Certified Expert Acquisition Professional (CEAP)®

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.

ID & Description

  • K0001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0008 - Knowledge of applicable business processes and operations of customer organizations.
  • K0012 - Knowledge of capabilities and requirements analysis.
  • K0018 - Knowledge of encryption algorithms.
  • K0019 - Knowledge of cryptography and cryptographic key management concepts.
  • K0032 - Knowledge of resiliency and redundancy.
  • K0035 - Knowledge of installation, integration, and optimization of system components.
  • K0038 - Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0043 - Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0044 - Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0045 - Knowledge of information security systems engineering principles (NIST SP 800-160).
  • K0047 - Knowledge of information technology (IT) architectural concepts and frameworks.
  • K0055 - Knowledge of microprocessors.
  • K0056 - Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0059 - Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0060 - Knowledge of operating systems.
  • K0061 - Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0063 - Knowledge of parallel and distributed computing concepts.
  • K0066 - Knowledge of Privacy Impact Assessments.
  • K0067 - Knowledge of process engineering concepts.
  • K0073 - Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
  • K0074 - Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • K0086 - Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.
  • K0087 - Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0090 - Knowledge of system life cycle management principles, including software security and usability.
  • K0091 - Knowledge of systems testing and evaluation methods.
  • K0093 - Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
  • K0101 - Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • K0102 - Knowledge of the systems engineering process.
  • K0126 - Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161).
  • K0163 - Knowledge of critical information technology (IT) procurement requirements.
  • K0164 - Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
  • K0168 - Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
  • K0169 - Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0170 - Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0180 - Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0200 - Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • K0267 - Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • K0287 - Knowledge of an organization’s information classification program and procedures for information compromise.
  • K0325 - Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
  • K0332 - Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333 - Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0622 - Knowledge of controls related to the use, processing, storage, and transmission of data.

ID & Description

  • S0005 - Skill in applying and incorporating information technologies into proposed solutions.
  • S0006 - Skill in applying confidentiality, integrity, and availability principles.
  • S0008 - Skill in applying organization-specific systems analysis principles and techniques.
  • S0010 - Skill in conducting capabilities and requirements analysis.
  • S0050 - Skill in design modeling and building use cases (e.g., unified modeling language).
  • S0134 - Skill in conducting reviews of systems.
  • S0367 - Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

ID & Description

  • A0064 - Ability to interpret and translate customer requirements into operational capabilities.
  • A0123 - Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0170 - Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.

ID & Description

  • T0033 - Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications.
  • T0039 - Consult with customers to evaluate functional requirements.
  • T0045 - Coordinate with systems architects and developers, as needed, to provide oversight in the development of design solutions.
  • T0052 - Define project scope and objectives based on customer requirements.
  • T0062 - Develop and document requirements, capabilities, and constraints for design procedures and processes.
  • T0127 - Integrate and align information security and/or cybersecurity policies to ensure that system analysis meets security requirements.
  • T0156 - Oversee and make recommendations regarding configuration management.
  • T0174 - Perform needs analysis to determine opportunities for new and improved business process solutions.
  • T0191 - Prepare use cases to justify the need for specific information technology (IT) solutions.
  • T0235 - Translate functional requirements into technical solutions.
  • T0273 - Develop and document supply chain risks for critical system elements, as appropriate.
  • T0300 - Develop and document User Experience (UX) requirements including information architecture and user interface requirements.
  • T0313 - Design and document quality standards.
  • T0325 - Document a system’s purpose and preliminary system security concept of operations.
  • T0334 - Ensure that all systems components can be integrated and aligned (e.g., procedures, databases, policies, software, and hardware).
  • T0454 - Define baseline security requirements in accordance with applicable guidelines.
  • T0463 - Develop cost estimates for new or modified system(s).
  • T0497 - Manage the information technology (IT) planning process to ensure that developed solutions meet customer requirements.
Knowledge

ID & Description

  • K0001 - Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002 - Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 - Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 - Knowledge of cybersecurity and privacy principles.
  • K0005 - Knowledge of cyber threats and vulnerabilities.
  • K0006 - Knowledge of specific operational impacts of cybersecurity lapses.
  • K0008 - Knowledge of applicable business processes and operations of customer organizations.
  • K0012 - Knowledge of capabilities and requirements analysis.
  • K0018 - Knowledge of encryption algorithms.
  • K0019 - Knowledge of cryptography and cryptographic key management concepts.
  • K0032 - Knowledge of resiliency and redundancy.
  • K0035 - Knowledge of installation, integration, and optimization of system components.
  • K0038 - Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0043 - Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0044 - Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0045 - Knowledge of information security systems engineering principles (NIST SP 800-160).
  • K0047 - Knowledge of information technology (IT) architectural concepts and frameworks.
  • K0055 - Knowledge of microprocessors.
  • K0056 - Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0059 - Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0060 - Knowledge of operating systems.
  • K0061 - Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0063 - Knowledge of parallel and distributed computing concepts.
  • K0066 - Knowledge of Privacy Impact Assessments.
  • K0067 - Knowledge of process engineering concepts.
  • K0073 - Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
  • K0074 - Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • K0086 - Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools.
  • K0087 - Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0090 - Knowledge of system life cycle management principles, including software security and usability.
  • K0091 - Knowledge of systems testing and evaluation methods.
  • K0093 - Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
  • K0101 - Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • K0102 - Knowledge of the systems engineering process.
  • K0126 - Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161).
  • K0163 - Knowledge of critical information technology (IT) procurement requirements.
  • K0164 - Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
  • K0168 - Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
  • K0169 - Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0170 - Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0180 - Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0200 - Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • K0267 - Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • K0287 - Knowledge of an organization’s information classification program and procedures for information compromise.
  • K0325 - Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression).
  • K0332 - Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333 - Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0622 - Knowledge of controls related to the use, processing, storage, and transmission of data.
Skills

ID & Description

  • S0005 - Skill in applying and incorporating information technologies into proposed solutions.
  • S0006 - Skill in applying confidentiality, integrity, and availability principles.
  • S0008 - Skill in applying organization-specific systems analysis principles and techniques.
  • S0010 - Skill in conducting capabilities and requirements analysis.
  • S0050 - Skill in design modeling and building use cases (e.g., unified modeling language).
  • S0134 - Skill in conducting reviews of systems.
  • S0367 - Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Abilities

ID & Description

  • A0064 - Ability to interpret and translate customer requirements into operational capabilities.
  • A0123 - Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0170 - Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Tasks

ID & Description

  • T0033 - Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications.
  • T0039 - Consult with customers to evaluate functional requirements.
  • T0045 - Coordinate with systems architects and developers, as needed, to provide oversight in the development of design solutions.
  • T0052 - Define project scope and objectives based on customer requirements.
  • T0062 - Develop and document requirements, capabilities, and constraints for design procedures and processes.
  • T0127 - Integrate and align information security and/or cybersecurity policies to ensure that system analysis meets security requirements.
  • T0156 - Oversee and make recommendations regarding configuration management.
  • T0174 - Perform needs analysis to determine opportunities for new and improved business process solutions.
  • T0191 - Prepare use cases to justify the need for specific information technology (IT) solutions.
  • T0235 - Translate functional requirements into technical solutions.
  • T0273 - Develop and document supply chain risks for critical system elements, as appropriate.
  • T0300 - Develop and document User Experience (UX) requirements including information architecture and user interface requirements.
  • T0313 - Design and document quality standards.
  • T0325 - Document a system’s purpose and preliminary system security concept of operations.
  • T0334 - Ensure that all systems components can be integrated and aligned (e.g., procedures, databases, policies, software, and hardware).
  • T0454 - Define baseline security requirements in accordance with applicable guidelines.
  • T0463 - Develop cost estimates for new or modified system(s).
  • T0497 - Manage the information technology (IT) planning process to ensure that developed solutions meet customer requirements.
Menu