K001 |
Knowledge of computer networking concepts and protocols, and network security methodologies. |
K0002 |
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
K0003 |
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
K0004 |
Knowledge of cybersecurity and privacy principles. |
K0005 |
Knowledge of cyber threats and vulnerabilities. |
K0006 |
Knowledge of specific operational impacts of cybersecurity lapses. |
K0043 |
Knowledge of industry-standard and organizationally accepted analysis principles and methods. |
K0047 |
Knowledge of information technology (IT) architectural concepts and frameworks. |
K0048 |
Knowledge of Risk Management Framework (RMF) requirements. |
K0072 |
Knowledge of resource management principles and techniques. |
K0090 |
Knowledge of system life cycle management principles, including software security and usability. |
K0120 |
Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise. |
K0126 |
Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161) |
K0148 |
Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk. |
K0154 |
Knowledge of supply chain risk management standards, processes, and practices. |
K0165 |
Knowledge of risk/threat assessment. |
K0169 |
Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. |
K0198 |
Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions). |
K0200 |
Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]). |
K0235 |
Knowledge of how to leverage research and development centers, think tanks, academic research, and industry systems. |
K0257 |
Knowledge of information technology (IT) acquisition/procurement requirements. |
K0270 |
Knowledge of the acquisition/procurement life cycle process. |