K001 |
Knowledge of computer networking concepts and protocols, and network security methodologies. |
K0002 |
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
K0003 |
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
K0004 |
Knowledge of cybersecurity and privacy principles. |
K0005 |
Knowledge of cyber threats and vulnerabilities. |
K0006 |
Knowledge of specific operational impacts of cybersecurity lapses. |
K0009 |
Knowledge of application vulnerabilities. |
K0019 |
Knowledge of cryptography and cryptographic key management concepts |
K0059 |
Knowledge of new and emerging information technology (IT) and cybersecurity technologies. |
K0090 |
Knowledge of system life cycle management principles, including software security and usability. |
K0126 |
Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161) |
K0169 |
Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. |
K0170 |
Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations. |
K0171 |
Knowledge of hardware reverse engineering techniques. |
K0172 |
Knowledge of middleware (e.g., enterprise service bus and message queuing). |
K0174 |
Knowledge of networking protocols. |
K0175 |
Knowledge of software reverse engineering techniques. |
K0176 |
Knowledge of Extensible Markup Language (XML) schemas. |
K0179 |
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
K0202 |
Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing). |
K0209 |
Knowledge of covert communication techniques. |
K0267 |
Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. |
K0268 |
Knowledge of forensic footprint identification. |
K0269 |
Knowledge of mobile communications architecture. |
K0271 |
Knowledge of operating system structures and internals (e.g., process management, directory structure, installed applications). |
K0272 |
Knowledge of network analysis tools used to identify software communications vulnerabilities. |
K0288 |
Knowledge of industry standard security models. |
K0296 |
Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware. |
K0310 |
Knowledge of hacking methodologies. |
K0314 |
Knowledge of industry technologies?? potential cybersecurity vulnerabilities. |
K0321 |
Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software. |
K0342 |
Knowledge of penetration testing principles, tools, and techniques. |
K0499 |
Knowledge of operations security. |