Network Security Administration
The intent of the Network Security Administration Knowledge Unit is to provide students with the knowledge to administer and maintain a comprehensive enterprise security infrastructure.
Topics
- Incident response processes and management.
- Issue evaluation, response, and management.
- Coverage of mapping of business objectives to technology objectives and solutions.
- Experience with a variety of network and systems monitoring tools.
- Maintenance windows and management.
- Applying network security policies.
- Incident identification.
- Deployment/upgrade processes.
- Monitor systems for anomalies, proper updating, and patching.
- Broad coverage of different security solutions and product categories and features.
- Discussion of information security issues and conflicts between potential solutions.
- User acceptance testing.
- Outline of cyber security best practices.
- Describe and explain risk posture, risk appetite.
- Blackout plans.
Outcomes
- Analyze problems, recommend solutions, products, and technologies to meet business objectives.
- Recommend best security practices to achieve stated business objectives based on risk assumptions.
- Actively protect information technology assets and infrastructure from external and internal threats.
- Monitor systems for anomalies, proper updating, and patching.
- Assist in incident responses for any breaches, intrusions, or theft.
- Evaluate and perform planning, testing, and implementation of software and hardware deployed.
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
| ID |
DESCRIPTION |
| K0042 |
Knowledge of incident response and handling methodologies. |
| K0287 |
Knowledge of an organization's information classification program and procedures for information compromise. |
| K0091 |
Knowledge of systems testing and evaluation methods. |
| K0028 |
Knowledge of organization's evaluation and validation requirements. |
| K0146 |
Knowledge of the organization's core business/mission processes. |
| K0300 |
Knowledge of network mapping and recreating network topologies. |
| K0180 |
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools. |
| K0135 |
Knowledge of web filtering technologies. |
| K00013 |
Knowledge of cyber defense and vulnerability assessment tools and their capabilities. |
| K0103 |
Knowledge of the type and frequency of routine hardware maintenance. |
| K0158 |
Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control). |
| K0289 |
Knowledge of system/server diagnostic tools and fault identification techniques. |
| K0455 |
Knowledge of information security concepts, facilitating technologies and methods. |
| ID |
DESCRIPTION |
| S0054 |
Skill in using incident handling methodologies. |
| S0012 |
Skill in conducting knowledge mapping (e.g., map of knowledge repositories). |
| S0304 |
Skill to access information on current assets available, usage. |
| S0143 |
Skill in conducting system/server planning, management, and maintenance. |
| S0154 |
Skill in installing system and component upgrades. (i.e., servers, appliances, network devices). |
| S0124 |
Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. |
| ID |
DESCRIPTION |
| A0048 |
Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
| A0046 |
Ability to monitor and assess the potential impact of emerging technologies on laws, regulations, and/or policies. |
| A0047 |
Ability to develop secure software according to secure software deployment methodologies, tools, and practices. |
