K0005 |
Knowledge of cyber threats and vulnerabilities. |
K0259 |
Knowledge of malware analysis concepts and methodologies. |
K0162 |
Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). |
K0612 |
Knowledge of what constitutes a ??threat?? to a network. |
K0392 |
Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.). |
K0408 |
Knowledge of cyber actions (i.e. cyber defense, information gathering, environment preparation, cyber-attack) principles, capabilities, limitations, and effects. |
K0436 |
Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects. |
K0073 |
Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org). |
K0527 |
Knowledge of risk management and mitigation strategies. |
K0149 |
Knowledge of organization's risk tolerance and/or risk management approach. |
K0210 |
Knowledge of data backup and restoration concepts. |
K0165 |
Knowledge of risk/threat assessment. |
K0263 |
Knowledge of information technology (IT) risk management policies, requirements, and procedures. |
K0009 |
Knowledge of application vulnerabilities. |
K0021 |
Knowledge of data backup and recovery. |
K0287 |
Knowledge of an organization's information classification program and procedures for information compromise. |
K0042 |
Knowledge of incident response and handling methodologies. |
K0121 |
Knowledge of information security program management and project management principles and techniques. |
K0002 |
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
K0003 |
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
K0161 |
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). |
K0065 |
Knowledge of policy-based and risk adaptive access controls. |
K0004 |
Knowledge of cybersecurity and privacy principles. |
K0285 |
Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption. |
K0056 |
Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). |
K0019 |
Knowledge of cryptography and cryptographic key management concepts |
K0336 |
Knowledge of access authentication methods. |
K0622 |
Knowledge of controls related to the use, processing, storage, and transmission of data. |
K0203 |
Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model). |
K0240 |
Knowledge of multi-level security systems and cross domain solutions. |
K0033 |
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). |
K0007 |
Knowledge of authentication, authorization, and access control methods. |
K0044 |
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
K0295 |
Knowledge of confidentiality, integrity, and availability principles. |
K0211 |
Knowledge of confidentiality, integrity, and availability requirements. |
K0299 |
Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. |
K0105 |
Knowledge of web services (e.g., service-oriented architecture, Simple Object Access Protocol, and web service description language). |
K0070 |
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). |
K0089 |
Knowledge of systems diagnostic tools and fault identification techniques. |
K0143 |
Knowledge of front-end collection systems, including traffic collection, filtering, and selection. |
K0297 |
Knowledge of countermeasure design for identified security risks. |
K0059 |
Knowledge of new and emerging information technology (IT) and cybersecurity technologies. |
K0474 |
Knowledge of key cyber threat actors and their equities. |
K0480 |
Knowledge of malware. |