Basic Cyber Operations
The intent of the Basic Cyber Operations Knowledge Unit is to provide students with an understanding of the authorities, roles and steps associated with cyber operations.
Topics
- Legal Authorities and Ethics
- Stages of a Cyber Operation (and details of each phase)
a. Target Identification
b. Reconnaissance
c. Gaining Access
d. Hiding Presence
e. Establishing Persistence
f. Execution
g. Assessment
- Stages of a Cyber Operation (and details of each phase) g. Assessment
- Stages of a Cyber Operation (and details of each phase)
- Target Identification
- Reconnaissance o Gaining Access o Hiding Presence
- Establishing Persistence
- Execution
- Assessment
- Basic Process Modeling
- Validating Procedures
- Handling failures to follow procedures
- Case studies of actual cyber operations
Outcomes
- Describe the laws that provide US entities the authority to perform cyber operations.
- List the phases of a well-organized cyber operation and describe the goals and objectives of each phase.
- Identify specific phases of a cyber operation in network traffic.
- Describe potential motivations that might prompt an entity to perform a cyber operation.
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
ID |
DESCRIPTION |
K0585 |
Knowledge of the organizational structure as it pertains to full spectrum cyber operations, including the functions, responsibilities, and interrelationships among distinct internal elements. |
K0003 |
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
K0013 |
Knowledge of cyber defense and vulnerability assessment tools and their capabilities. |
K0177 |
Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). |
K0234 |
Knowledge of full spectrum cyber capabilities (e.g., defense, attack, exploitation). |
ID |
DESCRIPTION |
S0312 |
Skill to apply the process used to assess the performance and impact of cyber operations. |
S0209 |
Skill in developing and executing comprehensive cyber operations assessment programs for assessing and validating operational performance characteristics. |
S0293 |
Skill in using tools, techniques, and procedures to remotely exploit and establish persistence on a target. |
ID |
DESCRIPTION |
A0154 |
Ability to conduct a comprehensive assessment of the management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine the effectiveness of the controls (i.e., the extent to which the security controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). |