•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Operating Systems Administration

Topics

  1. Host (Workstation/Server) Intrusion Detection
  2. OS Installation
  3. User accounts management (Access controls, Password Policies, Authentications Methods, Group Policies)
  4. Command Line Interfaces
  5. Updates and patches
  6. Managing System Services
  7. Virtualization
  8. File System Security
  9. Network Configuration (port security)
  10. Security Policy Development

Outcomes

  1. Performing back-ups and restoring the system from a backup.
  2. Review security logs.
  3. OS Installation
  4. User accounts management (Access controls, Password Policies, Authentications Methods, Group Policies)
  5. Command Line Interfaces
  6. Configuration Management
  7. Updates and patches
  8. Event Logging and Auditing (for performance and security)
  9. Managing System Services
  10. Virtualization
  11. Backup and Restoring Data
  12. File System Security
  13. Network Configuration (port security)
  14. Host (Workstation/Server) Intrusion Detection
  15. Security Policy Development

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0046 Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
K0060 Knowledge of operating systems.
K0065 Knowledge of policy-based and risk adaptive access controls.
K0076 Knowledge of server administration and systems engineering theories, concepts, and methods.
K0077 Knowledge of server and client operating systems.
K0224 Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.
K0608 Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).
K0397 Knowledge of security concepts in operating systems (e.g., Linux, Unix.)
K0035 Knowledge of installation, integration, and optimization of system components.
K0088 Knowledge of systems administration concepts.
K0158 Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).
K0056 Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
K0284 Knowledge of developing and applying user credential management system.
K0007 Knowledge of authentication, authorization, and access control methods.
K0033 Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
K0336 Knowledge of access authentication methods.
K0318 Knowledge of operating system command-line tools.
K0129 Knowledge of command-line tools (e.g., mkdir, mv, ls, passwd, grep).
K0452 Knowledge of implementing Unix and Windows systems that provide radius authentication and logging, DNS, mail, web service, FTP server, DHCP, firewall, and SNMP.
K0167 Knowledge of system administration, network, and operating system hardening techniques.
K0122 Knowledge of investigative implications of hardware, Operating Systems, and network technologies.
K0117 Knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]).
K0192 Knowledge of Windows/Unix ports and services.
K0073 Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
ID DESCRIPTION
S0076 Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
S0275 Skill in server administration.
S0043 Skill in maintaining directory services. (e.g., Microsoft Active Directory, LDAP, etc.).
S0267 Skill in remote command line and Graphic User Interface (GUI) tool usage.
S0038 Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
ID DESCRIPTION
A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
A0058 Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).
ID DESCRIPTION