| K001 |
Knowledge of computer networking concepts and protocols, and network security methodologies. |
| K0002 |
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). |
| K0003 |
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. |
| K0004 |
Knowledge of cybersecurity and privacy principles. |
| K0005 |
Knowledge of cyber threats and vulnerabilities. |
| K0006 |
Knowledge of specific operational impacts of cybersecurity lapses. |
| K0007 |
Knowledge of authentication, authorization, and access control methods. |
| K0021 |
Knowledge of data backup and recovery. |
| K0033 |
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). |
| K0042 |
Knowledge of incident response and handling methodologies. |
| K0044 |
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
| K0053 |
Knowledge of measures or indicators of system performance and availability. |
| K0054 |
Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities. |
| K0058 |
Knowledge of network traffic analysis methods. |
| K0059 |
Knowledge of new and emerging information technology (IT) and cybersecurity technologies. |
| K0061 |
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). |
| K0062 |
Knowledge of packet-level analysis. |
| K0077 |
Knowledge of server and client operating systems. |
| K0079 |
Knowledge of software debugging principles. |
| K0104 |
Knowledge of Virtual Private Network (VPN) security. |
| K0106 |
Knowledge of what constitutes a network attack and a network attack??s relationship to both threats and vulnerabilities. |
| K0121 |
Knowledge of information security program management and project management principles and techniques. |
| K0123 |
Knowledge of legal governance related to admissibility (e.g. Rules of Evidence). |
| K0124 |
Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain. |
| K0135 |
Knowledge of web filtering technologies. |
| K0157 |
Knowledge of cyber defense and information security policies, procedures, and regulations. |
| K0179 |
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). |
| K0205 |
Knowledge of basic system, network, and OS hardening techniques. |
| K0258 |
Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)). |
| K0274 |
Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. |
| K0324 |
Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. |
| K0332 |
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. |
| K0334 |
Knowledge of network traffic analysis (tools, methodologies, processes). |
| K0367 |
Knowledge of penetration testing. |
