K0001 Knowledge of computer networking concepts and protocols, and network security methodologies.
K0002 Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
K0004 Knowledge of cybersecurity and privacy principles.
K0021 Knowledge of data backup and recovery.
Required Skills
S0018 Skill in creating policies that reflect system security objectives.
S0086 Skill in evaluating the trustworthiness of the supplier and/or product.
S0138 Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
Required Abilities
A0128 Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
A0161 Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).