the learning centergov.nv.gov/uploadedfiles/govnvgov/content/owinn/... · 2018-05-09 · a guide....

2018 TLC INJ Standards of Apprenticeship

The Learning Center

A2 – Cybersecurity Support Technician

O-NET Code: 15-1152.00 RAPIDS Code: 2050CB

Competency-based Apprenticeship Program

Form 5910 – Application for Approval On-the-Job

Training & Apprenticeship

Nevada State Apprenticeship Council Program

Description

Apprenticeship OJT and Related Technical

Instruction (RTI) Information Check List

NSAC Checklist

Appendix A2 – Work Process Schedule & RTI Outline

FORM 5910

STATE OF NEVADA

Nevada State Apprenticeship Council

APPLICATION FOR APPROVAL ON THE JOB TRAINING & APPRENTICESHIP

Program Name Program #

Address City State/Zip Telephone

Contact Person Title Type of Program: Sic Code

EIN # Email Address:

Type of Action: (Check One)

A. Wage Increase

B. Revision of Standards

C. New Occupation

D. New Program

Type of Program: (Check One)

A. Individual Union

B. Individual Non Union

C. Group Union

D. Group Non Union

E. If Union Bargaining Unit

Journey Workers (JW)

A. No. JW

B. No. of Employers

Pay Period (Circle One)

Weekly

Bi-Weekly

Semi Monthly

Pay Increases (Months)

3 6 12 Other

TRADE INFORMATION

Occupation (use separate form for

each occupation)

Term (OJT

hours)

RTI

(Classroom

hours)

# Of Journey

workers

# Of

Apprentices in

Training

Journey

worker Hourly

Rate

Days per

Week

HOURLY APPRENTICE WAGES BY PERIOD (Excluding Benefits) Top Line Dollar Amounts Bottom Line Percentages

Occupation 1ST 2ND 3RD 4TH 5TH 6TH 7TH 8TH 9TH 10TH

$ $ $ $ $ $ $ $ $ $

% % % % % % % % % %

Date Signature of Program Coordinator

DO NOT WRITE BELOW THIS LINE

Approved:

Disapproved: Secretary Director of Apprenticeship Date

Competency-basedLinda Montgomery President

The Learning Center, Inc.- Cybersecurity Support Technician

2445 Fire Mesa, Suite 200A Las Vegas NV 89128 (702) 320-8885

[email protected]

X

10 1

X

Cybersecurity Support Technician 2,000 - 3,000 $17.00652 10 5 5

Cybersecurity Support Technician 15.00 17.0016.00

88 94 100

x

88-0267407

User 1

Typewritten Text

4/26/2018

User 1

Stamp

Nevada State Apprenticeship Council Program Description

Date: ____4/26/18____ Program Name: Cybersecurity Support Technician-CB__

Status: X_ New Program Revision (to Program #: _____________)

Sponsor’s Name: The Learning Center, Inc. ____________________________

Address: 2445 Fire Mesa Ste 200A ____________________________

City: __Las Vegas_____ County: ___Clark__ State: NV Zip: 89128______

Sponsor’s Contact Name: __Linda Montgomery, President ______________________

Telephone Number: __(702) 320-8885 ____________________ Extension:

FAX Number: ___702-212-4040__________________________________

E-MAIL: [email protected] __________________________

NAICS Code: _____611420_____________ (www.naics.com/)

EIN Number: _____88-0267407___________

Program Type: (1) X Individual Non-Joint (one company no union)(2) Individual Joint (one company with union)(4) Group Non-Joint (more than one company no union)(3) Group Joint (more than one company with union)

Name of Bargaining Agency / Union (if applicable): _______________________

CBA Waiver: Yes No

ATC: Yes X No

REMARKS:

Nevada State Apprenticeship Council Program Description

Sponsor’s Name: _The Learning Center, Inc._____________

OCCUPATION DATA (one page for each occupation)

Occupation /Trade Name: __ Cybersecurity Support Technician______________________

Occupation RAPIDS Code: ___2050CB_____ (REQUIRED)

Type: __Time-based _X__ Competency-based ___ Hybrid

Term Length (Hours): _2000-3000___ Probationary Length: __500 hours__

Total Employers: __1_____

Total Journeyworker: _10_____

Total Anticipated Apprentices: __5_____

Minimum Apprentice Starting Wage: ___$15 per hour_______

Minimum Journeyworker Starting Wage: ___$17 per hour____

RELATED TECHNICAL INSTRUCTION

Instruction Method: X Classroom X Shop Online / Correspondence

Instruction Provider: Vocational Education Community College X Sponsor X Other (Employer)

Wages Paid During RTI after Hours?: Yes X No

Hours Instruction Provided: During Work Hours X During Non-Work Hours

Total Length of Instruction: 652 Hours

Instruction Provided by: Sponsor Other Source X Both Sponsor & Other Source

Name/Address of RTI Provider(s):_____The Learning Center, Inc. ____________

_____ ________________________________________

______________________________________________

______________________________________________

______________________________________________

2018 TLC INJ Standards of Apprenticeship NSAC Appendix A Checklist

A2- Cybersecurity Support Tech. ONET: 15-1122 RAPIDS CODE: 2050CB

1 | P a g e

TLC Standards Placement

29 CFR, NRS 610, and NAC 610 Required Provisions

Appendix A p. 2

2) Term: A term of apprenticeship of not less than 2,000 hours of workexperience, consistent with training requirements as established by practice inthe trade. NRS 610.144 3 (b)

Type of Occupation: The term of apprenticeship, which for an individual apprentice may be measured either through the completion of the industry standard for on-the-job learning (time-based approach), the attainment of competency (competency-based approach), or a blend of the time-based and competency-based approaches (hybrid approach). 29 CFR 29.5 (b)

Appendix A p. 4

3) Work Processes: An outline of the processes in which the apprentice willreceive supervised experience and training on the job, and the allocation ofthe approximate time to be spent in each major process. NRS 610.144 3 (c)

Appendix A p. 6

4) Related Instruction: Provisions for organized, related and supplementalinstruction in technical subjects (and the costs thereof) related to the tradewith a minimum of 144 hours for each year of apprenticeship, given in a classroom or through trade, industrial or correspondence courses of equivalent value or other forms of study approved by the State Apprenticeship Council. NRS 610.144 3 (d); NAC 610.433

Appendix A p. 2

5) Wages: A progressively increasing, reasonable and profitable schedule of wagesto be paid to the apprentice consistent with the skills acquired, not less thanthat allowed by federal or state law or regulations or by a collective bargaining agreement. Employers shall pay a beginning wage for apprentices which is at least 35 percent of the rate for journeymen in the same trade, or Minimum and Reasonable and profitable wage for apprentice in construction industry. NRS 610.144 3 (e); NAC 610.480, NAC 610.485

Appendix A p. 2

6) Periodic Review and Evaluation: Provisions for a periodic review and evaluationof the apprentice’s progress in performance on the job and related instructionand the maintenance of appropriate records of such progress. NRS 610.144 3 (f)

Appendix A p. 2

7) Ratio: A numeric ratio of apprentices to journeymen consistent with propersupervision, training, safety, continuity of employment and applicable provisionsin collective bargaining agreements, in language that is specific and clear as toits application in terms of job sites, workforces, departments or plants. NRS610.144 3 (g)

ALL DOCUMENTS HAVE BEEN CHECKED FOR SPELLING, FORMATTING, GRAMMAR, (INCLUDING TABLE OF CONTENTS), ETC.

Appendix A2

WORK PROCESS SCHEDULE AND

RELATED INSTRUCTION OUTLINE

CYBERSECURITY SUPPORT TECHNICIAN

O*NET-SOC CODE: 15-1122.00 RAPIDS CODE: 2050CB

APPROVED BY OFFICE OF WORKFORCE INNOVATION FOR THE NEW NEVADA AND THE NEVADA STATE

APPRENTICESHIP COUNCIL

Erin Hasty, Nevada State Apprenticeship Director

REGISTRATION DATE: __________

REGISTRATION NUMBER: ________________

DEVELOPED IN COOPERATION WITH THE US DEPARTMENT OF LABOR, THE OFFICE OF WORKFORCE INNOVATION FOR THE NEW

NEVADA, AND THE NEVADA STATE APPRENTICESHIP COUNCIL


A - 2

Appendix A2

WORK PROCESS SCHEDULE CYBERSECURITY SUPPORT TECHNICIAN


This schedule is attached to and a part of these Standards for the above identified occupation. 1. TYPE OF OCCUPATION

Time-based Competency-based Hybrid 2. TERM OF APPRENTICESHIP

The term of the occupation shall be defined by the attainment of all competencies of the position, which would be expected and approximated to occur within 2000 to 3000 hours of OJL, supplemented by the minimum required 652 hours of related instruction. Qualifications for entering the apprenticeship would require either one year of work or related technical experience in PC hardware, software, networking, security, and installing and configuring Windows clients. This may be demonstrated through on-the-job work experience or completion of the Computer Support Specialist apprenticeship.

3. RATIO OF APPRENTICES TO JOURNEYWORKERS

The apprentice to journeyworker ratio is: 3 apprentice(s) to 1 journeyworker. 4. APPRENTICE WAGE SCHEDULE

Apprentices shall be paid a progressively increasing schedule of wages. Apprentices starting wage would be a minimum of $15.00 per hour. The minimum wage of a journeyworker is $17.00 per hour which will be paid at the completion of the apprenticeship. The minimum wage rate may be adjusted based on regional wage scales. 2-year Term Example: 1st 12 months = $15/hour 2nd 12 months = $16/hour Periodic review and evaluation of the apprentice’s on-the-job learning and related technical instruction will be conducted in alignment with the wage schedule established.

5. WORK PROCESS SCHEDULE (See attached Work Process Schedule)

The sponsor may modify the work processes to meet local needs prior to submitting these Standards to the appropriate Registration Agency for approval.

6. RELATED INSTRUCTION OUTLINE (See attached Related Instruction Outline)


A - 3

The sponsor may modify the related instruction to meet local needs prior to submitting these Standards to the appropriate Registration Agency for approval.


A - 4

Appendix A2

WORK PROCESS SCHEDULE CYBERSECURITY SUPPORT TECHNICIAN


The term of the occupation shall be defined by the attainment of all competencies, both technical and behavioral, of the position, which would be expected and approximated to occur within 2000 to 3000 hours of OJL, supplemented by a minimum of 652 hours of related technical instruction.

WORK PROCESSES – COMPETENCIES SUMMARY

JOB FUNCTION 1: Assists in developing security policies and protocols; assists in enforcing company compliance with network security policies and protocols

JOB FUNCTION 2: Provides technical support to users or customers

JOB FUNCTION 3: Installs, configures, tests, operates, maintains and manages networks and their firewalls including hardware and software that permit sharing and transmission of information

JOB FUNCTION 4: Installs, configures, troubleshoots and maintains server configurations to ensure their confidentiality, integrity and availability; also manages accounts, firewalls, configuration, patch and vulnerability management. Is responsible for access control, security configuration and administration

JOB FUNCTION 5: Configures tools and technologies to detect, mitigate and prevent potential threats

JOB FUNCTION 6: Assesses and mitigates system network, business continuity and related security risks and vulnerabilities

JOB FUNCTION 7: Reviews network utilization data to identify unusual patterns, suspicious activity or signs of potential threats

JOB FUNCTION 8: Responds to cyber intrusions and attacks and provides defensive strategies

See attached document for Work Process Detail. These work processes are intended as a guide. It is not to be followed in any particular sequence, and it is understood that some adjustments may be necessary in the hours allotted for different work experience. In all cases, the apprentice is to receive sufficient experience to make him fully competent and use good workmanship in all work processes which are part of the trade. In addition, the apprentice shall be fully instructed in safety and OSHA requirements.


A - 5

Apprenticeship Competencies – Behavioral In addition to mastering all of the essential technical competencies, an apprentice must consistently demonstrate at an acceptable level the following behavioral competencies in order to complete the apprenticeship.

Item # Behavioral Competencies

1. Participation in team discussions/meetings 2. Focus in team discussions/meetings 3. Focus during independent work 4. Openness to new ideas and change 5. Ability to deal with ambiguity by exploring, asking questions, etc. 6. Knows when to ask for help 7. Able to demonstrate effective group presentation skills 8. Able to demonstrate effective one-on-one communication skills 9. Maintains an acceptable attendance record

10. Reports to work on time 11. Completes assigned tasks on time 12. Uses appropriate language 13. Demonstrates respect for patients, co-workers and supervisors 14. Demonstrates trust, honesty and integrity 15. Requests and performs work assignments without prompting 16. Appropriately cares for personal dress, grooming and hygiene 17. Maintains a positive attitude 18. Cooperates with and assists co-workers 19. Follows instructions/directions 20. Able to work under supervision 21. Able to accept constructive feedback and criticism 22. Able to follow safety rules 23. Able to take care of equipment and work place 24. Able to keep work area neat and clean 25. Able to meet supervisor's work standards 26. Able to not let personal life interfere with work 27. Adheres to work policies/rules/regulations


A - 6

Appendix A2

RELATED INSTRUCTION OUTLINE

CYBERSECURITY SUPPORT TECHNICIAN O*NET-SOC CODE: 15-1122.00 RAPIDS CODE: 2050CB

The related instruction has been developed in cooperation with employer-partners as part of the apprenticeship. The following is a set of courses to be delivered by the Learning Center and/or as determined by the employer-partner. Related instruction –This instruction shall include, but not be limited to, at least 652 hours during the apprenticeship, as described below:

COURSE TOPIC HOURS

New Apprenticeship Orientation Session 4

CompTIA A+ Hardware Accelerated 40

Certification for CompTIA A+ Hardware Accelerated 8

CompTIA A+ Software Accelerated 40

Certification for CompTIA A+ Software Accelerated 8

Comp TIA Network + Accelerated 40

Certification for CompTIA Network + Accelerated 8

CompTIA Security + Accelerated 40

Certification for CompTIA Security + Accelerated 8

Installing and Configuring Windows 10 Client Accelerated 40

Certification for Microsoft Windows 10 Accelerated 8

CompTIA Linux+ 40

Certification for CompTIA Linux+ 8

Microsoft Certified System Administrator 120

Certification for MCSA 48

Certified Network Defender 80

Certification for Certified Network Defender 16

Certified Ethical Hacker 80

Certification for Certified Ethical Hacker 16

TOTAL HOURS 652

Apprentices completing all of the above courses will earn a certification in CompTIA Network +, CompTIA A+ Hardware, and CompTIA A+ Software. They will also earn a certification Security+, Microsoft Windows 10 Technician, Microsoft Certified System Administrator, Certified Network Defender, and Certified Ethical Hacker. Course Descriptions: Orientation Session (4 hours) In this course students will be presented with an introduction to the program, review of the


A - 7

program syllabus, and meet the TEAM that will work with them over the course of their classroom hours. The instructional and administrative staff will cover policies and procedures of the school environment and expectations. CompTIA A+ Hardware Accelerated (40 hours) In this A+ class students learn the hardware elements of the personal computer. Their studies are intended to give them a good knowledge about the PC and the skills to work as a repair technician. This class is for the person new to PC technology with no knowledge of the industry. Its slow in-depth pace brings the student from zero knowledge and skills to the ability to perform as a PC hardware technician. This course is designed for the beginner/novice and prepares the student for the CompTIA A+ 901 certification exam. Students Learn: • Prepare for the latest A+ 901 certification exam • Configure common features for Android and Apple iOS mobile operating systems • PC components • Preventative maintenance • Communicate with customers in a professional manner • Computer hardware and peripherals • Network connections • Laptop and portable computing device components CompTIA A+ - Softwares (Software) Accelerated (40 hours) In this A+ class students learn the software elements of the personal computer. Their studies are intended to give them a good knowledge about the PC and the skills to work as a repair technician. This class is for the person new to PC technology with no knowledge of the industry. Its slow in-depth pace brings the student from zero knowledge and skills to the ability to perform as a PC hardware technician. This course is designed for the beginner/novice and prepares the student for the CompTIA A+ 902 certification exam. Students Learn: • Prepare for the latest A+ 902 certification exam • Install and configure PC operating systems • Configure common features for Android and Apple iOS mobile operating systems Operating system technologies Communicate with customers in a professional manner Comp TIA Network + Accelerated (40 hours) Earning CompTIA's Network+ certification increases your value in the marketplace, providing proof of your knowledge, skills, and ability to manage, maintain, troubleshoot, install, operate, and configure basic network infrastructure. Our Network+ Novice course points you in the right direction, allowing you to demonstrate the concepts covered on the Network+ exam in a real-world, hands-on environment. You will work through several practice exams to reinforce your knowledge. You will gain essential networking skills in labs that feature networking equipment from Cisco, Linksys, Netgear, ZyXel, and others. As an added bonus you may access the practice exam on your own computer. Students must


A - 8

have completed, within the past 12 months, a CompTIA A+ course or have recent relevant pc repair experience. This course is designed for the beginner/novice and prepares the student for the CompTIA Network+ certification exam. Students learn: • Prepare for the CompTIA Network+ certification exam • Basic network theory concepts • Major communications methods • Network media and hardware components • Components of a TCP/IP network implementation • TCP/IP addressing and data delivery methods • Major services deployed on TCP/IP networks • Components of a LAN implementation • Infrastructure of a WAN implementation • Components of remote network implementation • Major issues and methods to secure systems on a network • Major issues and technologies in network security • Network security threats and attacks • Tools, methods, and techniques used in managing a network • Wiring termination including building a variety of network cables • Troubleshoot network issues CompTIA Security + Accelerated (40 hours) In this course, students will learn to proactively implement sound security protocols to mitigate security risks, quickly respond to security issues, retroactively identify where security breaches may have occurred, how to mitigate network threats and how to design a network, on-site or in the cloud, with security in mind. Students must have completed, within the past 12 months, a Network+ course or have recent relevant networking and/or network security experience. This course is designed for the beginner/novice and prepares the student for the CompTIA Security+ certification exam. Students will learn: • Cryptography • Authentication • User and role-based security • Peripheral security • Public key infrastructure • Application and messaging security • Ports and protocols • Wireless security • Remote access security • Auditing, logging, and monitoring • Vulnerability testing and monitoring • Organizational security • Business continuity


A - 9

• CompTIA Security+ objectives map • CompTIA Security+ acronyms Microsoft 20698: Installing & Configuring Windows 10 Client Accelerated (40 hours) This course provides IT professionals with the knowledge and skills required to install and configure Windows 10 desktops in a Windows Server small to medium-sized AD DS domain environment. These skills include learning how to install and customize Windows 10 operating systems and apps, configure local and remote network connectivity, and configure local and online storage. Students also will learn how to configure security in addition to how to maintain, update, and recover Windows 10. This course is intended for IT professionals who administer and support Windows 10 desktops and devices in small to medium-sized networks. The networks with which these professionals typically work are configured as AD DS domain-based environments with managed access to the Internet and cloud services. Certification for CompTIA A+ Hardware Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the A+ 901 certification exam. Certification for CompTIA A+ Software Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the A+ 902 certification exam. Certification for CompTIA Network + Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the Network+ certification exam. Certification for CompTIA Security + Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the Security+ certification exam. Certification for Microsoft Windows 10 Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the Security+ certification exam. CompTiA Linux+ (40 hours) CompTIA Linux+ validates the competencies required of an early career system administrator supporting Linux systems. This vendor-neutral certification covers multiple distributions, validating skills that help prevent platform lock-in and that promote more flexible approaches to Linux system troubleshooting. After passing the two exams required for certification, candidates will have mastered the following concepts: • System configuration • The command line interface • Scripting basics • Network settings and services


A - 10

• System security Certification for CompTIA Linux+ (8 hours) In this course, students will use test preparation tools to prepare for taking the CompTIA Linux+ certification exam. Microsoft Certified System Administrator (120 hours) This MCSA certification consists of 3 Microsoft courses. The three courses collectively cover implementing, managing, maintaining and provisioning services and infrastructure in a Windows Server 2012 environment. This course focuses on the initial implementation and configuration of core services, such as Networking, Storage, Active Directory Domain Services (AD DS), Group Policy, File and Print Services, and Hyper-V.

Course 20410: This course is intended for information technology (IT) professionals who have some knowledge and experience working with Windows operating systems and who want to acquire the skills and knowledge necessary to install and perform the initial configuration of a Windows Server 2012 or Windows Server 2012 R2 server in an existing Windows server environment.

Course 20411: This course is intended for Information Technology (IT) Professionals with hands on experience working in a Windows server 2008 or Windows Server 2012 environment who wish to acquire the skills and knowledge necessary to be able to manage and maintain the core infrastructure required for a Windows Server 2012 and Windows Server 2012 R2 environment. The key focus for students is to broaden the initial deployment of Windows Server 2012 services and infrastructure and provide the skills necessary to manage and maintain a domain based Windows Server 2012 environment, providing skills in areas such as User and Group management, Network Access and Data Security.

Course 20412: This course focuses on advanced configuration of services necessary to deploy, manage and maintain a Windows Server 2012 infrastructure, such as advanced networking services, Active Directory Domain Services (AD DS), Active Directory Rights Management Services (AD RMS), Active Directory Federation Services (AD FS), Network Load Balancing, Failover Clustering, business continuity and disaster recovery services as well as access and information provisioning and protection technologies such as Dynamic Access Control (DAC), and Web Application Proxy integration with AD FS and Workplace Join.

Certification for MCSA (48 hours) In this course, students will use test preparation tools to prepare for taking the MCSA Server certification exam. Certified Network Defender (80 hours)


A - 11

This course is intended to immerse a typical network or systems administrator in the world of hackers and cyber defense via the following domains of CND: Computer Network and Defense Network; Security Threats, Vulnerabilities, and Attacks; Network Security Controls, Protocols, and Devices; Network Security Policy Design and Implementation; Physical Security; Host Security; Secure Firewall Configuration and Management; Secure IDS Configuration and Management; Secure VPN Configuration and Management; Wireless Network Defense; Network Traffic Monitoring and Analysis; Network Risk and Vulnerability Management; Data Backup and Recovery; Network Incident Response and Management. The training and certification are recommended for operations personnel who although do not have security as their primary job function, need an understanding of cyber security core principles and practices. Certification for Certified Network Defender (16 hours) In this course, students will use test preparation tools to prepare for taking the CND certification exam. Certified Ethical Hacker (80 hours) Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). This course prepares individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The purpose of the course is to establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures; inform the public that credentialed individuals meet or exceed the minimum standards; and reinforce ethical hacking as a unique and self-regulating profession. Certification for Certified Ethical Hacker (16 hours) In this course, students will use test preparation tools to prepare for taking the CEH certification exam. .

WORK PROCESS SCHEDULE:

Cybersecurity Support Technician

ONET Code 15-1122.00

RAPIDS Code 2050CB

Job Title: Cybersecurity Support Technician

Apprenticeship Type: (competency-based, time-based, hybrid): Competency-based

Minimum Time Requirements (or time range): 2000 to 3000 hours. Qualifications for

entering the apprenticeship would require attainment of all competencies of the Computer

Support Specialist occupation.

Required Certifications: A+; Network+; Security+; MCSA: Microsoft Systems System

Administrator; Linux+; CND: Certified Network Defender; CEH: Certified Ethical Hacker

JOB FUNCTION

JOB FUNCTION 1: Assists in developing security policies and

protocols; assists in enforcing company compliance with network

security policies and protocols

NICE

Framework

Category Certification LEVEL

Competency 1a: Locates (in Intranet, employee handbook or

security protocols) organizational policies intended to maintain

security and minimize risk and explains their use Basic

Oversee and

Govern Security+

Competency 1b: Provides guidance to employees on how to access

networks, set passwords, reduce security threats and provide

defensive measures associated with searches, software downloads,

email, Internet, add-ons, software coding and transferred files Intermediate

Securely

Provision Security+

Competency 1c: Ensures that password characteristics are explained

and enforced and that updates are required and enforced based on

appropriate time intervals Basic

Securely

Provision Security+

Competency 1d: Explains company or organization's policies

regarding the storage, use and transfer of sensitive data, including

intellectual property and personally identifiable information.

Identifies data life cycle, data storage facilities, technologies and

describes business continuity risks Intermediate

Oversee and

Govern Security+

Competency 1e: Assists employees in the use of technologies that

restrict or allow for remote access to the organization's information

technology network Intermediate

Oversee and

Develop Security+

Competency 1f: Develops security compliance policies and

protocols for external services (i.e. Cloud service providers,

software services, external data centers) Advanced

Securely

provision Security+

Competency 1g: Complies with incident response and handling

methodologies

Advanced

Protect and

Defend

Security+

Competency 1h: Articulates the business need or mission of the

organization as it pertains to the use of IT systems and the storage of

sensitive data

Intermediate

Securely

Provision Security+

JOB FUNCTION 2: Provides technical support to users or

customers

LEVEL

NICE

Framework

Category Certification

Competency 2a: Manages inventory of IT resources

Basic

Operate and

Maintain A+

Competency 2b: Diagnoses and resolves customer-reported system

incidents

Intermediate Investigate

Certified

Network

Defender

Competency 2c: Installs and configures hardware, software and

peripheral equipment for system users Basic

Operate and

Maintain A+

Competency 2d: Monitors client-level computer system

performance Basic

Operate and

Maintain A+

Competency 2e: Tests computer system performance

Basic

Operate and

Maintain - A+

Competency 2f: Troubleshoots system hardware and software

Basic

Operate and

Maintain A+

Competency 2g: Administers accounts, network rights, and access

to systems and equipment

Intermediate

Operate and

Maintain MCSA

Competency 2h: Implements security measures for uses in system

and ensures that system designs incorporate security configuration

guidelines Advanced

Operate and

Maintain Security+

JOB FUNCTION 3: Installs, configures, tests, operates, maintains

and manages networks and their firewalls including hardware and

software that permit sharing and transmission of information LEVEL

NICE

Framework


Competency 3a: Collaborates with system developers and users to

assist in the selection of appropriate design solutions to ensure the

compatibility of system components Intermediate

Securely

Provision Network+

Competency 3b: Installs, replaces, configures and optimizes

network hubs, routers and switches

Intermediate

Operate and

Maintain CCNA

Competency 3c: Assists in network backup and recovery

procedures Intermediate

Operate and

Maintain MCSA

Competency 3d: Diagnoses network connectivity problems

Intermediate

Operate and

Maintain CCNA

Competency 3e: Modifies network infrastructure to serve new

purposes or improve workflow Intermediate

Operate and

Maintain CCNA

Competency 3f: Integrates new systems into existing network

architecture Intermediate

Operate and

Maintain CCNA

Competency 3g: Patches network vulnerabilities to ensure

information is safeguarded against outside parties Intermediate

Operate and

Maintain MCSA

Competency 3h: Repairs network connectivity problems

Intermediate

Operate and

Maintain CCNA

Competency 3i: Tests and maintains network infrastructure

including software and hardware devices Intermediate

Operate and

Maintain CCNA

Competency 3j: Establishes adequate access controls based on

principles of least privilege and need-to-know Intermediate

Operate and

Maintain Security+

Competency 3k: Implements security measures for users in system

and ensures that system designs incorporate security configuration

guidelines

Basic

Operate and

Maintain

Certified

Network

Defender

JOB FUNCTION 4: Installs, configures, troubleshoots and

maintains server configurations to ensure their confidentiality,

integrity and availability; also manages accounts, firewalls,

configuration, patch and vulnerability management. Is responsible

for access control, security configuration and administration LEVEL

NICE

Framework


Competency 4a: Checks system hardware availability, functionality,

integrity and efficiency

Intermediate

Operate and

Maintain MCSA

Competency 4b: Conducts functional and connectivity testing to

ensure continuing operability Intermediate

Operate and

Maintain CCNA

Competency 4c: Conducts periodic server maintenance including

cleaning (physically and electronically), disk checks, system

configuration and monitoring, data downloads, backups and testing Intermediate

Operate and

Maintain MCSA

Competency 4d: Assists in the development of group policies and

access control lists to ensure compatibility with organizational

standards, business rules and needs Intermediate

Operate and

Maintain MCSA

Competency 4e: Documents compliance with or changes to system

administration standard operating procedures

Intermediate

Operate and

Maintain Security+

Competency 4f: Installs server fixes, updates and enhancements

Intermediate

Operate and

Maintain MCSA

Competency 4g: Maintains baseline system security according to

organizational policies Intermediate

Operate and

Maintain MCSA

Competency 4h: Manages accounts, network rights and access to

systems and equipment Intermediate

Operate and

Maintain MCSA

Competency 4i: Monitors and maintains server configuration

Intermediate

Operate and

Maintain MCSA

Competency 4j: Supports network components

Intermediate

Operate and

Maintain CCNA

Competency 4k: Diagnoses faulty system/server hardware; seeks

appropriate support or assistance to perform server repairs Intermediate

Operate and

Maintain MCSA

Competency 4l: Verifies data redundancy and system recovery

procedures Intermediate

Operate and

Maintain MCSA

Competency 4m: Assists in the coordination or installation of new

or modified hardware, operating systems and other baseline software Intermediate

Operate and

Maintain MCSA

Competency 4n: Provides ongoing optimization and problem-

solving support Intermediate

Operate and

Maintain MCSA

Competency 4o: Resolves hardware/software interface and

interoperability problems Intermediate

Operate and

Maintain MCSA

Competency 4p: Establishes adequate access controls based on

principles of least privilege, role based access controls (RBAC) and

need-to-know Intermediate

Operate and

Maintain MCSA

JOB FUNCTION 5: Configures tools and technologies to detect,

mitigate and prevent potential threats

LEVEL

NICE

Framework


JOB FUNCTION 5: Configures tools and technologies to detect,

mitigate and prevent potential threats

Competency 5a: Installs and maintains cyber security detection,

monitoring and threat management software

LEVEL

Intermediate

NICE

Framework

Category

Protect and

Defend

Certification

Competency 5b: Coordinates with network administrators to

administer the updating of rules and signatures for

intrusion/detection protection systems, anti-virus and network black

and white list Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 5c: Manages IP addresses based on current threat

environment

Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 5d: Ensures application of security patches for

commercial products integrated into system design

Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency 5e: Uses computer network defense tools for continual

monitoring and analysis of system activity to identify malicious

activity

Intermediate

Protect and

Defend

Certified

Network

Defender

JOB FUNCTION 6: Assesses and mitigates system network,

business continuity and related security risks and vulnerabilities

LEVEL

NICE

Framework


Competency 6a: Applies security policies to meet security

objectives of the system Intermediate

Operate and

Maintain Security+

Competency 6b: Performs system administration to ensure current

defense applications are in place, including on Virtual Private

Network devices Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency 6c: Ensures that data back up and restoration systems

are functional and consistent with company's document retention

policy and business continuity needs Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency 6d: Identifies potential conflicts with implementation

of any computer network defense tools. Performs tool signature

testing and optimization Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency 6e: Installs, manages and updates intrusion detection

system

Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency 6f: Performs technical and non-technical risk and

vulnerability assessments of relevant technology focus areas Intermediate

Protect and

Defend Security+

Competency 6g: Conducts authorized penetration testing (Wi-Fi,

network perimeter, application security, cloud, mobile devices) and

assesses results Intermediate

Protect and

Defend

Certified

Ethical

Hacker

Competency 6h: Documents systems security operations and

maintenance activities

Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency6i: Communicates potential risks or vulnerabilities to

manager. Collaborates with others to recommend vulnerability

corrections Intermediate

Protect and

Defend

Certified

Network

Defender

Competency6j: Identifies information technology security program

implications of new technologies or technology upgrades

Intermediate

Protect and

Defend

Certified

Network

Defender

JOB FUNCTION 7: Reviews network utilization data to identify

unusual patterns, suspicious activity or signs of potential threats

LEVEL

NICE

Framework


Competency 7a: Identifies organizational trends with regard to the

security posture of systems; identifies unusual patterns or activities

Operate and

Maintain

Certified

Network

Defender Intermediate

Competency 7b: Characterizes and analyzes network traffic to

identify anomalous activity and potential threats; performs computer

network defense trend analysis and reporting Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 7c: Receives and analyzes network alerts from various

sources within the enterprise and determines possible causes of such

alerts Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 7d: Runs tests to detect real or potential threats,

viruses, malware, etc.

Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 7e: Helps perform damage assessments in the event of

an attack

Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 7f Monitors network data to identify unusual activity,

trends, unauthorized devices or other potential vulnerabilities

Intermediate

Operate and

Maintain

Certified

Network

Defender

Competency 7g: Documents and escalates incidents that may cause

immediate or long-term impact to the environment

Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 7h: Provides timely detection, identification and alerts

of possible attacks and intrusions, anomalous activities, and

distinguish these incidents and events from normal baseline

activities Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 7i: Uses network monitoring tools to capture and

analyze network traffic associated with malicious activity

Intermediate

Protect and

Defend

Certified

Network

Defender/

Certified

Ethical

Hacker

Competency 7j: Performs intrusion analysis

Intermediate Investigate

Certified

Network

Defender/

Certified

Ethical

Hacker

Competency 7k: Sets containment blockers to align with company

policy regarding computer use and web access Intermediate

Protect and

Defend Security+

JOB FUNCTION 8: Responds to cyber intrusions and attacks and

provides defensive strategies

LEVEL

NICE

Framework


Competency 8a: Assists in the development of appropriate courses

of action in response to identified anomalous network activity

Intermediate

Protect and

Defend

Certified

Network

Defender/

Certified

Ethical

Hacker

Competency 8b: Triages systems operations impact: malware,

worms, man-in-the-middle attack, denial of service, rootkits,

keystroke loggers, SQL injection and cross-site scripting Intermediate

Protect and

Defend

Certified

Ethical

Hacker

Competency 8c: Reconstructs a malicious attack or activity based

on network traffic

Intermediate

Protect and

Defend

Certified

Ethical

Hacker

Competency 8d: Monitors external data sources to maintain

currency of Computer Network Defense threat condition and

determines which security issues may have an impact on the

enterprise. Performs file signature analysis Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 8e: Performs computer network defense incident triage

to include determining scope, urgency and potential impact;

identifies the specific vulnerability; provides training

recommendations; and makes recommendations that enable

expeditious remediation Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 8f: Receives and analyzes network alerts from various

sources within the enterprise and determines possible causes of such

alerts Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 8g: Tracks and documents computer network defense

incidents from initial detection through final resolution

Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 8h: Collects intrusion artifacts and uses discovered

data to enable mitigation of potential computer network defense

(CERTIFIED NETWORK DEFENDER) incidents Intermediate

Protect and

Defend

Certified

Network

Defender

Competency 8i: Performs virus scanning on digital media

Intermediate

Protect and

Defend

Certified

Network

Defender/

Certified

Ethical

Hacker