the learning centergov.nv.gov/uploadedfiles/govnvgov/content/owinn/... · 2018-05-09 · a guide....
TRANSCRIPT
2018 TLC INJ Standards of Apprenticeship
The Learning Center
A2 – Cybersecurity Support Technician
O-NET Code: 15-1152.00 RAPIDS Code: 2050CB
Competency-based Apprenticeship Program
Form 5910 – Application for Approval On-the-Job
Training & Apprenticeship
Nevada State Apprenticeship Council Program
Description
Apprenticeship OJT and Related Technical
Instruction (RTI) Information Check List
NSAC Checklist
Appendix A2 – Work Process Schedule & RTI Outline
FORM 5910
STATE OF NEVADA
Nevada State Apprenticeship Council
APPLICATION FOR APPROVAL ON THE JOB TRAINING & APPRENTICESHIP
Program Name Program #
Address City State/Zip Telephone
Contact Person Title Type of Program: Sic Code
EIN # Email Address:
Type of Action: (Check One)
A. Wage Increase
B. Revision of Standards
C. New Occupation
D. New Program
Type of Program: (Check One)
A. Individual Union
B. Individual Non Union
C. Group Union
D. Group Non Union
E. If Union Bargaining Unit
Journey Workers (JW)
A. No. JW
B. No. of Employers
Pay Period (Circle One)
Weekly
Bi-Weekly
Semi Monthly
Pay Increases (Months)
3 6 12 Other
TRADE INFORMATION
Occupation (use separate form for
each occupation)
Term (OJT
hours)
RTI
(Classroom
hours)
# Of Journey
workers
# Of
Apprentices in
Training
Journey
worker Hourly
Rate
Days per
Week
HOURLY APPRENTICE WAGES BY PERIOD (Excluding Benefits) Top Line Dollar Amounts Bottom Line Percentages
Occupation 1ST 2ND 3RD 4TH 5TH 6TH 7TH 8TH 9TH 10TH
$ $ $ $ $ $ $ $ $ $
% % % % % % % % % %
Date Signature of Program Coordinator
DO NOT WRITE BELOW THIS LINE
Approved:
Disapproved: Secretary Director of Apprenticeship Date
Competency-basedLinda Montgomery President
The Learning Center, Inc.- Cybersecurity Support Technician
2445 Fire Mesa, Suite 200A Las Vegas NV 89128 (702) 320-8885
X
10 1
X
Cybersecurity Support Technician 2,000 - 3,000 $17.00652 10 5 5
Cybersecurity Support Technician 15.00 17.0016.00
88 94 100
x
88-0267407
Nevada State Apprenticeship Council Program Description
Date: ____4/26/18____ Program Name: Cybersecurity Support Technician-CB__
Status: X_ New Program Revision (to Program #: _____________)
Sponsor’s Name: The Learning Center, Inc. ____________________________
Address: 2445 Fire Mesa Ste 200A ____________________________
City: __Las Vegas_____ County: ___Clark__ State: NV Zip: 89128______
Sponsor’s Contact Name: __Linda Montgomery, President ______________________
Telephone Number: __(702) 320-8885 ____________________ Extension:
FAX Number: ___702-212-4040__________________________________
E-MAIL: [email protected] __________________________
NAICS Code: _____611420_____________ (www.naics.com/)
EIN Number: _____88-0267407___________
Program Type: (1) X Individual Non-Joint (one company no union)(2) Individual Joint (one company with union)(4) Group Non-Joint (more than one company no union)(3) Group Joint (more than one company with union)
Name of Bargaining Agency / Union (if applicable): _______________________
CBA Waiver: Yes No
ATC: Yes X No
REMARKS:
Nevada State Apprenticeship Council Program Description
Sponsor’s Name: _The Learning Center, Inc._____________
OCCUPATION DATA (one page for each occupation)
Occupation /Trade Name: __ Cybersecurity Support Technician______________________
Occupation RAPIDS Code: ___2050CB_____ (REQUIRED)
Type: __Time-based _X__ Competency-based ___ Hybrid
Term Length (Hours): _2000-3000___ Probationary Length: __500 hours__
Total Employers: __1_____
Total Journeyworker: _10_____
Total Anticipated Apprentices: __5_____
Minimum Apprentice Starting Wage: ___$15 per hour_______
Minimum Journeyworker Starting Wage: ___$17 per hour____
RELATED TECHNICAL INSTRUCTION
Instruction Method: X Classroom X Shop Online / Correspondence
Instruction Provider: Vocational Education Community College X Sponsor X Other (Employer)
Wages Paid During RTI after Hours?: Yes X No
Hours Instruction Provided: During Work Hours X During Non-Work Hours
Total Length of Instruction: 652 Hours
Instruction Provided by: Sponsor Other Source X Both Sponsor & Other Source
Name/Address of RTI Provider(s):_____The Learning Center, Inc. ____________
_____ ________________________________________
______________________________________________
______________________________________________
______________________________________________
2018 TLC INJ Standards of Apprenticeship NSAC Appendix A Checklist
A2- Cybersecurity Support Tech. ONET: 15-1122 RAPIDS CODE: 2050CB
1 | P a g e
TLC Standards Placement
29 CFR, NRS 610, and NAC 610 Required Provisions
Appendix A p. 2
2) Term: A term of apprenticeship of not less than 2,000 hours of workexperience, consistent with training requirements as established by practice inthe trade. NRS 610.144 3 (b)
Type of Occupation: The term of apprenticeship, which for an individual apprentice may be measured either through the completion of the industry standard for on-the-job learning (time-based approach), the attainment of competency (competency-based approach), or a blend of the time-based and competency-based approaches (hybrid approach). 29 CFR 29.5 (b)
Appendix A p. 4
3) Work Processes: An outline of the processes in which the apprentice willreceive supervised experience and training on the job, and the allocation ofthe approximate time to be spent in each major process. NRS 610.144 3 (c)
Appendix A p. 6
4) Related Instruction: Provisions for organized, related and supplementalinstruction in technical subjects (and the costs thereof) related to the tradewith a minimum of 144 hours for each year of apprenticeship, given in a classroom or through trade, industrial or correspondence courses of equivalent value or other forms of study approved by the State Apprenticeship Council. NRS 610.144 3 (d); NAC 610.433
Appendix A p. 2
5) Wages: A progressively increasing, reasonable and profitable schedule of wagesto be paid to the apprentice consistent with the skills acquired, not less thanthat allowed by federal or state law or regulations or by a collective bargaining agreement. Employers shall pay a beginning wage for apprentices which is at least 35 percent of the rate for journeymen in the same trade, or Minimum and Reasonable and profitable wage for apprentice in construction industry. NRS 610.144 3 (e); NAC 610.480, NAC 610.485
Appendix A p. 2
6) Periodic Review and Evaluation: Provisions for a periodic review and evaluationof the apprentice’s progress in performance on the job and related instructionand the maintenance of appropriate records of such progress. NRS 610.144 3 (f)
Appendix A p. 2
7) Ratio: A numeric ratio of apprentices to journeymen consistent with propersupervision, training, safety, continuity of employment and applicable provisionsin collective bargaining agreements, in language that is specific and clear as toits application in terms of job sites, workforces, departments or plants. NRS610.144 3 (g)
ALL DOCUMENTS HAVE BEEN CHECKED FOR SPELLING, FORMATTING, GRAMMAR, (INCLUDING TABLE OF CONTENTS), ETC.
Appendix A2
WORK PROCESS SCHEDULE AND
RELATED INSTRUCTION OUTLINE
CYBERSECURITY SUPPORT TECHNICIAN
O*NET-SOC CODE: 15-1122.00 RAPIDS CODE: 2050CB
APPROVED BY OFFICE OF WORKFORCE INNOVATION FOR THE NEW NEVADA AND THE NEVADA STATE
APPRENTICESHIP COUNCIL
Erin Hasty, Nevada State Apprenticeship Director
REGISTRATION DATE: __________
REGISTRATION NUMBER: ________________
DEVELOPED IN COOPERATION WITH THE US DEPARTMENT OF LABOR, THE OFFICE OF WORKFORCE INNOVATION FOR THE NEW
NEVADA, AND THE NEVADA STATE APPRENTICESHIP COUNCIL
2018 TLC INJ Standards of Apprenticeship
A - 2
Appendix A2
WORK PROCESS SCHEDULE CYBERSECURITY SUPPORT TECHNICIAN
O*NET-SOC CODE: 15-1122.00 RAPIDS CODE: 2050CB
This schedule is attached to and a part of these Standards for the above identified occupation. 1. TYPE OF OCCUPATION
Time-based Competency-based Hybrid 2. TERM OF APPRENTICESHIP
The term of the occupation shall be defined by the attainment of all competencies of the position, which would be expected and approximated to occur within 2000 to 3000 hours of OJL, supplemented by the minimum required 652 hours of related instruction. Qualifications for entering the apprenticeship would require either one year of work or related technical experience in PC hardware, software, networking, security, and installing and configuring Windows clients. This may be demonstrated through on-the-job work experience or completion of the Computer Support Specialist apprenticeship.
3. RATIO OF APPRENTICES TO JOURNEYWORKERS
The apprentice to journeyworker ratio is: 3 apprentice(s) to 1 journeyworker. 4. APPRENTICE WAGE SCHEDULE
Apprentices shall be paid a progressively increasing schedule of wages. Apprentices starting wage would be a minimum of $15.00 per hour. The minimum wage of a journeyworker is $17.00 per hour which will be paid at the completion of the apprenticeship. The minimum wage rate may be adjusted based on regional wage scales. 2-year Term Example: 1st 12 months = $15/hour 2nd 12 months = $16/hour Periodic review and evaluation of the apprentice’s on-the-job learning and related technical instruction will be conducted in alignment with the wage schedule established.
5. WORK PROCESS SCHEDULE (See attached Work Process Schedule)
The sponsor may modify the work processes to meet local needs prior to submitting these Standards to the appropriate Registration Agency for approval.
6. RELATED INSTRUCTION OUTLINE (See attached Related Instruction Outline)
2018 TLC INJ Standards of Apprenticeship
A - 3
The sponsor may modify the related instruction to meet local needs prior to submitting these Standards to the appropriate Registration Agency for approval.
2018 TLC INJ Standards of Apprenticeship
A - 4
Appendix A2
WORK PROCESS SCHEDULE CYBERSECURITY SUPPORT TECHNICIAN
O*NET-SOC CODE: 15-1122.00 RAPIDS CODE: 2050CB
The term of the occupation shall be defined by the attainment of all competencies, both technical and behavioral, of the position, which would be expected and approximated to occur within 2000 to 3000 hours of OJL, supplemented by a minimum of 652 hours of related technical instruction.
WORK PROCESSES – COMPETENCIES SUMMARY
JOB FUNCTION 1: Assists in developing security policies and protocols; assists in enforcing company compliance with network security policies and protocols
JOB FUNCTION 2: Provides technical support to users or customers
JOB FUNCTION 3: Installs, configures, tests, operates, maintains and manages networks and their firewalls including hardware and software that permit sharing and transmission of information
JOB FUNCTION 4: Installs, configures, troubleshoots and maintains server configurations to ensure their confidentiality, integrity and availability; also manages accounts, firewalls, configuration, patch and vulnerability management. Is responsible for access control, security configuration and administration
JOB FUNCTION 5: Configures tools and technologies to detect, mitigate and prevent potential threats
JOB FUNCTION 6: Assesses and mitigates system network, business continuity and related security risks and vulnerabilities
JOB FUNCTION 7: Reviews network utilization data to identify unusual patterns, suspicious activity or signs of potential threats
JOB FUNCTION 8: Responds to cyber intrusions and attacks and provides defensive strategies
See attached document for Work Process Detail. These work processes are intended as a guide. It is not to be followed in any particular sequence, and it is understood that some adjustments may be necessary in the hours allotted for different work experience. In all cases, the apprentice is to receive sufficient experience to make him fully competent and use good workmanship in all work processes which are part of the trade. In addition, the apprentice shall be fully instructed in safety and OSHA requirements.
2018 TLC INJ Standards of Apprenticeship
A - 5
Apprenticeship Competencies – Behavioral In addition to mastering all of the essential technical competencies, an apprentice must consistently demonstrate at an acceptable level the following behavioral competencies in order to complete the apprenticeship.
Item # Behavioral Competencies
1. Participation in team discussions/meetings 2. Focus in team discussions/meetings 3. Focus during independent work 4. Openness to new ideas and change 5. Ability to deal with ambiguity by exploring, asking questions, etc. 6. Knows when to ask for help 7. Able to demonstrate effective group presentation skills 8. Able to demonstrate effective one-on-one communication skills 9. Maintains an acceptable attendance record
10. Reports to work on time 11. Completes assigned tasks on time 12. Uses appropriate language 13. Demonstrates respect for patients, co-workers and supervisors 14. Demonstrates trust, honesty and integrity 15. Requests and performs work assignments without prompting 16. Appropriately cares for personal dress, grooming and hygiene 17. Maintains a positive attitude 18. Cooperates with and assists co-workers 19. Follows instructions/directions 20. Able to work under supervision 21. Able to accept constructive feedback and criticism 22. Able to follow safety rules 23. Able to take care of equipment and work place 24. Able to keep work area neat and clean 25. Able to meet supervisor's work standards 26. Able to not let personal life interfere with work 27. Adheres to work policies/rules/regulations
2018 TLC INJ Standards of Apprenticeship
A - 6
Appendix A2
RELATED INSTRUCTION OUTLINE
CYBERSECURITY SUPPORT TECHNICIAN O*NET-SOC CODE: 15-1122.00 RAPIDS CODE: 2050CB
The related instruction has been developed in cooperation with employer-partners as part of the apprenticeship. The following is a set of courses to be delivered by the Learning Center and/or as determined by the employer-partner. Related instruction –This instruction shall include, but not be limited to, at least 652 hours during the apprenticeship, as described below:
COURSE TOPIC HOURS
New Apprenticeship Orientation Session 4
CompTIA A+ Hardware Accelerated 40
Certification for CompTIA A+ Hardware Accelerated 8
CompTIA A+ Software Accelerated 40
Certification for CompTIA A+ Software Accelerated 8
Comp TIA Network + Accelerated 40
Certification for CompTIA Network + Accelerated 8
CompTIA Security + Accelerated 40
Certification for CompTIA Security + Accelerated 8
Installing and Configuring Windows 10 Client Accelerated 40
Certification for Microsoft Windows 10 Accelerated 8
CompTIA Linux+ 40
Certification for CompTIA Linux+ 8
Microsoft Certified System Administrator 120
Certification for MCSA 48
Certified Network Defender 80
Certification for Certified Network Defender 16
Certified Ethical Hacker 80
Certification for Certified Ethical Hacker 16
TOTAL HOURS 652
Apprentices completing all of the above courses will earn a certification in CompTIA Network +, CompTIA A+ Hardware, and CompTIA A+ Software. They will also earn a certification Security+, Microsoft Windows 10 Technician, Microsoft Certified System Administrator, Certified Network Defender, and Certified Ethical Hacker. Course Descriptions: Orientation Session (4 hours) In this course students will be presented with an introduction to the program, review of the
2018 TLC INJ Standards of Apprenticeship
A - 7
program syllabus, and meet the TEAM that will work with them over the course of their classroom hours. The instructional and administrative staff will cover policies and procedures of the school environment and expectations. CompTIA A+ Hardware Accelerated (40 hours) In this A+ class students learn the hardware elements of the personal computer. Their studies are intended to give them a good knowledge about the PC and the skills to work as a repair technician. This class is for the person new to PC technology with no knowledge of the industry. Its slow in-depth pace brings the student from zero knowledge and skills to the ability to perform as a PC hardware technician. This course is designed for the beginner/novice and prepares the student for the CompTIA A+ 901 certification exam. Students Learn: • Prepare for the latest A+ 901 certification exam • Configure common features for Android and Apple iOS mobile operating systems • PC components • Preventative maintenance • Communicate with customers in a professional manner • Computer hardware and peripherals • Network connections • Laptop and portable computing device components CompTIA A+ - Softwares (Software) Accelerated (40 hours) In this A+ class students learn the software elements of the personal computer. Their studies are intended to give them a good knowledge about the PC and the skills to work as a repair technician. This class is for the person new to PC technology with no knowledge of the industry. Its slow in-depth pace brings the student from zero knowledge and skills to the ability to perform as a PC hardware technician. This course is designed for the beginner/novice and prepares the student for the CompTIA A+ 902 certification exam. Students Learn: • Prepare for the latest A+ 902 certification exam • Install and configure PC operating systems • Configure common features for Android and Apple iOS mobile operating systems Operating system technologies Communicate with customers in a professional manner Comp TIA Network + Accelerated (40 hours) Earning CompTIA's Network+ certification increases your value in the marketplace, providing proof of your knowledge, skills, and ability to manage, maintain, troubleshoot, install, operate, and configure basic network infrastructure. Our Network+ Novice course points you in the right direction, allowing you to demonstrate the concepts covered on the Network+ exam in a real-world, hands-on environment. You will work through several practice exams to reinforce your knowledge. You will gain essential networking skills in labs that feature networking equipment from Cisco, Linksys, Netgear, ZyXel, and others. As an added bonus you may access the practice exam on your own computer. Students must
2018 TLC INJ Standards of Apprenticeship
A - 8
have completed, within the past 12 months, a CompTIA A+ course or have recent relevant pc repair experience. This course is designed for the beginner/novice and prepares the student for the CompTIA Network+ certification exam. Students learn: • Prepare for the CompTIA Network+ certification exam • Basic network theory concepts • Major communications methods • Network media and hardware components • Components of a TCP/IP network implementation • TCP/IP addressing and data delivery methods • Major services deployed on TCP/IP networks • Components of a LAN implementation • Infrastructure of a WAN implementation • Components of remote network implementation • Major issues and methods to secure systems on a network • Major issues and technologies in network security • Network security threats and attacks • Tools, methods, and techniques used in managing a network • Wiring termination including building a variety of network cables • Troubleshoot network issues CompTIA Security + Accelerated (40 hours) In this course, students will learn to proactively implement sound security protocols to mitigate security risks, quickly respond to security issues, retroactively identify where security breaches may have occurred, how to mitigate network threats and how to design a network, on-site or in the cloud, with security in mind. Students must have completed, within the past 12 months, a Network+ course or have recent relevant networking and/or network security experience. This course is designed for the beginner/novice and prepares the student for the CompTIA Security+ certification exam. Students will learn: • Cryptography • Authentication • User and role-based security • Peripheral security • Public key infrastructure • Application and messaging security • Ports and protocols • Wireless security • Remote access security • Auditing, logging, and monitoring • Vulnerability testing and monitoring • Organizational security • Business continuity
2018 TLC INJ Standards of Apprenticeship
A - 9
• CompTIA Security+ objectives map • CompTIA Security+ acronyms Microsoft 20698: Installing & Configuring Windows 10 Client Accelerated (40 hours) This course provides IT professionals with the knowledge and skills required to install and configure Windows 10 desktops in a Windows Server small to medium-sized AD DS domain environment. These skills include learning how to install and customize Windows 10 operating systems and apps, configure local and remote network connectivity, and configure local and online storage. Students also will learn how to configure security in addition to how to maintain, update, and recover Windows 10. This course is intended for IT professionals who administer and support Windows 10 desktops and devices in small to medium-sized networks. The networks with which these professionals typically work are configured as AD DS domain-based environments with managed access to the Internet and cloud services. Certification for CompTIA A+ Hardware Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the A+ 901 certification exam. Certification for CompTIA A+ Software Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the A+ 902 certification exam. Certification for CompTIA Network + Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the Network+ certification exam. Certification for CompTIA Security + Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the Security+ certification exam. Certification for Microsoft Windows 10 Accelerated (8 hours) In this course, students will use test preparation tools to prepare for taking the Security+ certification exam. CompTiA Linux+ (40 hours) CompTIA Linux+ validates the competencies required of an early career system administrator supporting Linux systems. This vendor-neutral certification covers multiple distributions, validating skills that help prevent platform lock-in and that promote more flexible approaches to Linux system troubleshooting. After passing the two exams required for certification, candidates will have mastered the following concepts: • System configuration • The command line interface • Scripting basics • Network settings and services
2018 TLC INJ Standards of Apprenticeship
A - 10
• System security Certification for CompTIA Linux+ (8 hours) In this course, students will use test preparation tools to prepare for taking the CompTIA Linux+ certification exam. Microsoft Certified System Administrator (120 hours) This MCSA certification consists of 3 Microsoft courses. The three courses collectively cover implementing, managing, maintaining and provisioning services and infrastructure in a Windows Server 2012 environment. This course focuses on the initial implementation and configuration of core services, such as Networking, Storage, Active Directory Domain Services (AD DS), Group Policy, File and Print Services, and Hyper-V.
Course 20410: This course is intended for information technology (IT) professionals who have some knowledge and experience working with Windows operating systems and who want to acquire the skills and knowledge necessary to install and perform the initial configuration of a Windows Server 2012 or Windows Server 2012 R2 server in an existing Windows server environment.
Course 20411: This course is intended for Information Technology (IT) Professionals with hands on experience working in a Windows server 2008 or Windows Server 2012 environment who wish to acquire the skills and knowledge necessary to be able to manage and maintain the core infrastructure required for a Windows Server 2012 and Windows Server 2012 R2 environment. The key focus for students is to broaden the initial deployment of Windows Server 2012 services and infrastructure and provide the skills necessary to manage and maintain a domain based Windows Server 2012 environment, providing skills in areas such as User and Group management, Network Access and Data Security.
Course 20412: This course focuses on advanced configuration of services necessary to deploy, manage and maintain a Windows Server 2012 infrastructure, such as advanced networking services, Active Directory Domain Services (AD DS), Active Directory Rights Management Services (AD RMS), Active Directory Federation Services (AD FS), Network Load Balancing, Failover Clustering, business continuity and disaster recovery services as well as access and information provisioning and protection technologies such as Dynamic Access Control (DAC), and Web Application Proxy integration with AD FS and Workplace Join.
Certification for MCSA (48 hours) In this course, students will use test preparation tools to prepare for taking the MCSA Server certification exam. Certified Network Defender (80 hours)
2018 TLC INJ Standards of Apprenticeship
A - 11
This course is intended to immerse a typical network or systems administrator in the world of hackers and cyber defense via the following domains of CND: Computer Network and Defense Network; Security Threats, Vulnerabilities, and Attacks; Network Security Controls, Protocols, and Devices; Network Security Policy Design and Implementation; Physical Security; Host Security; Secure Firewall Configuration and Management; Secure IDS Configuration and Management; Secure VPN Configuration and Management; Wireless Network Defense; Network Traffic Monitoring and Analysis; Network Risk and Vulnerability Management; Data Backup and Recovery; Network Incident Response and Management. The training and certification are recommended for operations personnel who although do not have security as their primary job function, need an understanding of cyber security core principles and practices. Certification for Certified Network Defender (16 hours) In this course, students will use test preparation tools to prepare for taking the CND certification exam. Certified Ethical Hacker (80 hours) Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). This course prepares individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The purpose of the course is to establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures; inform the public that credentialed individuals meet or exceed the minimum standards; and reinforce ethical hacking as a unique and self-regulating profession. Certification for Certified Ethical Hacker (16 hours) In this course, students will use test preparation tools to prepare for taking the CEH certification exam. .
WORK PROCESS SCHEDULE:
Cybersecurity Support Technician
ONET Code 15-1122.00
RAPIDS Code 2050CB
Job Title: Cybersecurity Support Technician
Apprenticeship Type: (competency-based, time-based, hybrid): Competency-based
Minimum Time Requirements (or time range): 2000 to 3000 hours. Qualifications for
entering the apprenticeship would require attainment of all competencies of the Computer
Support Specialist occupation.
Required Certifications: A+; Network+; Security+; MCSA: Microsoft Systems System
Administrator; Linux+; CND: Certified Network Defender; CEH: Certified Ethical Hacker
JOB FUNCTION
JOB FUNCTION 1: Assists in developing security policies and
protocols; assists in enforcing company compliance with network
security policies and protocols
NICE
Framework
Category Certification LEVEL
Competency 1a: Locates (in Intranet, employee handbook or
security protocols) organizational policies intended to maintain
security and minimize risk and explains their use Basic
Oversee and
Govern Security+
Competency 1b: Provides guidance to employees on how to access
networks, set passwords, reduce security threats and provide
defensive measures associated with searches, software downloads,
email, Internet, add-ons, software coding and transferred files Intermediate
Securely
Provision Security+
Competency 1c: Ensures that password characteristics are explained
and enforced and that updates are required and enforced based on
appropriate time intervals Basic
Securely
Provision Security+
Competency 1d: Explains company or organization's policies
regarding the storage, use and transfer of sensitive data, including
intellectual property and personally identifiable information.
Identifies data life cycle, data storage facilities, technologies and
describes business continuity risks Intermediate
Oversee and
Govern Security+
Competency 1e: Assists employees in the use of technologies that
restrict or allow for remote access to the organization's information
technology network Intermediate
Oversee and
Develop Security+
Competency 1f: Develops security compliance policies and
protocols for external services (i.e. Cloud service providers,
software services, external data centers) Advanced
Securely
provision Security+
Competency 1g: Complies with incident response and handling
methodologies
Advanced
Protect and
Defend
Security+
Competency 1h: Articulates the business need or mission of the
organization as it pertains to the use of IT systems and the storage of
sensitive data
Intermediate
Securely
Provision Security+
JOB FUNCTION 2: Provides technical support to users or
customers
LEVEL
NICE
Framework
Category Certification
Competency 2a: Manages inventory of IT resources
Basic
Operate and
Maintain A+
Competency 2b: Diagnoses and resolves customer-reported system
incidents
Intermediate Investigate
Certified
Network
Defender
Competency 2c: Installs and configures hardware, software and
peripheral equipment for system users Basic
Operate and
Maintain A+
Competency 2d: Monitors client-level computer system
performance Basic
Operate and
Maintain A+
Competency 2e: Tests computer system performance
Basic
Operate and
Maintain - A+
Competency 2f: Troubleshoots system hardware and software
Basic
Operate and
Maintain A+
Competency 2g: Administers accounts, network rights, and access
to systems and equipment
Intermediate
Operate and
Maintain MCSA
Competency 2h: Implements security measures for uses in system
and ensures that system designs incorporate security configuration
guidelines Advanced
Operate and
Maintain Security+
JOB FUNCTION 3: Installs, configures, tests, operates, maintains
and manages networks and their firewalls including hardware and
software that permit sharing and transmission of information LEVEL
NICE
Framework
Category Certification
Competency 3a: Collaborates with system developers and users to
assist in the selection of appropriate design solutions to ensure the
compatibility of system components Intermediate
Securely
Provision Network+
Competency 3b: Installs, replaces, configures and optimizes
network hubs, routers and switches
Intermediate
Operate and
Maintain CCNA
Competency 3c: Assists in network backup and recovery
procedures Intermediate
Operate and
Maintain MCSA
Competency 3d: Diagnoses network connectivity problems
Intermediate
Operate and
Maintain CCNA
Competency 3e: Modifies network infrastructure to serve new
purposes or improve workflow Intermediate
Operate and
Maintain CCNA
Competency 3f: Integrates new systems into existing network
architecture Intermediate
Operate and
Maintain CCNA
Competency 3g: Patches network vulnerabilities to ensure
information is safeguarded against outside parties Intermediate
Operate and
Maintain MCSA
Competency 3h: Repairs network connectivity problems
Intermediate
Operate and
Maintain CCNA
Competency 3i: Tests and maintains network infrastructure
including software and hardware devices Intermediate
Operate and
Maintain CCNA
Competency 3j: Establishes adequate access controls based on
principles of least privilege and need-to-know Intermediate
Operate and
Maintain Security+
Competency 3k: Implements security measures for users in system
and ensures that system designs incorporate security configuration
guidelines
Basic
Operate and
Maintain
Certified
Network
Defender
JOB FUNCTION 4: Installs, configures, troubleshoots and
maintains server configurations to ensure their confidentiality,
integrity and availability; also manages accounts, firewalls,
configuration, patch and vulnerability management. Is responsible
for access control, security configuration and administration LEVEL
NICE
Framework
Category Certification
Competency 4a: Checks system hardware availability, functionality,
integrity and efficiency
Intermediate
Operate and
Maintain MCSA
Competency 4b: Conducts functional and connectivity testing to
ensure continuing operability Intermediate
Operate and
Maintain CCNA
Competency 4c: Conducts periodic server maintenance including
cleaning (physically and electronically), disk checks, system
configuration and monitoring, data downloads, backups and testing Intermediate
Operate and
Maintain MCSA
Competency 4d: Assists in the development of group policies and
access control lists to ensure compatibility with organizational
standards, business rules and needs Intermediate
Operate and
Maintain MCSA
Competency 4e: Documents compliance with or changes to system
administration standard operating procedures
Intermediate
Operate and
Maintain Security+
Competency 4f: Installs server fixes, updates and enhancements
Intermediate
Operate and
Maintain MCSA
Competency 4g: Maintains baseline system security according to
organizational policies Intermediate
Operate and
Maintain MCSA
Competency 4h: Manages accounts, network rights and access to
systems and equipment Intermediate
Operate and
Maintain MCSA
Competency 4i: Monitors and maintains server configuration
Intermediate
Operate and
Maintain MCSA
Competency 4j: Supports network components
Intermediate
Operate and
Maintain CCNA
Competency 4k: Diagnoses faulty system/server hardware; seeks
appropriate support or assistance to perform server repairs Intermediate
Operate and
Maintain MCSA
Competency 4l: Verifies data redundancy and system recovery
procedures Intermediate
Operate and
Maintain MCSA
Competency 4m: Assists in the coordination or installation of new
or modified hardware, operating systems and other baseline software Intermediate
Operate and
Maintain MCSA
Competency 4n: Provides ongoing optimization and problem-
solving support Intermediate
Operate and
Maintain MCSA
Competency 4o: Resolves hardware/software interface and
interoperability problems Intermediate
Operate and
Maintain MCSA
Competency 4p: Establishes adequate access controls based on
principles of least privilege, role based access controls (RBAC) and
need-to-know Intermediate
Operate and
Maintain MCSA
JOB FUNCTION 5: Configures tools and technologies to detect,
mitigate and prevent potential threats
LEVEL
NICE
Framework
Category Certification
JOB FUNCTION 5: Configures tools and technologies to detect,
mitigate and prevent potential threats
Competency 5a: Installs and maintains cyber security detection,
monitoring and threat management software
LEVEL
Intermediate
NICE
Framework
Category
Protect and
Defend
Certification
Competency 5b: Coordinates with network administrators to
administer the updating of rules and signatures for
intrusion/detection protection systems, anti-virus and network black
and white list Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 5c: Manages IP addresses based on current threat
environment
Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 5d: Ensures application of security patches for
commercial products integrated into system design
Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency 5e: Uses computer network defense tools for continual
monitoring and analysis of system activity to identify malicious
activity
Intermediate
Protect and
Defend
Certified
Network
Defender
JOB FUNCTION 6: Assesses and mitigates system network,
business continuity and related security risks and vulnerabilities
LEVEL
NICE
Framework
Category Certification
Competency 6a: Applies security policies to meet security
objectives of the system Intermediate
Operate and
Maintain Security+
Competency 6b: Performs system administration to ensure current
defense applications are in place, including on Virtual Private
Network devices Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency 6c: Ensures that data back up and restoration systems
are functional and consistent with company's document retention
policy and business continuity needs Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency 6d: Identifies potential conflicts with implementation
of any computer network defense tools. Performs tool signature
testing and optimization Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency 6e: Installs, manages and updates intrusion detection
system
Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency 6f: Performs technical and non-technical risk and
vulnerability assessments of relevant technology focus areas Intermediate
Protect and
Defend Security+
Competency 6g: Conducts authorized penetration testing (Wi-Fi,
network perimeter, application security, cloud, mobile devices) and
assesses results Intermediate
Protect and
Defend
Certified
Ethical
Hacker
Competency 6h: Documents systems security operations and
maintenance activities
Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency6i: Communicates potential risks or vulnerabilities to
manager. Collaborates with others to recommend vulnerability
corrections Intermediate
Protect and
Defend
Certified
Network
Defender
Competency6j: Identifies information technology security program
implications of new technologies or technology upgrades
Intermediate
Protect and
Defend
Certified
Network
Defender
JOB FUNCTION 7: Reviews network utilization data to identify
unusual patterns, suspicious activity or signs of potential threats
LEVEL
NICE
Framework
Category Certification
Competency 7a: Identifies organizational trends with regard to the
security posture of systems; identifies unusual patterns or activities
Operate and
Maintain
Certified
Network
Defender Intermediate
Competency 7b: Characterizes and analyzes network traffic to
identify anomalous activity and potential threats; performs computer
network defense trend analysis and reporting Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 7c: Receives and analyzes network alerts from various
sources within the enterprise and determines possible causes of such
alerts Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 7d: Runs tests to detect real or potential threats,
viruses, malware, etc.
Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 7e: Helps perform damage assessments in the event of
an attack
Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 7f Monitors network data to identify unusual activity,
trends, unauthorized devices or other potential vulnerabilities
Intermediate
Operate and
Maintain
Certified
Network
Defender
Competency 7g: Documents and escalates incidents that may cause
immediate or long-term impact to the environment
Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 7h: Provides timely detection, identification and alerts
of possible attacks and intrusions, anomalous activities, and
distinguish these incidents and events from normal baseline
activities Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 7i: Uses network monitoring tools to capture and
analyze network traffic associated with malicious activity
Intermediate
Protect and
Defend
Certified
Network
Defender/
Certified
Ethical
Hacker
Competency 7j: Performs intrusion analysis
Intermediate Investigate
Certified
Network
Defender/
Certified
Ethical
Hacker
Competency 7k: Sets containment blockers to align with company
policy regarding computer use and web access Intermediate
Protect and
Defend Security+
JOB FUNCTION 8: Responds to cyber intrusions and attacks and
provides defensive strategies
LEVEL
NICE
Framework
Category Certification
Competency 8a: Assists in the development of appropriate courses
of action in response to identified anomalous network activity
Intermediate
Protect and
Defend
Certified
Network
Defender/
Certified
Ethical
Hacker
Competency 8b: Triages systems operations impact: malware,
worms, man-in-the-middle attack, denial of service, rootkits,
keystroke loggers, SQL injection and cross-site scripting Intermediate
Protect and
Defend
Certified
Ethical
Hacker
Competency 8c: Reconstructs a malicious attack or activity based
on network traffic
Intermediate
Protect and
Defend
Certified
Ethical
Hacker
Competency 8d: Monitors external data sources to maintain
currency of Computer Network Defense threat condition and
determines which security issues may have an impact on the
enterprise. Performs file signature analysis Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 8e: Performs computer network defense incident triage
to include determining scope, urgency and potential impact;
identifies the specific vulnerability; provides training
recommendations; and makes recommendations that enable
expeditious remediation Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 8f: Receives and analyzes network alerts from various
sources within the enterprise and determines possible causes of such
alerts Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 8g: Tracks and documents computer network defense
incidents from initial detection through final resolution
Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 8h: Collects intrusion artifacts and uses discovered
data to enable mitigation of potential computer network defense
(CERTIFIED NETWORK DEFENDER) incidents Intermediate
Protect and
Defend
Certified
Network
Defender
Competency 8i: Performs virus scanning on digital media
Intermediate
Protect and
Defend
Certified
Network
Defender/
Certified
Ethical
Hacker