•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Data Administration

The intent of the Data Administration Knowledge Unit is to provide students with methods to protect the confidentiality, integrity, and availability of data throughout the data life cycle.

Topics

  1. Data Information/Classification Systems
  2. Data/Information classification systems. a. Level of classification b. Classification criteria c. Need to know. d. Classification/Declassification processes e. Classification authorities
  3. Data/Information lifecycle a-g
  4. Data storage and archiving a. Data Warehousing
  5. Data/Information lifecycle a. Capture/Acquisition b. Maintenance c. Synthesis/transformation/aggregation d. Usage e. Publication/Distribution f. Archival g. Disposition/Purging
  6. Data/Information utility
  7. Data/Information control a. Ownership - Who information belongs to. b. Stewardship - Responsibility for assembling and protecting data. c. Management - Providing the right data in the right place at the right time. d. Possession - Data residing in a system. e. Governance - How data should be managed and used.
  8. Data storage and archiving a. Data Warehousing b. Long Term Archival c. Big Data i. Hadoop / Mongo DB / HBASE
  9. Overview of database types with advantages and disadvantages a. Flat b. Relational c. Network d. Hierarchical e. Object-Oriented f. Object-based g. Key-value h. Distributed
  10. SQL Data Manipulation Language a. SELECT b. INSERT c. DELETE d. UPDATE
  11. SQL Database Administration a. User creation/deletion, permissions and access controls)
  12. Database concepts a. Indexing, Inference, Aggregation, Polyinstantiation
  13. Database Security a. How to protect data (confidentiality, integrity and availability in a DBMS context) b. Vulnerabilities (e.g., SQL injection)
  14. Data/Information lifecycle
  15. Data storage and archiving
  16. Data/Information control
  17. Data/Information Quality
  18. Data/Information classification systems.
  19. Accuracy, Completeness, relevance, consistency, integrity
  20. Data cleansing
  21. Verification/Validation
  22. Data Policies
  23. Data/Information Security (access control, encryption)
  24. i. Hadoop / Mongo DB / HBASE
  25. Data/Information accessibility
  26. Data/Information classification systems-
  27. a. Level of classification
  28. b. Classification criteria
  29. c. Need to know.
  30. d. Classification/Declassification processes
  31. e. Classification authorities
  32. Capture/Acquisition
  33. Maintenance
  34. Synthesis/transformation/aggregation
  35. Usage
  36. Publication/Distribution
  37. Archival
  38. Disposition/Purging
  39. Data/Information classification systems
  40. Data/Information Quality a. Accuracy, Completeness, relevance, consistency, integrity b. Data cleansing c. Verification/Validation

Outcomes

  1. Draw and describe a data and information lifecycle, identifying specific and general security issues at all stages.
  2. Define and evaluate data and information quality, accessibility, and utility.
  3. Examine how the origination, change, distribution, storage, and deletion of information is managed and secured.
  4. Compare and contrast data and information ownership, stewardship, management, possession, and governance.
  5. Outline the role of data and information classification in security.

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0287 Knowledge of an organization's information classification program and procedures for information compromise.
K0195 Knowledge of data classification standards and methodologies based on sensitivity and other risk factors.
K0020 Knowledge of data administration and data standardization policies.
K0022 Knowledge of data mining and data warehousing principles.
K0096 Knowledge of the capabilities and functionality of various collaborative technologies (e.g., groupware, SharePoint).
K0338 Knowledge of data mining techniques.
K0038 Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
K0622 Knowledge of controls related to the use, processing, storage, and transmission of data.
K0193 Knowledge of advanced data remediation security features in databases.
K0257 Knowledge of information technology (IT) acquisition/procurement requirements.
K0270 Knowledge of the acquisition/procurement life cycle process.
K0157 Knowledge of cyber defense and information security policies, procedures, and regulations.
K0222 Knowledge of relevant laws, legal authorities, restrictions, and regulations pertaining to cyber defense activities.
K0007 Knowledge of authentication, authorization, and access control methods.
K0033 Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
K0236 Knowledge of how to utilize Hadoop, Java, Python, SQL, Hive, and Pig to explore data.
K0028 Knowledge of organization's evaluation and validation requirements.
ID DESCRIPTION
S0369 Skill to identify sources, characteristics, and uses of the organization??s data assets.
S0123 Skill in transformation analytics (e.g., aggregation, enrichment, processing).
S0372 Skill to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise.
S0028 Skill in developing data dictionaries.
S0019 Skill in creating programs that validate and process multiple inputs including command line arguments, environmental variables, and input streams.
ID DESCRIPTION
A0083 Ability to evaluate information for reliability, validity, and relevance.
ID DESCRIPTION