- Learning Path Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
- Core Tech
Security Control Assessor | Work Role ID: 612 (NIST: OG-WRL-012)
A **security control assessor** conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37).
This path will get you started on your journey to becoming a cyber defense incident responder! Begin with the fundamental concepts of network protocols and common network analysis and data governance hands-on labs, dive into the essential skills necessary to perform the day-to-day functions and then expand your skill set with, automation, deeper/advanced concepts and additional knowledge from adjacent roles!
This path aligns to the Knowledge, Skills, Abilities and Tasks (KSAs) within the **Workforce Framework for Cybersecurity (CSWF)** and the **DoD Cyber Workforce Framework (DCWF)** for the work role of:
**Security Control Assessor** Work Role 612 or OG-WRL-012
Content in this path
Fundamentals
Begin your learning journey with the fundamental concepts of networking and security!
Skill Essentials
Now that you know the fundamentals, dive into the essential skills necessary to perform the day-to-day functions of a security control assessor.
Expanded Skillset
It's time to expand your skill set with tools, and more advanced concepts! This section gives you a brief introduction into many, additional skills that you will find helpful as a security control assessor. We have full training paths on all of these skills; see the Supplemental Skill Paths section to learn more.
Adjacent Skill Knowledge
Now that you've mastered all the skills for a security control assessor, learn about additional cyber roles and their responsibilities.
- None
- cswf
- dcwf
- Security Control Assessor
- nice framework
- GRC
- cyber security