CompTIA ISC2 Cisco CCNA CEH Security+ Network+ Cloud+ CND DoD 8570 8570 certifications certification cert

DoD 8570 Changes

Observing updates to the DoDD 8570 baseline certifications

Posted by Asa Hess-Matsumoto on Sunday, February 23, 2020

DoD 8570 Updated

The Department of Defense (DoD) is a highly structured organization with a distinct hierarchy, hosting a number of directives that set out requirements for their workforce. Just this week we saw some interesting updates to the federal government’s standards for training and certification for cyber work.

What is DoD 8570?

DoDD 8570 was an official federal government policy covering requirements for training & certification for members of its Information Assurance workforce. DoDD 8140.01 “Cyberspace Workforce Management,” reissued, renumbered, and cancelled 8570.01 in order to update and expand established policies. However, the latter’s manual (DoD 8570.01-M) remains in effect to govern Information Assurance (IA) certifications.

Members – or prospective members – of the workforce are required to attain a certification commiserate to the responsibilities of the work they are expected to perform. These responsibilities are formally segregated into the following categories:

  • Information Assurance Technicians (IAT) – Make the system less vulnerable by correcting flaws and implementing IAT controls in the hardware or software installed within their operational systems. As they develop/advance, they learn to pay special attention to intrusion detection, finding/fixing unprotected vulnerabilities, and ensuring that remote access point are well secured. These positions focus on threats and vulnerabilities and improve the security of systems.
  • Information Assurance Management (IAM) – Responsible for the implementation and operation of a DoD information system/component. As they develop/advance, they inherit additional responsibility for their IA program for their system. They may perform a variety of security related tasks, including the development and implementation of system information security standards and procedures, guiding the long-term needs and acquisition requirements to accomplish operational objectives.
  • Information Assurance System Architecture & Engineering (IASAE) – Handle the design, development, implementation, and/or integration of a DoD IA architecture, system, or system component for use within their system. They ensure that the architecture and design of their system(s) are both functional and secure, including designs for program of record systems and special purpose environments with platform IT interconnectivity.

Additionally, there are also Computer Network Defense-Service Provider (CND-SP) specialties (formerly known as “Cyber Security Service Provider” [CSSP] specialties). These specialties are likewise dependent on the job role and require training/certifications. These specialties include:

  • Analyst – Personnel that use data collected from a variety of CND tools (including intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within their environment. Additional duties may include threat/target analysis.
  • Infrastructure Support – Staff that test, implement, deploy, maintain, and administer the infrastructure systems which are required to effectively manage their network and resources. This may include, but is not limited to: routers, firewalls, intrusion detection/prevention systems, and other CND tools as deployed within the system.
  • Incident Responder – This responsibility investigates and analyzes all response activities related to cyber incidents within the system. These tasks include, but are not limited to: creating and maintaining incident tracking information; planning, coordinating, and directing recovery activities; and incident analysis tasks, including examining all available information and supporting evidence or artifacts related to an incident or event.
  • Auditor – Personnel that perform assessments of systems and networks and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. They generally perform passive evaluations (compliance audits) and active evaluations (penetration tests and/or vulnerability assessments).
  • Manager – Oversees operations within their organization. These people are responsible for producing guidance for their system/network, assisting with risk assessments and risk management for subordinate organizations. Additionally, they are responsible for managing the technical classifications within their organization.

Approved Baseline Certifications

IAT Level IIAT Level IIIAT Level III
A+ CE
CCNA-Security
CND
Network+ CE
SSCP		CCNA Security
CySA+
GICSP
GSEC
Security+ CE
CND
SSCP		CASP+ CE
CCNP Security
CISA
CISSP (or Associate)
GCED
GCIH
IAM Level IIAM Level IIIAM Level III
CAP
CND
Cloud+
GSLC
Security+ CE		CAP
CASP+ CE
CISM
CISSP (or Associate)
GSLC
CCISO		CISM
CISSP (or Associate)
GSLC
CCISO
IASAE IIASAE IIIASAE III
CASP+ CE
CISSP (or Associate)
CSSLP		CASP+ CE
CISSP (or Associate)
CSSLP		CISSP-ISSAP
CISSP-ISSEP
CSSP AnalystCSSP Infrastructure SupportCSSP Incident Responder
CEH
CFR
CCNA Cyber Ops
CCNA-Security
CySA+
GCIA
GCIH
GICSP
Cloud+
SCYBER		CEH
CySA+
GICSP
SSCP
CHFI
CFR
Cloud+
CND		CEH
CFR
CCNA Cyber Ops
CCNA-Security
CHFI
CySA+
GCFA
GCIH
SCYBER
CSSP AuditorCSSP Manager
CEH
CySA+
CISA
GSNA
CFR		CISM
CISSP-ISSMP
CCISO

What has changed?

Probably the most significant change has been CISCO’s updates to its own certifications. The organization has already replaced its own SCYBER certification for CCNA Cyber Ops back in 2018; those still in possession of an active SCYBER certification will have still be accredited in the appropriate areas above. Additionally, as of 24 Feb 2020, Cisco updated its CCNA certification, which effectively replaced the following certifications:

  • CCNA Cloud
  • CCNA Collaboration
  • CCNA Data Center
  • CCDA
  • CCNA Industrial
  • CCNA Routing and Switching
  • CCNA Security
  • CCNA Service Provider
  • CCNA Wireless

The CompTIA Cloud+ certification was added as of 19 Feb 2020. The cloud computing certification is a performance-based IT certification that addresses cloud deployment, cloud security, and cloud management & migration. With the Office of Management and Budget (OMB) implementing the Cloud Smart Initiative, systems administrators and cloud engineers can pick up this certification to learn and be certified in the future of cloud computing.

Additionally, the U.S. Department of Defense Cyber Workforce Advisory Group Certification Committee officially added EC-Council’s Certified Network Defender (CND) as a baseline certification in Directive 8570 as a path forward to combat cyber enemies in four workforce categories. While best known for the Certified Ethical Hacker (CEH) credential, EC-Council designed the CND program to target defensive cyber operations (blue-teaming). The certification is a skills-based, lab-intensive program based on a framework for teaching IT professionals how to defend IT systems against attacks, hardening of the network, and a complete understanding of what cybercriminals are capable of.

FEATURED TAGS
aws badusb bandit book books box c ceh certification chisel cloud coding crto cryptography ctf cyber dante ejpt exploitation gradschool hack hacking hackthebox htb javascript leetcode md5 nmap oscp overthewire pentesteracademy pentesting pico picoctf pivot pivoting programming pwk python reading reverse-engineering reversing riceteacatpanda suidcheck synack the vhl writeup
FRIENDS