Icon that says Operate and Maintain with wrench and hammer together in x shape image.

Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Manages accounts, firewalls, and patches. Responsible for access control, passwords, and account creation and administration.

Below are the roles for this Specialty Area. Click each role to see the KSAs (Knowledge, Skills, and Abilities) and Tasks.

  • A0025: Ability to accurately define incidents, problems, and events in the trouble ticketing system.
  • A0027: Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0034: Ability to develop, update, and/or maintain standard operating procedures (SOPs).
  • A0055: Ability to operate common network tools (e.g., ping, traceroute, nslookup).
  • A0062: Ability to monitor measures or indicators of system performance and availability.
  • A0074: Ability to collaborate effectively with others.
  • A0088: Ability to function effectively in a dynamic, fast-paced environment.
  • A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
  • A0124: Ability to establish and maintain automated security control assessments 
  • K0001: Knowledge of computer networking concepts and protocols, and network security methodologies. 
  • K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
  • K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
  • K0004: Knowledge of cybersecurity and privacy principles. 
  • K0005: Knowledge of cyber threats and vulnerabilities. 
  • K0006: Knowledge of specific operational impacts of cybersecurity lapses. 
  • K0049: Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). 
  • K0050: Knowledge of local area and wide area networking principles and concepts including bandwidth management. 
  • K0053: Knowledge of measures or indicators of system performance and availability.
  • K0064: Knowledge of performance tuning tools and techniques.
  • K0077: Knowledge of server and client operating systems.
  • K0088: Knowledge of systems administration concepts.
  • K0100: Knowledge of the enterprise information technology (IT) architecture.
  • K0103: Knowledge of the type and frequency of routine hardware maintenance. 
  • K0104: Knowledge of Virtual Private Network (VPN) security.
  • K0117: Knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]).
  • K0130: Knowledge of virtualization technologies and virtual machine development and maintenance.
  • K0158: Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).
  • K0167: Knowledge of system administration, network, and operating system hardening techniques.
  • K0179: Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). 
  • K0260: Knowledge of Personally Identifiable Information (PII) data security standards. 
  • K0261: Knowledge of Payment Card Industry (PCI) data security standards. 
  • K0262: Knowledge of Personal Health Information (PHI) data security standards. 
  • K0274: Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
  • K0280: Knowledge of systems engineering theories, concepts, and methods.
  • K0289: Knowledge of system/server diagnostic tools and fault identification techniques.
  • K0318: Knowledge of operating system command-line tools. 
  • K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0346: Knowledge of principles and methods for integrating system components.
  • S0016: Skill in configuring and optimizing software.
  • S0033: Skill in diagnosing connectivity problems.
  • S0043: Skill in maintaining directory services. (e.g., Microsoft Active Directory, LDAP, etc.). 
  • S0073: Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.). 
  • S0076: Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • S0111: Skill in interfacing with customers.
  • S0143: Skill in conducting system/server planning, management, and maintenance.
  • S0144: Skill in correcting physical and technical problems that impact system/server performance.
  • S0151: Skill in troubleshooting failed system components (i.e., servers)
  • S0153: Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.
  • S0154: Skill in installing system and component upgrades. (i.e., servers, appliances, network devices). 
  • S0155: Skill in monitoring and optimizing system/server performance.
  • S0157: Skill in recovering failed systems/servers. (e.g., recovery software, failover clusters, replication, etc.). 
  • S0158: Skill in operating system administration. (e.g., account maintenance, data backups, maintain system performance, install and configure new hardware/software). 
  • T0029: Conduct functional and connectivity testing to ensure continuing operability.
  • T0054: Design group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs.
  • T0063: Develop and document systems administration standard operating procedures.
  • T0136: Maintain baseline system security according to organizational policies.
  • T0144: Manage accounts, network rights, and access to systems and equipment.
  • T0186: Plan, execute, and verify data redundancy and system recovery procedures.
  • T0207: Provide ongoing optimization and problem-solving support.
  • T0418: Install, update, and troubleshoot systems/servers.
  • T0431: Check system hardware availability, functionality, integrity, and efficiency.
  • T0435: Conduct periodic system maintenance including cleaning (both physically and electronically), disk checks, routine reboots, data dumps, and testing.
  • T0458: Comply with organization systems administration standard operating procedures.
  • T0461: Implement and enforce local network usage policies and procedures.
  • T0498: Manage system/server resources including performance, capacity, availability, serviceability, and recoverability.
  • T0501: Monitor and maintain system/server configuration.
  • T0507: Oversee installation, implementation, configuration, and support of system components.
  • T0514: Diagnose faulty system/server hardware.
  • T0515: Perform repairs on faulty system/server hardware.
  • T0531: Troubleshoot hardware/software interface and interoperability problems.
  • Capability Indicators for System Administrator
    Category Entry Intermediate Advanced
    Credentials/Certifications
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Certifications addressing network infrastructure, mobile device integration, hardware evaluation, operating systems, technical support, business continuity and disaster recovery, cloud computing security, incident management, IT governance, risk management, securing communications, authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, cryptography, malicious code countermeasures, and managing, maintaining, troubleshooting, installing, and configuring basic network infrastructure
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: : Certifications addressing access control theory, alternate network mapping techniques, authentication and password management, common types of attacks, contingency planning, critical security controls, concepts, crypto fundamentals, defense-in-depth, DNS, firewalls, honeypots, ICMP, incident handling fundamentals, intrusion detection overview, IP packets, IPS overview, IPv6, legal aspects of incident handling, Mitnick-Shimomura attack, network addressing, network fundamentals, network mapping and scanning, network protocol, policy framework, protecting data at rest, PKI, reading packets, risk management, securing server services, SIEM/Log management, steganography overview, TCP, UDP, virtual private networks, viruses and malicious code, vulnerability management overview, vulnerability scanning, web application security, auditing and forensics, network security overview, permissions and user rights, security templates and group policy, service packs, hotfixes and backups, active directory and group policy overview, wireless security, authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, cryptography, and malicious code countermeasures
    • Recommended: Yes
    • Example Topics: Certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, and organizational security
    Continuous Learning
    • Recommended: Not essential but may be beneficial
    • Examples: 40 hours annually (may include mentoring, shadowing, conferences, webinars, or rotations)
    • Recommended: Not essential but may be beneficial
    • Examples: 40 hours annually (may include mentoring, shadowing, conferences, webinars, or rotations)
    • Recommended: Yes
    • Examples: 40 hours annually (may include role rotations)
    Education
    • Recommended: Not essential but may be beneficial
    • Example Types: Associate's (certifications addressing information systems security may substitute education)
    • Example Topics: Computer science, cybersecurity, information technology, software engineering, information systems, and computer engineering
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's (certifications addressing the following may substitute education: analyzing, assessing, controlling, determining, mitigating and managing risk within a management and acquisition framework that contains personal data; identifying, implementing and integrating management, acquisition and administrative risk methodologies for securing critical and sensitive information infrastructures)
    • Example Topics: Computer science, cybersecurity, information technology, software engineering, information systems, and computer engineering
    • Recommended: Not essential but may be beneficial
    • Example Types: Bachelor's, Master's, Ph.D. (certifications addressing the following may substitute education: analyzing, assessing, controlling, determining, mitigating and managing risk within a management and acquisition framework that contains personal data; identifying, implementing, and integrating management, acquisition, and administrative risk methodologies for securing critical and sensitive information infrastructures)
    • Example Topics: Computer science, cybersecurity, information technology, software engineering, information systems, and computer engineering
    Experiential Learning
    • Recommended: Not essential but may be beneficial
    • Examples: Information assurance
    • Recommended: Not essential but may be beneficial
    • Examples: Information assurance, area network, wireless reach back system, enterprise messaging system, combined enterprise regional information exchange system, global command and control system, networks
    • Recommended: Yes
    • Examples: 7+ years of experience directly performing configurations and security implementations on LAN and WAN equipment, information assurance
    Training
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Information assurance, operational support systems, and security fundamentals
    • Recommended: Not essential but may be beneficial
    • Example Types: N/A
    • Example Topics: Systems administration, security fundamentals
    • Recommended: Yes
    • Example Types: N/A
    • Example Topics: Self- or instructor-led training in the areas of LAN, WAN architectures, and network security, advanced network analysis, and network security vulnerability