Skills Testing & Assessment on Cyber Range
CybExer’s Cyber Skills Testing offering covers testing services to support recruitment decisions or the internal assessment of cyber security professionals for different purposes.
Oftentimes in real life, there is no one correct way of approaching a cyber security challenge. Many alternative routes may be taken that may yield very different results. The most important part – and frequently the one where the majority of learning actually takes place – is the discussion on the decisions that were taken to solve a problem and the arguments that were used to support those decisions.
Hence the main aim of our skills testing services is not to grant badges or certificates but to provide material to back up an educated discussion about the skill levels and potential development areas of cyber security professionals.
There are two typical use cases for cyber security skills testing:
1) Recruitment. Instead of only looking at an applicant’s CV, have them complete a skills test that will shed light on their skills and development areas but also their logical thinking patterns.
2) Validating the skills, capabilities, and development areas of existing personnel. Cyber security threats evolve constantly and so should the expertise of the personnel tackling them.
How have our skills tests been constructed in practice?
The baseline assumption of CybExer’s skills testing services is that the participants have already learned the skills to be tested elsewhere, in other words the testing suite does not educate the participants but only tests them. Also, the testing modules have been categorized as ‘Intermediate’, ‘Advanced’, and ‘Expert’, meaning essentially that the tests assume the participants will know their way around the most basic assignments that cyber security professionals typically face.
The tests consist of modules, each of which contains 12-20 tasks under the above-mentioned categories. Completing tasks successfully will earn points for the participant. Using hints that will ease solving the task will reduce the total sum of points. Some tasks are interconnected, meaning that to solve a particular task, the participant first needs to solve the preceding task whose answer will feed into the next one.
Each module of tasks in CybExer’s skills tests have been mapped against four specific work roles under the NICE (National Initiative for Cybersecurity Education) framework: Network Operations Specialist, Software Developer, Cyber Defense Analyst, or Risk Manager to ensure that the test results will be rather standard and meaningfully benchmarkable.