Training Catalog Batch
Data: CSV Format User
Guide
National Initiative for Cybersecurity Careers and Studies
(NICCS)
Version 1.3, April 7, 2017
Stakeholder Engagement and
Cyber Infrastructure Resilience
Training Catalog Batch Data: CSV Format User Guide
February 7, 2016
Training Catalog Batch Data: CSV Format User Guide
Prepared for DHS by
Bluewater Federal Solutions, Inc.
14420 Albemarle Point Place, Suite 200
Chantilly, VA 20151
i
Training Catalog Batch Data: CSV Format User Guide
February 7, 2016
Training Catalog Batch Data: CSV Format User Guide
NICCS Portal
Submitted by:
Program Manager
Date
DHS NPPD OCIO
Date
Approved by:
ii
Training Catalog Batch Data: CSV Format User Guide
February 7, 2016
This page intentionally left blank.
iii
Training Catalog Batch Data: CSV Format User Guide
February 7, 2016
VERSION HISTORY
Version
Number
Date
Revised By
Description
1.0
April 9, 2014
Ricardo A.
Reyes
Original NICCS Standard CSV Batch Upload Format User
Guide
1.1
February 5,
2016
Amy L.
Thornhill
Updated NICCS Standard CSV Batch Upload Form User
Guide to reflect latest requirements.
1.2
July 7, 2016
Amy L.
Thornhill
Updated to reflect the new Drupal Feeds Import Process.
1.3
April 7, 2017
Amy L.
Thornhill
Added National CAE Designated Institution (tcccae).
Removed location address fields.
iv
Training Catalog Batch Data: CSV Format User Guide
February 7, 2016
TABLE OF CONTENTS
1
2
INTRODUCTION ......................................................................................................... 7
Objectives ........................................................................................................................... 7
1.1
CSV SPECIFICATIONS ............................................................................................... 7
2.1
MS Excel Expectations ....................................................................................................... 7
2.2
CSV Rows and Columns ..................................................................................................... 7
2.3
Required Attributes and Elements ..................................................................................... 9
2.4
Field Values Reference Tables .......................................................................................... 10
2.4.1 Course Proficiency Level (tccproflvl) .................................................................................. 10
2.4.2 Course Training Purpose (tcctrainpur) .................................................................................. 10
2.4.3 Course Audience (tccaudience) ............................................................................................ 11
2.4.4 Framework Specialty Area (tccspecarea) ............................................................................. 11
2.4.5 Course Delivery Method (tccdelmethod) .............................................................................. 14
2.4.6 Course Locations .................................................................................................................. 14
2.4.7 Unpublish a Course from Public View (softdelete) .............................................................. 15
2.5
Example CSV Output ....................................................................................................... 16
APPENDIX A. NICCS CSV TEMPLATE AND SAMPLE COURSE ............................... 18
v
Training Catalog Batch Data: CSV Format User Guide
February 7, 2016
List of Figures
Figure 2-1. Sample CSV format column labels for NICCS Courses. ..............................................8
Figure 2-2. Full CSV format example with labels for NICCS Courses...........................................8
Figure 2-3. Mapping CSV Data field with multiple values/options for NICCS Courses. ...............9
List of Tables
Table 2-1. NICCS Course Standard Value Data-Dictionary for CVS Batch Import.......................9
Table 2-2. Course Delivery Method (tccdelmethod) ....................................................................14
Table 2-3. Course Audience (tccaudience) ...................................................................................11
Table 2-4. Framework Specialty Area (tccspecarea) ....................................................................11
Table 2-5. Course Location (tcccourseloc) ...................................................................................14
vi
Training Catalog Batch Data: CSV Format User Guide
1
February 5, 2016
INTRODUCTION
The DHS NICCS Program administers a Training Catalog system on the National Initiative for
Cybersecurity Careers and Studies (NICCS) Portal. The catalog courses and provider data are
comprised of external records that are owned and managed by DHS NICCS Program partners,
collaborators, and stakeholders. For that reason, the NICCS program has standardized a data
schema for the collection of the Training Catalog data, including two acceptable data formats for
multiple course record submission. This user guide will provide instructions for creating a
Comma Separated Value (CSV) format.
1.1
Objectives
Training Providers (TPs) will submit course data in CSV format. The NICCS Portal will provide
a web-based administration user interface (UI) for the Training Catalog Administrator to upload
the CSV file. This document will serve as the standard operating procedures (SOPs) for creating
a CSV file. Its general purpose is to provide TPs with guidelines to create the output of data from
their respective data sources and databases into a CSV format.
2
CSV SPECIFICATIONS
A CSV file must follow a specific format and structure. The following sections describe how the
CSV file should be created, including the required elements and attributes along with the format
of allowable values.
2.1
MS Excel Expectations
This documentation expects for the reader (user) to be familiar with Microsoft (MS) Excel
spreadsheets. The instructions will be documented based on the MS Excel capabilities and
features to save a document in CSV format.
Basic MS Excel steps for drafting and saving CSV file:
1. Open MS Excel.
2. Create New Workbook (File -> New Workbook).
3. Label the first row’s columns with the corresponding data schema fields (see Figure 2.2)
below.
4. Enter each course record on each row of the CSV file.
5. Save the file as CSV format (File -> Save As -> Format -> Comma Separated Value
(.csv)).
File name should include niccs + courses + provider_name + current date.
Example: “niccs_courses_provider_name_mmddyyyy.csv”
Note: CSV formatted files do not capture font-format styles such as bold, font size, or color, so
when saving a file as CSV format with MS Excel, all of those styles will be lost. This is expected
behavior for CVS files.
2.2
CSV Rows and Columns
The CSV file’s first row should have the following columns (starting from A1-V1).
7
Training Catalog Batch Data: CSV Format User Guide
A.
B.
C.
D.
E.
F.
G.
H.
I.
J.
K.
L.
M.
N.
O.
P.
Q.
February 5, 2016
tccid
name
provider
tcccatnbr
tcclocalnbr
tcccae
tcccourl
description
tccprereq
tccproflvl
tcctrainpur
tccaudience
tccobjective
tccdelmethod
tccspecarea
tcccourseloc
softdelete
Copy and paste each of the column labels to the first row of the MS Excel Workbook. Once
completed, the first row structure should match Figure 2-1 below.
Figure 2-1. Sample CSV format column labels for NICCS Courses.
Enter each piece of course information starting from cell A2 (Column 1, Row 2). Each row will
consist of each new record to be uploaded or updated on the NICCS Portal Training Catalog
system.
Figure 2-2 depicts an example of eight (8) courses that were entered in the CSV file. Each course
record populated in its respective row, starting from row 2.
Figure 2-2. Full CSV format example with labels for NICCS Courses.
Notice that columns tccaudience, tccdelmethod, and tccspecarea can have multiple
entries/options. For the NICCS Portal system to parse through the CSV data and understand the
8
Training Catalog Batch Data: CSV Format User Guide
February 5, 2016
multiple entries for these two columns, a pipe-delimiter character (“|”) must be used to
separate the values. See Figure 2-3 below for an example.
Figure 2-3. Mapping CSV Data field with multiple values/options for NICCS Courses.
Section 2.3 below describes the data attributes and elements with descriptions for acceptable
values for each field.
2.3
Required Attributes and Elements
Table 2-1. NICCS Course Standard Value Data-Dictionary for CVS Batch Import
Column Name
Data Type/Size
Required
Description
tccid
VARCHAR(50)
NO
The NICCS provided course id of the record.
name
VARCHAR(255)
YES
The title of the training catalog asset
tcccatnbr
VARCHAR (255)
NO
The Catalog Number of the training catalog asset.
tcclocalnbr
VARCHAR(255)
NO
The Provider-specified Course ID
tcccae
INT(1)
NO
A field to track if the provider is a National CAE
(Centers of Academic Excellence) Designated
Institution. Enter 1 for yes, 0 for No.
tcccourl
VARCHAR(2048)
YES
The course URL of the training catalog asset
description
LONGTEXT(LARG
E)
YES
Training catalog asset description
tccprereq
LONGTEXT(LARG
E)
YES
Training catalog asset prerequisites
tccproflvl
INT(1)
YES
Training catalog asset overall proficiency level
tcctrainpur
VARCHAR(70)
YES
Training catalog asset training purposes
tccaudience
VARCHAR(255)
YES
Training catalog asset audiences
tccobjective
LONGTEXT(LARG
E)
YES
Training catalog asset course objective
tccdelmethod
VARCHAR(255)
YES
The course delivery method of the training catalog
asset
tccspecarea
VARCHAR(2500)
YES
The specialty area of the training catalog asset
tcccourseloc
json (2500)
NO
The NICCS provided course location id of the training
9
Training Catalog Batch Data: CSV Format User Guide
Column Name
Data Type/Size
February 5, 2016
Required
Description
catalog asset. The course location is ONLY Required
when the course has a tccdelmethod of Classroom or
3.
softdelete
INT(1)
NO
A field to track if the course should be unpublished
(soft deleted) from the catalog.
The attributes and descriptions of these fields are based on the NICCS Framework 1.0
standardization. For additional descriptions of these field values, please consult with NICCS SO
and the Framework 1.0 documentation.
2.4
Field Values Reference Tables
Table 2-1 above identifies the required fields and data types that are accepted. Most of the fields
are self-explanatory for the NICCS Training Catalog course record; however, six (6) of the list
items are based on NICCS prepopulated list options that the Training Provider has to follow.
Here are the acceptable field value options for the tccproflvl, tcctrainpur, tccaudience,
tccspecarea, tccdelmethod, and tcccourseloc.
2.4.1
Course Proficiency Level (tccproflvl)
Table 2-2 below identifies the Course Proficiency Level options that are accepted. Note: Only
one (1) option is allowed.
Table 2-2. Course Proficiency Level (tccproflvl)
Proficiency Level ID
Proficiency Level Name
Proficiency Level Description
0
No Proficiency
No Proficiency
1
Basic
Basic
2
Intermediate
Intermediate
3
Advanced
Advanced
4
Expert
Expert
Example:
Single option value: 2
2.4.2
Course Training Purpose (tcctrainpur)
Table 2-3 below identifies the Course Training Purpose options that are accepted. Note:
Multiple options are allowed.
Table 2-3. Course Training Purpose (tcctrainpur)
Training
Purpose ID
Training Purpose Name
Training Purpose Description
Functional
Development
Skill
Functional Development
Functional Development
Skill Development
Skill Development
10
Training Catalog Batch Data: CSV Format User Guide
February 5, 2016
Development
Management
Development
Management Development
Management Development
Examples:
•
•
2.4.3
Single option: Functional Development
Multiple options (separated by |): Functional Development|Management Development
Course Audience (tccaudience)
Table 2-4 below identifies the Course Audience options that are accepted. For the Course
Audience field, the audience ids or audience names can be used as values. Note: Multiple
options are allowed.
Table 2-4. Course Audience (tccaudience)
Audience ID
Audience Name
Audience Description
1
All
All
2
General Public
General Public
3
Federal Employee
Federal Employee
4
Academia
Academia
5
Contractor
Contractor
Examples:
•
Single option value: 2
Single option name: General Public
•
Multiple option values (separated by |): 1|2|5
Multiple option names (separated by|): All|General Public|Contractror
2.4.4
Framework Specialty Area (tccspecarea)
Table 2-5 below identifies the Framework Specialty Area options that are accepted. For the
Framework Specialty Area field, the specialty area ids or specialty area names can be used as
values. Note: Multiple options (limit of 5) are allowed.
Table 2-5. Framework Specialty Area (tccspecarea)
Specialty Specialty Area Name
Area ID
23
All Source Intelligence
20
Collection Operations
14
Computer Network
Defense Analysis
Specialty Area Description Text
Analyzes threat information from multiple sources, disciplines, and
agencies across the Intelligence Community. Synthesizes and places
intelligence information in context; draws insights about the possible
implications.
Executes collection using appropriate strategies and within the
priorities established through the collection management process.
Uses defensive measures and information collected from a variety of
sources to identify, analyze, and report events that occur or might
occur within the network in order to protect information, information
systems, and networks from threats.
11
Training Catalog Batch Data: CSV Format User Guide
Specialty Specialty Area Name
Area ID
15
Computer Network
Defense Infrastructure
Support
8
Customer Service and
Technical Support
21
Cyber Operations
22
Cyber Operations
Planning
9
Data Administration
18
Digital Forensics
27
Education and Training
24
Exploitation Analysis
16
Incident Response
1
Information Assurance
Compliance
28
19
Information Systems
Security Operations
(Information Systems
Security Officer)
Investigation
10
Knowledge Management
29
Legal Advice and
Advocacy
11
Network Services
February 5, 2016
Specialty Area Description Text
Tests, implements, deploys, maintains, reviews and administers the
infrastructure hardware and software that are required to effectively
manage the computer network defense service provider network and
resources. Monitors network to actively remediate unauthorized
activities.
Addresses problems, installs, configures, troubleshoots, and provides
maintenance and training in response to customer requirements or
inquiries (e.g., tiered-level customer support).
Performs activities to gather evidence on criminal or foreign
intelligence entities in order to mitigate possible or real-time threats,
protect against espionage or insider threats, foreign sabotage,
international terrorist activities, or to support other intelligence
activities.
Performs in-depth joint targeting and cyber planning process.
Gathers information and develops detailed Operational Plans and
Orders supporting requirements. Conducts strategic and operationallevel planning across the full range of operations for integrated
information and cyberspace operations.
Develops and administers databases and/or data management
systems that allow for the storage, query, and utilization of data.
Collects, processes, preserves, analyzes, and presents computerrelated evidence in support of network vulnerability mitigation, and/or
criminal, fraud, counterintelligence or law enforcement investigations.
Conducts training of personnel within pertinent subject domain.
Develop, plan, coordinate, deliver and/or evaluate training courses,
methods, and techniques as appropriate.
Analyzes collected information to identify vulnerabilities and potential
for exploitation.
Responds to crisis or urgent situations within the pertinent domain to
mitigate immediate and potential threats. Uses mitigation,
preparedness, and response and recovery approaches, as needed, to
maximize survival of life, preservation of property, and information
security. Investigates and analyzes all relevant response activities.
Oversees, evaluates, and supports the documentation, validation, and
accreditation processes necessary to assure that new IT systems
meet the organization's information assurance and security
requirements. Ensures appropriate treatment of risk, compliance, and
assurance from internal and external perspectives.
Oversees the information assurance program of an information
system in or outside the network environment; may include
procurement duties (e.g., ISSO).
Applies tactics, techniques, and procedures for a full range of
investigative tools and processes to include but not limited to
interview and interrogation techniques, surveillance, counter
surveillance, and surveillance detection, and appropriately balances
the benefits of prosecution versus intelligence gathering.
Manages and administers processes and tools that enable the
organization to identify, document, and access intellectual capital and
information content.
Provides legally sound advice and recommendations to leadership
and staff on a variety of relevant topics within the pertinent subject
domain. Advocates legal and policy changes, and makes a case on
behalf of client via a wide range of written and oral work products,
including legal briefs and proceedings.
Installs, configures, tests, operates, maintains, and manages
12
Training Catalog Batch Data: CSV Format User Guide
Specialty Specialty Area Name
Area ID
30
Security Program
Management (Chief
Information Security
Officer)
Software Assurance and
Security Engineering
2
31
Strategic Planning and
Policy Development
System Administration
12
February 5, 2016
Specialty Area Description Text
networks and their firewalls, including hardware (e.g., hubs, bridges,
switches, multiplexers, routers, cables, proxy servers, and protective
distributor systems) and software that permit the sharing and
transmission of all spectrum transmissions of information to support
the security of information and information systems.
Manages information security implications within the organization,
specific program, or other area of responsibility, to include strategic,
personnel, infrastructure, policy enforcement, emergency planning,
security awareness, and other resources (e.g., CISO).
Develops and writes/codes new (or modifies existing) computer
applications, software, or specialized utility programs following
software assurance best practices.
Applies knowledge of priorities to define an entity.
Installs, configures, troubleshoots, and maintains server
configurations (hardware and software) to ensure their confidentiality,
integrity, and availability. Also manages accounts, firewalls, and
patches. Responsible for access control, passwords, and account
creation and administration.
Systems Development
Works on the development phases of the systems development
lifecycle.
Systems Requirements
Consults with customers to gather and evaluate functional
Planning
requirements and translates these requirements into technical
solutions. Provides guidance to customers about applicability of
information systems to meet business needs.
Systems Security Analysis Conducts the integration/testing, operations, and maintenance of
systems security.
Systems Security
Develops system concepts and works on the capabilities phases of
Architecture
the systems development lifecycle; translates technology and
environmental conditions (e.g., law and regulation) into system and
security designs and processes.
Targets
Applies current knowledge of one or more regions, countries, nonstate entities, and/or technologies.
Technology Research and Conducts technology assessment and integration processes; provides
Development
and supports a prototype capability and/or evaluates its utility.
Test and Evaluation
Develops and conducts tests of systems to evaluate compliance with
specifications and requirements by applying principles and methods
for cost-effective planning, evaluating, verifying, and validating of
technical, functional, and performance characteristics (including
interoperability) of systems or elements of systems incorporating IT.
Threat Analysis
Identifies and assesses the capabilities and activities of cyber
criminals or foreign intelligence entities; produces findings to help
initialize or support law enforcement and counterintelligence
investigations or activities.
Vulnerability Assessment Vulnerability Assessment and Management - Conducts assessments
and Management
of threats and vulnerabilities, determines deviations from acceptable
configurations, enterprise or local policy, assesses the level of risk,
and develops and/or recommends appropriate mitigation
countermeasures in operational and non-operational situations.
3
4
13
5
25
6
7
26
17
Examples:
•
Single option value: 17
Single option name: Vulnerability Assessment and Management
13
Training Catalog Batch Data: CSV Format User Guide
•
2.4.5
February 5, 2016
Multiple option values (separated by |): 1|2
Multiple option names (separated by |): Information Assurance Compliance|Software
Assurance and Security Engineering
Course Delivery Method (tccdelmethod)
Table 2-6 below identifies the Course Delivery Method options that are accepted. For the Course
Delivery Method field, the delivery method ids or delivery method names can be used as values.
Note: Multiple options are allowed.
Table 2-6. Course Delivery Method (tccdelmethod)
Delivery
Method ID
1
Delivery Method Name
Delivery Method Description
Online, Instructor-Led
Online, Instructor-Led
2
Online, Self-Paced
Online, Self-Paced
3
Classroom
Classroom
Examples:
•
Single option value: 1
Single option name: Online, Instructor-Led
•
Multiple option values (separated by |): 1|2
Multiple option names (separated by |): Online, Instructor-Led|Online, Self-Paced
2.4.6
Course Locations (tcccourseloc)
2.4.6.1 Courses with a Single Location
Courses with a single location must be provided using the field (tcccourseloc) using a single
JSON string as shown in the example. For more information, see Section 2.4.6.3 How to build
the JSON string
Example:
[{"country":"US","administrative_area":"MD","locality":"Bethesda","postal_code":"20814","tho
roughfare":"8120 Woodmont Avenue","premise":"Suite 205","name_line":"Provider Name"}]
2.4.6.2 Courses with a Multiple Locations
Courses with multiple locations must be provided using field (tcccourseloc) using a multiple
JSON string as shown in the example. For more information, see Section 2.4.6.3 How to build
the JSON string
Example:
[{"country":"US","administrative_area":"VA","locality":"Roanoke","postal_code":"240
19","thoroughfare":"123 Apple Tree Lane","premise":"Suite 123","name_line":"Provider
Name"},{"country":"US","administrative_area":"VA","locality":"Cloverdale","postal_c
ode":"24033","thoroughfare":"123 Elm Street","name_line":"Provider
14
Training Catalog Batch Data: CSV Format User Guide
February 5, 2016
Name"},{"country":"US","administrative_area":"VA","locality":"Woodbridge","postal_
code":"22193","thoroughfare":"49 Pickle Lane","premise":"Ste 2","name_line":"Provider
Name"}]
2.4.6.3 How to build the JSON String
Locations should be formatted as a single json.
a.
b.
c.
d.
e.
f.
g.
country – Country
administrative_area – State
locality – City
postal_code – Zip Code
thoroughfare – Address Line 1
premise – Address Line 2
name_line – Location name
‘Pretty print’ example:
[
{
"country": "US",
"administrative_area": "CA",
"locality": "Los Angeles",
"postal_code": "91111",
"thoroughfare": "1234 Main St",
"premise": "Suite 30",
"name_line": "Location Label 1"
},
{
"country": "US",
"administrative_area": "DC",
"locality": "Washington Metro",
"postal_code": "22027",
"thoroughfare": "5555 1st St",
"premise": "",
"name_line": "Location Headquarters"
}
]
2.4.7
Unpublish a Course from Public View (softdelete)
The softdelete value is a flag to change the status of the course and remove it from the public view. The
number 0 represents to keep the course status unchanged. The number 1, will remove that course from
the public facing site.
Note: tccid (column A) should be used to indicate which course to alter. If no tccid is provided, a new
course will be created and will pushed to the public.
15
Training Catalog Batch Data: CSV Format User Guide
2.5
February 5, 2016
Example CSV Output
Example CSV Format File with eight (8) Courses total Including FOUR (4) NEW Course
records, two (2) Existing Course records needing updates, and Two (2) existing courses needing
to be unpublished/soft deleted from training catalog
tccid,name,provider,tcccatnbr,tcclocalnbr,tccproflvl,tcccourl,tccaudience,tcctrainpur,tccdelmetho
d,tccspecarea,description,tccprereq,tccobjective,address_name,address_line_1,address_line_2,ad
dress_city,address_state,address_country,address_zip,tcccourseloc,softdelete
,Course 101,Provider Ex,PE101,,0,http://www.google.com,Federal Employee,Skill
Development,Classroom,Computer Network Defense Infrastructure Support,An example
desciption
,Example
,Test
,,,,,,,,"[{""country"":""US"",""administrative_area"":""VA"",""locality"":""Roanok e"",""postal_code"":""24019"",""thoroughfare"":""123 Apple Tree Lane"",""premise"":""Suite 123"",""name_line"":""TEST""}]",0 ,Course 301,Provider Ex,PE301,,2,http://www.google.com,All,Functional Development,"Classroom|Online, Instructor-Led",Information Systems Security Operations (Information Systems Security Officer),Description
,Example ,Test
,Provider Ex,8504 Two Notch Rd,,Columbia,MD,US,29223,,0 ,Course 401,Provider Ex,PE401,,0,http://www.google.com,All|Federal Employee,Functional Development|Skill Development,1,1|2|3,Description
,Example ,Test
,,,,,,,,,0 1245,Course 501,Provider Ex,PE501,,1,http://www.google.com,1|2,Skill Development,1|2|3,All Source Intelligence|Computer Network Defense Infrastructure Support,Description
,Example ,Test
,,,,,,,,"[{""country"":""US"",""administrative_area"":""SC"",""locality"":""Columbi a"",""postal_code"":""29223"",""thoroughfare"":""8502 Two Notch Rd"",""name_line"":""Provider EX""}]",0 1246,Course 601,Provider Ex,PE601,,2,http://www.google.com,Federal Employee,Skill Development,1|2,Computer Network Defense Infrastructure Support,Description
,Example ,Description
,Example ,Description
,Example ,| File Type | application/pdf |
| File Title | Microsoft Word - NICCS-Portal-P6_TC CSV Data Format User Guide v1.3_07April2017.docx |
| File Modified | 2017-07-11 |
| File Created | 2017-04-12 |