29 June 2001 ---------------------------------------------------------------------- [Printed Issue Date: June 29, 2001] From the Commerce Business Daily Online via GPO Access [cbdnet.access.gpo.gov] PART: U.S. GOVERNMENT PROCUREMENTS SUBPART: SERVICES CLASSCOD: U--Education and Training Services OFFADD: FBI/TCAU, 14800 Conference Center Drive, Suite 300, Chantilly, VA 20151 SUBJECT: U--COMPUTER SECURITY TRAINING SOL RFQ-957931 DUE 071201 POC Paul Rankin (703)814-4914; Tracie Davidson (703)814-4722 DESC: This is a combined synopsis/solicitation for commercial items and is being issued in accordance with the Federal Acquisition Regulation (FAR) Subpart 12.6, as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; proposals are being requested and a written solicitation will not be issued. The solicitation number RFQ-957931 is issued as a Request for Quotation, under simplified acquisition procedures, test program, unrestricted. The North American Industry Classification System (NAICS) code is 611699 and the small business size standard is $5.0 million in revenues. The solicitation document and incorporated provisions and clauses are those in effect through Federal Acquisition Circular 97-27. All responsible sources may submit a proposal, which, if timely received, shall be considered by the Government. The contractor shall provide classroom training on computer security that meet the following Statement of Work for Core Computer Security Training 1.0 OBJECTIVES - The primary objective is to provide training to selected field office personnel that will ensure that the related personnel acquire a fundamental understanding of the types of security features cited in paragraph 2.0 below. Understanding these features will enable personnel to effectively conduct or support other law enforcement personnel leading in an investigation of a computer intrusion that has occurred across a networked environment. The objective is to provide training to the personnel to acquire sufficient understanding of commonly deployed security features and their functions so that FBI personnel can competently discuss the technical aspects of these security features with a system administrator to potentially reduce the likelihood of a successful future network intrusion and subsequent time-consuming investigation. This Core Plus Training initiative will encompass the provision of training in six selected courses at eleven (11) Field Office locations to be determined once a contractor has been selected based on course content and ability to deliver the required training. A major supporting objective would be to secure the services of a cadre of instructors already familiar with basic investigative practices and the FBI mission. A contractor with such experience in these matters would prove to possess an invaluable perspective, one that would enhance the delivery of this training requirement. 2.0 COURSE LEARNING OBJECTIVES - The course and learning objective shall consist of the following training, accomplished through six components. In general, training delivery will be provided through the provisioning of eleven 2-day training sessions at 11 FBI Field Offices. A minimum of four sessions may be conducted at field offices located close to contractor-provided instructors to minimize travel expenses. The eleven sessions will draw from six, off-the-shelf, time-tested, classroom-proven courses on the following topics and learning objectives: 2.1. Advanced Network Security - Student will be able to: Identify role(s) and shortcoming(s) of a generic enterprise firewall deployment; Identify role(s) and shortcoming(s) of a generic intrusion detection system (IDS); Identify role(s) and shortcoming(s) of cryptographic authentication systems; Identify role(s) and shortcoming(s) of virtual private networks (VPN); Identify the risks associated with management decisions to allow employees to telecommute or to have dial-up access; Identify the utility of and generic methods of implementing software patches and security suggestions available via open sources on the Internet; Identify commonly available hacker tools readily adaptable for self-directed vulnerability assessments; Identify the strengths and weaknesses of layered approaches (firewall, ISD, authentication, VPN) to network security; and Participate in instructor-directed exercises that highlight the features of successful network security. 2.2. End-to-End Intrusion Management (Incident Response) - Student will be able to: Identify events that may constitute an intentional computer intrusion, which warrants a dedicated and purposeful response by management, its security and legal staffs, and the system administrator; Identify and discuss the use of commonly available risk analysis protocols to assess likely severity of a successful intrusion and option development to counter the degree of risk assessed as likely; Identify types of data required to sustain the development of an incident management system; Identify types of data required to sustain a credible post-incident forensic effort that law enforcement may establish and legal options available for management to pursue; and Develop, via instructor-directed exercises, incident response procedures and techniques for engaging management in active involvement in incident management planning and funding support. 2.3. Intrusion Techniques and Countermeasures - Student will be able to: Identify and characterize popular scanning techniques; Identify and characterize common exploit tools; Identify and characterize common denial of service attack methodologies; Identify and characterize widely available intrusion countermeasures; Identify and characterize commonly used security features of UNIX and NT operating systems; and List TCP/IP implementation protocols likely to accompany frequently employed probing and attack techniques. 2.4. Firewalls and Internet Security - Student will be able to: Identify and characterize varying types of firewalls; Identify the role(s) and shortcoming(s) of virtual private networks (VPNs); Identify and characterize criteria for matching optimum firewalls with selected network operating systems; Identify and characterize other features and techniques that can be employed to augment the security of deployed firewalls; and Identify and characterize identifiable techniques commonly used to undermine selected firewall configurations. 2.5. WINDOWS NT Security - Student will be able to: Identify and characterize the utility of a Security Configuration Editor; Identify and characterize the role(s) of encryption techniques and authentication methods configurable with WINDOWS NT; Identify and characterize the impact(s) of security on convenience and performance; Identify and characterize the utility of security features inherent within the LOGIN process, domain trust relationships, account management, and various password employment strategies; Identify and characterize the role(s) of access control lists (ACLs) and Registry operations; and Identify and characterize the role of the system administrator and the information system security officer in implementing WINDOWS NT. 2.6. WINDOWS 2000 Security - Student will be able to: Identify a framework to categorize attack methodologies such as external vs. internal threats, TCP/IP Host and Network Security Best Practices, Social engineering attacks and company policy, and the "low hanging fruit" philosophy; Identify effective ways to compromise Win2000 systems such as attacks via the web application layer, password weaknesses, NetBios and unauthenticated "null" sessions, LSA secrets, client-side attacks, physical attacks, and denial of service attacks; Identify effective ways to deter attacks across Win 2000 networks such as group policy, security templates, IPSec, EFS, Kerberos, and Runas best practice applications; and Apply a methodology capable of auditing a Win 2000 environment for security concerns. 3.0 DELIVERABLES - The contractor shall provide the FBI with one original copy of each course book for evaluation, either on diskette, or in clean hard copy along with contractor's permission to reproduce the requisite material for such evaluation. If it is necessary to make the delivery of courses more cost effective, the FBI shall be responsible for production of all course books, as well as their delivery to the field office training locations. A delivery schedule for the course book originals will be mutually agreed by the FBI Core Plus Program Manager and the contractor, based on scheduled course dates. In addition, the contractor shall submit status reports, copies of student evaluations, and issue papers concerning student evaluations, as requested, no later than 30 days after completion of each course to the COTR and FBI assigned Program Manager. 4.0 INSPECTION AND ACCEPTANCE - All training facilitation services performed by the contractor will be subject to review and inspection by the COTR. 5.0 COURSE OWNERSHIP AND COPYRIGHT - All course materials will remain the sole intellectual property of their original instructors/developers and copyrights will be retained. All proposals shall contain past performance references for the last three (3) contracts of a similar nature. Bids received without past performance references shall be considered non-responsive. Bidders shall ensure all reference points of contact, i.e., organization, name, and phone number, are accurate. Proposals will be evaluated based on the factors as listed below for a contract to be awarded 7/28/01 or as soon as possible after that date. Service to become effective with award and the place of delivery shall be determined upon award. The following FAR clauses apply to this acquisition: 52.212-1 Instructions to Offerors - Commercial Items (Mar 2000). 52.212-2 Evaluation - Commercial Items (Jan 1999). The Government will award a contract resulting from this combined synopsis/solicitation to the responsible Offeror whose proposal conforming to this synopsis/solicitation will be most advantageous to the Government, price and other factors considered. The following factors shall be used to evaluate proposals, price, technical capability and past performance. Technical and past performance, when combined, are more important than price. Vendors are required to submit past performance information, including points of contact, on the last three contracts for similar equipment and service. 52.212-3 Offeror Representations and Certifications - Commercial Items (Oct 2000). Proposals shall be accompanied by completed representations and certifications. 52.212-4 Contract Terms and Conditions - Commercial Items (May 1999). 52.212-5 Contract Terms and Conditions Required to Implement Statutes or Executive Orders - Commercial Items (Jul 2000). 52.232-33 Mandatory Information for Electronic Funds Transfer Payment (May 1999). In addition to the listed FAR provisions and clauses, all Offerors must provide a contractor identification code which is currently the Dun and Bradstreet Data Universal Numbering System (DUNS) number. The selected Offeror shall also submit an electronic payment form SF-3881 ACH Vendor/Miscellaneous Payment Enrollment in accordance with the Debt Collection Act of 1996. A copy of this form may be obtained from the U.S. Treasury web site address http://www.ustreas.gov/forms.html. All FAR provisions and clauses may be reviewed and/or obtained from the General Services Administration's Federal Acquisition Regulation web site at Internet address http://www.arnet.gov/far/. Two (2) copies of a signed and dated proposal must be submitted to the Federal Bureau of Investigation, Suite 202, 14800 Conference Center Drive, Chantilly, Virginia 20151, no later than 4:00 PM Eastern Standard Time (EST) 7/12/01. All proposals must be submitted in hard copy. NO Faxed proposals will be accepted. The contact for information regarding this solicitation may be obtained by contacting Mr. Paul D. Rankin at (703) 814-4914 or Tracie Davidson at (703)814-4722 between the hours of 7:30 AM and 4:30 PM EST, Monday through Friday. The proposal number RFQ-957931 must be listed on the outside of the submission. BIDDER PACKAGES SHALL INCLUDE ALL INFORMATION REQUESTED WITHIN THIS SOLICITATION TO BE CONSIDERED. CITE: (W-178 SN50Q209) HTTP/1.1 200 OK Date: Fri, 29 Jun 2001 11:24:42 GMT Server: Apache/1.3.9 (Unix) Debian/GNU mod_perl/1.21_03-dev Connection: close Content-Type: text/html; charset=iso-8859-1
Please contact the server administrator, webmaster@sailor.lib.md.us and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.