Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF SEPTEMBER 17, 2015 FBO #5046
SOURCES SOUGHT

U -- Network Security Training Classes (online)

Notice Date
9/15/2015
 
Notice Type
Sources Sought
 
NAICS
611310 — Colleges, Universities, and Professional Schools
 
Contracting Office
141 ARW/MSC, Washington Air National guard Contracting Office, 2 South Olympia Avenue, Fairchild AFB, WA 99011-9439
 
ZIP Code
99011-9439
 
Solicitation Number
WAANG194SS001
 
Response Due
9/22/2015
 
Archive Date
11/14/2015
 
Point of Contact
Matthew Berube, 509-247-7224
 
E-Mail Address
141 ARW/MSC
(matthew.berube@us.af.mil)
 
Small Business Set-Aside
N/A
 
Description
The Washington Air National Guard is seeking sources to fulfill a requirement for two different network security training classes. The sources we are looking for must have the following accreditations and the classes must have the following characteristics. **Course delivery / vendor accreditation requirements** Vendor must deliver course through web based application that track student progress, provide lab exercises, quizzes, SME support and allow 24/7 access. Online course delivery must include instructor speaking to corresponding presentation material. Vendor must provide a forum to answer student questions by certified technical assistance. Vendor must provide a hard-copy course material that includes slides and full descriptive paragraphs on slide content. Content depth must be appropriate for six eight-hour days of instruction. Vendor has documented peer review process for course development and feedback. Vendor must have pre-built training environment that is packaged with all necessary tools for course requirements. Vendor has successfully delivered and refined course for at least 6 months demonstrated through advertisement of course on internet. Vendor must demonstrate or provide at least 10 reviews from previous contracts and/or students that are publically accessible online. Vendor must provide official certification and testing to demonstrate student comprehension and knowledge. Proctored exam must be available in multiple locations within the United States throughout various dates and times based on student's needs. ***Network Forensics training class requirements*** Describe Payload Reconstruction, to include encapsulation/decapsulation methods, session reconstruction for common protocols such TCP and HTTP. Describe fundamentals of network forensics using TCPDump and wireshark. Topic should discuss using pcap files and Berkeley packet filters. Briefly introduce wireshark display filters and use during network forensic analysis. Describe placement of network forensic collection points such as logs, taps, and switches Perform netflow analysis and collection using SILK, nfsen, nfcapd and nfdump. Perform analysis on HTTP, FTP, NTP, SMTP to include protocol dissection, artifact extraction, forensic value, and inherent weaknesses. Perform practical hands on exercises involving forensic investigation using firewalls, to include building IPTables rules (packet flow process, syntax, and useful tools) and IDS (building rules, configuration and logging). Describe and practical hands on exercise for network protocol reverse engineering to include dissection of unknown protocols, pattern recognition, and use of binary format. Describe encrypted traffic for flow analysis to identify anomalies. Describe encryption and encoding. ***Linux/Unix training class requirements*** Describe memory attacks and overflows to include stack and heap overflows, format string attacks and stack protection. Describe the booting process to include services, systemd and init Practical exercise using host based firewalls. Describe rootkits and detection capabilities such as rkhunter and chkrootkit. Describe file integrity assessments to include AIDE or tripwire. Describe physical attacks and defenses to include single user mode and boot-loader passcodes. Describe kernel tuning to include network and system resources. Describe and practical hands on exercise using SSH tunneling to include X11 forwarding and TCP forwarding. Describe and practical hands on exercise of linux audit configuration to include syslog process accounting and kernel level auditing. Describe and practical hands on exercise configuration and running of SELinux. Describe and practical hands on configuration of BIND, DNSSEC, Apache, and web application firewalls with MOD_Security. Describe and practical hands on exercise with linux based incident response and evidence acquisition to include creating images, using snapshots, critical investigation commands, MAC times/timeline analysis, string searches and searching unallocated space. Please contact TSgt Matt Berube at matthew.j.berube2.mil@mail.mil with any responses or questions.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USA/NGB/DAHA45-1/WAANG194SS001/listing.html)
 
Place of Performance
Address: 262 NWS 855 Lincoln Blvd JBLM WA
Zip Code: 98438
 
Record
SN03886586-W 20150917/150915235935-989058496b85e4d5ecfc110cfc600dc6 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.