The vendor is required to information technology group provides technology services to internal centers and groups and partner agencies with a focus on providing a secure, protected network infrastructure dedicated to the protection, reliability, and availability of the agency’s data.
- Include for services:
1. Edge security
• Perform ping sweep and port scan of external IP addresses
• Perform vulnerability scan of all external IP addresses
• Review ingress and egress firewall policies
• Review network address translation rules for publishing internal systems
• Verify firewall inspection layer - application layer and stateful inspection
• Determine if reverse proxy is in place for inspecting encrypted traffic and pre- authentication
• Determine if any unified threat management is configured for the edge security
• Review current auditing policies and practice for edge security devices
2. Network security
• Review switch configurations to determine if network segmentation configured between networks
• Determine if any internal firewalls are in place between workstations and servers
• Determine if encryption is configured to protect internal communications
• Review wireless security settings to validate security measures in place
• Validate port security and whether or not network ports are active by default and if port security enforces based on mac address
• Determine if any network intrusion detection or prevention systems are providing network scanning
3. systems security
• Perform ping sweep and port scan of internal ip addresses
• Review all servers and workstations (see appendix) in the environment to determine if the following configurations have been made or security measures are in place
4. Access management
• Review the methods of authentication currently in place
• Review domain group membership for high-privilege groups
• Determine policy for using separate accounts for user level access and privileged access
• Review the current password policy enforced on the domain
• Perform password auditing for existing user passwords on the domain
• review remote access methods and security
5. Disaster recovery
• Perform three tabletop exercises (TTX) walking through disaster scenarios in the context of CRT
o Prepare tabletop exercise briefing book
o A script of everything that will take place during the exercise and specify how the exercise will be conducted.
• Conduct a minimum of two full disaster recovery (DR) drills using elastic disaster recovery
o Business analysis impact
o Record time to recovery
o Recovery point objectives
o Disaster recovery sites
o Data backup
o Testing and validation
o Incident response plan.
- Questions/Inquires Deadline: May 05, 2025