Before the 1960s almost everything about living openly as a lesbian, gay, bisexual, or transgender (LGBT) person was illegal. New York City laws against homosexual activities were particularly harsh. The Stonewall Uprising on June 28, 1969 is a milestone in the quest for LGBT civil rights and provided momentum for a movement.
Vine Creek Ranch at Death Valley National Park. Steady drought and record summer heat make Death Valley a land of extremes. Towering peaks are frosted with winter snow. Rare rainstorms bring vast fields of wildflowers. Lush oases harbor tiny fish and refuge for wildlife and humans. Despite its morbid name, a great diversity of life survives in Death Valley.
Located 2,600 miles southwest of Hawaii, the National Park of American Samoa is the most remote unit of the National Park System and the U.S. National Park south of the Equator. The Park spreads across three islands, 9,500 acres of tropical rainforest, and 4,000 acres of ocean, including coral reefs. While remote, the islands of American Samoa, true to the meaning of the word Samoa (Islands of Sacred Earth), are welcoming and offer beautiful landscapes and centuries of culture and history.
Seasoned backpacker and adventurer Yang Lu earned the grand prize in the 2015 Share the Experience photo contest with this image of a sunburst captured at sunrise in Glen Canyon National Recreation Area, Utah. Yang has made the outdoors part of his daily life and finds deep connection to the land through his lens.
“My photography is not just for recreation, it is to inspire people to explore these areas." -- Yang Lu
Photo by Yang Lu (www.sharetheexperience.org).
The OCIO's ISSLOB Services help you protect your network and applications
OCIO's ISSLOB Penetration Testing team provides a real-life snapshot of your security controls' effectiveness. OCIO’s professionals are experts in the latest attack methods and techniques used to exploit information systems. Our team attempts to break into your network to find vulnerabilities before attackers do. This unique process identifies vulnerabilities and threats; tests the reaction and identification capabilities of your agency; and provides a measurement of continuous improvement.
Why Do I Need This Test? Penetration testing is a controlled attack simulation that helps identify susceptibility to application, network, and operating system breaches. By locating vulnerabilities before the adversaries do, you can implement defensive strategies to protect your critical systems and information.
What Does Penetration Testing Actually Test?
OCIO ISSLOB performs both black box--no knowledge--and white box--with knowledge and/or privileges--Penetration Testing. Assessments include:
Web Application Vulnerability Assessment – These assessments focus on the security of Web-based applications by attempting to exploit faulty application logic. Fixes and approaches are recommended that will increase the security of the application, host server, and network.
External Network Vulnerability Assessment – These assessments focus on the security of the net-work perimeter. They check the effectiveness of firewalls, routers, intrusion detection systems, operating systems, and services available to the Inter-net or untrusted networks.
Internal Network Vulnerability Assessment – These assessments apply to the security of your internal networks and systems. They mirror actual at-tack scenarios launched from an internal source or gauge the extent to which an external attacker could roam through internal networks. This test can also check the security of your wireless LAN infra-structure.
Wireless Assessment – This type of assessment identifies vulnerabilities in wireless 802.11 based networks through a process called war walking. Once misconfigured or rogue access points are located, further attempts are made to connect to the network and leverage vulnerabilities.
War Dialing – This type of assessment identifies vulnerable modems by dialing a predetermined set of numbers. Once an active modem is located, at-tempts are made to identify the service and penetrate the system.
What Is the Procedure for a Penetration Testing Test?
Our security professionals have a written methodology that is constantly updated with new techniques and vulnerabilities. The attack scenario often begins with passive probing to provide a map of the target network, and then progressively escalates. Configuration weaknesses and vulnerable systems are exploited to gain unauthorized or privileged system access. Throughout the test, ISSLOB works with you to identify appropriate target systems and to keep you up to date on the attack's progress. A brief summary re-port provided on the last day of testing identifies all discovered vulnerabilities and the affected systems.
OCIO’s Penetration Testing team can perform a realistic hands-on simulated attack of your network and applications. We will not only find out where the holes in your systems are, we will also determine how good your current intrusion monitoring devices are at recognizing and re-porting the attack. With the results of our tests and recommendations, you can optimize your agency’s security stance and be confident that your network will resist malicious intrusions. We don't just identify problems-we help define a solution balanced around your business objectives.
No separate contract is required. No sole source justification is required.
The OCIO ISSLOB COE is positioned to provide C&A services to DOI and federal government agencies. As an OMB designated ISSLOB, work is initiated through an Inter-Agency Agreement (IAA) with the Interior Business Center Line of Business.
The IAA will reference an agreed upon Memorandum of Understanding, with supporting Proposal, Statement of Work and Rules of Engagement documents. Authority Under Which C&A is Provided: Economy Act – 31 USC 1535 and Working Capital Fund, 43 USC 1467, 1468.