Visit Arches and discover a landscape of contrasting colors, landforms and textures unlike any other in the world. The park has over 2,000 natural stone arches, in addition to hundreds of soaring pinnacles, massive fins and giant balanced rocks. This red rock wonderland will amaze you with its formations, refresh you with its trails, and inspire you with its sunsets.
A rugged, whitewater river flowing northward through deep canyons, the New River is among the oldest rivers on the continent. New River Gorge National River in West Virginia encompasses over 70,000 acres of land along the New River, is rich in cultural and natural history, and offers an abundance of scenic and recreational opportunities.
Denali is six million acres of wild land, bisected by one ribbon of road. Travelers along it see the relatively low-elevation taiga forest give way to high alpine tundra and snowy mountains, culminating in North America's tallest peak, 20,310' Denali. Wild animals large and small roam un-fenced lands, living as they have for ages. Solitude, tranquility and wilderness await.
The OCIO's ISSLOB Services help you protect your network and applications
OCIO's ISSLOB Penetration Testing team provides a real-life snapshot of your security controls' effectiveness. OCIO’s professionals are experts in the latest attack methods and techniques used to exploit information systems. Our team attempts to break into your network to find vulnerabilities before attackers do. This unique process identifies vulnerabilities and threats; tests the reaction and identification capabilities of your agency; and provides a measurement of continuous improvement.
Why Do I Need This Test? Penetration testing is a controlled attack simulation that helps identify susceptibility to application, network, and operating system breaches. By locating vulnerabilities before the adversaries do, you can implement defensive strategies to protect your critical systems and information.
What Does Penetration Testing Actually Test?
OCIO ISSLOB performs both black box--no knowledge--and white box--with knowledge and/or privileges--Penetration Testing. Assessments include:
Web Application Vulnerability Assessment – These assessments focus on the security of Web-based applications by attempting to exploit faulty application logic. Fixes and approaches are recommended that will increase the security of the application, host server, and network.
External Network Vulnerability Assessment – These assessments focus on the security of the net-work perimeter. They check the effectiveness of firewalls, routers, intrusion detection systems, operating systems, and services available to the Inter-net or untrusted networks.
Internal Network Vulnerability Assessment – These assessments apply to the security of your internal networks and systems. They mirror actual at-tack scenarios launched from an internal source or gauge the extent to which an external attacker could roam through internal networks. This test can also check the security of your wireless LAN infra-structure.
Wireless Assessment – This type of assessment identifies vulnerabilities in wireless 802.11 based networks through a process called war walking. Once misconfigured or rogue access points are located, further attempts are made to connect to the network and leverage vulnerabilities.
War Dialing – This type of assessment identifies vulnerable modems by dialing a predetermined set of numbers. Once an active modem is located, at-tempts are made to identify the service and penetrate the system.
What Is the Procedure for a Penetration Testing Test?
Our security professionals have a written methodology that is constantly updated with new techniques and vulnerabilities. The attack scenario often begins with passive probing to provide a map of the target network, and then progressively escalates. Configuration weaknesses and vulnerable systems are exploited to gain unauthorized or privileged system access. Throughout the test, ISSLOB works with you to identify appropriate target systems and to keep you up to date on the attack's progress. A brief summary re-port provided on the last day of testing identifies all discovered vulnerabilities and the affected systems.
OCIO’s Penetration Testing team can perform a realistic hands-on simulated attack of your network and applications. We will not only find out where the holes in your systems are, we will also determine how good your current intrusion monitoring devices are at recognizing and re-porting the attack. With the results of our tests and recommendations, you can optimize your agency’s security stance and be confident that your network will resist malicious intrusions. We don't just identify problems-we help define a solution balanced around your business objectives.
No separate contract is required. No sole source justification is required.
The OCIO ISSLOB COE is positioned to provide C&A services to DOI and federal government agencies. As an OMB designated ISSLOB, work is initiated through an Inter-Agency Agreement (IAA) with the Interior Business Center Line of Business.
The IAA will reference an agreed upon Memorandum of Understanding, with supporting Proposal, Statement of Work and Rules of Engagement documents. Authority Under Which C&A is Provided: Economy Act – 31 USC 1535 and Working Capital Fund, 43 USC 1467, 1468.