29 June 2001

----------------------------------------------------------------------

[Printed Issue Date: June 29, 2001]
From the Commerce Business Daily Online via GPO Access
[cbdnet.access.gpo.gov]

PART: U.S. GOVERNMENT PROCUREMENTS
SUBPART: SERVICES
CLASSCOD: U--Education and Training Services
OFFADD: FBI/TCAU, 14800 Conference Center Drive, Suite 300, Chantilly,
  VA 20151
SUBJECT: U--COMPUTER SECURITY TRAINING
SOL RFQ-957931
DUE 071201
POC Paul Rankin (703)814-4914; Tracie Davidson (703)814-4722
DESC: This is a combined synopsis/solicitation for commercial
  items and is being issued in accordance with the Federal Acquisition
  Regulation (FAR) Subpart 12.6, as supplemented with additional
  information included in this notice. This announcement constitutes
  the only solicitation; proposals are being requested and a
  written solicitation will not be issued. The solicitation number
  RFQ-957931 is issued as a Request for Quotation, under simplified
  acquisition procedures, test program, unrestricted. The North
  American Industry Classification System (NAICS) code is 611699
  and the small business size standard is $5.0 million in revenues.
  The solicitation document and incorporated provisions and clauses
  are those in effect through Federal Acquisition Circular 97-27.
  All responsible sources may submit a proposal, which, if timely
  received, shall be considered by the Government. The contractor
  shall provide classroom training on computer security that
  meet the following Statement of Work for Core Computer Security
  Training 1.0 OBJECTIVES - The primary objective is to provide
  training to selected field office personnel that will ensure
  that the related personnel acquire a fundamental understanding
  of the types of security features cited in paragraph 2.0 below.
  Understanding these features will enable personnel to effectively
  conduct or support other law enforcement personnel leading
  in an investigation of a computer intrusion that has occurred
  across a networked environment. The objective is to provide
  training to the personnel to acquire sufficient understanding
  of commonly deployed security features and their functions
  so that FBI personnel can competently discuss the technical
  aspects of these security features with a system administrator
  to potentially reduce the likelihood of a successful future
  network intrusion and subsequent time-consuming investigation.
  This Core Plus Training initiative will encompass the provision
  of training in six selected courses at eleven (11) Field Office
  locations to be determined once a contractor has been selected
  based on course content and ability to deliver the required
  training. A major supporting objective would be to secure the
  services of a cadre of instructors already familiar with basic
  investigative practices and the FBI mission. A contractor with
  such experience in these matters would prove to possess an
  invaluable perspective, one that would enhance the delivery
  of this training requirement. 2.0 COURSE LEARNING OBJECTIVES
  - The course and learning objective shall consist of the following
  training, accomplished through six components. In general,
  training delivery will be provided through the provisioning
  of eleven 2-day training sessions at 11 FBI Field Offices.
  A minimum of four sessions may be conducted at field offices
  located close to contractor-provided instructors to minimize
  travel expenses. The eleven sessions will draw from six, off-the-shelf,
  time-tested, classroom-proven courses on the following topics
  and learning objectives: 2.1. Advanced Network Security - Student
  will be able to: Identify role(s) and shortcoming(s) of a generic
  enterprise firewall deployment; Identify role(s) and shortcoming(s)
  of a generic intrusion detection system (IDS); Identify role(s)
  and shortcoming(s) of cryptographic authentication systems;
  Identify role(s) and shortcoming(s) of virtual private networks
  (VPN); Identify the risks associated with management decisions
  to allow employees to telecommute or to have dial-up access;
  Identify the utility of and generic methods of implementing
  software patches and security suggestions available via open
  sources on the Internet; Identify commonly available hacker
  tools readily adaptable for self-directed vulnerability assessments;
  Identify the strengths and weaknesses of layered approaches
  (firewall, ISD, authentication, VPN) to network security; and
  Participate in instructor-directed exercises that highlight
  the features of successful network security. 2.2. End-to-End
  Intrusion Management (Incident Response) - Student will be
  able to: Identify events that may constitute an intentional
  computer intrusion, which warrants a dedicated and purposeful
  response by management, its security and legal staffs, and
  the system administrator; Identify and discuss the use of commonly
  available risk analysis protocols to assess likely severity
  of a successful intrusion and option development to counter
  the degree of risk assessed as likely; Identify types of data
  required to sustain the development of an incident management
  system; Identify types of data required to sustain a credible
  post-incident forensic effort that law enforcement may establish
  and legal options available for management to pursue; and Develop,
  via instructor-directed exercises, incident response procedures
  and techniques for engaging management in active involvement
  in incident management planning and funding support. 2.3. Intrusion
  Techniques and Countermeasures - Student will be able to: Identify
  and characterize popular scanning techniques; Identify and
  characterize common exploit tools; Identify and characterize
  common denial of service attack methodologies; Identify and
  characterize widely available intrusion countermeasures; Identify
  and characterize commonly used security features of UNIX and
  NT operating systems; and List TCP/IP implementation protocols
  likely to accompany frequently employed probing and attack
  techniques. 2.4. Firewalls and Internet Security - Student
  will be able to: Identify and characterize varying types of
  firewalls; Identify the role(s) and shortcoming(s) of virtual
  private networks (VPNs); Identify and characterize criteria
  for matching optimum firewalls with selected network operating
  systems; Identify and characterize other features and techniques
  that can be employed to augment the security of deployed firewalls;
  and Identify and characterize identifiable techniques commonly
  used to undermine selected firewall configurations. 2.5. WINDOWS
  NT Security - Student will be able to: Identify and characterize
  the utility of a Security Configuration Editor; Identify and
  characterize the role(s) of encryption techniques and authentication
  methods configurable with WINDOWS NT; Identify and characterize
  the impact(s) of security on convenience and performance; Identify
  and characterize the utility of security features inherent
  within the LOGIN process, domain trust relationships, account
  management, and various password employment strategies; Identify
  and characterize the role(s) of access control lists (ACLs)
  and Registry operations; and Identify and characterize the
  role of the system administrator and the information system
  security officer in implementing WINDOWS NT. 2.6. WINDOWS 2000
  Security - Student will be able to: Identify a framework to
  categorize attack methodologies such as external vs. internal
  threats, TCP/IP Host and Network Security Best Practices, Social
  engineering attacks and company policy, and the "low hanging
  fruit" philosophy; Identify effective ways to compromise Win2000
  systems such as attacks via the web application layer, password
  weaknesses, NetBios and unauthenticated "null" sessions, LSA
  secrets, client-side attacks, physical attacks, and denial
  of service attacks; Identify effective ways to deter attacks
  across Win 2000 networks such as group policy, security templates,
  IPSec, EFS, Kerberos, and Runas best practice applications;
  and Apply a methodology capable of auditing a Win 2000 environment
  for security concerns. 3.0 DELIVERABLES - The contractor shall
  provide the FBI with one original copy of each course book
  for evaluation, either on diskette, or in clean hard copy along
  with contractor's permission to reproduce the requisite material
  for such evaluation. If it is necessary to make the delivery
  of courses more cost effective, the FBI shall be responsible
  for production of all course books, as well as their delivery
  to the field office training locations. A delivery schedule
  for the course book originals will be mutually agreed by the
  FBI Core Plus Program Manager and the contractor, based on
  scheduled course dates. In addition, the contractor shall submit
  status reports, copies of student evaluations, and issue papers
  concerning student evaluations, as requested, no later than
  30 days after completion of each course to the COTR and FBI
  assigned Program Manager. 4.0 INSPECTION AND ACCEPTANCE - All
  training facilitation services performed by the contractor
  will be subject to review and inspection by the COTR. 5.0 COURSE
  OWNERSHIP AND COPYRIGHT - All course materials will remain
  the sole intellectual property of their original instructors/developers
  and copyrights will be retained. All proposals shall contain
  past performance references for the last three (3) contracts
  of a similar nature. Bids received without past performance
  references shall be considered non-responsive. Bidders shall
  ensure all reference points of contact, i.e., organization,
  name, and phone number, are accurate. Proposals will be evaluated
  based on the factors as listed below for a contract to be awarded
  7/28/01 or as soon as possible after that date. Service to
  become effective with award and the place of delivery shall
  be determined upon award. The following FAR clauses apply to
  this acquisition: 52.212-1 Instructions to Offerors - Commercial
  Items (Mar 2000). 52.212-2 Evaluation - Commercial Items (Jan
  1999). The Government will award a contract resulting from
  this combined synopsis/solicitation to the responsible Offeror
  whose proposal conforming to this synopsis/solicitation will
  be most advantageous to the Government, price and other factors
  considered. The following factors shall be used to evaluate
  proposals, price, technical capability and past performance.
  Technical and past performance, when combined, are more important
  than price. Vendors are required to submit past performance
  information, including points of contact, on the last three
  contracts for similar equipment and service. 52.212-3 Offeror
  Representations and Certifications - Commercial Items (Oct
  2000). Proposals shall be accompanied by completed representations
  and certifications. 52.212-4 Contract Terms and Conditions
  - Commercial Items (May 1999). 52.212-5 Contract Terms and
  Conditions Required to Implement Statutes or Executive Orders
  - Commercial Items (Jul 2000). 52.232-33 Mandatory Information
  for Electronic Funds Transfer Payment (May 1999). In addition
  to the listed FAR provisions and clauses, all Offerors must
  provide a contractor identification code which is currently
  the Dun and Bradstreet Data Universal Numbering System (DUNS)
  number. The selected Offeror shall also submit an electronic
  payment form SF-3881 ACH Vendor/Miscellaneous Payment Enrollment
  in accordance with the Debt Collection Act of 1996. A copy
  of this form may be obtained from the U.S. Treasury web site
  address http://www.ustreas.gov/forms.html. All FAR provisions
  and clauses may be reviewed and/or obtained from the General
  Services Administration's Federal Acquisition Regulation web
  site at Internet address http://www.arnet.gov/far/. Two (2)
  copies of a signed and dated proposal must be submitted to
  the Federal Bureau of Investigation, Suite 202, 14800 Conference
  Center Drive, Chantilly, Virginia 20151, no later than 4:00
  PM Eastern Standard Time (EST) 7/12/01. All proposals must
  be submitted in hard copy. NO Faxed proposals will be accepted.
  The contact for information regarding this solicitation may
  be obtained by contacting Mr. Paul D. Rankin at (703) 814-4914
  or Tracie Davidson at (703)814-4722 between the hours of 7:30
  AM and 4:30 PM EST, Monday through Friday. The proposal number
  RFQ-957931 must be listed on the outside of the submission.
  BIDDER PACKAGES SHALL INCLUDE ALL INFORMATION REQUESTED WITHIN
  THIS SOLICITATION TO BE CONSIDERED. 
CITE: (W-178 SN50Q209)

HTTP/1.1 200 OK
Date: Fri, 29 Jun 2001 11:24:42 GMT
Server: Apache/1.3.9 (Unix) Debian/GNU mod_perl/1.21_03-dev
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>200 OK</TITLE>
</HEAD><BODY>
<H1>OK</H1>
The server encountered an internal error or
misconfiguration and was unable to complete
your request.<P>
Please contact the server administrator,
 webmaster@sailor.lib.md.us and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.<P>
More information about this error may be available
in the server error log.<P>
</BODY></HTML>