Specifications include, but are not limited to: 1. External vulnerability and penetration testing: • Identify open source intelligence information that an attacker could leverage in further attacks against the South Coast AQMD (such as email addresses, phone numbers, IP addresses, posted application source code, forum posts with sensitive information, etc.); • Identify open ports/services associated with security vulnerabilities and perform active exploit on systems and applications (Note: Exploit should stop at the point of proof of compromise but not causing any business interruption); 2. Internal vulnerability and penetration testing: • Identify a breadth of attack vectors and vulnerabilities throughout the South Coast AQMD and determine the impact through targeted exploitation • Internal IP ranges will be sampled from the following: i. Network infrastructure devices (include but not limited to routers, switches, and firewalls) ii. Servers and user workstations iii. Voice VLAN and IP phones iv. Printers v. Remote access of air monitor sites vi. Cloud access (Azure) ranges through the site-to-site VPN vii. Third party connection viii. 2 nd location (Long Beach office)
