Specifications include, but are not limited to: The Cyber Security Assessment shall include, but not be limited to, a detailed review of the areas listed below. After completion, the Contractor will be expected to provide a report, and a presentation of findings. The report shall address each item listed below and provide a summary of suggested remediation (if any). Vulnerability assessments and penetration testing services will be used to identify and validate configuration and/or technical flaws within a given system or network (e.g. firewalls, routers, servers, operating systems, applications, databases, etc.). The Cyber Security Assessment shall include, but not be limited to, a detailed review of the areas listed below: 1. Policies, procedures and standards 2. Network Device Configurations 3. Network Architecture 4. Wireless Infrastructure and Configuration 5. Firewall Configuration a. RDP Configuration b. DMZ Configuration 6. Server Environment and Configurations 7. Hyper-V Virtual Environment 8. Data and Information Security 9. Mobile Devices 10. Desktop and Laptop Configurations
