March 24, 2025 • 46 mins
The unexpected convergence of consumer technology and warfare takes center stage as Sean Gruber explores how Chinese e-commerce giants now sell drone accessories that transform $300 toys into semi-autonomous weapons. This eye-opening discussion reveals how modern drones with AI guidance modules and fiber optic tethers mirror strategies from World War I—except today's technology is far more accessible and difficult to defend against.
Against this backdrop, Sean delivers a comprehensive breakdown of Domain 4.2 (Secure Network Components) for the CISSP exam. He methodically examines transmission media vulnerabilities across legacy and modern infrastructure—from coaxial cables still found in specialized environments to the fiber optic networks revolutionizing global communications. Each technology receives detailed security analysis, with Sean highlighting how even supposedly "secure" media like fiber optic remain vulnerable to sophisticated tapping techniques.
The podcast ventures deep into wireless security territories, examining radio frequencies, Bluetooth vulnerabilities, Wi-Fi standards, and the substantial security improvements in 5G cellular networks. Sean explains how technologies like network slicing and zero-trust architecture are transforming mobile security, while also providing practical insights into endpoint protection strategies and the often-overlooked importance of hardware warranty management during security incidents.
For CISSP candidates, this episode delivers the perfect blend of exam-critical technical details and real-world context showing why these concepts matter in today's security landscape. The discussion effectively demonstrates how physical and cyber domains increasingly overlap, requiring security professionals to maintain broad knowledge across multiple disciplines.
Whether you're preparing for the CISSP exam or looking to strengthen your organization's network security posture, visit CISSPCyberTraining.com to access Sean's specialized preparation materials, including study blueprints tailored to various timeframes based on your personal schedule and learning needs.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Welcome to the CISSP Cyber Training Podcast, where we
provide you the training andtools you need to pass the CISSP
exam the first time.
Hi, my name is Sean Gerber andI'm your host for this
action-packed, informativepodcast.
Join me each week as I providethe information you need to pass
the CISSP exam and grow yourcybersecurity knowledge.
(00:20):
All right, let's get started.
Let's go.
Cybersecurity knowledge.
Speaker 2 (00:24):
All right, let's get started.
Hey, hello, sean Gruber, withCISSP Cyber Training, and hope
you all are having a beautifullyblessed day today.
Today, we're going to betalking about domain 4.2 of
secure network components, allrelated to the CISSP exam.
As always, you know, the CISSP,or cyber training, was created
specifically to help you all getready for the CISSP exam.
(00:46):
As we all know, it's a buggerof a test, and if you are better
prepared for it, you have abetter chance of passing, and we
want you to pass the test thefirst time, not like me, and
fail it the first time.
We want you to pass it thefirst time.
So, before we get going intothat, though, I wanted to talk
about an article that I saw inthe news related to low-cost
(01:07):
drone add-ons from China, andthis isn't something interesting
that I've seen growing over theyears.
You know the overall goal ofdrones.
You know, coming from amilitary background, coming from
flying airplanes, it hasmorphed into something that is
way beyond what we could haveever seen.
However, it also hasn't.
We also knew in the military.
We knew for many, many, manyyears that drones were going to
(01:29):
be a big part of how wars werefought.
What it relates to, we thought,airplanes that were basically
remote controlled.
They would then go in andattack targets and so forth.
Well, those are available now.
Those are starting to come outon the market, which we
anticipated and kind of thoughtthey would be here a little bit
before now, but obviously ittakes a lot to get these systems
(01:50):
up and running.
That being said, one thing thathas really kind of changed a lot
of people's thought process arethese small, little tiny drones
that you can buy online and youcan be able to fly around your
house and do whatever you wantto do with them.
Actually, probably not aroundyour house outside your house
would be a good idea.
Inside your house and dowhatever you want to do with
them Actually, probably notaround your house.
Outside your house would be agood idea.
Inside your house, not a goodidea.
My cat does not like a drone.
We had a drone in the house.
(02:11):
My son brought one by and thecat was not a fan.
It pretty much ran and hid asfast as it could when it heard
it and saw it.
So fly them in your home Also.
You can lose an appendage ortwo.
Probably not a good idea.
That being said, the Chinesee-commerce giant Timu and
AliExpress are selling droneaccessories for those who would
wish to purchase, but, thatbeing said, they are also being
(02:33):
used for wartime activities andyou can anticipate anything that
can be used for good can beused potentially for bad or evil
, depending upon what side ofthe war you're on.
Now an interesting part on allthis and I laugh because how
it's gone full circle wherethese drones now are, people are
connecting all kinds ofpayloads to them and they can
(02:56):
drop grenades.
They can drop all kinds ofaspects from these drones, and
it's really indicative of whathappened during World War I,
when there would be the SopwithCamel would be flying around.
This is a biplane flying aroundover the battlefield and this
was the first time airplanes hadreally been used at all in any
sort of military engagement andthere would be pilots with
(03:16):
grenades inside the cockpit andthey would just drop them over
the side.
Very, very similar concept.
The difference is, as a pilot,you were pretty much hanging out
there to get shot at, whereasthe drones now are fully
disposable and, because they'resuch an inexpensive tool, they
can just be replicated andreproduced over and over again.
Now the article talks about somekey drone modifications, like
(03:39):
AI guidance modules that are.
Basically they enable human andvehicle recognition.
I mean, this is amazing A smalldrone about $300, can determine
vehicles and it can determinehumans.
It does allow them to besemi-autonomous, so therefore
you can launch them and let themgo.
It will then hunt down whateverit sees.
They also have fiber optictethers, which I think is an
(04:01):
interesting part in the factthat one of the aspects that
came to the they're running intoissues of again, coming from a
B1 background and from anelectronic warfare background, I
understand the use of jammingcapabilities.
Well, you can jam these systemsright.
You can jam them, you can hitthem with a microwave and knock
them out, but they're addingfiber optic tethers to them.
(04:22):
You can't jam that signal andwe're going to talk about that
today as well, a little bit inthe CISSP training around fiber
optics.
But one of the aspects youcan't really jam it.
When it's got a tether to it.
They will put different typesof explosives One, they can drop
them.
Two, they can just have themattach the drone and the drone
just becomes a terminal missile.
So as a precision guided missile, I should say an interesting
(04:44):
part in all this we used tospend tens, if not hundreds of
thousands of dollars onprecision guided weapons for the
B-1 bomber.
And we had a thing called JDAM,which is your joint direct
attack munition, and it had theability to come out of the
airplane, it would drop and thenit would find its way to a
target based on predefinedlocation and coordinates that
(05:04):
you would put in the system.
And it had this package thatyou would wrap around a bomb,
basically a 500 pound bomb oreven a 2000 pounder.
You wrap this package around itand then it would fly to its
target and do its thing.
Well, now you can do the samecapability with a $300 drone.
Now, obviously you can't carrythe same level of tritonol and
explosives, but it still doesthe same impact.
(05:26):
And the one thing that I thinkthis article didn't really kind
of go over, which isunderstandable why is the
psychological effect of this?
This would be extremelydemoralizing to folks on the
battlefield.
One is if you hear an airplane,you see airplanes and bombs
start dropping.
You have an ability to dealwith that.
At least I say that loosely, Imean I've never least.
I say that loosely, I mean I'venever had bombs dropped on me,
(05:51):
but you have the ability to go.
Hey, I see it coming.
I hear it coming.
Hunker down, try to justsurvive With these things.
You don't even know they'rethere until it's too late
because they hang up at a highaltitude.
You can't hear the motors andthey're just like little bees
that carry explosive devices onthem.
So, yes, it's very, veryinteresting where this world is
going to.
One of the things they bringabout in the article is that
(06:11):
there needs to be improved dronetechnologies as far as
counter-drone technologies toshut them down, and then there
has to be global regulationsaround the sale of militarized
drone accessories.
I think it's going to be hardto do some of that.
You can get a 3D printer.
You can print probably whateverdrone you want or accessory you
want to do.
So the bad guys and girls whoreally want to make this happen
(06:33):
they're going to make it happen.
I don't think any sort ofregulation is going to squash it
.
All it's going to do isprobably limit some of its
express exposure to the rest ofthe globe.
But again, good article.
It's in Wired Magazine.
The ultimate point of it islow-cost drone add-ons from
China.
Let anyone with a credit cardturn toys into weapons of war.
Again, good article.
(06:54):
I recommend you read it.
And again, as a cybersecurityperson, you're probably going
well, why does this matter?
To me it does, because as wetalk about physical security, we
talk about cybersecurity.
A lot of times they blend over,and you may have folks within
these physical securityenvironments that will ask you
hey, I got drones, I don't knowwhat to do with them.
I got these little guns that Ican shoot at them to kind of
(07:14):
knock them down, but do you haveany cyber things that you would
recommend?
And so, therefore, guess whatyou need to understand the
drones and how they'recommunicating with the home,
which we're going to talk abouthere in just a minute, because
we're going to go over ourfrequencies, we're going to go
over fiber optics and so forth.
So, again, drones, check themout.
Again, wired Magazine droneadd-ons from China.
All right, let's move on towhat we're going to talk about
(07:35):
today.
Okay, so, this is domain 4, 4.2,secure network components.
And so, again, you can get allof this at CISSP Cyber Training.
Head on over to CISSP CyberTraining.
Get access to my content.
There's three differentpurchase options available to
you.
You can just get this contentand have access to it, no
problems whatsoever, or you canget the access to the free
(07:56):
content that I put out there.
After a period of time itbecomes free, as well as the
podcast that you're listening toat this point.
So all of this stuff isavailable to you in one form,
shape or another.
Just depends if you want tohave access directly to the
content, if you want to haveaccess to me, or if you want to
just get the free stuff.
It's all up to you.
Okay, so let's get into Domain4.2.
(08:16):
So first part of this is we'regoing to get into operations of
hardware and we're going tofocus a little bit on network
access controls.
Now, before we get into thatjust a little bit, we're going
to do just a real quick overviewof what is.
What are we doing?
We're focusing reallyspecifically on the network
component level in this domain.
Now you got intranet, you haveextranet and we're going to kind
(08:36):
of get into those.
Just well, probably a littlebit on those.
But the thing to kind ofconsider is intranet is a
private internal network.
It's a network inside yourcompany, inside your area.
That's what they call anintranet.
You have an extranet which is ablend of the intranet and the
internet, right?
So you basically internal andexternal, and then you have a
demilitarized zone which is bothyour it's your internet and
(08:57):
business network where they meet.
So we've talked about this atCISSP Cyber Training in multiple
times times where you have ademilitarized zone, usually
between your process environmentmaybe you have manufacturing
and your, or I should say yourcompany, and that between those
two is a demilitarized zone.
That is an area where those twomeet and typically you will
have some level of separationbetween them.
(09:19):
And then segmentation.
This is where you have virtuallocal area networks, which is
your VLANs, and there'sdifferent types of segmentation.
We'll talk about wireless localarea networks today a little
bit.
So any type of segmentation canoccur within these various
networks as well, and it can befrom both physical and some sort
of wireless type technology.
(09:41):
Now, what is a network accesscontrol?
The network access control,this is a security framework
that restricts unauthorizeddevices from accessing your
network.
Okay, so your security policiesthat will be put in place to
that will help identify theperson, the device, there's
compliance aspects to it, andthen it also ensures that their
security posture is set upbefore a person will connect to
(10:03):
the network.
Now there's some differenttypes of features that you want
to understand related to networkaccess controls.
You have authentication andauthorization.
Now these are again, these keyfeatures are things that you
really will run into almost anytype of network and you should
try to implement, if not all ofthese, most of them as much as
you possibly can.
Authentication, authorizationagain we talked about that where
(10:26):
you have the authentication ofa person and you authorize that
person or device onto thenetwork and again this is an
important part and you don'twant to have the ability for
people to have connect devicesto your network that are not
authorized or authenticated.
You want to do a postureassessment basically understands
what are all the differenttypes of compliance requirements
(10:46):
associated with the device doesit get updated, does it have av
, all of those pieces you wantto make sure that your devices
are on a network.
Access control will control that.
Role-based access controls arerbac.
This will also be set upthrough network access controls
that will help limit accessbased on user roles, and we've
talked about this numerous times.
You hear about RBAC a lot onCISSP, cyber Training is
(11:09):
role-based access controls andlimiting what you can and can't
do based on the specific rolethat you're in, and we want to
make sure that we are very clearon what roles that you do work
in and that we have controlstied specifically to them.
Network segmentation is animportant part of network access
controls as well.
Again, this will help preventlateral movement within the
network by people or accountsthat don't necessarily need the
(11:31):
access.
And then, last thing is whenwe're dealing with zero trust.
Network access control is acrucial part of a zero trust
security and, as you know, theUS government is forcing a lot
of their departments I mean alltheir departments to have some
level of zero trust enabledwithin their networks.
So, understanding zero trustmethodology and framework is an
important part of any sort ofsecurity posture that you have
(11:53):
to protect your company.
Now, if you have a smallcompany, you may go.
I can't afford all of thisstuff.
You're going to have todetermine what works best for
you.
But again, understanding as asecurity person, all of the
foundational aspects, it'simportant for you to help make a
risk-based decision on this.
Now, if you're in a highlyregulated environment, you may
not have the ability to make asmuch of a risk-based decision as
(12:15):
you may like because theregulators may force you to do
so.
Okay, so firewalls Now we'lltalk about firewalls and various
aspects of CISSPp, cybertraining, but we're going to
just kind of go into some of thekey factors as it relates to
the operation of the hardwareitself.
One firewalls are a networksecurity device that monitor and
filter incoming and outgoingtraffic, right based on some
(12:35):
predefined security rules thatyou will have put in place to
protect your environment.
They do operate in variouslayers of the osi model and they
have different inspectioncapabilities, and we're going to
kind of go over some of theseinspection capabilities today.
So the first one is packetfiltering.
Now, this is basic IP andport-based filtering that is,
looking at the packets goingacross the wire.
So all of these packets arebeing looked at, they're being
(12:57):
filtered and there's differenttypes of capabilities that are
put up against them.
There's also statefulinspection.
This is where it tracks anysort of connection that's
occurring and it tracks theactive connections that are
going on within your network.
And so there's a stateful piecewhere it's looking at each
specific connection going in andout, whereas just a packet
filtering it would be like ifyou're just inspecting all the
(13:18):
packets coming across the wire.
This one is actually inspectingthe connections that are
occurring between them.
Then you have deep packetinspection.
Now this examines the payloadsthat are specifically going
through the wire and is lookingfor any sort of threat that it
may find.
So a DPI, a deep packetinspection, can occur when you
have a very I'll have to tellyou, warn you on this you'll
(13:39):
need to have a very strongfirewall that you have put in
place, a very powerful one,because doing deep packet
inspection does take it's a veryresource constraining activity
and it can take a lot ofdifferent power, a lot of
different computational power tomake that happen.
You have application layerfiltering.
This inspects traffic at layerseven for, again, advanced
(14:00):
protection related to theoverall application, as we talk
about the different layers ofthe OSI model.
This is where they would lookspecifically at what's occurring
within the application, orlayer seven, tls and SSL
inspections.
This will decrypt any trafficto detect any sort of attacks
that could be occurring withinthere, and maybe not necessarily
attacks, but more like datathat might be leaving the
(14:20):
environment.
I will tell you, I've worked ona project with a large medical
company around TLS and SSLinspection.
It can occur, it can be a goodthing, but it is one of those
aspects that you really need tohave a good plan.
Related to it, there's a lotthat goes into any sort of
encryption inspection and it isvery complicated and it's a very
(14:43):
resource-intensive process.
The other one is next-generationfirewalls.
These are a more modern type offirewall.
Now I will tell you that thiswas when I first started in this
whole business of cybersecurity.
Firewalls were one thing andthen you moved into
next-generation firewallsbecause that gave you a lot more
features and a lot morecapability.
Well, in today's world, a lotof stuff is virtualized and
(15:05):
because it is so virtualized,you can get the capabilities of
a next generation firewall andalmost all kinds of firewalls.
But the bottom line is is ittakes it.
It goes from just being arudimentary device to something
that can provide a much moregranular security tool is what
you would find in a nextgeneration firewall.
Okay, so now we're going to getinto transmission media, the
(15:30):
different types of transmissionmedia that you will run into as
you're studying for the CISSPand as you'll run into related
to the security space in general.
So, coaxial cable Now, all areprobably going.
What is coaxial cable?
You'll still find it in places,but it's that black pipe
looking thing that's got acopper line in the middle of it.
This copper conductor issurrounded by an insulated
(15:51):
material and a metallic shieldin the outer cover and the
ultimate goal is that it wouldtransmit data over this copper
line.
Again, this is old school.
Back when I was in college,this was kind of the rave of
everything coming out.
You had to have terminators,you had to have cable run to
different places, but it didallow you to have a much level,
a much better ability tocommunicate between one system
(16:11):
and another system, and withouthaving to have something even
more complicated.
But there's thick net and thinnet or some different types to
think about.
There's 10 base 5 and 10 base 2.
Obviously, the 10 base 5 isolder and supports longer
distances and because of thecore copper line is much thicker
and therefore it will allow itto be traveled much further and
(16:32):
much longer stretches, whereasthe 10 base 2 is much more
flexible and it's designed formuch shorter spaces.
Now I will tell you that ifyou're still seeing this within
an environment, it might.
The place that you may stillsee it potentially is areas
where some sort of RF can beshielding can be done, whereas
we'll talk about RF here in justa minute where you can't use
(16:54):
wireless, you can't use any sortof cellular technology, you're
limited to specifically runningcables and you don't have any
sort of twisted pair that's beenrun through the building.
It really basically comes downto if you've got a really old
building and you've got nochoice, you might run into this,
but it's highly unlikely thatyou're going to have to deal a
(17:14):
whole lot with it.
But it's important that youknow that it's there because
it's still out there, peoplestill do use it and some
advantages to it again is betterresistance to EMI shielding
basically your electromagneticinterfaces or interference than
a twisted pair.
The twisted pair, which we'llget into, does have a level of
shielding on it as well, but notto the same level that you
(17:36):
would have with your coaxialcable.
It does have high bandwidthcapabilities.
That being said, your twistedpair can give you in today's
world, can give you the kind ofbandwidth you want beyond
coaxial.
Some disadvantages, obviouslyit's bulkier, more expensive
than twisted pair and then it'salso limited flexibility in
modern networks.
(17:56):
So again, you may see it, it'spossible, but it's highly
unlikely at this point.
Security considerations, again,physical tapping risk you can
tap into it.
You wouldn't know if somebodyhad tapped into it and put,
basically, a bump on the wire.
And then you need to reallyconsider how you use encryption
when you are communicatingbetween devices.
Do you are using ipsec,tunneling, using tls, whatever
you're using specifically toprotect the data that's going in
(18:18):
between those two points?
Fiber optic, when you're dealingwith transmission media.
We talked about this a littlebit in the article as it relates
to the Chinese government, orthe Chinese not the government,
but the Chinese manufacturerscreating drones.
Well, fiber optics is animportant part of almost
everything we do today and itused to be where you would say
well, if you get fiber optic toyour home, you are rich beyond
(18:40):
belief.
Well, now they're dumping fiberoptic into almost every home
out there and you're getting nowspeeds with fiber optics that
are just amazing.
It's really quite incredible.
So you have a couple differenttypes of fiber optic
capabilities.
You have single mode fiber andyou have multi-mode fiber.
Now, single mode fiber, it's asingle beam of light and it
supports distances up to 100kilometers.
It is expensive and is used inthe backbone of most networks.
(19:04):
So, like your big T-Mobiles,your Sprint, they're all the
same company now.
T-mobiles sprint, they're allthe same company now.
But t-mobiles, at&ts.
They use a single mode fiber astheir backbone.
As I'm driving through thewonderful state of kansas and
this has been a few years nowyou would see these orange tubes
along the side of the road andthese orange tubes were being
run from basically kansas cityand not my case down to wichita.
(19:25):
And what was in there was fiberand the purpose of it was to
provide fiber to Wichita.
That was the ultimate point.
So again, the single mode fiber, real long distances.
It's just one beam of light,multi-mode fiber.
This uses multiple light pathsand it can go up to shorter
distances, around two kilometers.
It's more affordable, but itdoes have, as you get into mode.
(19:47):
They call it modal dispersion,but it have your more, more
modes that are connected to it,is it you know, spirals out into
that little daisy chain I thinkI'm to can't hear the right
word but it, like the hub andspoke method, right.
As you get into more modalconnections, then you end up
having some sort of dispersionthat can occur because of all
these different connections.
Again, it's light.
(20:08):
Any bump in the wire willpotentially disperse the light,
which then in turn woulddisperse some of the capability
and the data that's beingtransmitted through that.
So what are some of theadvantages?
Again, high bandwidth and speedare available through fiber
optic.
It is immune to EMI, which isyour electromagnetic
interference and crosstalk, sothat's why they use it as a
tether for those drones.
(20:28):
It's more secure thanelectrical transmission,
obviously, because it's lightand you can't really break into
it.
And if you do cut a fiber opticline, it's pretty obvious you
know that it goes down.
So it's one of those aspects.
That is, it's a really coolproduct.
Now what are some of thedisadvantages that go with it?
It's higher cost and it'sfragile compared to a copper
type cable.
(20:49):
They've gotten better, but inthe past if you had to splice
together fiber which I learnedhow to do just because I broke
some fiber is, you have to learnhow to.
In the past you had to learnhow to polish the fiber.
You had to have a connector inthere.
It was a huge pain in the buttto try to connect two fiber
connections or fiber linestogether.
(21:09):
So it it was very challenging.
Now I would say they've gottenbetter at it, but still it is
difficult to vary, to installand maintain over time.
But it is very, very good attraversing and sending data
across the wire.
So now some securityconsiderations to think about
again.
Harder to tap than coppercables, but still vulnerable,
again, once you tap into it.
(21:31):
If you don't know that someonecut your fiber, it is possible
that you wouldn't know thatthey're actually copying their
data.
That's leaving it.
There's an optical time domainrectometer.
I don't even really know whatthat means other than OTDR.
It can help detect unauthorizedaccess, but at the ultimate
(21:53):
point of it is, you'd have to,you'd want that.
In areas, obviously, wherethere's high security concerns,
something like that would be inplace, but in most cases you
would not know if someone hadtapped into your fiber line.
You also want to encrypt thedata as much as you possibly can
to ensure the confidentialityof the data.
This goes along with prettymuch everything is you want to
encrypt it as much as you can.
However, that isn't alwayspossible or feasible.
So just consider if you arerunning fiber, don't think, oh,
(22:15):
I'm immune, I'm running fiber,nobody can touch me, you know,
and especially if you use thatvoice, I'm sure they would
really think you're pretty cool.
But that being said, it can betapped into.
Okay, moving on Twisted pair.
So we deal with twisted pair.
And you have unshielded and youhave shielded twisted pair we
talk about.
This is what you'll see most ofeverywhere pretty much besides
(22:38):
wireless, and this is a bunch ofcopper strands that are twisted
together and because of thattwisting and the different
copper strands, they allow tohave really high transfer rates
of data.
Now, obviously nothing to thelevel of fiber, but it is
capable of doing a lot of reallygood things with twisted pair.
So your unshielded twisted pairagain, it's very cost-effective,
(22:58):
it's widely used.
It's used for ethernet and fortelephone lines if anybody ever
has a telephone but it is stillused for telephone lines and
it's susceptible to EMI andcrosstalk.
So what does that mean?
It basically means that becauseit's unshielded, you can go
ahead and jam it and you couldpotentially take data from it,
just because there's, as datagoes across the wire, it is
(23:20):
going out.
I mean you're losing some sortof I can't think of the right
word but there is data that'sleaving and you could put some
level of a device over the topof the wire without actually
splicing it and be able to pullsome of the data off of it
because it's unshielded.
Now there's different types ofcategories which I've got on the
slide.
There's actually a table thatkind of goes into different
types of categories and whatthey're capable of, but you have
(23:43):
CAT 3, 5, 5e, 6, 6a, 7, and soforth.
There's multiple categoriesavailable to you, and there's
actually more than that, I think, that are out there, but those
are just some of the keycategories associated with it.
Then you have shielded twistedpair, which is STP.
So UTP is unshielded, shieldedis STP.
Okay, if you're old like me,you know what STP means.
(24:04):
It was the gas treatment thing.
But if you don't know what I'mtalking about, you're much
younger than me.
So shielded twisted pair thisincludes additional shielding
for EMI protection.
It's basically a foil that goesaround each of the line itself
to shield it from any sort ofEMI.
It's more expensive anddifficult to install than UDP,
and why?
Because that added shieldingmakes it less flexible.
(24:26):
It's just, it's a more.
It's not as easy to work withas the specifics that you deal
with when it comes to UDP.
It's used in environments withhigh interference or, if you
need some level of shielding,especially in classified
environments, they would have alot of shielding and in some
cases they won't even allow thisused unless it's in a shielded
(24:48):
uh, what do you call it like a?
tube of some kind.
You have to have some sort oftubing where this will actually
go in like a tray, a run, uh, awire run there.
What are some of the securityconsiderations?
It's susceptible toeavesdropping and crosstalk, and
then what you obviously have todo is you incorporate tls and
ipsec as much as you possiblycan with these fibers.
(25:08):
So twisted pair is what youwill see in almost all locations
and it's been run in the walls,along the walls, on the walls.
But UTP is something that isout there pretty much everywhere
and on the slide you can seethere's actually various
categories, category one tocategory eight, the different
(25:28):
types of bandwidth that it canhandle, as well as distances and
shielding that are associatedwith it.
Highly recommend you go toCISSP Cyber Training.
You can actually see this video, and when I get it up, when I
release it because I just ranout of time, but when I get it
released out there, they'll havethis table out there as well
You'll be able to see this aswell.
Or table out there as well,you'll be able to see this as
well.
Or you can just go to CISSPCyber Training and get access to
(25:48):
the document itself and thenyou don't have to worry about it
.
Yep, I always got to put ashameful plug, always got to do
it.
Okay, so we're going to get intoradio frequencies.
So this is the use ofelectromagnetic waves to
transmit data over the air.
So we have different types ofranges that one will start into.
There's basically three bucketsto consider.
You have your low, medium andhigh frequencies, which is your
(26:15):
LF, mf and HF, and these arelegacy communications that may
be out there where you have apoint-to-point system that is
communicating over some of theseold type of communication
strategies, but for the mostpart those have all been defunct
and gone.
Now you have VHF and UHF.
This is your very highfrequency and ultra high
frequency.
These are tied specifically toradio and TV broadcasts and in
(26:35):
today's world you'll look at,there's a lot of TV broadcasts
that are digital and they areusing even higher levels of the
spectrum than just the old VHFcapability, because there's a
lot of stuff that's pushed outin these digital radio
transmission waves.
But, as you know, the higherthe frequency and therefore the
higher the data that's usedwithin that frequency, the less
(26:55):
the range it can be.
So then you roll into microwaveand millimeter wave.
This is used in Wi-Fi, cellularand satellite communications.
So again, you have to avoid thefact that if you want to have
some sort of high levels of datatransfer over long distances,
you're going to want to havesome level of UHF type
(27:16):
capability.
But if you want to have amicrowave capability where it's
going from space down here,that's great.
That's about the only way it'sgoing to work.
If you try to use it in theatmosphere, millimeter wave will
not go very far.
The atmosphere causes a lot ofattenuation with that data, that
transmission, and so thereforethat's why satellites are in the
air and they're sending it down, because it doesn't have to go
(27:39):
through the same level ofatmosphere on the earth as it
does coming from the upperatmosphere down.
And so that's just something toconsider as you're looking at
microwave and millimeter wave.
So some of the advantages thatgo along with this it supports
mobility and scalability.
It reduces the need forexternal cabling.
Again, rf is an important part.
Disadvantages, obviously, isinterference and jamming is a
(28:00):
big factor with anything thatgoes through the air, and hence
that's why you don't if you getinto GPS signals, what if in the
military we were worried aboutother adversaries using GPS
jamming of some kind?
And that's a possibility,because the fact is that it's
all some sort of radio wave typecapability, increased security
(28:21):
risk due to open transmissions.
Again, obviously thetransmission is going out.
In the old days, before DesertStorm, they were using to
control drones, udp typecommunications, right?
So that's just blanket datagoing out there, rf type data,
and you're using UDP tocommunicate with these drones.
Well, what ends up happening isyou jam them and then you can
(28:42):
take over, and that's what theIranians did and they stole a
drone because of it, and sincethen they have done things to
protect that.
But at the same time, it isvery possible for that to happen
.
It's jamable, it can beintercepted, and so forth.
(29:03):
When it comes to securityconsiderations, again, obviously
you want to consider usingsecurity protocols and
encryption protocols as much asyou possibly can.
Assume that if there's databeing transmitted, it's being
intercepted, and if it's beingintercepted and it is open in
clear text, now whatever you'reseeing, they're seeing as well.
So you want to have some levelof encryption enabled.
You want to have some sort ofsignal jamming and interference
mitigation put in place.
What would that be?
Well, say, for example, youhave a drone and your drone is
(29:25):
flying somewhere and it getsjammed.
Well, if your drone is gettingjammed for a period of time,
then the drone knows.
Hey, if my signal gets lost,this is what I'm going to do.
Whatever it is, it's going toorbit, it's going to come back
home to mama, it's going to dosomething, but it doesn't just
go and fly stupid.
You want to have the abilitythat you have logic built into
it that it will do somethingoutside of just sitting there
(29:47):
and falling out of the sky.
Directional antennas forcontrolled transmissions.
Again, if you have a specificarea, now you'll run into this
with millimeter waves,specifically where you have an
antenna that's pointing atanother antenna, and you'll have
to use them specifically to dothat.
Because I've dealt with thisout on the bombing ranges in
multiple places.
There's RF or millimeter waveantennas out there.
(30:08):
They have to be directionallypointed to another for
communication purposes.
So, because you can't reallyput wire sometimes in some of
these places where you'redropping bombs, so they have to
use some little othercommunication, which would be a
millimeter wave type controlcapability.
Then we're going to get intomicrowaves, so high frequency
radio waves used topoint-to-point satellite
(30:29):
communications, which is yourmicrowavesaves.
You have different types ofmicrowave capabilities.
You have terrestrial and youhave satellite.
So your terrestrial microwavethis is requires line of sight
for use of long distancecommunications.
Your satellite microwave usesgeostationary or leo, your lower
earth orbit satellites forglobal coverage.
It's again high bandwidth,great for backbone networks and
(30:50):
can cover a large area ofcommunications.
Obviously, starlink's a greatexample of all of this right,
but it does require precisionalignment for point-to-point
transmissions.
Now, an interesting part in allof this it used to be where, in
the old days where you had justone satellite up there, you had
to have very specificdirectional pointing to that
satellite to be able to get yourdata back and forth.
Well, now, because of Starlinkand he's basically carpet bombed
(31:13):
the entire atmosphere withsatellites you don't have to be
as precise.
You just point it north andthen there's enough
constellations of where you'repointing that it will be able to
connect to those.
They work more as a network, asa hive-type environment, and it
allows them to cover a very,very large area.
The downside is they areaffected by weather conditions.
(31:36):
Obviously, rain will causeissues.
They are affected by having ifthere's obstacles in their way.
You have a building, it doesn'twork.
You have a tree, not so much.
So again, there's somedisadvantages with using some
sort of satellite communicationConsiderations, obviously IPsec
communications between them,because again, that could be
intercepted and then secureaccess, control and monitoring
(31:56):
of any of the data going backand forth.
It's interesting in the factthat when I first started in all
this satellite communicationswas pretty, wow, awesome.
You know, it's like cool.
And now it's like hey, it'sStarlink, I just put it on my
car and I drive around and I gotinternet wherever I go.
I mean it's just like crazy thefact that we have the ability
to do all these things now.
Infrared what is infrared?
(32:19):
Infrared uses light waves forshort range and line of sight
communication.
Remote controls obviously areinfrared.
Short range wirelesscommunications this is on your
IR ports on laptops.
Again, these are immune to RFinterference because they're
infrared, but they're verychallenging to eavesdrop on,
since infrared is verydirectional, right, you have to
point to it to basically be ableto intercept it.
(32:42):
But the downside is they havevery limited range one to five
meters, so basically about 15feet, not very far and it does
require direct line of sight.
So if you have something in theway, it will not work.
So infrared you need to havedirect line of sight.
It is limited use in most casesreal specifically but in secure
communications, due to a shortrange, it could be used, but
(33:03):
it's just something for you tohave to understand around.
Ir and it is available for datacommunication.
It's just not probably the bestchoice, depending upon your
situation.
Bluetooth, okay, bluetooth.
You see it everywhere that yougo, your watch, your phone,
everything else is connected toBluetooth and this is a
communication protocol.
It's about 2.4 gigahertz andthere's different types of
(33:25):
versions.
You have Bluetooth Classic,classic it's like Coke Classic
Bluetooth, low Energy, ble.
Now, depending upon which oneyou're using and what's the
purpose behind it, a lot of itwill depend on what type of
protocol that it's using versusClassic, versus Low Energy.
So common uses, so peripherals,right?
So you have your Bluetoothkeyboard and Bluetooth mouse are
(33:48):
connecting to your computer.
Iot type devices.
All of those aspects can beconnected via Bluetooth.
Now, what is Bluetooth lowenergy?
This was introduced inBluetooth 4.0 for low power
devices such as IOTs, wearables,medical devices and so forth.
Wearables medical devices andso forth.
Wearables would be like youriWatch and all of those things
or whatever they call that thing.
(34:08):
Different types of wearablesthat are connected via Bluetooth
Headphones, ipad, your littleiPhone I can't think of the name
of it iPhones that's not aniPhone, it's a headphone.
See, I just show I'm old.
My kids just look at me androll their eyes and think, dad,
you're just old and crusty.
Bluetooth low energy that'soptimized for energy efficiency
(34:30):
and short intermediate datatransmissions as well.
Security considerationsobviously incorporate security
as much as you can Secure simplepairing.
Obviously, that's an importantpart where you're pairing the
devices to it.
One thing that you'll want toobviously avoid is the pairing.
Someone can pair to you and youpair to somebody else by
accident.
That could cause somechallenges as well.
But there's bluejacking, bluesnarfing and Bluetooth spoofing
(34:51):
as well.
Those are different types ofvulnerabilities you could run
into or issues you could runinto.
Now there's some different typesof Bluetooth security modes for
you to be aware of.
There's mode one through four.
One no, security shouldn't doit.
Mode two is application levelsecurity, and that's something
you consider with just thedevice talking to another
application via application.
(35:12):
Mode three is link levelencryption.
This is for criticalapplications that may be using
Bluetooth.
And then mode four is yoursecure, simple pairing with
AES-128.
Consider it best practice.
I know with a lot of theiPhones they have that already
set up, but you want to have theability.
Depending upon how you're usingyour Bluetooth, you may want to
consider those different typesof security protocols.
(35:35):
Again, depends on what you'relistening to or using it.
For One thing I've seen in thepast if you're using a mouse, if
there's someone next to youthat could potentially get your
same sort of mouse or I saymouse, not the right word, but
let's say a visual display it'spossible somebody could hijack
your Bluetooth connection and itcould see what you're doing.
So you have to determine whatlevel of encryption or
(35:56):
protection you want to add tothat session Wireless LAN.
So you have IE802-11 standardsfor wireless networking.
You have the differentstandards that are out there.
You have A, g, n, a, c, a, xyeah, all those right.
Uh, wi-fi six it's basicallycoming out or it's out.
I think it's out already it's,it is out.
Um, they're looking at new onesbeyond wi-fi six.
(36:18):
But the the goal of it is it'smobile, it's convenient,
everybody in their dog uses it.
I got wi-fi connect.
Do I have wi-fi?
I good, I'm in my car and I'mdriving.
I've got Wi-Fi.
Everybody's got Wi-Fi.
The point of it is that it'severywhere and it's so useful
(36:47):
for many people to get access tothe Internet that end up
causing a DDoS on your ownnetwork.
But it is super helpful and itis really nice.
Now some considerations toconsider.
Yeah, I said that twice in thesame sentence Is WPA3 encryption
.
Obviously you want to movebeyond WPA2 and WPA, for sure,
or web, heaven forbid, but youwant to be into W3 encryption.
(37:10):
Install MAC filtering, notinstall it.
Implement MAC filtering as muchas you can with your
authentication and then alsodisable SSID broadcasting.
Again, ssid broadcastingthere's a lot of people say
that's just kind of a waste oftime, but it does add.
It does hide the network alittle bit.
If someone really truly wantsto find your SSID, they can
(37:31):
easily find it, but it does forthe most people that are just
kind of surfing by.
If you hide it, they won't knowthat it's there.
It just does add a little bitmore complexity on your end.
The added security value isvery limited.
It's more of a placebo in manycases.
So let's deal with cellularnetworks.
So these are the networkinfrastructure that we operate
(37:53):
on from a wireless standpoint.
Now you want to considerencrypting the data using 3GPP
standards, which is your LTE 5Genvironments.
As well as you want to protectagainst any sort of interception
of these communications, youwant to deal with secure
authentication methods as muchas you can, and this would be
(38:15):
SIM-based encryption, so yourSIM that connects to your phone.
You want to ensure that that istied specifically to you and it
has SIM-based encryptionenabled.
Most of these carriers I don'tI think all of them have this
level in place.
I would say I don't know howthat is when you get outside of
the United States, but there'ssome recommend there's a lot of
that has been pushed here in theUnited States of what level of
(38:37):
encryption they have to have ineach of these mobile carriers.
Now, what are some of the maincomponents of a network, a
cellular network?
You have your mobile device,obviously, which you use, your
base station, which is your celltower that you connect to,
which are all over the place,your mobile switching center,
which is where it routes callsand manages your network access.
This is the thing thateverything goes into, much like
the old days of having aswitching network.
(38:58):
Then you have your packet corenetwork Now, your packet core
network.
This handles data traffic andconnectivity to the internet.
And then you finally have yourpublic switched telephone
network.
Now this is your PSTN.
This is where traditionallandlines and voice calls will
come into.
So your cellular networkcomponents.
Those are the main pieces to it.
Obviously, there's a lot oflittle sub pieces to it, but
(39:20):
that's the main part of it.
Now your network securityimprovements.
What came with 5G?
Stronger encryption, obviouslyfor AES-256, for key management,
mutual authentication Again,the device will authenticate
with the network and vice versa,and it has to do that with your
5G and your LTE did not have todo that.
Network slicing.
(39:40):
Security does isolate differenttraffic types to prevent
cross-contamination, which inthe old days you used to be able
to potentially hear somebodyelse's conversation with your
phone.
You'd be like, yeah, what'sgoing on, joey?
No, but that has been.
Obviously with 5G that hasstopped that.
And then they've migrated to azero trust architecture which
assumes all traffic must beverified before trust is granted
(40:02):
.
Again, those are key factorsthat roll into it.
And as we get more and morecapability granted, again those
are key factors that roll intoit.
And as we get more and morecapability, security has become
a bigger factor.
With all of these networks andI am not an expert at all on
cellular environments you couldjust have a whole knowledge gain
, just knowledge understanding,with the cellular space and all
the security that goes into thatcapability.
(40:23):
But it has allowed us to bemuch more mobile and it allows
us to do things that we in thepast could never even dream of
doing.
Okay, endpoint security.
So the endpoint security is thelast line of defense.
As you're looking at differenttypes of things to protect your
endpoint.
These provide variousapplications, are providing
security for you.
So, antivirus to endpointdetection and response, or EDR,
(40:45):
you want to have.
How do you protect yourenvironment?
Now, antivirus again, it's arequirement in most places and I
would say it's migrated fromthe old days of Norton AV to a
much more robust platform suchas, like an EDR type solution.
Microsoft has their Defender,which is an EDR type product,
and we'll do more than just lookfor signatures based on an AV
(41:08):
type situation.
I can't really explain what I'mtrying to say, other than to
say that most viruses will havea digital signature and the AV
traditional AV just compares thedigital signature to the
overall virus itself and thenflags it if there's a problem.
Obviously it's moved on beyondthat from when it was originally
out, but AV is a lot like that.
The EDR solution is lookingmore than just a signature.
(41:31):
It's looking for behavioralanalytics of what the device is
doing, what the potentialcommunication path is doing.
So it's a much more robustenvironment.
You need to also considerendpoint device encryption, and
I would also put on here the onething that I didn't put on the
slide is an MDM type environment, which is your mobile device
management solution.
(41:51):
This will then control themobile devices.
It does allow for theencryption.
It also allows for wiping.
Remote wiping is an importantpart of any enterprise.
You have people that come andgo from your network.
You want to have the ability toget rid of them and to delete
the device if they keep thedevice.
I don't mean like take them outand shoot them, kind of thing.
(42:11):
No, you don't get rid of themthat way.
You just get rid of them.
The fact that if they have aconnection to your network and
they keep the device and theyleave, you have the ability to
remote wipe the device.
It's an important thing youshould consider with all
enterprises.
Edr has in it.
You know IDS type things,scanner and alerting software is
all built into it.
You do want to look at an EDRsolution of some kind, Active
(42:32):
Directory Integration.
This is where you have globalgroups, vpns and IPA sec tunnels
also as well.
You want to have all thatintegrated within your endpoint
security as much as you possiblycan.
Last thing is Warranty Support.
So this ranges from software,hardware and associated
applications.
You want to consider what isthe level of what's going on
from your devices and what kindof support do you have from a
(42:53):
warranty standpoint?
You buy all this hardware.
What's the level of warrantiesaround it?
You have to have the ability tokeep tabs on that as well,
because this stuff will get outof hand real quick and you'll
forget.
Do I have warranties on this?
What's going to happen?
I don't know, will get out ofhand real quick and you'll
forget.
Do I have warranties on this?
What's going to happen?
I don't know.
Those are an important part andyou really need to understand
if you need to extend the lifeof some of this hardware.
What are some of the warrantyaspects you should do Now?
(43:14):
If you do go and want to extendwarranties beyond that, there
will be costs associated withdoing that.
These costs can be embeddedinto overall costs of the
product itself and they can beextended as the time goes on.
Typically, warranty costs whenyou're dealing with purchasing a
product.
They are a line item in thepurchase of the equipment.
They may or may not be able tobe used or they may or may not
(43:37):
be able to be removed from yourcost, but they're typically a
line item that you may see whenyou purchase a piece of
equipment is a warranty that'sadded to it.
They typically typically do notcover physical damage.
So what it means is is that aspeople are moving systems around
and they get dropped, they getdented, whatever it might be,
this will not protect fromphysical damage that may occur.
(43:59):
Hybrid warranties can coverthings that other things that
exist, but you need to be verycareful of the fine print on any
warranties that you wouldpurchase for any devices that
you have.
They can be invalidated veryquickly for malware or
ransomware incidents If you havesomething that so like just say
, you have a thousand devicesand a ransomware comes in and
you're like, oh my gosh, I gotto get rid of all these devices.
(44:20):
I can't blow them away becauseI don't know if the software is
still on these hard drives.
So therefore, we need to getall new equipment.
Just buy new equipment.
We'll put it under warranty.
Well, they may not do thatbecause they say, well, it's a
ransomware attack and you'regoing to throw them away.
They could be good.
You could just re-image them.
Even though you don't feelcomfortable, it's not our
problem.
So you need to be aware of that.
(44:42):
If there is a malware orransomware event and you have
warranties on your hardwareequipment, you want to make sure
that it does not invalidateyour warranty if you have an
incident.
So again, you need to look atthat from a standpoint of is
that valuable to you or not?
Okay, so that's all I have foryou today.
I hope you guys got a lot out ofthis podcast and a lot out of
(45:05):
this training.
You can go to CISSP CyberTraining and get access to all
my content at CISSP CyberTraining.
It's all there and availablefor you.
You just got to go download it.
It's there.
So if you want to have accessto me, I've got mentorship
training that's availablespecifically to help you.
You can gain access to that aswell.
So there's all kinds of thingsthat you can get at CISSP Cyber
(45:26):
Training.
I highly recommend you go to it.
If you're looking to pass yourCISSP, go check it out, and if
you don't want to buy anything,that's fine too.
There's free stuff that'savailable to you as well.
My blueprint will help you,though.
I guarantee you get thestudying that you need to help
you pass the CISSP in thetimeframe that it meets your
goals.
Again, I got a three-month, afour-month, a five-month
blueprint that will help youbased on your needs specific to
(45:50):
what you have to do.
If you have to work late atnight or work during the day and
you don't have time to study atnight, the three or the four or
five month will help you withthat.
If you want to get it knockedout as fast as you possibly can,
the three-month blueprint willbe what you need to get it done,
and you can cram all this ineven to a month if you need to.
But again, people have lives.
That's the thought processbehind the blueprint was that
you have some sort of lifeoutside of what you're doing
(46:11):
right now.
All right, that is all I havefor you.
Head on over toCISSPcybertrainingcom or head
over to RenewCyberRiskcom andyou can get access to lots of
information and content that'sover there as well from my
consulting side of the house.
All right,
Welcome to the CISSP Cyber Training Podcast, where we
provide you the training andtools you need to pass the CISSP
exam the first time.
Hi, my name is Sean Gerber andI'm your host for this
action-packed, informativepodcast.
Join me each week as I providethe information you need to pass
the CISSP exam and grow yourcybersecurity knowledge.
(00:20):
All right, let's get started.
Let's go.
Cybersecurity knowledge.
Speaker 2 (00:24):
All right, let's get started.
Hey, hello, sean Gruber, withCISSP Cyber Training, and hope
you all are having a beautifullyblessed day today.
Today, we're going to betalking about domain 4.2 of
secure network components, allrelated to the CISSP exam.
As always, you know, the CISSP,or cyber training, was created
specifically to help you all getready for the CISSP exam.
(00:46):
As we all know, it's a buggerof a test, and if you are better
prepared for it, you have abetter chance of passing, and we
want you to pass the test thefirst time, not like me, and
fail it the first time.
We want you to pass it thefirst time.
So, before we get going intothat, though, I wanted to talk
about an article that I saw inthe news related to low-cost
(01:07):
drone add-ons from China, andthis isn't something interesting
that I've seen growing over theyears.
You know the overall goal ofdrones.
You know, coming from amilitary background, coming from
flying airplanes, it hasmorphed into something that is
way beyond what we could haveever seen.
However, it also hasn't.
We also knew in the military.
We knew for many, many, manyyears that drones were going to
(01:29):
be a big part of how wars werefought.
What it relates to, we thought,airplanes that were basically
remote controlled.
They would then go in andattack targets and so forth.
Well, those are available now.
Those are starting to come outon the market, which we
anticipated and kind of thoughtthey would be here a little bit
before now, but obviously ittakes a lot to get these systems
(01:50):
up and running.
That being said, one thing thathas really kind of changed a lot
of people's thought process arethese small, little tiny drones
that you can buy online and youcan be able to fly around your
house and do whatever you wantto do with them.
Actually, probably not aroundyour house outside your house
would be a good idea.
Inside your house and dowhatever you want to do with
them Actually, probably notaround your house.
Outside your house would be agood idea.
Inside your house, not a goodidea.
My cat does not like a drone.
We had a drone in the house.
(02:11):
My son brought one by and thecat was not a fan.
It pretty much ran and hid asfast as it could when it heard
it and saw it.
So fly them in your home Also.
You can lose an appendage ortwo.
Probably not a good idea.
That being said, the Chinesee-commerce giant Timu and
AliExpress are selling droneaccessories for those who would
wish to purchase, but, thatbeing said, they are also being
(02:33):
used for wartime activities andyou can anticipate anything that
can be used for good can beused potentially for bad or evil
, depending upon what side ofthe war you're on.
Now an interesting part on allthis and I laugh because how
it's gone full circle wherethese drones now are, people are
connecting all kinds ofpayloads to them and they can
(02:56):
drop grenades.
They can drop all kinds ofaspects from these drones, and
it's really indicative of whathappened during World War I,
when there would be the SopwithCamel would be flying around.
This is a biplane flying aroundover the battlefield and this
was the first time airplanes hadreally been used at all in any
sort of military engagement andthere would be pilots with
(03:16):
grenades inside the cockpit andthey would just drop them over
the side.
Very, very similar concept.
The difference is, as a pilot,you were pretty much hanging out
there to get shot at, whereasthe drones now are fully
disposable and, because they'resuch an inexpensive tool, they
can just be replicated andreproduced over and over again.
Now the article talks about somekey drone modifications, like
(03:39):
AI guidance modules that are.
Basically they enable human andvehicle recognition.
I mean, this is amazing A smalldrone about $300, can determine
vehicles and it can determinehumans.
It does allow them to besemi-autonomous, so therefore
you can launch them and let themgo.
It will then hunt down whateverit sees.
They also have fiber optictethers, which I think is an
(04:01):
interesting part in the factthat one of the aspects that
came to the they're running intoissues of again, coming from a
B1 background and from anelectronic warfare background, I
understand the use of jammingcapabilities.
Well, you can jam these systemsright.
You can jam them, you can hitthem with a microwave and knock
them out, but they're addingfiber optic tethers to them.
(04:22):
You can't jam that signal andwe're going to talk about that
today as well, a little bit inthe CISSP training around fiber
optics.
But one of the aspects youcan't really jam it.
When it's got a tether to it.
They will put different typesof explosives One, they can drop
them.
Two, they can just have themattach the drone and the drone
just becomes a terminal missile.
So as a precision guided missile, I should say an interesting
(04:44):
part in all this we used tospend tens, if not hundreds of
thousands of dollars onprecision guided weapons for the
B-1 bomber.
And we had a thing called JDAM,which is your joint direct
attack munition, and it had theability to come out of the
airplane, it would drop and thenit would find its way to a
target based on predefinedlocation and coordinates that
(05:04):
you would put in the system.
And it had this package thatyou would wrap around a bomb,
basically a 500 pound bomb oreven a 2000 pounder.
You wrap this package around itand then it would fly to its
target and do its thing.
Well, now you can do the samecapability with a $300 drone.
Now, obviously you can't carrythe same level of tritonol and
explosives, but it still doesthe same impact.
(05:26):
And the one thing that I thinkthis article didn't really kind
of go over, which isunderstandable why is the
psychological effect of this?
This would be extremelydemoralizing to folks on the
battlefield.
One is if you hear an airplane,you see airplanes and bombs
start dropping.
You have an ability to dealwith that.
At least I say that loosely, Imean I've never least.
I say that loosely, I mean I'venever had bombs dropped on me,
(05:51):
but you have the ability to go.
Hey, I see it coming.
I hear it coming.
Hunker down, try to justsurvive With these things.
You don't even know they'rethere until it's too late
because they hang up at a highaltitude.
You can't hear the motors andthey're just like little bees
that carry explosive devices onthem.
So, yes, it's very, veryinteresting where this world is
going to.
One of the things they bringabout in the article is that
(06:11):
there needs to be improved dronetechnologies as far as
counter-drone technologies toshut them down, and then there
has to be global regulationsaround the sale of militarized
drone accessories.
I think it's going to be hardto do some of that.
You can get a 3D printer.
You can print probably whateverdrone you want or accessory you
want to do.
So the bad guys and girls whoreally want to make this happen
(06:33):
they're going to make it happen.
I don't think any sort ofregulation is going to squash it
.
All it's going to do isprobably limit some of its
express exposure to the rest ofthe globe.
But again, good article.
It's in Wired Magazine.
The ultimate point of it islow-cost drone add-ons from
China.
Let anyone with a credit cardturn toys into weapons of war.
Again, good article.
(06:54):
I recommend you read it.
And again, as a cybersecurityperson, you're probably going
well, why does this matter?
To me it does, because as wetalk about physical security, we
talk about cybersecurity.
A lot of times they blend over,and you may have folks within
these physical securityenvironments that will ask you
hey, I got drones, I don't knowwhat to do with them.
I got these little guns that Ican shoot at them to kind of
(07:14):
knock them down, but do you haveany cyber things that you would
recommend?
And so, therefore, guess whatyou need to understand the
drones and how they'recommunicating with the home,
which we're going to talk abouthere in just a minute, because
we're going to go over ourfrequencies, we're going to go
over fiber optics and so forth.
So, again, drones, check themout.
Again, wired Magazine droneadd-ons from China.
All right, let's move on towhat we're going to talk about
(07:35):
today.
Okay, so, this is domain 4, 4.2,secure network components.
And so, again, you can get allof this at CISSP Cyber Training.
Head on over to CISSP CyberTraining.
Get access to my content.
There's three differentpurchase options available to
you.
You can just get this contentand have access to it, no
problems whatsoever, or you canget the access to the free
(07:56):
content that I put out there.
After a period of time itbecomes free, as well as the
podcast that you're listening toat this point.
So all of this stuff isavailable to you in one form,
shape or another.
Just depends if you want tohave access directly to the
content, if you want to haveaccess to me, or if you want to
just get the free stuff.
It's all up to you.
Okay, so let's get into Domain4.2.
(08:16):
So first part of this is we'regoing to get into operations of
hardware and we're going tofocus a little bit on network
access controls.
Now, before we get into thatjust a little bit, we're going
to do just a real quick overviewof what is.
What are we doing?
We're focusing reallyspecifically on the network
component level in this domain.
Now you got intranet, you haveextranet and we're going to kind
(08:36):
of get into those.
Just well, probably a littlebit on those.
But the thing to kind ofconsider is intranet is a
private internal network.
It's a network inside yourcompany, inside your area.
That's what they call anintranet.
You have an extranet which is ablend of the intranet and the
internet, right?
So you basically internal andexternal, and then you have a
demilitarized zone which is bothyour it's your internet and
(08:57):
business network where they meet.
So we've talked about this atCISSP Cyber Training in multiple
times times where you have ademilitarized zone, usually
between your process environmentmaybe you have manufacturing
and your, or I should say yourcompany, and that between those
two is a demilitarized zone.
That is an area where those twomeet and typically you will
have some level of separationbetween them.
(09:19):
And then segmentation.
This is where you have virtuallocal area networks, which is
your VLANs, and there'sdifferent types of segmentation.
We'll talk about wireless localarea networks today a little
bit.
So any type of segmentation canoccur within these various
networks as well, and it can befrom both physical and some sort
of wireless type technology.
(09:41):
Now, what is a network accesscontrol?
The network access control,this is a security framework
that restricts unauthorizeddevices from accessing your
network.
Okay, so your security policiesthat will be put in place to
that will help identify theperson, the device, there's
compliance aspects to it, andthen it also ensures that their
security posture is set upbefore a person will connect to
(10:03):
the network.
Now there's some differenttypes of features that you want
to understand related to networkaccess controls.
You have authentication andauthorization.
Now these are again, these keyfeatures are things that you
really will run into almost anytype of network and you should
try to implement, if not all ofthese, most of them as much as
you possibly can.
Authentication, authorizationagain we talked about that where
(10:26):
you have the authentication ofa person and you authorize that
person or device onto thenetwork and again this is an
important part and you don'twant to have the ability for
people to have connect devicesto your network that are not
authorized or authenticated.
You want to do a postureassessment basically understands
what are all the differenttypes of compliance requirements
(10:46):
associated with the device doesit get updated, does it have av
, all of those pieces you wantto make sure that your devices
are on a network.
Access control will control that.
Role-based access controls arerbac.
This will also be set upthrough network access controls
that will help limit accessbased on user roles, and we've
talked about this numerous times.
You hear about RBAC a lot onCISSP, cyber Training is
(11:09):
role-based access controls andlimiting what you can and can't
do based on the specific rolethat you're in, and we want to
make sure that we are very clearon what roles that you do work
in and that we have controlstied specifically to them.
Network segmentation is animportant part of network access
controls as well.
Again, this will help preventlateral movement within the
network by people or accountsthat don't necessarily need the
(11:31):
access.
And then, last thing is whenwe're dealing with zero trust.
Network access control is acrucial part of a zero trust
security and, as you know, theUS government is forcing a lot
of their departments I mean alltheir departments to have some
level of zero trust enabledwithin their networks.
So, understanding zero trustmethodology and framework is an
important part of any sort ofsecurity posture that you have
(11:53):
to protect your company.
Now, if you have a smallcompany, you may go.
I can't afford all of thisstuff.
You're going to have todetermine what works best for
you.
But again, understanding as asecurity person, all of the
foundational aspects, it'simportant for you to help make a
risk-based decision on this.
Now, if you're in a highlyregulated environment, you may
not have the ability to make asmuch of a risk-based decision as
(12:15):
you may like because theregulators may force you to do
so.
Okay, so firewalls Now we'lltalk about firewalls and various
aspects of CISSPp, cybertraining, but we're going to
just kind of go into some of thekey factors as it relates to
the operation of the hardwareitself.
One firewalls are a networksecurity device that monitor and
filter incoming and outgoingtraffic, right based on some
(12:35):
predefined security rules thatyou will have put in place to
protect your environment.
They do operate in variouslayers of the osi model and they
have different inspectioncapabilities, and we're going to
kind of go over some of theseinspection capabilities today.
So the first one is packetfiltering.
Now, this is basic IP andport-based filtering that is,
looking at the packets goingacross the wire.
So all of these packets arebeing looked at, they're being
(12:57):
filtered and there's differenttypes of capabilities that are
put up against them.
There's also statefulinspection.
This is where it tracks anysort of connection that's
occurring and it tracks theactive connections that are
going on within your network.
And so there's a stateful piecewhere it's looking at each
specific connection going in andout, whereas just a packet
filtering it would be like ifyou're just inspecting all the
(13:18):
packets coming across the wire.
This one is actually inspectingthe connections that are
occurring between them.
Then you have deep packetinspection.
Now this examines the payloadsthat are specifically going
through the wire and is lookingfor any sort of threat that it
may find.
So a DPI, a deep packetinspection, can occur when you
have a very I'll have to tellyou, warn you on this you'll
(13:39):
need to have a very strongfirewall that you have put in
place, a very powerful one,because doing deep packet
inspection does take it's a veryresource constraining activity
and it can take a lot ofdifferent power, a lot of
different computational power tomake that happen.
You have application layerfiltering.
This inspects traffic at layerseven for, again, advanced
(14:00):
protection related to theoverall application, as we talk
about the different layers ofthe OSI model.
This is where they would lookspecifically at what's occurring
within the application, orlayer seven, tls and SSL
inspections.
This will decrypt any trafficto detect any sort of attacks
that could be occurring withinthere, and maybe not necessarily
attacks, but more like datathat might be leaving the
(14:20):
environment.
I will tell you, I've worked ona project with a large medical
company around TLS and SSLinspection.
It can occur, it can be a goodthing, but it is one of those
aspects that you really need tohave a good plan.
Related to it, there's a lotthat goes into any sort of
encryption inspection and it isvery complicated and it's a very
(14:43):
resource-intensive process.
The other one is next-generationfirewalls.
These are a more modern type offirewall.
Now I will tell you that thiswas when I first started in this
whole business of cybersecurity.
Firewalls were one thing andthen you moved into
next-generation firewallsbecause that gave you a lot more
features and a lot morecapability.
Well, in today's world, a lotof stuff is virtualized and
(15:05):
because it is so virtualized,you can get the capabilities of
a next generation firewall andalmost all kinds of firewalls.
But the bottom line is is ittakes it.
It goes from just being arudimentary device to something
that can provide a much moregranular security tool is what
you would find in a nextgeneration firewall.
Okay, so now we're going to getinto transmission media, the
(15:30):
different types of transmissionmedia that you will run into as
you're studying for the CISSPand as you'll run into related
to the security space in general.
So, coaxial cable Now, all areprobably going.
What is coaxial cable?
You'll still find it in places,but it's that black pipe
looking thing that's got acopper line in the middle of it.
This copper conductor issurrounded by an insulated
(15:51):
material and a metallic shieldin the outer cover and the
ultimate goal is that it wouldtransmit data over this copper
line.
Again, this is old school.
Back when I was in college,this was kind of the rave of
everything coming out.
You had to have terminators,you had to have cable run to
different places, but it didallow you to have a much level,
a much better ability tocommunicate between one system
(16:11):
and another system, and withouthaving to have something even
more complicated.
But there's thick net and thinnet or some different types to
think about.
There's 10 base 5 and 10 base 2.
Obviously, the 10 base 5 isolder and supports longer
distances and because of thecore copper line is much thicker
and therefore it will allow itto be traveled much further and
(16:32):
much longer stretches, whereasthe 10 base 2 is much more
flexible and it's designed formuch shorter spaces.
Now I will tell you that ifyou're still seeing this within
an environment, it might.
The place that you may stillsee it potentially is areas
where some sort of RF can beshielding can be done, whereas
we'll talk about RF here in justa minute where you can't use
(16:54):
wireless, you can't use any sortof cellular technology, you're
limited to specifically runningcables and you don't have any
sort of twisted pair that's beenrun through the building.
It really basically comes downto if you've got a really old
building and you've got nochoice, you might run into this,
but it's highly unlikely thatyou're going to have to deal a
(17:14):
whole lot with it.
But it's important that youknow that it's there because
it's still out there, peoplestill do use it and some
advantages to it again is betterresistance to EMI shielding
basically your electromagneticinterfaces or interference than
a twisted pair.
The twisted pair, which we'llget into, does have a level of
shielding on it as well, but notto the same level that you
(17:36):
would have with your coaxialcable.
It does have high bandwidthcapabilities.
That being said, your twistedpair can give you in today's
world, can give you the kind ofbandwidth you want beyond
coaxial.
Some disadvantages, obviouslyit's bulkier, more expensive
than twisted pair and then it'salso limited flexibility in
modern networks.
(17:56):
So again, you may see it, it'spossible, but it's highly
unlikely at this point.
Security considerations, again,physical tapping risk you can
tap into it.
You wouldn't know if somebodyhad tapped into it and put,
basically, a bump on the wire.
And then you need to reallyconsider how you use encryption
when you are communicatingbetween devices.
Do you are using ipsec,tunneling, using tls, whatever
you're using specifically toprotect the data that's going in
(18:18):
between those two points?
Fiber optic, when you're dealingwith transmission media.
We talked about this a littlebit in the article as it relates
to the Chinese government, orthe Chinese not the government,
but the Chinese manufacturerscreating drones.
Well, fiber optics is animportant part of almost
everything we do today and itused to be where you would say
well, if you get fiber optic toyour home, you are rich beyond
(18:40):
belief.
Well, now they're dumping fiberoptic into almost every home
out there and you're getting nowspeeds with fiber optics that
are just amazing.
It's really quite incredible.
So you have a couple differenttypes of fiber optic
capabilities.
You have single mode fiber andyou have multi-mode fiber.
Now, single mode fiber, it's asingle beam of light and it
supports distances up to 100kilometers.
It is expensive and is used inthe backbone of most networks.
(19:04):
So, like your big T-Mobiles,your Sprint, they're all the
same company now.
T-mobiles sprint, they're allthe same company now.
But t-mobiles, at&ts.
They use a single mode fiber astheir backbone.
As I'm driving through thewonderful state of kansas and
this has been a few years nowyou would see these orange tubes
along the side of the road andthese orange tubes were being
run from basically kansas cityand not my case down to wichita.
(19:25):
And what was in there was fiberand the purpose of it was to
provide fiber to Wichita.
That was the ultimate point.
So again, the single mode fiber, real long distances.
It's just one beam of light,multi-mode fiber.
This uses multiple light pathsand it can go up to shorter
distances, around two kilometers.
It's more affordable, but itdoes have, as you get into mode.
(19:47):
They call it modal dispersion,but it have your more, more
modes that are connected to it,is it you know, spirals out into
that little daisy chain I thinkI'm to can't hear the right
word but it, like the hub andspoke method, right.
As you get into more modalconnections, then you end up
having some sort of dispersionthat can occur because of all
these different connections.
Again, it's light.
(20:08):
Any bump in the wire willpotentially disperse the light,
which then in turn woulddisperse some of the capability
and the data that's beingtransmitted through that.
So what are some of theadvantages?
Again, high bandwidth and speedare available through fiber
optic.
It is immune to EMI, which isyour electromagnetic
interference and crosstalk, sothat's why they use it as a
tether for those drones.
(20:28):
It's more secure thanelectrical transmission,
obviously, because it's lightand you can't really break into
it.
And if you do cut a fiber opticline, it's pretty obvious you
know that it goes down.
So it's one of those aspects.
That is, it's a really coolproduct.
Now what are some of thedisadvantages that go with it?
It's higher cost and it'sfragile compared to a copper
type cable.
(20:49):
They've gotten better, but inthe past if you had to splice
together fiber which I learnedhow to do just because I broke
some fiber is, you have to learnhow to.
In the past you had to learnhow to polish the fiber.
You had to have a connector inthere.
It was a huge pain in the buttto try to connect two fiber
connections or fiber linestogether.
(21:09):
So it it was very challenging.
Now I would say they've gottenbetter at it, but still it is
difficult to vary, to installand maintain over time.
But it is very, very good attraversing and sending data
across the wire.
So now some securityconsiderations to think about
again.
Harder to tap than coppercables, but still vulnerable,
again, once you tap into it.
(21:31):
If you don't know that someonecut your fiber, it is possible
that you wouldn't know thatthey're actually copying their
data.
That's leaving it.
There's an optical time domainrectometer.
I don't even really know whatthat means other than OTDR.
It can help detect unauthorizedaccess, but at the ultimate
(21:53):
point of it is, you'd have to,you'd want that.
In areas, obviously, wherethere's high security concerns,
something like that would be inplace, but in most cases you
would not know if someone hadtapped into your fiber line.
You also want to encrypt thedata as much as you possibly can
to ensure the confidentialityof the data.
This goes along with prettymuch everything is you want to
encrypt it as much as you can.
However, that isn't alwayspossible or feasible.
So just consider if you arerunning fiber, don't think, oh,
(22:15):
I'm immune, I'm running fiber,nobody can touch me, you know,
and especially if you use thatvoice, I'm sure they would
really think you're pretty cool.
But that being said, it can betapped into.
Okay, moving on Twisted pair.
So we deal with twisted pair.
And you have unshielded and youhave shielded twisted pair we
talk about.
This is what you'll see most ofeverywhere pretty much besides
(22:38):
wireless, and this is a bunch ofcopper strands that are twisted
together and because of thattwisting and the different
copper strands, they allow tohave really high transfer rates
of data.
Now, obviously nothing to thelevel of fiber, but it is
capable of doing a lot of reallygood things with twisted pair.
So your unshielded twisted pairagain, it's very cost-effective,
(22:58):
it's widely used.
It's used for ethernet and fortelephone lines if anybody ever
has a telephone but it is stillused for telephone lines and
it's susceptible to EMI andcrosstalk.
So what does that mean?
It basically means that becauseit's unshielded, you can go
ahead and jam it and you couldpotentially take data from it,
just because there's, as datagoes across the wire, it is
(23:20):
going out.
I mean you're losing some sortof I can't think of the right
word but there is data that'sleaving and you could put some
level of a device over the topof the wire without actually
splicing it and be able to pullsome of the data off of it
because it's unshielded.
Now there's different types ofcategories which I've got on the
slide.
There's actually a table thatkind of goes into different
types of categories and whatthey're capable of, but you have
(23:43):
CAT 3, 5, 5e, 6, 6a, 7, and soforth.
There's multiple categoriesavailable to you, and there's
actually more than that, I think, that are out there, but those
are just some of the keycategories associated with it.
Then you have shielded twistedpair, which is STP.
So UTP is unshielded, shieldedis STP.
Okay, if you're old like me,you know what STP means.
(24:04):
It was the gas treatment thing.
But if you don't know what I'mtalking about, you're much
younger than me.
So shielded twisted pair thisincludes additional shielding
for EMI protection.
It's basically a foil that goesaround each of the line itself
to shield it from any sort ofEMI.
It's more expensive anddifficult to install than UDP,
and why?
Because that added shieldingmakes it less flexible.
(24:26):
It's just, it's a more.
It's not as easy to work withas the specifics that you deal
with when it comes to UDP.
It's used in environments withhigh interference or, if you
need some level of shielding,especially in classified
environments, they would have alot of shielding and in some
cases they won't even allow thisused unless it's in a shielded
(24:48):
uh, what do you call it like a?
tube of some kind.
You have to have some sort oftubing where this will actually
go in like a tray, a run, uh, awire run there.
What are some of the securityconsiderations?
It's susceptible toeavesdropping and crosstalk, and
then what you obviously have todo is you incorporate tls and
ipsec as much as you possiblycan with these fibers.
(25:08):
So twisted pair is what youwill see in almost all locations
and it's been run in the walls,along the walls, on the walls.
But UTP is something that isout there pretty much everywhere
and on the slide you can seethere's actually various
categories, category one tocategory eight, the different
(25:28):
types of bandwidth that it canhandle, as well as distances and
shielding that are associatedwith it.
Highly recommend you go toCISSP Cyber Training.
You can actually see this video, and when I get it up, when I
release it because I just ranout of time, but when I get it
released out there, they'll havethis table out there as well
You'll be able to see this aswell.
Or table out there as well,you'll be able to see this as
well.
Or you can just go to CISSPCyber Training and get access to
(25:48):
the document itself and thenyou don't have to worry about it
.
Yep, I always got to put ashameful plug, always got to do
it.
Okay, so we're going to get intoradio frequencies.
So this is the use ofelectromagnetic waves to
transmit data over the air.
So we have different types ofranges that one will start into.
There's basically three bucketsto consider.
You have your low, medium andhigh frequencies, which is your
(26:15):
LF, mf and HF, and these arelegacy communications that may
be out there where you have apoint-to-point system that is
communicating over some of theseold type of communication
strategies, but for the mostpart those have all been defunct
and gone.
Now you have VHF and UHF.
This is your very highfrequency and ultra high
frequency.
These are tied specifically toradio and TV broadcasts and in
(26:35):
today's world you'll look at,there's a lot of TV broadcasts
that are digital and they areusing even higher levels of the
spectrum than just the old VHFcapability, because there's a
lot of stuff that's pushed outin these digital radio
transmission waves.
But, as you know, the higherthe frequency and therefore the
higher the data that's usedwithin that frequency, the less
(26:55):
the range it can be.
So then you roll into microwaveand millimeter wave.
This is used in Wi-Fi, cellularand satellite communications.
So again, you have to avoid thefact that if you want to have
some sort of high levels of datatransfer over long distances,
you're going to want to havesome level of UHF type
(27:16):
capability.
But if you want to have amicrowave capability where it's
going from space down here,that's great.
That's about the only way it'sgoing to work.
If you try to use it in theatmosphere, millimeter wave will
not go very far.
The atmosphere causes a lot ofattenuation with that data, that
transmission, and so thereforethat's why satellites are in the
air and they're sending it down, because it doesn't have to go
(27:39):
through the same level ofatmosphere on the earth as it
does coming from the upperatmosphere down.
And so that's just something toconsider as you're looking at
microwave and millimeter wave.
So some of the advantages thatgo along with this it supports
mobility and scalability.
It reduces the need forexternal cabling.
Again, rf is an important part.
Disadvantages, obviously, isinterference and jamming is a
(28:00):
big factor with anything thatgoes through the air, and hence
that's why you don't if you getinto GPS signals, what if in the
military we were worried aboutother adversaries using GPS
jamming of some kind?
And that's a possibility,because the fact is that it's
all some sort of radio wave typecapability, increased security
(28:21):
risk due to open transmissions.
Again, obviously thetransmission is going out.
In the old days, before DesertStorm, they were using to
control drones, udp typecommunications, right?
So that's just blanket datagoing out there, rf type data,
and you're using UDP tocommunicate with these drones.
Well, what ends up happening isyou jam them and then you can
(28:42):
take over, and that's what theIranians did and they stole a
drone because of it, and sincethen they have done things to
protect that.
But at the same time, it isvery possible for that to happen
.
It's jamable, it can beintercepted, and so forth.
(29:03):
When it comes to securityconsiderations, again, obviously
you want to consider usingsecurity protocols and
encryption protocols as much asyou possibly can.
Assume that if there's databeing transmitted, it's being
intercepted, and if it's beingintercepted and it is open in
clear text, now whatever you'reseeing, they're seeing as well.
So you want to have some levelof encryption enabled.
You want to have some sort ofsignal jamming and interference
mitigation put in place.
What would that be?
Well, say, for example, youhave a drone and your drone is
(29:25):
flying somewhere and it getsjammed.
Well, if your drone is gettingjammed for a period of time,
then the drone knows.
Hey, if my signal gets lost,this is what I'm going to do.
Whatever it is, it's going toorbit, it's going to come back
home to mama, it's going to dosomething, but it doesn't just
go and fly stupid.
You want to have the abilitythat you have logic built into
it that it will do somethingoutside of just sitting there
(29:47):
and falling out of the sky.
Directional antennas forcontrolled transmissions.
Again, if you have a specificarea, now you'll run into this
with millimeter waves,specifically where you have an
antenna that's pointing atanother antenna, and you'll have
to use them specifically to dothat.
Because I've dealt with thisout on the bombing ranges in
multiple places.
There's RF or millimeter waveantennas out there.
(30:08):
They have to be directionallypointed to another for
communication purposes.
So, because you can't reallyput wire sometimes in some of
these places where you'redropping bombs, so they have to
use some little othercommunication, which would be a
millimeter wave type controlcapability.
Then we're going to get intomicrowaves, so high frequency
radio waves used topoint-to-point satellite
(30:29):
communications, which is yourmicrowavesaves.
You have different types ofmicrowave capabilities.
You have terrestrial and youhave satellite.
So your terrestrial microwavethis is requires line of sight
for use of long distancecommunications.
Your satellite microwave usesgeostationary or leo, your lower
earth orbit satellites forglobal coverage.
It's again high bandwidth,great for backbone networks and
(30:50):
can cover a large area ofcommunications.
Obviously, starlink's a greatexample of all of this right,
but it does require precisionalignment for point-to-point
transmissions.
Now, an interesting part in allof this it used to be where, in
the old days where you had justone satellite up there, you had
to have very specificdirectional pointing to that
satellite to be able to get yourdata back and forth.
Well, now, because of Starlinkand he's basically carpet bombed
(31:13):
the entire atmosphere withsatellites you don't have to be
as precise.
You just point it north andthen there's enough
constellations of where you'repointing that it will be able to
connect to those.
They work more as a network, asa hive-type environment, and it
allows them to cover a very,very large area.
The downside is they areaffected by weather conditions.
(31:36):
Obviously, rain will causeissues.
They are affected by having ifthere's obstacles in their way.
You have a building, it doesn'twork.
You have a tree, not so much.
So again, there's somedisadvantages with using some
sort of satellite communicationConsiderations, obviously IPsec
communications between them,because again, that could be
intercepted and then secureaccess, control and monitoring
(31:56):
of any of the data going backand forth.
It's interesting in the factthat when I first started in all
this satellite communicationswas pretty, wow, awesome.
You know, it's like cool.
And now it's like hey, it'sStarlink, I just put it on my
car and I drive around and I gotinternet wherever I go.
I mean it's just like crazy thefact that we have the ability
to do all these things now.
Infrared what is infrared?
(32:19):
Infrared uses light waves forshort range and line of sight
communication.
Remote controls obviously areinfrared.
Short range wirelesscommunications this is on your
IR ports on laptops.
Again, these are immune to RFinterference because they're
infrared, but they're verychallenging to eavesdrop on,
since infrared is verydirectional, right, you have to
point to it to basically be ableto intercept it.
(32:42):
But the downside is they havevery limited range one to five
meters, so basically about 15feet, not very far and it does
require direct line of sight.
So if you have something in theway, it will not work.
So infrared you need to havedirect line of sight.
It is limited use in most casesreal specifically but in secure
communications, due to a shortrange, it could be used, but
(33:03):
it's just something for you tohave to understand around.
Ir and it is available for datacommunication.
It's just not probably the bestchoice, depending upon your
situation.
Bluetooth, okay, bluetooth.
You see it everywhere that yougo, your watch, your phone,
everything else is connected toBluetooth and this is a
communication protocol.
It's about 2.4 gigahertz andthere's different types of
(33:25):
versions.
You have Bluetooth Classic,classic it's like Coke Classic
Bluetooth, low Energy, ble.
Now, depending upon which oneyou're using and what's the
purpose behind it, a lot of itwill depend on what type of
protocol that it's using versusClassic, versus Low Energy.
So common uses, so peripherals,right?
So you have your Bluetoothkeyboard and Bluetooth mouse are
(33:48):
connecting to your computer.
Iot type devices.
All of those aspects can beconnected via Bluetooth.
Now, what is Bluetooth lowenergy?
This was introduced inBluetooth 4.0 for low power
devices such as IOTs, wearables,medical devices and so forth.
Wearables medical devices andso forth.
Wearables would be like youriWatch and all of those things
or whatever they call that thing.
(34:08):
Different types of wearablesthat are connected via Bluetooth
Headphones, ipad, your littleiPhone I can't think of the name
of it iPhones that's not aniPhone, it's a headphone.
See, I just show I'm old.
My kids just look at me androll their eyes and think, dad,
you're just old and crusty.
Bluetooth low energy that'soptimized for energy efficiency
(34:30):
and short intermediate datatransmissions as well.
Security considerationsobviously incorporate security
as much as you can Secure simplepairing.
Obviously, that's an importantpart where you're pairing the
devices to it.
One thing that you'll want toobviously avoid is the pairing.
Someone can pair to you and youpair to somebody else by
accident.
That could cause somechallenges as well.
But there's bluejacking, bluesnarfing and Bluetooth spoofing
(34:51):
as well.
Those are different types ofvulnerabilities you could run
into or issues you could runinto.
Now there's some different typesof Bluetooth security modes for
you to be aware of.
There's mode one through four.
One no, security shouldn't doit.
Mode two is application levelsecurity, and that's something
you consider with just thedevice talking to another
application via application.
(35:12):
Mode three is link levelencryption.
This is for criticalapplications that may be using
Bluetooth.
And then mode four is yoursecure, simple pairing with
AES-128.
Consider it best practice.
I know with a lot of theiPhones they have that already
set up, but you want to have theability.
Depending upon how you're usingyour Bluetooth, you may want to
consider those different typesof security protocols.
(35:35):
Again, depends on what you'relistening to or using it.
For One thing I've seen in thepast if you're using a mouse, if
there's someone next to youthat could potentially get your
same sort of mouse or I saymouse, not the right word, but
let's say a visual display it'spossible somebody could hijack
your Bluetooth connection and itcould see what you're doing.
So you have to determine whatlevel of encryption or
(35:56):
protection you want to add tothat session Wireless LAN.
So you have IE802-11 standardsfor wireless networking.
You have the differentstandards that are out there.
You have A, g, n, a, c, a, xyeah, all those right.
Uh, wi-fi six it's basicallycoming out or it's out.
I think it's out already it's,it is out.
Um, they're looking at new onesbeyond wi-fi six.
(36:18):
But the the goal of it is it'smobile, it's convenient,
everybody in their dog uses it.
I got wi-fi connect.
Do I have wi-fi?
I good, I'm in my car and I'mdriving.
I've got Wi-Fi.
Everybody's got Wi-Fi.
The point of it is that it'severywhere and it's so useful
(36:47):
for many people to get access tothe Internet that end up
causing a DDoS on your ownnetwork.
But it is super helpful and itis really nice.
Now some considerations toconsider.
Yeah, I said that twice in thesame sentence Is WPA3 encryption
.
Obviously you want to movebeyond WPA2 and WPA, for sure,
or web, heaven forbid, but youwant to be into W3 encryption.
(37:10):
Install MAC filtering, notinstall it.
Implement MAC filtering as muchas you can with your
authentication and then alsodisable SSID broadcasting.
Again, ssid broadcastingthere's a lot of people say
that's just kind of a waste oftime, but it does add.
It does hide the network alittle bit.
If someone really truly wantsto find your SSID, they can
(37:31):
easily find it, but it does forthe most people that are just
kind of surfing by.
If you hide it, they won't knowthat it's there.
It just does add a little bitmore complexity on your end.
The added security value isvery limited.
It's more of a placebo in manycases.
So let's deal with cellularnetworks.
So these are the networkinfrastructure that we operate
(37:53):
on from a wireless standpoint.
Now you want to considerencrypting the data using 3GPP
standards, which is your LTE 5Genvironments.
As well as you want to protectagainst any sort of interception
of these communications, youwant to deal with secure
authentication methods as muchas you can, and this would be
(38:15):
SIM-based encryption, so yourSIM that connects to your phone.
You want to ensure that that istied specifically to you and it
has SIM-based encryptionenabled.
Most of these carriers I don'tI think all of them have this
level in place.
I would say I don't know howthat is when you get outside of
the United States, but there'ssome recommend there's a lot of
that has been pushed here in theUnited States of what level of
(38:37):
encryption they have to have ineach of these mobile carriers.
Now, what are some of the maincomponents of a network, a
cellular network?
You have your mobile device,obviously, which you use, your
base station, which is your celltower that you connect to,
which are all over the place,your mobile switching center,
which is where it routes callsand manages your network access.
This is the thing thateverything goes into, much like
the old days of having aswitching network.
(38:58):
Then you have your packet corenetwork Now, your packet core
network.
This handles data traffic andconnectivity to the internet.
And then you finally have yourpublic switched telephone
network.
Now this is your PSTN.
This is where traditionallandlines and voice calls will
come into.
So your cellular networkcomponents.
Those are the main pieces to it.
Obviously, there's a lot oflittle sub pieces to it, but
(39:20):
that's the main part of it.
Now your network securityimprovements.
What came with 5G?
Stronger encryption, obviouslyfor AES-256, for key management,
mutual authentication Again,the device will authenticate
with the network and vice versa,and it has to do that with your
5G and your LTE did not have todo that.
Network slicing.
(39:40):
Security does isolate differenttraffic types to prevent
cross-contamination, which inthe old days you used to be able
to potentially hear somebodyelse's conversation with your
phone.
You'd be like, yeah, what'sgoing on, joey?
No, but that has been.
Obviously with 5G that hasstopped that.
And then they've migrated to azero trust architecture which
assumes all traffic must beverified before trust is granted
(40:02):
.
Again, those are key factorsthat roll into it.
And as we get more and morecapability granted, again those
are key factors that roll intoit.
And as we get more and morecapability, security has become
a bigger factor.
With all of these networks andI am not an expert at all on
cellular environments you couldjust have a whole knowledge gain
, just knowledge understanding,with the cellular space and all
the security that goes into thatcapability.
(40:23):
But it has allowed us to bemuch more mobile and it allows
us to do things that we in thepast could never even dream of
doing.
Okay, endpoint security.
So the endpoint security is thelast line of defense.
As you're looking at differenttypes of things to protect your
endpoint.
These provide variousapplications, are providing
security for you.
So, antivirus to endpointdetection and response, or EDR,
(40:45):
you want to have.
How do you protect yourenvironment?
Now, antivirus again, it's arequirement in most places and I
would say it's migrated fromthe old days of Norton AV to a
much more robust platform suchas, like an EDR type solution.
Microsoft has their Defender,which is an EDR type product,
and we'll do more than just lookfor signatures based on an AV
(41:08):
type situation.
I can't really explain what I'mtrying to say, other than to
say that most viruses will havea digital signature and the AV
traditional AV just compares thedigital signature to the
overall virus itself and thenflags it if there's a problem.
Obviously it's moved on beyondthat from when it was originally
out, but AV is a lot like that.
The EDR solution is lookingmore than just a signature.
(41:31):
It's looking for behavioralanalytics of what the device is
doing, what the potentialcommunication path is doing.
So it's a much more robustenvironment.
You need to also considerendpoint device encryption, and
I would also put on here the onething that I didn't put on the
slide is an MDM type environment, which is your mobile device
management solution.
(41:51):
This will then control themobile devices.
It does allow for theencryption.
It also allows for wiping.
Remote wiping is an importantpart of any enterprise.
You have people that come andgo from your network.
You want to have the ability toget rid of them and to delete
the device if they keep thedevice.
I don't mean like take them outand shoot them, kind of thing.
(42:11):
No, you don't get rid of themthat way.
You just get rid of them.
The fact that if they have aconnection to your network and
they keep the device and theyleave, you have the ability to
remote wipe the device.
It's an important thing youshould consider with all
enterprises.
Edr has in it.
You know IDS type things,scanner and alerting software is
all built into it.
You do want to look at an EDRsolution of some kind, Active
(42:32):
Directory Integration.
This is where you have globalgroups, vpns and IPA sec tunnels
also as well.
You want to have all thatintegrated within your endpoint
security as much as you possiblycan.
Last thing is Warranty Support.
So this ranges from software,hardware and associated
applications.
You want to consider what isthe level of what's going on
from your devices and what kindof support do you have from a
(42:53):
warranty standpoint?
You buy all this hardware.
What's the level of warrantiesaround it?
You have to have the ability tokeep tabs on that as well,
because this stuff will get outof hand real quick and you'll
forget.
Do I have warranties on this?
What's going to happen?
I don't know, will get out ofhand real quick and you'll
forget.
Do I have warranties on this?
What's going to happen?
I don't know.
Those are an important part andyou really need to understand
if you need to extend the lifeof some of this hardware.
What are some of the warrantyaspects you should do Now?
(43:14):
If you do go and want to extendwarranties beyond that, there
will be costs associated withdoing that.
These costs can be embeddedinto overall costs of the
product itself and they can beextended as the time goes on.
Typically, warranty costs whenyou're dealing with purchasing a
product.
They are a line item in thepurchase of the equipment.
They may or may not be able tobe used or they may or may not
(43:37):
be able to be removed from yourcost, but they're typically a
line item that you may see whenyou purchase a piece of
equipment is a warranty that'sadded to it.
They typically typically do notcover physical damage.
So what it means is is that aspeople are moving systems around
and they get dropped, they getdented, whatever it might be,
this will not protect fromphysical damage that may occur.
(43:59):
Hybrid warranties can coverthings that other things that
exist, but you need to be verycareful of the fine print on any
warranties that you wouldpurchase for any devices that
you have.
They can be invalidated veryquickly for malware or
ransomware incidents If you havesomething that so like just say
, you have a thousand devicesand a ransomware comes in and
you're like, oh my gosh, I gotto get rid of all these devices.
(44:20):
I can't blow them away becauseI don't know if the software is
still on these hard drives.
So therefore, we need to getall new equipment.
Just buy new equipment.
We'll put it under warranty.
Well, they may not do thatbecause they say, well, it's a
ransomware attack and you'regoing to throw them away.
They could be good.
You could just re-image them.
Even though you don't feelcomfortable, it's not our
problem.
So you need to be aware of that.
(44:42):
If there is a malware orransomware event and you have
warranties on your hardwareequipment, you want to make sure
that it does not invalidateyour warranty if you have an
incident.
So again, you need to look atthat from a standpoint of is
that valuable to you or not?
Okay, so that's all I have foryou today.
I hope you guys got a lot out ofthis podcast and a lot out of
(45:05):
this training.
You can go to CISSP CyberTraining and get access to all
my content at CISSP CyberTraining.
It's all there and availablefor you.
You just got to go download it.
It's there.
So if you want to have accessto me, I've got mentorship
training that's availablespecifically to help you.
You can gain access to that aswell.
So there's all kinds of thingsthat you can get at CISSP Cyber
(45:26):
Training.
I highly recommend you go to it.
If you're looking to pass yourCISSP, go check it out, and if
you don't want to buy anything,that's fine too.
There's free stuff that'savailable to you as well.
My blueprint will help you,though.
I guarantee you get thestudying that you need to help
you pass the CISSP in thetimeframe that it meets your
goals.
Again, I got a three-month, afour-month, a five-month
blueprint that will help youbased on your needs specific to
(45:50):
what you have to do.
If you have to work late atnight or work during the day and
you don't have time to study atnight, the three or the four or
five month will help you withthat.
If you want to get it knockedout as fast as you possibly can,
the three-month blueprint willbe what you need to get it done,
and you can cram all this ineven to a month if you need to.
But again, people have lives.
That's the thought processbehind the blueprint was that
you have some sort of lifeoutside of what you're doing
(46:11):
right now.
All right, that is all I havefor you.
Head on over toCISSPcybertrainingcom or head
over to RenewCyberRiskcom andyou can get access to lots of
information and content that'sover there as well from my
consulting side of the house.
All right,
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Special Summer Offer: Exclusively on Apple Podcasts, try our Dateline Premium subscription completely free for one month! With Dateline Premium, you get every episode ad-free plus exclusive bonus content.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!