CCT 230: Drones to Fiber Optics - Secure Network Components and CISSP (Domain 4.2)
Mar 03, 2025The unexpected convergence of consumer technology and warfare takes center stage as Sean Gruber explores how Chinese e-commerce giants now sell drone accessories that transform $300 toys into semi-autonomous weapons. This eye-opening discussion reveals how modern drones with AI guidance modules and fiber optic tethers mirror strategies from World War I—except today's technology is far more accessible and difficult to defend against.
Against this backdrop, Sean delivers a comprehensive breakdown of Domain 4.2 (Secure Network Components) for the CISSP exam. He methodically examines transmission media vulnerabilities across legacy and modern infrastructure—from coaxial cables still found in specialized environments to the fiber optic networks revolutionizing global communications. Each technology receives detailed security analysis, with Sean highlighting how even supposedly "secure" media like fiber optic remain vulnerable to sophisticated tapping techniques.
The podcast ventures deep into wireless security territories, examining radio frequencies, Bluetooth vulnerabilities, Wi-Fi standards, and the substantial security improvements in 5G cellular networks. Sean explains how technologies like network slicing and zero-trust architecture are transforming mobile security, while also providing practical insights into endpoint protection strategies and the often-overlooked importance of hardware warranty management during security incidents.
For CISSP candidates, this episode delivers the perfect blend of exam-critical technical details and real-world context showing why these concepts matter in today's security landscape. The discussion effectively demonstrates how physical and cyber domains increasingly overlap, requiring security professionals to maintain broad knowledge across multiple disciplines.
Whether you're preparing for the CISSP exam or looking to strengthen your organization's network security posture, visit CISSPCyberTraining.com to access Sean's specialized preparation materials, including study blueprints tailored to various timeframes based on your personal schedule and learning needs.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
TRANSCRIPT
Speaker 1:
Welcome to the CISSP Cyber Training Podcast, where we provide you the training and tools you need to pass the CISSP exam the first time. Hi, my name is Sean Gerber and I'm your host for this action-packed, informative podcast. Join me each week as I provide the information you need to pass the CISSP exam and grow your cybersecurity knowledge. All right, let's get started. Let's go. Cybersecurity knowledge.
Speaker 2:
All right, let's get started. Hey, hello, sean Gruber, with CISSP Cyber Training, and hope you all are having a beautifully blessed day today. Today, we're going to be talking about domain 4.2 of secure network components, all related to the CISSP exam. As always, you know, the CISSP, or cyber training, was created specifically to help you all get ready for the CISSP exam. As we all know, it's a bugger of a test, and if you are better prepared for it, you have a better chance of passing, and we want you to pass the test the first time, not like me, and fail it the first time. We want you to pass it the first time.
Speaker 2:
So, before we get going into that, though, I wanted to talk about an article that I saw in the news related to low-cost drone add-ons from China, and this isn't something interesting that I've seen growing over the years. You know the overall goal of drones. You know, coming from a military background, coming from flying airplanes, it has morphed into something that is way beyond what we could have ever seen. However, it also hasn't. We also knew in the military. We knew for many, many, many years that drones were going to be a big part of how wars were fought. What it relates to, we thought, airplanes that were basically remote controlled. They would then go in and attack targets and so forth. Well, those are available now. Those are starting to come out on the market, which we anticipated and kind of thought they would be here a little bit before now, but obviously it takes a lot to get these systems up and running.
Speaker 2:
That being said, one thing that has really kind of changed a lot of people's thought process are these small, little tiny drones that you can buy online and you can be able to fly around your house and do whatever you want to do with them. Actually, probably not around your house outside your house would be a good idea. Inside your house and do whatever you want to do with them Actually, probably not around your house. Outside your house would be a good idea. Inside your house, not a good idea. My cat does not like a drone. We had a drone in the house. My son brought one by and the cat was not a fan. It pretty much ran and hid as fast as it could when it heard it and saw it. So fly them in your home Also. You can lose an appendage or two. Probably not a good idea.
Speaker 2:
That being said, the Chinese e-commerce giant Timu and AliExpress are selling drone accessories for those who would wish to purchase, but, that being said, they are also being used for wartime activities and you can anticipate anything that can be used for good can be used potentially for bad or evil, depending upon what side of the war you're on. Now an interesting part on all this and I laugh because how it's gone full circle where these drones now are, people are connecting all kinds of payloads to them and they can drop grenades. They can drop all kinds of aspects from these drones, and it's really indicative of what happened during World War I, when there would be the Sopwith Camel would be flying around. This is a biplane flying around over the battlefield and this was the first time airplanes had really been used at all in any sort of military engagement and there would be pilots with grenades inside the cockpit and they would just drop them over the side. Very, very similar concept. The difference is, as a pilot, you were pretty much hanging out there to get shot at, whereas the drones now are fully disposable and, because they're such an inexpensive tool, they can just be replicated and reproduced over and over again.
Speaker 2:
Now the article talks about some key drone modifications, like AI guidance modules that are. Basically they enable human and vehicle recognition. I mean, this is amazing A small drone about $300, can determine vehicles and it can determine humans. It does allow them to be semi-autonomous, so therefore you can launch them and let them go. It will then hunt down whatever it sees. They also have fiber optic tethers, which I think is an interesting part in the fact that one of the aspects that came to the they're running into issues of again, coming from a B1 background and from an electronic warfare background, I understand the use of jamming capabilities. Well, you can jam these systems right. You can jam them, you can hit them with a microwave and knock them out, but they're adding fiber optic tethers to them. You can't jam that signal and we're going to talk about that today as well, a little bit in the CISSP training around fiber optics. But one of the aspects you can't really jam it. When it's got a tether to it. They will put different types of explosives One, they can drop them. Two, they can just have them attach the drone and the drone just becomes a terminal missile.
Speaker 2:
So as a precision guided missile, I should say an interesting part in all this we used to spend tens, if not hundreds of thousands of dollars on precision guided weapons for the B-1 bomber. And we had a thing called JDAM, which is your joint direct attack munition, and it had the ability to come out of the airplane, it would drop and then it would find its way to a target based on predefined location and coordinates that you would put in the system. And it had this package that you would wrap around a bomb, basically a 500 pound bomb or even a 2000 pounder. You wrap this package around it and then it would fly to its target and do its thing. Well, now you can do the same capability with a $300 drone. Now, obviously you can't carry the same level of tritonol and explosives, but it still does the same impact.
Speaker 2:
And the one thing that I think this article didn't really kind of go over, which is understandable why is the psychological effect of this? This would be extremely demoralizing to folks on the battlefield. One is if you hear an airplane, you see airplanes and bombs start dropping. You have an ability to deal with that. At least I say that loosely, I mean I've never least. I say that loosely, I mean I've never had bombs dropped on me, but you have the ability to go. Hey, I see it coming. I hear it coming. Hunker down, try to just survive With these things. You don't even know they're there until it's too late because they hang up at a high altitude. You can't hear the motors and they're just like little bees that carry explosive devices on them. So, yes, it's very, very interesting where this world is going to.
Speaker 2:
One of the things they bring about in the article is that there needs to be improved drone technologies as far as counter-drone technologies to shut them down, and then there has to be global regulations around the sale of militarized drone accessories. I think it's going to be hard to do some of that. You can get a 3D printer. You can print probably whatever drone you want or accessory you want to do. So the bad guys and girls who really want to make this happen they're going to make it happen. I don't think any sort of regulation is going to squash it. All it's going to do is probably limit some of its express exposure to the rest of the globe. But again, good article. It's in Wired Magazine. The ultimate point of it is low-cost drone add-ons from China. Let anyone with a credit card turn toys into weapons of war. Again, good article. I recommend you read it.
Speaker 2:
And again, as a cybersecurity person, you're probably going well, why does this matter? To me it does, because as we talk about physical security, we talk about cybersecurity. A lot of times they blend over, and you may have folks within these physical security environments that will ask you hey, I got drones, I don't know what to do with them. I got these little guns that I can shoot at them to kind of knock them down, but do you have any cyber things that you would recommend? And so, therefore, guess what you need to understand the drones and how they're communicating with the home, which we're going to talk about here in just a minute, because we're going to go over our frequencies, we're going to go over fiber optics and so forth. So, again, drones, check them out. Again, wired Magazine drone add-ons from China. All right, let's move on to what we're going to talk about today.
Speaker 2:
Okay, so, this is domain 4, 4.2, secure network components. And so, again, you can get all of this at CISSP Cyber Training. Head on over to CISSP Cyber Training. Get access to my content. There's three different purchase options available to you. You can just get this content and have access to it, no problems whatsoever, or you can get the access to the free content that I put out there. After a period of time it becomes free, as well as the podcast that you're listening to at this point. So all of this stuff is available to you in one form, shape or another. Just depends if you want to have access directly to the content, if you want to have access to me, or if you want to just get the free stuff. It's all up to you.
Speaker 2:
Okay, so let's get into Domain 4.2. So first part of this is we're going to get into operations of hardware and we're going to focus a little bit on network access controls. Now, before we get into that just a little bit, we're going to do just a real quick overview of what is. What are we doing? We're focusing really specifically on the network component level in this domain. Now you got intranet, you have extranet and we're going to kind of get into those. Just well, probably a little bit on those. But the thing to kind of consider is intranet is a private internal network. It's a network inside your company, inside your area. That's what they call an intranet. You have an extranet which is a blend of the intranet and the internet, right? So you basically internal and external, and then you have a demilitarized zone which is both your it's your internet and business network where they meet. So we've talked about this at CISSP Cyber Training in multiple times times where you have a demilitarized zone, usually between your process environment maybe you have manufacturing and your, or I should say your company, and that between those two is a demilitarized zone. That is an area where those two meet and typically you will have some level of separation between them. And then segmentation. This is where you have virtual local area networks, which is your VLANs, and there's different types of segmentation. We'll talk about wireless local area networks today a little bit. So any type of segmentation can occur within these various networks as well, and it can be from both physical and some sort of wireless type technology.
Speaker 2:
Now, what is a network access control? The network access control, this is a security framework that restricts unauthorized devices from accessing your network. Okay, so your security policies that will be put in place to that will help identify the person, the device, there's compliance aspects to it, and then it also ensures that their security posture is set up before a person will connect to the network. Now there's some different types of features that you want to understand related to network access controls. You have authentication and authorization. Now these are again, these key features are things that you really will run into almost any type of network and you should try to implement, if not all of these, most of them as much as you possibly can. Authentication, authorization again we talked about that where you have the authentication of a person and you authorize that person or device onto the network and again this is an important part and you don't want to have the ability for people to have connect devices to your network that are not authorized or authenticated. You want to do a posture assessment basically understands what are all the different types of compliance requirements associated with the device does it get updated, does it have av, all of those pieces you want to make sure that your devices are on a network.
Speaker 2:
Access control will control that. Role-based access controls are rbac. This will also be set up through network access controls that will help limit access based on user roles, and we've talked about this numerous times. You hear about RBAC a lot on CISSP, cyber Training is role-based access controls and limiting what you can and can't do based on the specific role that you're in, and we want to make sure that we are very clear on what roles that you do work in and that we have controls tied specifically to them. Network segmentation is an important part of network access controls as well. Again, this will help prevent lateral movement within the network by people or accounts that don't necessarily need the access.
Speaker 2:
And then, last thing is when we're dealing with zero trust. Network access control is a crucial part of a zero trust security and, as you know, the US government is forcing a lot of their departments I mean all their departments to have some level of zero trust enabled within their networks. So, understanding zero trust methodology and framework is an important part of any sort of security posture that you have to protect your company. Now, if you have a small company, you may go. I can't afford all of this stuff. You're going to have to determine what works best for you. But again, understanding as a security person, all of the foundational aspects, it's important for you to help make a risk-based decision on this. Now, if you're in a highly regulated environment, you may not have the ability to make as much of a risk-based decision as you may like because the regulators may force you to do so. Okay, so firewalls Now we'll talk about firewalls and various aspects of CISSPp, cyber training, but we're going to just kind of go into some of the key factors as it relates to the operation of the hardware itself.
Speaker 2:
One firewalls are a network security device that monitor and filter incoming and outgoing traffic, right based on some predefined security rules that you will have put in place to protect your environment. They do operate in various layers of the osi model and they have different inspection capabilities, and we're going to kind of go over some of these inspection capabilities today. So the first one is packet filtering. Now, this is basic IP and port-based filtering that is, looking at the packets going across the wire. So all of these packets are being looked at, they're being filtered and there's different types of capabilities that are put up against them. There's also stateful inspection. This is where it tracks any sort of connection that's occurring and it tracks the active connections that are going on within your network. And so there's a stateful piece where it's looking at each specific connection going in and out, whereas just a packet filtering it would be like if you're just inspecting all the packets coming across the wire. This one is actually inspecting the connections that are occurring between them.
Speaker 2:
Then you have deep packet inspection. Now this examines the payloads that are specifically going through the wire and is looking for any sort of threat that it may find. So a DPI, a deep packet inspection, can occur when you have a very I'll have to tell you, warn you on this you'll need to have a very strong firewall that you have put in place, a very powerful one, because doing deep packet inspection does take it's a very resource constraining activity and it can take a lot of different power, a lot of different computational power to make that happen. You have application layer filtering. This inspects traffic at layer seven for, again, advanced protection related to the overall application, as we talk about the different layers of the OSI model. This is where they would look specifically at what's occurring within the application, or layer seven, tls and SSL inspections. This will decrypt any traffic to detect any sort of attacks that could be occurring within there, and maybe not necessarily attacks, but more like data that might be leaving the environment. I will tell you, I've worked on a project with a large medical company around TLS and SSL inspection. It can occur, it can be a good thing, but it is one of those aspects that you really need to have a good plan. Related to it, there's a lot that goes into any sort of encryption inspection and it is very complicated and it's a very resource-intensive process.
Speaker 2:
The other one is next-generation firewalls. These are a more modern type of firewall. Now I will tell you that this was when I first started in this whole business of cybersecurity. Firewalls were one thing and then you moved into next-generation firewalls because that gave you a lot more features and a lot more capability. Well, in today's world, a lot of stuff is virtualized and because it is so virtualized, you can get the capabilities of a next generation firewall and almost all kinds of firewalls. But the bottom line is is it takes it. It goes from just being a rudimentary device to something that can provide a much more granular security tool is what you would find in a next generation firewall. Okay, so now we're going to get into transmission media, the different types of transmission media that you will run into as you're studying for the CISSP and as you'll run into related to the security space in general.
Speaker 2:
So, coaxial cable Now, all are probably going. What is coaxial cable? You'll still find it in places, but it's that black pipe looking thing that's got a copper line in the middle of it. This copper conductor is surrounded by an insulated material and a metallic shield in the outer cover and the ultimate goal is that it would transmit data over this copper line. Again, this is old school. Back when I was in college, this was kind of the rave of everything coming out. You had to have terminators, you had to have cable run to different places, but it did allow you to have a much level, a much better ability to communicate between one system and another system, and without having to have something even more complicated. But there's thick net and thin net or some different types to think about. There's 10 base 5 and 10 base 2. Obviously, the 10 base 5 is older and supports longer distances and because of the core copper line is much thicker and therefore it will allow it to be traveled much further and much longer stretches, whereas the 10 base 2 is much more flexible and it's designed for much shorter spaces.
Speaker 2:
Now I will tell you that if you're still seeing this within an environment, it might. The place that you may still see it potentially is areas where some sort of RF can be shielding can be done, whereas we'll talk about RF here in just a minute where you can't use wireless, you can't use any sort of cellular technology, you're limited to specifically running cables and you don't have any sort of twisted pair that's been run through the building. It really basically comes down to if you've got a really old building and you've got no choice, you might run into this, but it's highly unlikely that you're going to have to deal a whole lot with it. But it's important that you know that it's there because it's still out there, people still do use it and some advantages to it again is better resistance to EMI shielding basically your electromagnetic interfaces or interference than a twisted pair. The twisted pair, which we'll get into, does have a level of shielding on it as well, but not to the same level that you would have with your coaxial cable. It does have high bandwidth capabilities. That being said, your twisted pair can give you in today's world, can give you the kind of bandwidth you want beyond coaxial. Some disadvantages, obviously it's bulkier, more expensive than twisted pair and then it's also limited flexibility in modern networks. So again, you may see it, it's possible, but it's highly unlikely at this point. Security considerations, again, physical tapping risk you can tap into it. You wouldn't know if somebody had tapped into it and put, basically, a bump on the wire. And then you need to really consider how you use encryption when you are communicating between devices. Do you are using ipsec, tunneling, using tls, whatever you're using specifically to protect the data that's going in between those two points?
Speaker 2:
Fiber optic, when you're dealing with transmission media. We talked about this a little bit in the article as it relates to the Chinese government, or the Chinese not the government, but the Chinese manufacturers creating drones. Well, fiber optics is an important part of almost everything we do today and it used to be where you would say well, if you get fiber optic to your home, you are rich beyond belief. Well, now they're dumping fiber optic into almost every home out there and you're getting now speeds with fiber optics that are just amazing. It's really quite incredible.
Speaker 2:
So you have a couple different types of fiber optic capabilities. You have single mode fiber and you have multi-mode fiber. Now, single mode fiber, it's a single beam of light and it supports distances up to 100 kilometers. It is expensive and is used in the backbone of most networks. So, like your big T-Mobiles, your Sprint, they're all the same company now. T-mobiles sprint, they're all the same company now. But t-mobiles, at&ts. They use a single mode fiber as their backbone.
Speaker 2:
As I'm driving through the wonderful state of kansas and this has been a few years now you would see these orange tubes along the side of the road and these orange tubes were being run from basically kansas city and not my case down to wichita. And what was in there was fiber and the purpose of it was to provide fiber to Wichita. That was the ultimate point. So again, the single mode fiber, real long distances. It's just one beam of light, multi-mode fiber. This uses multiple light paths and it can go up to shorter distances, around two kilometers. It's more affordable, but it does have, as you get into mode.
Speaker 2:
They call it modal dispersion, but it have your more, more modes that are connected to it, is it you know, spirals out into that little daisy chain I think I'm to can't hear the right word but it, like the hub and spoke method, right. As you get into more modal connections, then you end up having some sort of dispersion that can occur because of all these different connections. Again, it's light. Any bump in the wire will potentially disperse the light, which then in turn would disperse some of the capability and the data that's being transmitted through that. So what are some of the advantages? Again, high bandwidth and speed are available through fiber optic. It is immune to EMI, which is your electromagnetic interference and crosstalk, so that's why they use it as a tether for those drones. It's more secure than electrical transmission, obviously, because it's light and you can't really break into it. And if you do cut a fiber optic line, it's pretty obvious you know that it goes down. So it's one of those aspects. That is, it's a really cool product.
Speaker 2:
Now what are some of the disadvantages that go with it? It's higher cost and it's fragile compared to a copper type cable. They've gotten better, but in the past if you had to splice together fiber which I learned how to do just because I broke some fiber is, you have to learn how to. In the past you had to learn how to polish the fiber. You had to have a connector in there. It was a huge pain in the butt to try to connect two fiber connections or fiber lines together. So it it was very challenging. Now I would say they've gotten better at it, but still it is difficult to vary, to install and maintain over time. But it is very, very good at traversing and sending data across the wire. So now some security considerations to think about again. Harder to tap than copper cables, but still vulnerable, again, once you tap into it.
Speaker 2:
If you don't know that someone cut your fiber, it is possible that you wouldn't know that they're actually copying their data. That's leaving it. There's an optical time domain rectometer. I don't even really know what that means other than OTDR. It can help detect unauthorized access, but at the ultimate point of it is, you'd have to, you'd want that. In areas, obviously, where there's high security concerns, something like that would be in place, but in most cases you would not know if someone had tapped into your fiber line. You also want to encrypt the data as much as you possibly can to ensure the confidentiality of the data. This goes along with pretty much everything is you want to encrypt it as much as you can. However, that isn't always possible or feasible. So just consider if you are running fiber, don't think, oh, I'm immune, I'm running fiber, nobody can touch me, you know, and especially if you use that voice, I'm sure they would really think you're pretty cool. But that being said, it can be tapped into.
Speaker 2:
Okay, moving on Twisted pair. So we deal with twisted pair. And you have unshielded and you have shielded twisted pair we talk about. This is what you'll see most of everywhere pretty much besides wireless, and this is a bunch of copper strands that are twisted together and because of that twisting and the different copper strands, they allow to have really high transfer rates of data. Now, obviously nothing to the level of fiber, but it is capable of doing a lot of really good things with twisted pair.
Speaker 2:
So your unshielded twisted pair again, it's very cost-effective, it's widely used. It's used for ethernet and for telephone lines if anybody ever has a telephone but it is still used for telephone lines and it's susceptible to EMI and crosstalk. So what does that mean? It basically means that because it's unshielded, you can go ahead and jam it and you could potentially take data from it, just because there's, as data goes across the wire, it is going out. I mean you're losing some sort of I can't think of the right word but there is data that's leaving and you could put some level of a device over the top of the wire without actually splicing it and be able to pull some of the data off of it because it's unshielded.
Speaker 2:
Now there's different types of categories which I've got on the slide. There's actually a table that kind of goes into different types of categories and what they're capable of, but you have CAT 3, 5, 5e, 6, 6a, 7, and so forth. There's multiple categories available to you, and there's actually more than that, I think, that are out there, but those are just some of the key categories associated with it. Then you have shielded twisted pair, which is STP. So UTP is unshielded, shielded is STP. Okay, if you're old like me, you know what STP means. It was the gas treatment thing. But if you don't know what I'm talking about, you're much younger than me.
Speaker 2:
So shielded twisted pair this includes additional shielding for EMI protection. It's basically a foil that goes around each of the line itself to shield it from any sort of EMI. It's more expensive and difficult to install than UDP, and why? Because that added shielding makes it less flexible. It's just, it's a more. It's not as easy to work with as the specifics that you deal with when it comes to UDP. It's used in environments with high interference or, if you need some level of shielding, especially in classified environments, they would have a lot of shielding and in some cases they won't even allow this used unless it's in a shielded uh, what do you call it like a?
Speaker 2:
tube of some kind. You have to have some sort of tubing where this will actually go in like a tray, a run, uh, a wire run there. What are some of the security considerations? It's susceptible to eavesdropping and crosstalk, and then what you obviously have to do is you incorporate tls and ipsec as much as you possibly can with these fibers. So twisted pair is what you will see in almost all locations and it's been run in the walls, along the walls, on the walls. But UTP is something that is out there pretty much everywhere and on the slide you can see there's actually various categories, category one to category eight, the different types of bandwidth that it can handle, as well as distances and shielding that are associated with it. Highly recommend you go to CISSP Cyber Training. You can actually see this video, and when I get it up, when I release it because I just ran out of time, but when I get it released out there, they'll have this table out there as well You'll be able to see this as well. Or table out there as well, you'll be able to see this as well. Or you can just go to CISSP Cyber Training and get access to the document itself and then you don't have to worry about it. Yep, I always got to put a shameful plug, always got to do it.
Speaker 2:
Okay, so we're going to get into radio frequencies. So this is the use of electromagnetic waves to transmit data over the air. So we have different types of ranges that one will start into. There's basically three buckets to consider. You have your low, medium and high frequencies, which is your LF, mf and HF, and these are legacy communications that may be out there where you have a point-to-point system that is communicating over some of these old type of communication strategies, but for the most part those have all been defunct and gone. Now you have VHF and UHF. This is your very high frequency and ultra high frequency. These are tied specifically to radio and TV broadcasts and in today's world you'll look at, there's a lot of TV broadcasts that are digital and they are using even higher levels of the spectrum than just the old VHF capability, because there's a lot of stuff that's pushed out in these digital radio transmission waves. But, as you know, the higher the frequency and therefore the higher the data that's used within that frequency, the less the range it can be.
Speaker 2:
So then you roll into microwave and millimeter wave. This is used in Wi-Fi, cellular and satellite communications. So again, you have to avoid the fact that if you want to have some sort of high levels of data transfer over long distances, you're going to want to have some level of UHF type capability. But if you want to have a microwave capability where it's going from space down here, that's great. That's about the only way it's going to work.
Speaker 2:
If you try to use it in the atmosphere, millimeter wave will not go very far. The atmosphere causes a lot of attenuation with that data, that transmission, and so therefore that's why satellites are in the air and they're sending it down, because it doesn't have to go through the same level of atmosphere on the earth as it does coming from the upper atmosphere down. And so that's just something to consider as you're looking at microwave and millimeter wave. So some of the advantages that go along with this it supports mobility and scalability. It reduces the need for external cabling. Again, rf is an important part.
Speaker 2:
Disadvantages, obviously, is interference and jamming is a big factor with anything that goes through the air, and hence that's why you don't if you get into GPS signals, what if in the military we were worried about other adversaries using GPS jamming of some kind? And that's a possibility, because the fact is that it's all some sort of radio wave type capability, increased security risk due to open transmissions. Again, obviously the transmission is going out. In the old days, before Desert Storm, they were using to control drones, udp type communications, right? So that's just blanket data going out there, rf type data, and you're using UDP to communicate with these drones. Well, what ends up happening is you jam them and then you can take over, and that's what the Iranians did and they stole a drone because of it, and since then they have done things to protect that. But at the same time, it is very possible for that to happen. It's jamable, it can be intercepted, and so forth.
Speaker 2:
When it comes to security considerations, again, obviously you want to consider using security protocols and encryption protocols as much as you possibly can. Assume that if there's data being transmitted, it's being intercepted, and if it's being intercepted and it is open in clear text, now whatever you're seeing, they're seeing as well. So you want to have some level of encryption enabled. You want to have some sort of signal jamming and interference mitigation put in place. What would that be? Well, say, for example, you have a drone and your drone is flying somewhere and it gets jammed. Well, if your drone is getting jammed for a period of time, then the drone knows. Hey, if my signal gets lost, this is what I'm going to do. Whatever it is, it's going to orbit, it's going to come back home to mama, it's going to do something, but it doesn't just go and fly stupid. You want to have the ability that you have logic built into it that it will do something outside of just sitting there and falling out of the sky.
Speaker 2:
Directional antennas for controlled transmissions. Again, if you have a specific area, now you'll run into this with millimeter waves, specifically where you have an antenna that's pointing at another antenna, and you'll have to use them specifically to do that. Because I've dealt with this out on the bombing ranges in multiple places. There's RF or millimeter wave antennas out there. They have to be directionally pointed to another for communication purposes. So, because you can't really put wire sometimes in some of these places where you're dropping bombs, so they have to use some little other communication, which would be a millimeter wave type control capability.
Speaker 2:
Then we're going to get into microwaves, so high frequency radio waves used to point-to-point satellite communications, which is your microwavesaves. You have different types of microwave capabilities. You have terrestrial and you have satellite. So your terrestrial microwave this is requires line of sight for use of long distance communications. Your satellite microwave uses geostationary or leo, your lower earth orbit satellites for global coverage. It's again high bandwidth, great for backbone networks and can cover a large area of communications.
Speaker 2:
Obviously, starlink's a great example of all of this right, but it does require precision alignment for point-to-point transmissions. Now, an interesting part in all of this it used to be where, in the old days where you had just one satellite up there, you had to have very specific directional pointing to that satellite to be able to get your data back and forth. Well, now, because of Starlink and he's basically carpet bombed the entire atmosphere with satellites you don't have to be as precise. You just point it north and then there's enough constellations of where you're pointing that it will be able to connect to those. They work more as a network, as a hive-type environment, and it allows them to cover a very, very large area.
Speaker 2:
The downside is they are affected by weather conditions. Obviously, rain will cause issues. They are affected by having if there's obstacles in their way. You have a building, it doesn't work. You have a tree, not so much. So again, there's some disadvantages with using some sort of satellite communication Considerations, obviously IPsec communications between them, because again, that could be intercepted and then secure access, control and monitoring of any of the data going back and forth.
Speaker 2:
It's interesting in the fact that when I first started in all this satellite communications was pretty, wow, awesome. You know, it's like cool. And now it's like hey, it's Starlink, I just put it on my car and I drive around and I got internet wherever I go. I mean it's just like crazy the fact that we have the ability to do all these things now. Infrared what is infrared? Infrared uses light waves for short range and line of sight communication. Remote controls obviously are infrared. Short range wireless communications this is on your IR ports on laptops. Again, these are immune to RF interference because they're infrared, but they're very challenging to eavesdrop on, since infrared is very directional, right, you have to point to it to basically be able to intercept it.
Speaker 2:
But the downside is they have very limited range one to five meters, so basically about 15 feet, not very far and it does require direct line of sight. So if you have something in the way, it will not work. So infrared you need to have direct line of sight. It is limited use in most cases real specifically but in secure communications, due to a short range, it could be used, but it's just something for you to have to understand around. Ir and it is available for data communication. It's just not probably the best choice, depending upon your situation.
Speaker 2:
Bluetooth, okay, bluetooth. You see it everywhere that you go, your watch, your phone, everything else is connected to Bluetooth and this is a communication protocol. It's about 2.4 gigahertz and there's different types of versions. You have Bluetooth Classic, classic it's like Coke Classic Bluetooth, low Energy, ble. Now, depending upon which one you're using and what's the purpose behind it, a lot of it will depend on what type of protocol that it's using versus Classic, versus Low Energy. So common uses, so peripherals, right? So you have your Bluetooth keyboard and Bluetooth mouse are connecting to your computer. Iot type devices. All of those aspects can be connected via Bluetooth. Now, what is Bluetooth low energy? This was introduced in Bluetooth 4.0 for low power devices such as IOTs, wearables, medical devices and so forth. Wearables medical devices and so forth. Wearables would be like your iWatch and all of those things or whatever they call that thing. Different types of wearables that are connected via Bluetooth Headphones, ipad, your little iPhone I can't think of the name of it iPhones that's not an iPhone, it's a headphone. See, I just show I'm old. My kids just look at me and roll their eyes and think, dad, you're just old and crusty. Bluetooth low energy that's optimized for energy efficiency and short intermediate data transmissions as well.
Speaker 2:
Security considerations obviously incorporate security as much as you can Secure simple pairing. Obviously, that's an important part where you're pairing the devices to it. One thing that you'll want to obviously avoid is the pairing. Someone can pair to you and you pair to somebody else by accident. That could cause some challenges as well. But there's bluejacking, blue snarfing and Bluetooth spoofing as well. Those are different types of vulnerabilities you could run into or issues you could run into.
Speaker 2:
Now there's some different types of Bluetooth security modes for you to be aware of. There's mode one through four. One no, security shouldn't do it. Mode two is application level security, and that's something you consider with just the device talking to another application via application. Mode three is link level encryption. This is for critical applications that may be using Bluetooth. And then mode four is your secure, simple pairing with AES-128.
Speaker 2:
Consider it best practice. I know with a lot of the iPhones they have that already set up, but you want to have the ability. Depending upon how you're using your Bluetooth, you may want to consider those different types of security protocols. Again, depends on what you're listening to or using it. For One thing I've seen in the past if you're using a mouse, if there's someone next to you that could potentially get your same sort of mouse or I say mouse, not the right word, but let's say a visual display it's possible somebody could hijack your Bluetooth connection and it could see what you're doing. So you have to determine what level of encryption or protection you want to add to that session Wireless LAN.
Speaker 2:
So you have IE802-11 standards for wireless networking. You have the different standards that are out there. You have A, g, n, a, c, a, x yeah, all those right. Uh, wi-fi six it's basically coming out or it's out. I think it's out already it's, it is out. Um, they're looking at new ones beyond wi-fi six.
Speaker 2:
But the the goal of it is it's mobile, it's convenient, everybody in their dog uses it. I got wi-fi connect. Do I have wi-fi? I good, I'm in my car and I'm driving. I've got Wi-Fi. Everybody's got Wi-Fi. The point of it is that it's everywhere and it's so useful for many people to get access to the Internet that end up causing a DDoS on your own network. But it is super helpful and it is really nice.
Speaker 2:
Now some considerations to consider. Yeah, I said that twice in the same sentence Is WPA3 encryption. Obviously you want to move beyond WPA2 and WPA, for sure, or web, heaven forbid, but you want to be into W3 encryption. Install MAC filtering, not install it. Implement MAC filtering as much as you can with your authentication and then also disable SSID broadcasting. Again, ssid broadcasting there's a lot of people say that's just kind of a waste of time, but it does add. It does hide the network a little bit. If someone really truly wants to find your SSID, they can easily find it, but it does for the most people that are just kind of surfing by. If you hide it, they won't know that it's there. It just does add a little bit more complexity on your end. The added security value is very limited. It's more of a placebo in many cases.
Speaker 2:
So let's deal with cellular networks. So these are the network infrastructure that we operate on from a wireless standpoint. Now you want to consider encrypting the data using 3GPP standards, which is your LTE 5G environments. As well as you want to protect against any sort of interception of these communications, you want to deal with secure authentication methods as much as you can, and this would be SIM-based encryption, so your SIM that connects to your phone. You want to ensure that that is tied specifically to you and it has SIM-based encryption enabled. Most of these carriers I don't I think all of them have this level in place. I would say I don't know how that is when you get outside of the United States, but there's some recommend there's a lot of that has been pushed here in the United States of what level of encryption they have to have in each of these mobile carriers.
Speaker 2:
Now, what are some of the main components of a network, a cellular network? You have your mobile device, obviously, which you use, your base station, which is your cell tower that you connect to, which are all over the place, your mobile switching center, which is where it routes calls and manages your network access. This is the thing that everything goes into, much like the old days of having a switching network. Then you have your packet core network Now, your packet core network. This handles data traffic and connectivity to the internet. And then you finally have your public switched telephone network. Now this is your PSTN. This is where traditional landlines and voice calls will come into. So your cellular network components. Those are the main pieces to it. Obviously, there's a lot of little sub pieces to it, but that's the main part of it.
Speaker 2:
Now your network security improvements. What came with 5G? Stronger encryption, obviously for AES-256, for key management, mutual authentication Again, the device will authenticate with the network and vice versa, and it has to do that with your 5G and your LTE did not have to do that. Network slicing. Security does isolate different traffic types to prevent cross-contamination, which in the old days you used to be able to potentially hear somebody else's conversation with your phone. You'd be like, yeah, what's going on, joey? No, but that has been. Obviously with 5G that has stopped that. And then they've migrated to a zero trust architecture which assumes all traffic must be verified before trust is granted. Again, those are key factors that roll into it. And as we get more and more capability granted, again those are key factors that roll into it. And as we get more and more capability, security has become a bigger factor. With all of these networks and I am not an expert at all on cellular environments you could just have a whole knowledge gain, just knowledge understanding, with the cellular space and all the security that goes into that capability. But it has allowed us to be much more mobile and it allows us to do things that we in the past could never even dream of doing.
Speaker 2:
Okay, endpoint security. So the endpoint security is the last line of defense. As you're looking at different types of things to protect your endpoint. These provide various applications, are providing security for you. So, antivirus to endpoint detection and response, or EDR, you want to have. How do you protect your environment? Now, antivirus again, it's a requirement in most places and I would say it's migrated from the old days of Norton AV to a much more robust platform such as, like an EDR type solution. Microsoft has their Defender, which is an EDR type product, and we'll do more than just look for signatures based on an AV type situation. I can't really explain what I'm trying to say, other than to say that most viruses will have a digital signature and the AV traditional AV just compares the digital signature to the overall virus itself and then flags it if there's a problem. Obviously it's moved on beyond that from when it was originally out, but AV is a lot like that. The EDR solution is looking more than just a signature. It's looking for behavioral analytics of what the device is doing, what the potential communication path is doing. So it's a much more robust environment.
Speaker 2:
You need to also consider endpoint device encryption, and I would also put on here the one thing that I didn't put on the slide is an MDM type environment, which is your mobile device management solution. This will then control the mobile devices. It does allow for the encryption. It also allows for wiping. Remote wiping is an important part of any enterprise. You have people that come and go from your network. You want to have the ability to get rid of them and to delete the device if they keep the device. I don't mean like take them out and shoot them, kind of thing. No, you don't get rid of them that way. You just get rid of them. The fact that if they have a connection to your network and they keep the device and they leave, you have the ability to remote wipe the device. It's an important thing you should consider with all enterprises. Edr has in it. You know IDS type things, scanner and alerting software is all built into it. You do want to look at an EDR solution of some kind, Active Directory Integration. This is where you have global groups, vpns and IPA sec tunnels also as well. You want to have all that integrated within your endpoint security as much as you possibly can.
Speaker 2:
Last thing is Warranty Support. So this ranges from software, hardware and associated applications. You want to consider what is the level of what's going on from your devices and what kind of support do you have from a warranty standpoint? You buy all this hardware. What's the level of warranties around it? You have to have the ability to keep tabs on that as well, because this stuff will get out of hand real quick and you'll forget. Do I have warranties on this? What's going to happen? I don't know, will get out of hand real quick and you'll forget. Do I have warranties on this? What's going to happen? I don't know. Those are an important part and you really need to understand if you need to extend the life of some of this hardware. What are some of the warranty aspects you should do Now?
Speaker 2:
If you do go and want to extend warranties beyond that, there will be costs associated with doing that. These costs can be embedded into overall costs of the product itself and they can be extended as the time goes on. Typically, warranty costs when you're dealing with purchasing a product. They are a line item in the purchase of the equipment. They may or may not be able to be used or they may or may not be able to be removed from your cost, but they're typically a line item that you may see when you purchase a piece of equipment is a warranty that's added to it. They typically typically do not cover physical damage. So what it means is is that as people are moving systems around and they get dropped, they get dented, whatever it might be, this will not protect from physical damage that may occur.
Speaker 2:
Hybrid warranties can cover things that other things that exist, but you need to be very careful of the fine print on any warranties that you would purchase for any devices that you have. They can be invalidated very quickly for malware or ransomware incidents If you have something that so like just say, you have a thousand devices and a ransomware comes in and you're like, oh my gosh, I got to get rid of all these devices. I can't blow them away because I don't know if the software is still on these hard drives. So therefore, we need to get all new equipment. Just buy new equipment. We'll put it under warranty. Well, they may not do that because they say, well, it's a ransomware attack and you're going to throw them away. They could be good. You could just re-image them. Even though you don't feel comfortable, it's not our problem. So you need to be aware of that. If there is a malware or ransomware event and you have warranties on your hardware equipment, you want to make sure that it does not invalidate your warranty if you have an incident. So again, you need to look at that from a standpoint of is that valuable to you or not? Okay, so that's all I have for you today.
Speaker 2:
I hope you guys got a lot out of this podcast and a lot out of this training. You can go to CISSP Cyber Training and get access to all my content at CISSP Cyber Training. It's all there and available for you. You just got to go download it. It's there. So if you want to have access to me, I've got mentorship training that's available specifically to help you. You can gain access to that as well. So there's all kinds of things that you can get at CISSP Cyber Training. I highly recommend you go to it. If you're looking to pass your CISSP, go check it out, and if you don't want to buy anything, that's fine too. There's free stuff that's available to you as well.
Speaker 2:
My blueprint will help you, though. I guarantee you get the studying that you need to help you pass the CISSP in the timeframe that it meets your goals. Again, I got a three-month, a four-month, a five-month blueprint that will help you based on your needs specific to what you have to do. If you have to work late at night or work during the day and you don't have time to study at night, the three or the four or five month will help you with that. If you want to get it knocked out as fast as you possibly can, the three-month blueprint will be what you need to get it done, and you can cram all this in even to a month if you need to. But again, people have lives. That's the thought process behind the blueprint was that you have some sort of life outside of what you're doing right now. All right, that is all I have for you. Head on over to CISSPcybertrainingcom or head over to RenewCyberRiskcom and you can get access to lots of information and content that's over there as well from my consulting side of the house. All right,
CISSP Cyber Training Academy Program!
Are you an ambitious Cybersecurity or IT professional who wants to take your career to a whole new level by achieving the CISSP Certification?
Let CISSP Cyber Training help you pass the CISSP Test the first time!
