Really getting back into this and learning somethings. Which is nice! It’s good to learn. The great thing about independent study is that its hard to stop the flow of information on the internet. Some times learning things can be difficult because of acquiring information. You know people are always like “that’s the stuff they don’t teach you in high school” then at the same time don’t put much effort into learning about causes and design and so forth. Which is totally fine but I will say the people that try to learn the stuff that “they don’t teach in high school” generally don’t complain about it because they are aware of the level of passion for understanding and learning in society. I mean, seriously the catholic church is a thing but it’s also an institution of mankind, so make of that what you will, however the dark ages happened and it was a time when information was stopped to preserve the power of the Catholic Church. Scientist and theologians where both equally persecuted for questioning current doctrinal beliefs that left the papacy in the form of being ‘god’. It was hundreds of years before society actually progressed during the time of the renaissance. Thanks in no small part to the Medici’s of Florence and most notably papal sponsorship of fine art. Anyway, that’s neither here nor there. We live in a time when there is so much information available to make us better, more aware and more socially responsible people. A lot of talk about racism floats around these days though and you often have to take a look at what that really means and the causes. So many people claim to not be racist while putting forth obviously obsessive racist ideals because they think a culture harms their way of life. This is really alarming to me because its often disguised in the form of a plate of cookies or something and mean while there are people that bring ideas forward about jumping on a band wagon instead of trying to figure out what’s going on in the world. Understanding basic theology, philosophy and historical narrative in terms of events and art being made is vastly undervalued. We often trade that for some trite narrative of control or needing to seem important for no reason. There are lots of people that are very aware of this and its the same thing that lead to the dark ages. Personally, I don’t really give these people much mind as they have no intention of hearing what I have to say or what any book or painting may have to say. Its a haphazard form of senseless arrogance. Sound like any other group of people? Anyway, I digress into saying that there is a difference between ‘job security’ and malicious behavior.
So, lets get into some questions.
You know, at first I thought “why would a non-credentialed scan be worse than a credentialed” and I was all I guess I should check that out.
This clearly states Does not disrupt operations or consume too many resources because the scan is performed with credentials which indicates that the non-credentialed scan is more likely to harm infrastructure.
I have a hard time discerning the granular detail of difference between ‘Mission-essential function’ and ‘Identification of critical systems’ and really I think this is like a high school wording question.
Any way, I found this to be helpful: Business Impact Analysis (BIA) as part of your Cyber Security Plan
So, there is a typo in this one with the the access the server, I’m assuming it should be ported to How do you access the server… regardless TLS is not tied to a port so im not sure why I committed to that choice. Anyway, this has a lot of information I found helpful
Transport Layer Security (TLS) looks like there is alot of information on this that might be useful to go through beyond this so I’m going to bookmark it.
There are still some questions to be answered: TLS is the updated version of SSL but SSL is tied to a port?
How Is SSL Different From TLS? TLS (Transport Level Security) is an updated version of SSL. The original SSL protocol was created by Netscape in the year 1995 and it was made public as ‘SSL 2.0’. Since then, updates have been made in order to ensure a powerful and secure connection. In the year 1999, ‘TLS 1.0’ was released which was an update to ‘SSL 3.0’. Since that time, TLS is the primary encryption technology that is used for securing data that is transmitted over the internet connections and SSL. However, as the term ‘SSL’ is more popular, widely known and recognized, the technology is known as SSL.
Basically they are saying if the traffic uses port 443 its a secure connection, which they label ‘SSL’, kind of annoying but whatever.
Im not sure I know what SRTP is or SIPS but I had heard of SIPS so I went with that one. Anyway, I guess I should figure that out.
- SRTP – Secure Real-time Transport Protocol (SRTP) is a Real-time Transport Protocol (RTP) profile, intended to provide encryption, message authentication and integrity, and replay attack protection to the RTP data in both unicast and multicast applications. Uses AES for encryption.
- SIPS – a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications. SIP is used for signaling and controlling multimedia communication sessions in applications of Internet telephony for voice and video calls, in private IP telephone systems, in instant messaging over Internet Protocol (IP) networks as well as mobile phone calling over LTE (VoLTE).
While SIPS doesn’t seem to indicate that its a secure protocol in its self, it does note that For secure transmissions of SIP messages over insecure network links, the protocol may be encrypted with Transport Layer Security (TLS). For the transmission of media streams (voice, video) the SDP payload carried in SIP messages typically employs the Real-time Transport Protocol (RTP) or the Secure Real-time Transport Protocol (SRTP). which leads me to wonder if all connections are normalcy SIPS on PBX and then using additional encryption methods.
First of all, I wasn’t really sure what a Online Certificate Status Protocol (OCSP) was based only on OCSP. However it is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The “request/response” nature of these messages leads to OCSP servers being termed OCSP responders
So a CRL is a better choice for traffic reduction? I don’t find any thing that seems to indicate is problematic but a CRL does seem to be the standard for this function.
Well, after the long dramatic intro, I’ve learned a few things. Reminded myself of a few thing and overall garnered a stronger idea of what it is I’m looking at with Security+ information and every time I go through and blog this stuff I’m reminded that this is a great cert with tons of information that I want to learn!