Almost through the questions I missed the first go round, again. I think I’m in the 70-80 precent range but its possible its worse. Hoping not but I’m going to keep going through this lot of 250 till I’m in the mid 90’s before going through everything again and then hope I’m in the mid 90s there but that’s probably not going to happen. Anyway, getting much better at explaining answers and understanding what’s going on rather than being like uhaaa I think its that one but I cant really tell you why. So that’s good. Anyway, got some more questions tonight.
I’ll be real, I mean, I’m not the best with things like port numbers and in practice. Never mind, any way what I was saying was that that everyone knows SSL uses 443 and that was the wrong answer but I don’t know what port number some of these use and you know, I wont remember them most likely but whatever, A for effort!
Stelnet – this is actual STelnet which is supposed to be secure telnet and uses port 423
SCP – 22
SNMP – SNMP uses UDP as its transport protocol. The well known UDP ports for SNMP traffic are 161 (SNMP) and 162 (SNMPTRAP)
FTPS – FTP/S commonly runs on port 990 and sometimes on port 21, the primary difference being that port 990 is an Implicit FTP/S, and port 21 is an Explicit FTP/S. If a client connects to an FTP/S server on port 990, the assumption is that the client intends to perform SS
SSL – By default, HTTPS connections utilize the ‘TCP port 443’ whereas the HTTP connections (not secure ones) utilize ‘port 80
SFTP -SFTP (SSH File Transfer Protocol), not to be confused with FTPS (Secure FTP), runs on top of the SSH (Secure Shell) protocol and by default uses port 22 for communications
Welp, that’s that one. SFTP and SCP which seem like they should be the same thing but are not some how.
Jeez oh pete how the fuck, thats a long list of things. I took at stab at certificate pinning as I wasnt sure if mutal authentication was common but really, im not sure what that even is. So this is like, work.
lets start by defining stuff
key rotation – generally speaking, this is generation of new encryption keys that is a manual process unless you use a third party vendor, from what I understand.
mutual authentication – basically anything thats ssl/tls provides mutual authentication which PEAP “The difference is: PEAP is a SSL wrapper around EAP carrying EAP. TTLS is a SSL wrapper around diameter TLVs (Type Length Values) carrying RADIUS authentication attributes” so it fits the bill here and you basically can look up if something is ssl/tls to find out if it works under these conditions.
certificate pinning – there are lots of sites for this and it seems like its for mobile apps to associate with an x.509 host so its not applicable in this case
Screwed this up again so lets go through it, one more time!
Rule-based access control – Under Rules Based Access Control, access is allowed or denied to resource objects based on a set of rules defined by a system administrator. As with Discretionary Access Control, access properties are stored in Access Control Lists (ACL) associated with each resource object. When a particular account or group attempts to access a resource, the operating system checks the rules contained in the ACL for that object
Role-based access control – Essentially, RBAC assigns permissions to particular roles in an organization. Users are then assigned to that particular role. For example, an accountant in a company will be assigned to the Accountant role, gaining access to all the resources permitted for all accountants on the system. Similarly, a software engineer might be assigned to the developer role.
Mandatory access control – MAC takes a hierarchical approach to controlling access to resources. Under a MAC enforced environment access to all resource objects (such as data files) is controlled by settings defined by the system administrator. As such, all access to resource objects is strictly controlled by the operating system based on system administrator configured settings. It is not possible under MAC enforcement for users to change the access control of a resource.
Discretionary access control- under DAC a user can only set access permissions for resources which they already own. A hypothetical User A cannot, therefore, change the access control for a file that is owned by User B. User A can, however, set access permissions on a file that she owns. Under some operating systems it is also possible for the system or network administrator to dictate which permissions users are allowed to set in the ACLs of their resources.
Maybe I understand it now.
Is it just me or does it seem that Kerberos is more likely to use a PKI? Its just me? ok then. But like is SFTP not left over from dial up? Oh you said that the specific internal function that kerberos provides has nothing to do with encryption and is a dumb answer? shit. Ok, welll then. SFTP was first started in 1997? Humm, well then I guess it varies by version SFTP Public Key Authentication. SAML is off the table and SIP is like basic voip shit. IPSec doesn’t really have anything to do with this either. So, ok.
It seems like firewall logs would have more info than a system that attaches to a firewall to monitor traffic but maybe that’s just me. There’s also not a website to point to prove this but ok.
Starting to get a handle on things but there is still lots of detail to get into and I would like to understand it all. At first I was kind of erring on the side of that being unimportant and that I should get this done as quick as possible. While not being wrong, I would rather actually know all the material, go through answers to the questions and explain why each answer is wrong or write and also say ‘this is a bull shit question’ rather than knowing ‘oh this one is WPS and I have no real reason for understanding why its not the other answers.’ Its not totally lazy but it doesn’t indicate that you actually know the material and it makes passing the test less likely given that the material in the pretest isn’t on the actual test. Besides, for some reason my brain is more analytically functional than based on memorizing random things so it works better for me. Anyway, working from home for the next two weeks and I have no idea what will happen next but given that airports are all having a tough time, it may not be a good idea to buy a bunch of stuff I don’t need presently. Lets do some questions.
I even recall seeing something about using eap-peep-mschapv2 to get this done as well but its really complicated and the question doesn’t say that your pushing a wireless configuration out. The funny part is that the 802.1x has nothing to do with authentication at all but is how the router is set up as a radius client.
So lets look at how they are authenticating and using encryption with WPS is set up. I know a lot more about the 802.1x for sure as its more modern and hardened. Anyway, looking at WPS stuff. Right away I’m on this website, Advantages & Disadvantages of WPS (WiFi Protected Setup) and im learning that you can walk up to the router and push a button to connect to it:
PBC (Push button configuration) Method, in which the user simply has to push a button, either an actual or a virtual one, on both WPS devices to connect.
PIN (Personal Identification Number) Method, in which a PIN has to be taken either from a sticker label or from the web interface of the WPS device. This PIN will then be entered in the AP or client WPS device to connect.
Clearly if physical security is an issue this isn’t a great set up but ok.
WPS can sometimes simplify the connection process. Here’s how WPS connections can be performed:
First, press the WPS button on your router to turn on the discovery of new devices. Then, go to your device and select the network you want to connect to. The device is automatically connected to the wireless network without entering the network password.
You may have devices like wireless printers or range extenders with their own WPS button that you can use for making quick connections. Connect them to your wireless network by pressing the WPS button on the router and then on those devices. You don’t have to input any data during this process. WPS automatically sends the network password, and these devices remember it for future use. They will be able to connect to the same network in the future without you having to use the WPS button again.
A third method involves the use of an eight-digit PIN. All routers with WPS enabled have a PIN code that’s automatically generated, and it cannot be changed by users. You can find this PIN on the WPS configuration page on your router. Some devices without a WPS button but with WPS support will ask for that PIN. If you enter it, they authenticate themselves and connect to the wireless network.
A fourth and last method also involves using an eight-digit PIN. Some devices without a WPS button but with WPS support will generate a client PIN. You can then enter this PIN in your router’s wireless configuration panels, and the router will use it to add that device to the network.
Not really any other questions with WPS.
My first guess was Symmetric algorithm but I wasn’t really sure if Elliptic curves where block ciphers but I may be miss understanding something and wanted to investigate. So the first place to start is here: Stream cipher and the first line says:
A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream).
So any thing asymmetric is a block cipher, i’m assuming? If we look at this: Block size (cryptography), it states that
In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. Block ciphers operate on a fixed length string of bits. The length of this bit string is the block size. Both the input (plaintext) and output (ciphertext) are the same length; the output cannot be shorter than the input – this follows logically from the pigeonhole principle and the fact that the cipher must be reversible – and it is undesirable for the output to be longer than the input.
So this is kind of a bull shit question but ok. It is possible that is the answer. Anything that uses public key or asymmetric encryption I’m going to assume encrypts at a point in time when the data is complete and processes the entire thing rather than blocks of information.
I think Oauth should be able to do this so lets find out! This first link was the most helpful and is the only one I really want to share The Difference Between SAML 2.0 and OAuth 2.0
As you read through it you start to realize what people are using SAML for and that if you read OAUTH documentation it does fit the bill however its not really used for the type of access its describing. Yes, i realize that it says API and that this OAuth 2 Simplified say that the API is the resource but its a really generic term that a lot of people don’t really understand what it is and the first part of that indicates that its a web server: Representational state transfer and SAML is the standard for that. So, OAUTH will work, making this slightly shady question but SAML is normally used for web server authentication.
Anyway, sorry for sharing so many links but the important part was the REST in front of the API. Also here is a helpful grid from the graph where they are comparing the two (the first one) and explaining the common use cases:
Are they going to throw in another ‘fun’ question with a similar scenario that is total crap? Who knows but I agree with this one based on the general consensus internet has to say about it.
I think I’ve covered this before and SHA would be my first guess but it says supported by a wide range of systems and I think SHA is newer than AES which is why I picked AES. Anyway, wanted to cover that again. Well according to this, SHA-2, it was first released in 2001 so I think its a safe assumption that it should be in wide use. The original SHA was released in 1993 and it does say its faster than AES. Given what we now know about the modes of AES and how it works, I can for sure see why. Given the option I’m not sure why you would pick anything other than the best form of SHA2 that you could use. Given that, some sites report that AES is the most commonly used encryption. However, this says hashing. Which you could use AES for but there is a great note about that in this: Why AES is not used for secure hashing, instead of SHA-x?
Summary: not only are block ciphers and hash functions quite different; but the idea of building a hash function out of the AES turns out to be of questionable validity. It is not easy, and the limited AES block size is the main hindrance.
The duplicate bits is interesting too. Clearly, I don’t really know what I’m doing yet but I would like to take a look at that anyway. Are they saying hash collisions or it expecting, a hashing algorithm, to detect file contents and eliminate duplicates? No, I think it means that no file hash duplicates with the algorithm used. For more info check this out: Why haven’t any SHA-256 collisions been found yet? and what they mean by collisions is duplicate hashes.
I find this confusing as with a x.509 certificate I thought part of a browsers acceptance was checking the CRL. As per the x.509 wiki
X.509 and RFC 5280 also include standards for certificate revocation list (CRL) implementations. Another IETF-approved way of checking a certificate’s validity is the Online Certificate Status Protocol (OCSP). Firefox 3 enables OCSP checking by default, as do versions of Windows from at least Vista and later.[4]
So, I mean maybe but ok. Get a CRL or cross check it. Maybe I’m not understanding something however it does seem like the clear cut choice. However, maybe its self signed? No… it says small public…
To be real honest, I don’t know what these ports do I should figure that out but I think I understand the first part of the answer.
port 389 – Lightweight Directory Access Protocol
port 636 – Lightweight Directory Access Protocol over TLS/SSL (LDAPS) (official)
So that makes sense now because the traffic needs to go over TLS.
So I’m not sure why its using radius if these are not wireless clients as it doesn’t say wireless clients because I’m typically used to seeing it set up like that in MSFT land. After reading a ton of stuff, long story short TACACS+ and Radius is the way to go. LDAP and MSCHAPv2 is possible but that’s really not a good set up. According to Juniper Understanding Central Network Access Using RADIUS and TACACS+
What About Using LDAP For Authentication? Lightweight Directory Access Protocol (LDAP) is a client/server protocol used to access and manage directory information. It reads and edits directories over IP networks and runs directly over TCP/IP using simple string formats for data transfer. Directory servers include information about various entities on your network, such as user names, passwords, rights associated with user names, metadata associated with user names, devices connected to the network, and device configuration.
Use LDAP to obtain directory information, such as email addresses and public keys. If you want to make directory information available over the Internet, this is the way to do it. LDAP works well for captive portal authentication. However, LDAP does not implement 802.1X security easily. 802.1X was essentially designed with RADIUS in mind, so 802.1X challenge/response protocols like MSCHAPv2 work well with RADIUS.
And currently I haven’t figure out why, in your spaghetti, that you use TACACS+ instead of MSCHAPv2 but im working on that. Ok, none of this really makes much sense, at all and there is no real answer but Radius and TACACS+ work great together, for this question. However, there could be another that says Radius and MSCHAPv2 or something like that but I think there’s an issue with the strength of encryption if implemented like that so it would be like eap-peep-mschapv2. However, that’s generally the implied thing anyway. Wow, sometimes this stuff makes no sense and I imagine fair questions are hard to write. The thing this question leaves out is that TACACS+ is Cisco proprietary tech according to this TACACS+ Protocol but that appears to be bad info per the wiki page that says
Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services. TACACS+ have largely replaced their predecessors.
So at the end of the day, this shit, like all tests, is confusing and the answers are some times not using standard logic as there … two web sites with conflicting info on who owns the tech…
Not sure if I understand what they mean by ‘fixed length’ but one would assume a block cipher that fills the blocks with nonsense. So the question no is why the fuck would you not want to unencrypt something? So what they mean is using this for hashing rather than encryption, which is hella confusing as the algorithms can do both, apparently. That said, which per the wiki, this seems to indicate that its used more for hashing where is AES is for sure an encrypting protocol Does MD5 hash or encrypt its string? and they say its irreversable but there are apparently rainbow tables all over that can crack md5 hashes but the value is always 128 bits no matter what the input is. So hopefully, this info is pretty standard and I can always rule out md5 for anything but hashing.
I was really confused by this because I hadn’t heard of any authentication protocol granting users rights but it is TACACS+ and I’m pretty sure its the only one that does that. The interesting note is this is on a site that suggest that its not available for use outside of Cisco tech when one of the links I found was for Juniper and I don’t think they are owned by Cisco. Anyway, TACACS+ Protocol
To ease this task to some extent, Cisco ACS (Access Control Server) is used. ACS provides a centralized management system in which the database of username and password are kept. Also, authorization (means what the user is authorized to do) can be configured. But for this we have to tell the router to refer to ACS for its decision on authentication and authorization.
So, what they may mean by it being proprietary tech for AAA frame work is that this part only works on Cisco routers? Not very clear and the Cisco doc’s on this are not quick reads with basic information. It’s all config docs. blah!
Yeah, thats 802.1x for sure, radius server with the routers as clients. But how is that different from Radius federation? What I’m getting is that its a transitive authentication between domains. I think what they mean is a federated trust between domains where the one your on uses Radius authentication. for more info Federated identity and What is federation with Azure AD?
Again, this is hashing vs encryption with sha2 being a hash function and AES being used for encryption as, noted above. However, why not use RSA? How does RSA and AES differ?
Well, it says 3rd party and that would require an additional key gen as RSA is asymmetric. Hopefully I will remember this haha
Alright, thats all for now. Time to go through some more questions I missed and then possibly repost questions while getting into more granular detail until I feel good about spending over 300 dollars on testing haha
This is the next part of the 5 questions that one of which took about a week to do and I still feel like I should go back over the authentication portion of the AES modes but ill get to that. I mean, it was basically a post on one topic which I haven’t really done since my 2012 MCSA and I enjoyed it. It took along time but I had fun. Which I suppose its more fun to act like a weird teenager than study? Am I, the weird one here? Not sure. So here we go,
So at this point, not a lot of questions for me on this because SHA is basically good for almost everything but I’m not real sure on what the hell RC4 is or why HMAC is bad for TLS certificates and I would like to know. I would also like to know what version of SHA works with this. Yes, I realize I’m drilling down at this point but to be honest, I would really like to pass this test and beyond that I think learning is fun and it seems to provide for some manor of social security in the form of being employable.
Now moving on to HMAC and while looking for info I came across this OWASP doc about TLS that looks really handy Overview of TLS v1.3
Anyway, back to TLS, x.509 certs and HMAC/SHA. Now, it looks like this doesn’t apply to TLS 1.3 but 1.2 and older does use HMAC-SHA for data integrity and that’s basically the only info I can find. the Data Integrity grab is from the wiki on TLS and the other one on validataing an intermdeiate certificate (different from data validation, I think?) is from the X.509 Certificate wiki
Either way, encryption and hashing is a weird thing and I get that SHA is the answer even though there are not very clearly defined parameters as to why.
This seems tricky because you think a certificate has to be signed by a public CA so you want to pick that and when looking around I’m not finding any info on other types of certificates that public CAs offer. For example, poking around the GlobalSign website, I find no info on anything and it would appear they are all X.509. Its also worth noting that an X.509 certificate is checked when accepted by the end users browser by the public signing authority so a private CRL isn’t necessary. This is different from Kerberos in that you have to have an internal KDC to validate authentication. Honestly, I should get more into understanding token generation and so forth in Kerberos for me to fully understand that but its mentioned on the wiki for CRL. So the answers wording is a little tricky but haha at the end of the day an x.509 cert and TLS is the most modern security for info exchange that a website can offer.
This one, I’m obviously completely unclear on but lets give it a go as to explaining this. This isnt AES or TLS but rather internal validation when connecting to a WAP.
Lets start with the basics this is an IAS server, better read up on that, ok so its a Windows Server configured as an NPS server with Radius on it. The thing that gets confusing here is that the correct answer is always the last one for some reason. Like I think EAP and PEAP are set up on the NPS are the MSCHAP is set up on the WAP. This answer is actually very clear and in a document on MSFT DOCs. Deploy Password-Based 802.1X Authenticated Wireless Access
EAP, PEAP, and PEAP-MS-CHAP v2
Extensible Authentication Protocol (EAP) extends Point-to-Point Protocol (PPP) by allowing additional authentication methods that use credential and information exchanges of arbitrary lengths. With EAP authentication, both the network access client and the authenticator (such as the NPS) must support the same EAP type for successful authentication to occur. Windows Server 2016 includes an EAP infrastructure, supports two EAP types, and the ability to pass EAP messages to NPSs. By using EAP, you can support additional authentication schemes, known as EAP types. The EAP types that are supported by Windows Server 2016 are:
Transport Layer Security (TLS)
Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)
Important
Strong EAP types (such as those that are based on certificates) offer better security against brute-force attacks, dictionary attacks, and password guessing attacks than password-based authentication protocols (such as CHAP or MS-CHAP version 1).
Protected EAP (PEAP) uses TLS to create an encrypted channel between an authenticating PEAP client, such as a wireless computer, and a PEAP authenticator, such as an NPS or other RADIUS servers. PEAP does not specify an authentication method, but it provides additional security for other EAP authentication protocols (such as EAP-MS-CHAP v2) that can operate through the TLS encrypted channel provided by PEAP. PEAP is used as an authentication method for access clients that are connecting to your organization’s network through the following types of network access servers (NASs):
802.1X-capable wireless access points
802.1X-capable authenticating switches
Computers running Windows Server 2016 and the Remote Access Service (RAS) that are configured as virtual private network (VPN) servers, DirectAccess Servers, or both
Computers running Windows Server 2016 and Remote Desktop Services
PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS because user authentication is performed by using password-based credentials (user name and password), instead of certificates or smart cards. Only NPS or other RADIUS servers are required to have a certificate. The NPS certificate is used by the NPS during the authentication process to prove its identity to PEAP clients.
This guide provides instructions to configure your wireless clients and your NPS(s) to use PEAP-MS-CHAP v2 for 802.1X authenticated access.
So anyway, you you have to put MS-CHAP on the access point and the back end framework of EAP-PEAP handles the rest.
All right, well I think thats all for tonight. Wait, no theres one more.
My first thought when I look at my answer is that EPA-TLS doesn’t really make any sense. Lie I’m not sure that’s a real thing. Like it seems like more stuff should be involved that simply EAP rolled into TLS, which should use an x.509 certificate and how are you verifying that? Anyway, there’s a MSFT article Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS and it looks like the kicker is with TLS the certificate is stored locally on the machine and with EAP-PEAP that they are calling PEAP, its on the server and tied to an AD account.
Ok, so that really is all for the night. I learned a lot and I feel like I’m finally making headway on this stuff and learning information that I can use to answer questions that are not covered on this pretest and I have a feeling that will be most of the questions on the actual test. Now lets hope I hear something positive back from that interview because things are kind of crazy with my current employer due to virus concerns. Great time to be looking for a job with the economy tanked but I’m sure I’ll be ok either way. If not good old nihilism kicks in.
Well, I started back through the questions that I missed the first time around and I can tell you I have for sure learned a ton. I’m able to explain concepts that I wasn’t able to before and rationally provide answers rather that give a letter answer because I memorized that as being the answer. So that’s good. I got through 50 questions and realized that there where about 5 that I wanted to blog and legit got about 3 wrong. So far so good. However, if I remember correctly the last half of the 250 that I missed where much harder. I’m going to kind of take my time with it but I’m hoping to get through that set and find out I’m some where in the 90s on the questions I missed the first time. You know, its like a check and re check and the recalibrate and so forth. I mean, 300 bucks is a lot of money to waste if you are not sure about some thing. At least for me. I also have an interview tomorrow. I dont expect it to go very far however I’m super excited that recruiters have started to contact me out of the blue for network admin type roles. Also, its worth noting that this started as several questions and then ended up being so much info about AES thats longer than a typical 5 question post that I cut it down to one post. If your new, prepare for shoe shine head
I got this right and I understand what AES is but I’m not sure that some of these are AES modes and I wanted to take a look at this. HMAC ‘just made sense’ but I couldn’t explain it back to my self. I didn’t like that so lets star at the top
Before you close the package and mail it, you make a copy of the photograph. No locked box this time, instead you brush over the copy with a concoction of liquid chemicals. Only you know the recipe (key) for this mixture, and anytime you brush over a copy, you use the exact same brush strokes. The mixture will swirl and blur the copy of the photograph into something resembling modern art; let’s call it an HMAC. You’re not exactly sure what it will look like after it dries, but you know that if you brush any two identical photos with the same recipe and the same brush strokes, the resulting HMACs will look the same. So you place the dried HMAC into the package along with the original photograph and send it off to Sarah. When you get the package back from Sarah, it contains what you hope is the un-altered original photograph along with what you expect is the HMAC you created and included with it. Take the photograph out of the package, copy it, and create another HMAC with that copy (apply your mixture/brush strokes). Compare the HMAC you just created with the HMAC that came back in the package. If they are identical, then you can be sure Sarah and the mail carriers did not alter the photograph. If Sarah had altered the photo, then the HMACs will not be identical. If Sarah had altered the HMAC, then the HMACs will not be identical. If Sarah had altered the photo, and tried to create a new HMAC, then the HMACs will not be identical (she doesn’t know your recipe). Thus you know if the photo (data) is authentic or not, which is exactly what HMACs are used for.
Basically, HMAC insures message validity. However, I still don’t understand how AES or how it interacts with other ‘modes’ so I have to figure that out. Also, it appears the key length for HMAC is 256 but as to how the data validation works as you move into harder to read stuff that seems to indicate they are using SHA256 for data validation with AES and that is a little confusing as HMAC seems to do data validation on its own.
There are tons of sites on this and I kind of had to look at, all of them I could find, to really kind of wrap my brain around this and I’ll go through each one of these. The thing is, none of them mention HMAC but AES is basically a framework that you actually use your algorithm with and I get that. I’m not sure how you inject the algorithm into the framework but personally I’m hoping you select it through a gui. This is one of the tricker parts of this exam, its mostly theoretical. Which is still cool. The other interesting note here is that AES has varying key lengths and I suppose we should figure that out. In addition its worth noting that H stands for hash and you can use MAC without that. The main 5 modes are really complicated to slim down and at the end Ill try to put a summary but this is one of the biggest single points of information that I have found while studying for pretty much anything in computers. I’m actually going to have to look at this and edit it to make sure that I made the points I wanted to clearly haha. That never happens! There is a thing I found on stack exchange that I found a helpful overview but it does not answer all the questions that could possibly come up on test. That said its a helpful starting point. Here is the link and prevalent information: How to choose an AES encryption mode (CBC ECB CTR OCB CFB)?
ECB should not be used if encrypting more than one block of data with the same key.
CBC, OFB and CFB are similar, however OFB/CFB is better because you only need encryption and not decryption, which can save code space.
CTR is used if you want good parallelization (ie. speed), instead of CBC/OFB/CFB.
XTS mode is the most common if you are encoding a random accessible data (like a hard disk or RAM).
OCB is by far the best mode, as it allows encryption and authentication in a single pass. However there are patents on it in USA.
There is more really good info on this about authentication methods too, which is contained in another comment. I’m going to share the the entire comment because its great! It is kind of a nightmare for formatting even though, for the first time ever, I clicked the ‘view source’ on a page and copied the HTML over. Have to check and see how wordpress likes it. Took some edits but it looks like its working, the italics note the start and end of the comment and for some reason the guy actually used a bold font and the start of the comments in ordered lists. Looks great, may do that in future posts. I try to use those to notate lifted information as much as possible and if you see me copying text and not doing that, please send an email and I will make the change.
Comparison of the modes
Encryption only:
Modes that require padding: Like in the example, padding can generally be dangerous because it opens up the possibility of padding oracle attacks. The easiest defense is to authenticate every message before decryption. See below.
ECB encrypts each block of data independently and the same plaintext block will result in the same ciphertext block. Take a look at the ECB encrypted Tux image on the ECB Wikipedia page to see why this is a serious problem. I don’t know of any use case where ECB would be acceptable.
CBC has an IV and thus needs randomness every time a message is encrypted, changing a part of the message requires re-encrypting everything after the change, transmission errors in one ciphertext block completely destroy the plaintext and change the decryption of the next block, decryption can be parallelized / encryption can’t, the plaintext is malleable to a certain degree – this can be a problem.
Stream cipher modes: These modes generate a pseudo random stream of data that may or may not depend the plaintext. Similarly to stream ciphers generally, the generated pseudo random stream is XORed with the plaintext to generate the ciphertext. As you can use as many bits of the random stream as you like you don’t need padding at all. Disadvantage of this simplicity is that the encryption is completely malleable, meaning that the decryption can be changed by an attacker in any way he likes as for a plaintext p1, a ciphertext c1 and a pseudo random stream r and attacker can choose a difference d such that the decryption of a ciphertext c2=c1?d is p2 = p1?d, as p2 = c2?r = (c1 ? d) ? r = d ? (c1 ? r). Also the same pseudo random stream must never be used twice as for two ciphertexts c1=p1?r and c2=p2?r, an attacker can compute the xor of the two plaintexts as c1?c2=p1?r?p2?r=p1?p2. That also means that changing the message requires complete reencryption, if the original message could have been obtained by an attacker. All of the following steam cipher modes only need the encryption operation of the block cipher, so depending on the cipher this might save some (silicon or machine code) space in extremely constricted environments.
CTR is simple, it creates a pseudo random stream that is independent of the plaintext, different pseudo random streams are obtained by counting up from different nonces/IVs which are multiplied by a maximum message length so that overlap is prevented, using nonces message encryption is possible without per message randomness, decryption and encryption are completed parallelizable, transmission errors only effect the wrong bits and nothing more
OFB also creates a pseudo random stream independent of the plaintext, different pseudo random streams are obtained by starting with a different nonce or random IV for every message, neither encryption nor decryption is parallelizable, as with CTR using nonces message encryption is possible without per message randomness, as with CTR transmission errors only effect the wrong bits and nothing more
CFB‘s pseudo random stream depends on the plaintext, a different nonce or random IV is needed for every message, like with CTR and OFB using nonces message encryption is possible without per message randomness, decryption is parallelizable / encryption is not, transmission errors completely destroy the following block, but only effect the wrong bits in the current block
Disk encryption modes: These modes are specialized to encrypt data below the file system abstraction. For efficiency reasons changing some data on the disc must only require the rewrite of at most one disc block (512 bytes or 4kib). They are out of scope of this answer as they have vastly different usage scenarios than the other. Don’t use them for anything except block level disc encryption. Some members: XEX, XTS, LRW.
Authenticated encryption:
To prevent padding oracle attacks and changes to the ciphertext, one can compute a message authentication code (MAC) on the ciphertext and only decrypt it if it has not been tampered with. This is called encrypt-then-mac and should be preferred to any other order. Except for very few use cases authenticity is as important as confidentiality (the latter of which is the aim of encryption). Authenticated encryption schemes (with associated data (AEAD)) combine the two part process of encryption and authentication into one block cipher mode that also produces an authentication tag in the process. In most cases this results in speed improvement.
CCM is a simple combination of CTR mode and a CBC-MAC. Using two block cipher encryptions per block it is very slow.
OCB is faster but encumbered by patents. For free (as in freedom) or non-military software the patent holder has granted a free license, though.
GCM is a very fast but arguably complex combination of CTR mode and GHASH, a MAC over the Galois field with 2^128 elements. Its wide use in important network standards like TLS 1.2 is reflected by a special instruction Intel has introduced to speed up the calculation of GHASH.
Recommendation:
Considering the importance of authentication I would recommend the following two block cipher modes for most use cases (except for disk encryption purposes): If the data is authenticated by an asymmetric signature use CBC, otherwise use GCM.
Anyway, I found this site to be the most helpful for an overall understanding so moving into key lengths may be getting ahead of our selves but there is so much to know about this that its as good of place as any to start.The difference in five modes in the AES encryption algorithm its also where I got the images from. So lets get into this and hopefully I’ll come out the other side of this having learned a few things.
This first one is (shockingly, HMAC isn’t discussed but it is clear that its possible to use in the AES framework) (directly copied text): ECB Mode- The ECB (Electronic Code Book) mode is the simplest of all. Due to obvious weaknesses, it is generally not recommended. A block scheme of this mode is presented in Fig. 1.
So they don’t really discuss the variables for these charts but I think we can make some assumptions that for some reason they decided to use ‘k’ as a variable for the actual encryption while P is the data being encrypted and C is the encrypted text. I’m not really sure if it actually breaks it into segments and then balls it up or how that works but I get the idea that its basic.
Here are some more lifted ideas about ECB: For example, if a ciphertext from the ECB mode is known to encrypt a salary figure, then a small number of trials will allow an attacker to recover the figure.
In general, we do not wish to use a deterministic cipher, and hence the ECB mode should not be used in most applications. In the database encryption, we can use ECB to encrypt the tables, indexes, wal, temp files, and system catalogs. But with the issues of security, we don’t suggest to use this mode.
As you can see “don’t use this is a running theme” while no one talks about HMAC. This is from a PDF that I will hopefully attach to this blog but if not you can find it here: MODES OF OPERATION OF THE AES ALGORITHM
ECB Mode of Operation The ECB (Electronic Code Book) mode of operation is the simplest of all. A block scheme of this mode is presented in Fig. 1. As it can be seen from Fig. 1, the plaintext message is divided in blocks (P1, P2, PN), where each block is encrypted separately with the same key (K). The results of the encryption are the encrypted messages C1, C2 and CN respectively. If the size of the message is larger than n blocks, the last block is filled with padding. In this mode, if an error occurs in one of the blocks, it is not propagated to the other blocks, which is why decryption is possible in the blocks that don’t contain an error [2, 6, 7]. According to [6], the encryption in this mode is deterministic, because identical P blocks will produce identical C blocks, which is why identical plaintext blocks or a message with the same beginning are easily recognizable. Also, the ordering of the C blocks can be changed without the receiver noticing. In general, this mode is not recommended for encryption of data that is larger than one block [2, 8]. In [3] it is strictly recommended not to use this mode at all, while [7] states that this mode of operation is wrong and abandoned.
Apparently the end results do come out ‘packaged’ some how and the packets can be moved around if they are the exact same block of text because the outputs all look the same which causes issues with data validation. Not spending much more time on this one. However, another note from the article mentioned in the intro paragraph is that ECB is 128 bit key length, if I’m understanding this right:
Remember to never choose this mode unless you only encrypt data smaller than 128 bit. Unfortunately it is still often misused because it does not require you to provide an initial vector (more about that later) and therefore seems to be easier to handle for a developer.
Anyway, lets move on to the next type of AES encryption mentioned in the first article, CBC mode
This one is a little more complicated and we have XOR data involved and I’m not really sure what that is, so lets investigate. After going through several websites I realized that I understand this at all and went to YouTube. I found this super helpful video that honestly I wouldn’t have found helpful if I didn’t have a baseline understanding of AES.
So now I sort of understand the XOR data, it kind of jumbles the info before it encrypts and then unencrypts the data, spins it and then it should be back. Clearly, you end up with more keys this way. In addition, here is what the PDF has to say about the mode:
In order to provide cryptographic security, every encryption of the same plaintext should result with a different ciphertext [6]. The CBC (Cipher Block Chaining) mode of operation (Fig. 2) provides this by using an initialization vector – IV [4]. The IV has the same size as the block that is encrypted. Fig. 2 presents the encryption process. First, an XOR operation is applied to the plaintext block (P1) with the IV, and then an encryption with the key (K) is performed. Then, the results of the encryption performed on each block (C1, C2, … , CN-1) is used in an XOR operation of the next plaintext block PN which results in CN. In this way, when identical plaintext blocks are encrypted, a different result is obtained. Also, using a different IV for each new encryption, an identical message will always be encrypted differently. It should be emphasized that the same key K is used in each of the encryption blocks. Figure 2: Scheme of the CBC mode of operation [2] An error in one of the plaintext block will propagate in all the following blocks and will be manifested in the process of the description [8]. Specifications in [8] recommend that the Padding method 2 is used in case padding is needed with the CBC mode of operation because it provides protection from some of the known PA (Padding Attacks). There are complex CBC attacks for which an unpredictable value of IV is needed in order to overcome them [2, 6]. In [7] it is emphasized that the CBC mode of operation is safe from CPA (Chosen Plaintext Attack) attacks (attacks in which the attacker chooses a set of plaintexts and is able to obtain respective ciphertexts) only if the IV has a random value, but not if the IV is a nonce (a number that is not repeated). The CBC mode of operation, besides its vulnerability to PA attacks, is also easily susceptible to CCA (Chosen Ciphertext Attack) attacks (where the attacker chooses a set of ciphertexts and is able to obtain respective plaintexts). According to [3], the encryption key has to be changed whenever condition (1) holds: ( 1) / 2 2 + << n q (1) In (1), q is the number of blocks that should be encrypted and n is the number of bits in the encryption blocks. In order to provide protection from CCA attacks in this mode of operation, it is necessary to use ÀÅ (Authenticated Encryption), where, besides the encryption, authentication is also performed [3].
I’m starting to get this one but I don’t know what the key length is which could come up on a test. There is also a basic overview of this one on TechTarget: cipher block chaining (CBC). This also gives us no information but I think its 128 bit based on this information:
If the key and iv are generated with another tool, you must verify that the result is hex-encoded and that the size of the key for 128 is 32 characters, 192 is 48 characters, and 256 is 64 characters. The hex-encoded iv is 32 characters in length. Hex encoding means that each character in the key and iv are converted to its hexadecimal equivalent. For example, the letter “A” is “41” in hexadecimal. Hex encoding eases the storage and transport of the key and iv because the non-encoded versions of these items can contain ASCII control character sequences.
After further research it looks like CBC can use 128 or 192 or 256, finally an answer in the form of a tool lol AES CBC encryptor
Now that we have covered a ton of basics that maybe we wont have to hit in the next mode, lets move on to CFB
This one looks similar but the data is actually being encrypted and then rotated before spitting out the final cypher. Similar but more complex. I’m going back to the basic link for some info on this:
First, CFB will encrypt the IV, then it will xor with plaintext block to get ciphertext. Then we will encrypt the encryption result to xor the plaintext. Because this mode will not encrypt plaintext directly, it just uses the ciphertext to xor with the plaintext to get the ciphertext. So in this mode, it doesn’t need to pad data. And it could decrypt data in parallel, not encryption. This mode is similar to the CBC, so if there is a broken block, it will affect all following block. This mode can be attacked by replay attack. For example, if you use the other ciphertext to replace the new ciphertext, the user will get the wrong data. But he will not know the data is wrong. It is safe from CPA, but it is easily susceptible to CCA.
Now we know sort of how it works, which to be honest probably wont be on the test but key length/size might be so lets find that out. There is no solid answer but it looks like 128/192/256 as well per a variety of sources. Also, the information from PDF seemed more confusing than helpful on this one
Ok, moving on to the next one, this one is supposed to be the best but has a patent on it in the US and that’s about all I know, so far. In addition I’m pretty sure I will never use this stuff at work as I still don’t use the stuff I learned 5 years ago in my day to day job, unfortunately. However, I honestly like to learn. It’s like going to gym for your brain and its hard to say you are not qualified with a bunch of letters and names next yours that are hard to acquire. Little trophies if you will. Anyway, this ones called OFB
So im going to go with some text right for the site I keep mentioning. Also, if not previously noted the other modes do pad blocks with additional text if they are not specific sizes. This is worth noting.
The OFB (Output FeedBack) mode of operation (Fig. 4) also enables a block encryptor to be used as a stream encryptor. It also doesn’t need padding data. In this mode, it will encrypt the IV in the first time and encrypt the per-result. Then it will use the encryption results to xor the plaintext to get ciphertext. It is different from CFB, it always encrypts the IV. It can not encrypt/decrypt the IV in parallel. Please note that we won’t decrypt the IV encryption results to decrypt data. It will not be affected by the broken block. It is safe from CPA, but it is easily susceptible to CCA and PA. A Mallory can change some bits of ciphertext to damage the plaintext.
So it encryps like ECB first, spins the data and then you have the output. There are two things mentioned in this that I would like to be aware of ‘mallory’ and ‘steam encryptor.’ I cant find a ton of info on this but I think the point being that its good to also sign the encrypted data with some form of hash to ensure a signature verification. On to the next part: Overview: Stream Ciphers vs. Block Ciphers
A stream cipher is an encryption algorithm that encrypts 1 bit or byte of plaintext at a time. It uses an infinite stream of pseudorandom bits as the key. For a stream cipher implementation to remain secure, its pseudorandom generator should be unpredictable and the key should never be reused. Stream ciphers are designed to approximate an idealized cipher, known as the One-Time Pad.
So I think the point being, timestamps are good, wait no…anyway, instead of having a block that has to be specific size it will encrypt the data one character at time. I kind of like what the PDF has to say about this one:
The OFB (Output FeedBack) mode of operation (Fig. 4) also enables a block encryptor to be used as a stream encryptor. As shown in Fig. 4, the difference between the CFB and OFB mode is such that, in the case of an OFB, as an input for the shift register from the next block, the output from the encryptor (Encrypt) from the previous block is chosen. At the same time, the XOR operation with the s-bits of plain text P uses only s bits from the encryptor. Encryption and decryption are the same operation [6]. If there is an error in a block during the encryption, while performing the decryption, it will influence only a part of the plain text that will result from that block, i.e. there is a limited propagation of error [2, 3]. Therefore, this mode of operation is often used in communication through media that carry noise (for example, satellite communications). According to [6], the IV should be a nonce. The guidelines given in [8] suggest that the IV should be chosen randomly and used only once with the given encryption key K. In [7] it is stated that security does not exist if the IV is a nonce, but the sequence generated by some counter is acceptable. The CFB mode of operation is vulnerable to attacks performed by modification of bits in the encrypted stream [2].</p>
This also notes how often you can use a key before a new one should be generated but given the amount of information we are consuming I have decided to leave that out in hopes that it will not be on the test as I have seen 0 test prep questions’s about key generation.
Moving on to the next one, last one. I think. Wow, I have spent a ton of time on this but I can’t say that I am not having fun. The logical reality of the scale of this is absolutely daunting. This one is CTR
And I like the text from the ‘high go’ site the best for this one as well.
At the CTR (Counter) mode of operation, shown in Fig. 5, as an input block to the encryptor (Encrypt), i.e. as an IV, the value of a counter (Counter, Counter + 1,…, Counter + N – 1) is used. It also is a stream encryptor.The counter has the same size as the used block. As shown in Fig. 5, the XOR operation with the block of plain text is performed on the output block from the encryptor. All encryption blocks use the same encryption key. As this mode, It will not be affected by the broken block. It is very like OFB. But CTR will use the counter to be encrypted every time instead of the IV. So if you could get counter directly, you can encrypt/decrypt data in parallel. A Mallory can change some bits of ciphertext to break the plaintext. In the database encryption, we can use CBC to encrypt all the files.
So it seems like its similar to the previous one but it uses a proxy or counter to reference back to. The PDF text basically says the same thing but a little bit more complicated wording.
Anyway, that’s all for now. Wow, this took forever but I did learn a lot and I feel much better about encryption in general. However, if left with the ‘Mallory’ question and wondering about the data validation that using HMAC with AES takes care of. I am happy to realize that all but ECB use 128/192/256 key sizes which I may intermittently call ‘block sizes’ which are different, sort of. Actually, I guess I didn’t look at key sizes for the last 2 did I. Hum, maybe I could say that now. Ok, it appears to be the same. For sure going to have to go back and read this later and possibly edit some things. For now though, I have shoeshine head for sure but boy was that great haha
Multi-part questions, tough but I will say that I saw some questions directly from these on the last test so its probably a good idea to at least understand them and probably have them memorized. So here we are. Then I have to start going through the questions that I missed the first round through the entire lot again and see how I’m doing. If I’m in the mid 90’s on those, ill go back through the entire lot and then see where am at. I’m not really feeling like going through slides tonight so I’m thankful to have some test stuff to blog.
Anyway, here’s this:
The cell phone is pretty obvious, maybe not the pop-up blocker or possibly GPS tracking. However, the server one is a repeated theme. I’m not really sure what a sniffer is, are they talking about a packet sniffer? I’m going to assume so. The proximity reader is for smart card access. Not like, detecting people near by. I once thought that but not recently haha
The only thing here thats not expected is the safe in the office. Not really sure what that is used for nut I should be able to remember this one.
This is debatable because while WPA2 Personal will work with LDAP it seems like it would be better to use enterprise. This is Security. Why are we worried about what wireless channel we are using when using WPA2 to authenticate with the server. Assuming we not setting them up as Radius clients. Which brings up the point, does WPA2 personal work with Radius? Assuming no but I should check that out and the reason for the channel. Also, im pretty sure that was the entire question and theres no answer as to what a AAA server is. WPA2-PSK does not use Radius. Pretty sure they mean the LDAP server by the AAA server as that seems to be an older term for an authentication server. Per this article the 11 answer is somewhat random Why Channels 1, 6 and 11?
You know, at this point one would think I would know this but I keep skipping over it so I don’t have to look at it and think. Yeah, raid 0 is no fail over on one volume on several disks, raid 1 is two mirrored disks, Raid-5 is 3 disk with parity data for one disk failure and raid 6 has twice as much parity data to tolerate a two disk failure in a cluster. The parity size does vary based on array: RAID 6 (redundant array of independent disks)
All right, No idea on this guy. I mean I haven’t really looked at it but dear god for the love of holy moses do I hate subnetting. I mean, I get it. Some people are great at this math nonsense and its not me. Does that make me less fun or viable. No, when was the last time someone didn’t use a calculator for this. Anyway, yeah IPv6, FML. Lets get to the question. You know, after actually reading the question its pretty straight forward. The only thing that might trip me up is using SCP instead of SSH. SCP (secure copy protocol) uses port 22. Why the hell they are using CIDR for anything in the source IPs is really annoying. Assuming its more than one machine but who knows. Who told them to do that? regardless, its literally, source, destination and maybe the port number and type of traffic. Which is TCP in both cases.
All right, that’s all for tonight. I think I’m going to buy some car tires in the morning. That’s stressful, for some reason haha
Still having some blogging to do. That last one was a a page turner haha. I mean, if your into learning this stuff. There are so many interesting sources of information on the internet that seen relevant and the issue with them is, how in the world am I supposed to consume all this. So, the goal is to find streams of information that seem accurate and relevant and I try to post links to that on here while keeping an eye on the encyclopedia of info that is free to use online. That’s the good and bad thing about the whole open source nature of CompTia exams. MicrosoftDocs is great but as you may have noticed they don’t have step by step tutorials with a lot of documented screen shots as vendors that integrate with their technology do. So anyway, lets get into study time and as previously noted, this is an exam study blog haha so feel free to click on stuff.
So these generic access control things kind of drive me nuts so while I understand MAC, I’m not quite clear on the others and wanted to back through that
Ok so before we get started I found this on Stackexchange and liked it: MAC makes decisions based upon labeling and then permissions. DAC makes decisions based upon permissions only. RBAC makes decisions based upon function/roles.
DAC – all these are confusing but here goes: Discretionary Access Control Discretionary Access Control (DAC) was originally defined by the Trusted Computer System Evaluation Criteria (TCSEC) as “a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)”. In practice the use of this terminology is not so clear-cut. In the strictest interpretation, each object controlled under a DAC must have an owner who controls the permissions that allow access to the object. Although many modern operating systems support the concept of an owner, this is not always implemented. In particular the standard does not cover “owners” leaving a problematic definition when group ownership occurs. also the objects in question have an ‘owner’ with read/write/permission control
MAC – Mandatory Access Control: this one is role defined in that rather than the object having users associated with it, the information has a label and the users have assignments of what labels they have access to is system-enforced access control based on subject’s clearance and object’s labels. Subjects and objects have clearances and labels, respectively, such as confidential, secret, and top secret. A subject may access an object only if the subject’s clearance is equal to or greater than the object’s label. Subjects cannot share objects with other subjects who lack the proper clearance or “write down” objects to a lower classification level (such as from top secret to secret). MAC systems are usually focused on preserving the confidentiality of data.
Role-based AC – You would think that MAC would have this name but it doesn’t. Any way, its pretty much the same thing but more granular
Rule-based AC – RuBAC (i think that PBAC P is for policy, is the same thing) honestly, im not sure the internet thinks this one is real for data access but I did find this pertaining to networking: With rule-based access control, when a request is made for access to a network or network resource, the controlling device, e.g. firewall, checks properties of the request against a set of rules. A rule might be to block an IP address, or a range of IP addresses. A rule might be to allow access to an IP address but block that IP address from use of a specific port, for example port 21 commonly used for FTP, or port 23 commonly used for Telnet. A rule might be to block a specific IP address, or block all IP addresses from accessing certain applications on the network, such as email or video steaming.
Ok, I feel like I’ve sort of defined this but to be honest I may have to dig through it again. Anyway, one question in and I have a headache but lets look at the other ones related to this
This one is cut and dry with the question of access control and using labels or classifications of data. That’s clearly MAC
MAC has admins and DAC has owners of data. Not really sure about that for RBAC, guess I could check that out. Ok, looks like its the same as MAC in that there are admins and then users however it seems to very based on flavor as to what they are called. Other than admin.
I feel like some of the classifications with these require clarification. There are probably more of these that I need to cover and I may get back to that at another time but for now lets look at these two slides
I don’t understand how managing back end services isn’t what the first one is saying. So, I think there are some issues here with wording as a What Is a Cloud Access Security Broker (CASB)? is a service that hardens your access to your cloud resources. There is also Security as a Service, in addition to Software as a Service. The first question makes sense and I think this second one is poorly worded as its not describing any thing having to do with security. I mean, managed services of the back end is what a CASB is talking about but its not exactly accurate.
The thing is, I dont know why you wouldn’t use TLS but lets find out.
Per stackexchange:SSL/TLS protects the email from tampering or eavesdropping as it transits between your computer and Google’s server, and possibly during further relays to eventual recipient. And that’s all it does. PGP does far more. If you’re sending a signed email, the recipient can verify that the email was sent by you, and that it was not tampered with at any point between when you wrote it and when they received it. If you’re sending an encrypted email, you know that nobody but the intended recipient can read it — not Google, not the NSA, nobody. That’s why it’s called “End to End Encryption”. However, the email metadata (from, to, subject, time stamps) is still sent in clear, and PGP can’t help with that. So in general, it’s best to send PGP-encrypted emails via TLS-secured connections.
So that is some help. Anyway, that’s all for tonight. I feel like I learned a lot about my being better at my job but that is immaterial at this point as im only interested in one thing, getting through my shift haha
Still having trouble with a few things after moving through the third round of going through questions. Wait, maybe that was the 4th. Yeah, the 4th. Also, this took about 3 days to write I think? Maybe longer. Wait, I might have started on Wed night. Anyway, as I was saying on twitter:
So, I still have a some learning to do. I can honestly say that this is a lot more work that I realized it would be however I think in the end it will be worth it. It’s one cert but hopefully employers realize what all goes into it and how much you have to know going into the test. Tonight im going back over some authentication stuff. While I’m starting to get the hang of how some of it works, I’m not quite the expert that I would like to be before even thinking about taking the test. In addition with cloud computing being what it is these days, authentication, encryption and hashing is going to become more and more important as more sensitive data goes out of a firewall and through a VPN tunnel to connect to Azure or AWS hardware. Another note, as MSFT has done away with the Server certification program for 2019 I’m personally hoping that they move newer editions to being an Azure only based function because for Systems Admin types or (hopefuls, in my case) its frustrating to think that we may be required to understand Windows Server for Azure but also understand how AWS works incase a company goes off prem and decides to go with Amazon for hosting. I understand using AWS for web servers but its an administrative nightmare for anyone actually invested in MSFT tech in the IT job market.
Anyway, lets get into some questions.
This one was a tough one for me and I’m not sure why it took me this long to blog it however I found SSL Authority to be quite helpful. There are variables to this and I can pretty much promise ill be expected to know all of this and here is the important part
What information can be gathered from an SSL Certificate Consumers have access to a lot of information related to TLS/SSL certificates right in their browsers. While not all consumers are terribly interested in the in-depth information available at the click of a mouse, it is important to be aware of what public details are discoverable through an SSL certificate.
Issuing certificate authority (CA)
Validity period (as well as certificate revocation list, or CRL, data)
Domain it was issued to
Company operating the website
Key usage
Info on algorithms and hash-based cryptography
I’m kind of surprised to see the words ‘OID’ not specifically mentioned and that algorithms and hashes are. So now we have to figure out what they mean by OID: Object Identifiers (OID) in PKI
Now thats really confusing but if you look at the output we see a GUID for the certificate and the issuing authority being, im assuming, Public Key Services and the domain it was issued to being Contoso.org with a GUID of, that big long number. How they are pulling hashing and encryption info out of that, I’m still not sure and I’m hoping to not see it on the test because that is a pretty large rabbit hole. So for now, I’ve got this question down of an OID that is an entire wheelhouse of things. It does seem like it would have info on the CSR like date of request and a validity period but it does not appear to have that per this PS information but according to the info from SSL authority you can but their website isn’t great. However, with this, SSL and SSL Certificates Explained For Beginners, we are really getting somewhere however it still isn’t showing what’s supposed to be on an SSL/TLS cert when you view it. Thankfully, I found this from Global Sign on a functioning website that’s actually helpful: How to View SSL Certificate Details in Each Browser and What You Can Learn and it goes through several types of browsers and was to view the info that is much easier to view than looking at fucking Powershell output and ill give you that its fun to look at but its not really helpful in the real world.
I mean, I could memorize it and say its the top three but that’s not exactly helpful for a host of reasons. The other part about this is that I probably covered this before. Wow, The more time I spend with this the more I realize that Security+ is just as hard as my first MCSA. So anyway, this seems like a very important questions lets make a list here:
S/MIME – allows you to digitally sign your emails to verify you as the legitimate sender of the message, making it an effective weapon against many phishing attacks out there. Does use a PKI
TLS – for sure uses a PKI, there is no way to be confused about this one
SFTP – This one is a little tricker to find info for but it can use SSL keys from a PKI: GoAnywhere Managed File Transfer supports the use of SFTP to secure, automate, and audit file transfers. You can authenticate users with a passwords and SSH keys, meaning you can choose one, the other, or both to satisfy your IT security requirements. With our SFTP client, you can also deliver and retrieve files from your SFTP server through an encrypted tunnel, transfer multiple encrypted files per connection, set up alerts for failed transfers, and more.
SAML – so here is the thing with this one, it retains OAUTH credentials and passes it on as a SSO data and OAUTH supports SSL Certificates from a PKI
SIP– this is a voip protocol and the only way to secure it is basically running it through a VPN
IPSec – this is basically a VPN and there is a ton of information about this out there. It seems like it can use SSL but naitvely the key pairs are between machines that have them rather than needing to issue a CSR
Kerberos – uses a KDC to authenticate each user and is a slightly different thing than a PKI as this is authenticating communication between two machines rather than being just use a token granting access to a network for user.
Wow, that was a lot of information and I’m slowly realizing how much stuff I’m missing out on by not chasing down all these rabbits however I can say that I do appreciate using a learning curve to slowly gain a complete picture rather than try to grasp everything at once about a singular subject.
All right, welp, Im not getting this post done tonight but lets move on to the next question.
I covered this in a previous post but I wanted to again, state which of the variables that the answers worked with:
LDAP – Mutual authentication = No | SSO = (not by its self link) | Smart Cards = not a definite answer but appears to be a no|
MSCHAP – Mutual authentication = yes | SSO = no | Smart Cards = no |
Ok, that was the most time I’ve spent on any single item so far but I have to say that all the reading was worth it because I understand all of the protocols listed much better.
I’m not sure that this is really makes any sense. If the PC’s are set up on a domain and it can’t connect to the domain on older versions of windows it may have issues. Logon certificate issues seems odd though. I searched for specifics and I couldn’t find a thing.
My worry here is not what uses TLS but what the other ones use and on top of that, I find PEAP confusing at this point! So lets start with some info on PEAP.
I’m going to start by digging through websites and this one: protocol/EAP PEAP I found particularly helpful, stating:
Ultimately, PEAPv0/EAP-MSCHAPv2 is the only form of PEAP that most people will ever know. PEAP is so successful in the market place that even Funk Software, the inventor and backer of EAP-TTLS, had no choice but to support PEAP in their server and client software for wireless networks.
1) EAP is basically a framework and is used as transport the authentication protocol. Can be used for wireless and wired networks. It is NOT an authentication method on its own. So you can authenticate as you want, password, MD5, certificates, biometric….
2) If you use EAP-MSCHAPv2, it means that your clients doesn’t need to have a certificate, but your authentication server (NPS) has a certificate. Passwords from the clients are send using hashes to the authentication server. To protect these password hashes being send over the network, you can use PEAP which act as a TLS/SSL tunnel to protect the authentication traffic.
3) Only the authentication server (NPS) needs a certificate. EAP-MSCHAPv2 is a password based authentication method.
4) You can use PEAP-EAP-MSCHAPv2 which uses a certificate on the authentication server (NPS) and a password for clients. You can use PEAP-EAP-TLS which use a certificate on the authentication server and a certificate on the client. PEAP is used to protect to authentication traffic.
The following example configuration outlines how to set up Windows NPS as a RADIUS server, with Active Directory acting as a userbase:
Add the Network Policy Server (NPS) role to Windows Server.
Add a trusted certificate to NPS.
Add APs as RADIUS clients on the NPS server.
Configure a policy in NPS to support PEAP-MSCHAPv2.
(Optional for machine auth) Deploy PEAP-MSCHAPv2 wireless network settings to domain member computers using Group Policy
So so now we have learned a ton of info about PEAP and the thing that sucks about this is I’m going to keep going into this much detail on this stuff until I really get it down because given that I’ve been reading material thats 10 years old, there isnt exactly a rush to get this down before the next thing comes out. I also find it helpful and relevant. Anyway, lets check the wiki and get some highlights and from there and move on, for now. However, I want to take a closer look at radius and PEAP after this one.
Protected Extensible Authentication Protocol: Protected Extensible Authentication Protocol, also known as Protected EAP or simply PEAP, is a protocol that encapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel.[1][2][3][4] The purpose was to correct deficiencies in EAP; EAP assumed a protected communication channel, such as that provided by physical security, so facilities for protection of the EAP conversation were not provided.[5]
PEAP is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server. It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server’s public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping.
MS-CHAPv2 is an old authentication protocol which Microsoft introduced with NT4.0 SP4 and Windows 98. PEAPv0/EAP-MSCHAPv2 is the most common form of PEAP in use, and what is usually referred to as PEAP. The inner authentication protocol is Microsoft’s Challenge Handshake Authentication Protocol, meaning it allows authentication to databases that support the MS-CHAPv2 format, including Microsoft NT and Microsoft Active Directory.Behind EAP-TLS, PEAPv0/EAP-MSCHAPv2 is the second most widely supported EAP standard in the world. There are client and server implementations of it from various vendors, including support in all recent releases from Microsoft, Apple Computer and Cisco. Other implementations exist, such as the xsupplicant from the Open1x.org project, and wpa_supplicant. As with other 802.1X and EAP types, dynamic encryption can be used with PEAP. A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated, in general it is trivial to introduce a fake Wireless Access Point which then allows gathering of MS-CHAPv2 handshakes.[9] Several weaknesses have been found in MS-CHAPv2, some of which severely reduce the complexity of brute-force attacks making them feasible with modern hardware
It turns out that looking for PEAP and Radius info is kind of sketchy. As I understand it though you set up a Radius server, NAP server in Windows, set the access points to Radius clients and verify the machines on the back end. Not sure at this point if a local certificate is required or installed by GP based on MAC or how that works. Anyway, I’m now looking at this 802.1X Overview and EAP Types:
EAP-TLS (Transport Layer Security) provides for certificate-based and mutual authentication of the client and the network. It relies on client-side and server-side certificates to perform authentication and can be used to dynamically generate user-based and session-based WEP keys to secure subsequent communications between the WLAN client and the access point. One drawback of EAP-TLS is that certificates must be managed on both the client and server side. For a large WLAN installation, this could be a very cumbersome task.
PEAP (Protected Extensible Authentication Protocol) provides a method to transport securely authentication data, including legacy password-based protocols, via 802.11 Wi-Fi networks. PEAP accomplishes this by using tunneling between PEAP clients and an authentication server. Like the competing standard Tunneled Transport Layer Security (TTLS), PEAP authenticates Wi-Fi LAN clients using only server-side certificates, thus simplifying the implementation and administration of a secure Wi-Fi LAN. Microsoft, Cisco, and RSA Security developed PEAP.
TLS, while very secure, requires client certificates to be installed on each Wi-Fi workstation. Maintenance of a PKI infrastructure requires additional administrative expertise and time in addition to that of maintaining the WLAN itself.
So, if you use TLS then you have to find a way to push WEP keys to workstations. Which is generally done by deploy PEAP-MSCHAPv2 and then pushing them via AD. So that’s confusing. Ok, I’m moving on at this point because I have spent a lot of time on this, no promises that I wont come back to it. Anyway, here’s a link from a vendor I found helpful: How To Set Radius Server (NPS) When Using WPA-EAP, WPA2-EAP Or WPA2-AUTO-EAP
To be honest though, I’m walking away from this which a much clearer understand of each of those things, so I guess, goal accomplished?
You may have realized that I just spend a ton of time, like 3 days in fact, reading about PEAP which is a rabbit hole of other stuff and I haven’t been on an adventure hunt like that in a long time. Looking at this one now, and realizing what we learned previously with:SAML – so here is the thing with this one, it retains OAUTH credentials and passes it on as a SSO data and OAUTH supports SSL Certificates from a PKI
And realizing exactly what the other stuff does, OAUTH is the only thing that makes sense at all.
I got this one right but I wanted to go over each authentication type and what kind of key exchanges each one is using. You know, lets start with basics here because I really got up and running pretty fast on some of this stuff and this might be helpful: Hashing Algorithms
Ok so, that only covers SHA-2 and that’s not really helpful but it does have links and I’m going to dig through those and I didn’t find any thing super helpful so lets dive into these individually. There is one other thing that I would like to find some basic info on to cover a fuckin gin, asymmetric vs symmetric keys because I don’t really understand it: Symmetric vs. Asymmetric Encryption – What are differences?
I still don’t understand the diagram on the asymmetric system because it looks like the two keys just bump into each other and magic happens. Which has been my issue since I really started reading about such things but in any case there is still a pair of keys. Maybe more, im not really sure haha but it looks like it still somehow is sending a private key? I know its not because it has to be on a server but where does it come from. Anyway, this link: Symmetric Encryption, Asymmetric Encryption, and Hashing is also helpful but maybe I can find another answer as to ‘where do babies come from’
I found this to be helpful: A Deep Dive on End-to-End Encryption: How Do Public Key Encryption Systems Work? but I would still like to walk through the who process so lets try and find an example of a RSA key gen situation: ssh-keygen – Generate a New SSH Keyok, now this suddenly makes sense, you have to generate keys to use, create a file that has an associated password and they don’t simply randomly appear on a server that has a signed PKI certificate from like godady or something. However that does add an additional layer of complications. I think I’ll eventually get this sorted though
RSA – A user of RSA creates and then publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers must be kept secret. Anyone can use the public key to encrypt a message, but only someone with knowledge of the prime numbers can decode the message.[2] Breaking RSA encryption is known as the RSA problem. Whether it is as difficult as the factoring problem is an open question. There are no published methods to defeat the system if a large enough key is used. So its asymmetric
3DES – Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The Data Encryption Standard’s (DES) 56-bit key is no longer considered adequate in the face of modern cryptanalytic techniques and supercomputing power. However, an adapted version of DES, Triple DES (3DES), uses the same algorithm to produce a more secure encryption. So 1 key that is passed with the file with varying degrees of hashing associated, as I understand it. I added a link that’s pretty in depth beyond what the wiki pages offers but im still not certian I understand the key exchange as its not symmetric or asymmetric
DSA – DSA algorithm works in the framework of public-key cryptosystems and is based on the algebraic properties of modular exponentiation, together with the discrete logarithm problem, which is considered to be computationally intractable. The algorithm uses a key pair consisting of a public key and a private key. The private key is used to generate a digital signature for a message, and such a signature can be verified by using the signer’s corresponding public key. The digital signature provides message authentication (the receiver can verify the origin of the message), integrity (the receiver can verify that the message has not been modified since it was signed) and non-repudiation (the sender cannot falsely claim that they have not signed the message). So its symmetric and the definition does help to clear up information around the issues of key exchanges
SHA-2 – is considered symmetric
I hate these things and have trouble remembering them so lets define them
ALE – Annualized loss expectancy
ARO – Annual Rate Of Occurrence
SLE – Single Loss Expectancy
ROI – Return on Investment
RPO – Recovery Point Objective
RTO – Recovery Time Objective
Once you realize what they stand for and are creative enough to look at the letters and figure it out its super easy haha
Man, I don’t remember the last time I did this much research for one post. This took several days and I learned a ton. Do I remember every thing in this. Not sure but I think so? Anyway, that’s all for now and im sure that there will probably be more on encryption/hashing/authentication to come.
Short post tonight. Finally got through the questions that I missed the first run through of the massive block of questions and found that I got half the ones I missed the first time correct. This is a typical scenario but the block of questions is unbelievably massive. I mean, its for sure do able but this thing is going to take some time. As usual I had hoped to be done by now but while I’ve made progress I am no where near close to obtaining the cert. Hopefully soonish without getting super burnt out on the material. No idea what I will do I after getting this one. It was announced that MSFT had done away with the MCSA program for server and at this time has given no alternative path for learning. I find this interesting as how are people supposed to learn basic network architecture, specifically AD without this. Welp, I guess they will think of something to keep me entertained. Oh, but right im going to get every cert ever and all that. I mean, maybe long term but that will take a while to organize haha
So anyway, making progress. Once I hit the mid 90s on all 700 questions I’ll pay to take the test and quite possibly fail it.
I wasnt sure about this but I thought I would look it up any way
and the second half of that TACACS is defined in RFC 1492, and uses (either TCP or UDP) port 49 by default. TACACS allows a client to accept a username and password and send a query to a TACACS authentication server per the TACACS wiki
Control diversity? defense in depth? I think the first concept is using a multi-vendor solution to your architecture but lets look it up to be sure.
This control diversity thing is kind of odd but its indicating that technical, administrative and physical controls of varying types. Clearly different than vendor diversity. The link for defense in depth is a little different Defense in depth (also known as Castle Approach[1]) is an information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical security for the duration of the system’s life cycle.
Seems the same but slightly different? Anyway, realizing that its not vendor diversity helps. Welp, thats all for now. Time to go through the ~120 questions or so I missed and go through those again and then go through the 242 again and then, the entire 700 lot and see where im at. If I get my first test in by June ill be happy.
xAFTERHOURSx 