CCT 056: Intricacies of VOIP and iSCSI in Cybersecurity (CISSP Domain 4)

Welcome to the CISSP Cyber Training Podcast, where we provide you the training and tools you need to pass the CISSP exam the first time. Hi, my name is Sean Gerber and I'm your host for this action-packed, informative podcast. Join me each week as I provide the information you need to pass the CISSP exam and grow your cybersecurity knowledge. All right, let's get started. Good morning. This is Sean Gerber with CISSP Cyber Training, and I hope you all are having a beautiful day today. Today we are. It's actually quite warm here in Wichita, kansas. I know I look at the news this week and it has been that way for most of the world and it's not a whole lot different here. It's actually been. It was pleasant for about a week and then it got to be kind of warm again, but outside of that, life has been quite amazing. We're very, very happy. Actually, my family and I we finally, after a few years, decided to put in a pool, so life is really good. I will say flopping around in a pool is a nice thing to do on a very hot summer. Well, today we are going to be talking about some various aspects as it relates to CISSP domain four, and we're going to be getting into secure protocols and the implications that roll into that. So as we kind of get into these various pieces this is around domain four and the protocols we're going to what we might come back a little bit to the OSI layer. So the first part of this question or the first part of this podcast will just be on touching just a little bit on the OSI layer, which we have had a couple of previous podcasts that's talked about that. But let's just kind of quickly roll over because I will say, when it comes to the seven layer burrito, which is obviously the seven layer OSI model, it's important to kind of go over that over and over and over again, just because you're going to be asked questions about it. And when you get into the real world and you're working for a company, then what ends up happening is is you will deal with the OSI model a little bit more than what you do, just from a practicality standpoint, on the CISSP test. So when we're let's talk about the OSI model, there's significance obviously in each layer, and so there's seven layers total, which hence I call it the seven layer burrito, and each layer has its own significance within the overall stack of network capabilities. So the first layer is the physical layer. Now this is the layer that is, the physical transmission of data and the potential security concerns around this physical transmission. There's physical access controls and are all set in place to keep it specifically from around. Wiretapping would be a good example. I know of a situation where someone was so concerned about that. They have some significant importance and I was doing a little bit of consulting work with and he made a comment of he was worried that a system was physically accessible within an elevator shaft. Now the point of that is is that if you're physically available within an elevator shaft, this individual was worried that someone could potentially tap into it and even though that is some level of risk there, it, where it was at, was extremely challenging for somebody to be able just to go in there and be able to tap into that. There were many other places where someone could actually tap into your system versus the network switch that's in the elevator shaft. But again, something to keep in mind because you never know if it's a mission impossible story that you're having to work through. The data link layer is layer two. Discuss how the layers are basically in layer one as well, as we're talking about the physical access controls. There's ways to restrict access to this network equipment, and one of the things I mentioned, as well as the elevator shaft, is the fact that you have implementations of locks, surveillance systems and so forth to potentially put controls in those physical systems. You'll deal with manufacturing facilities. You'll have physical locks put in place on USB ports, that's, or other types of network switching ports. That is something that you may want to do, depending upon the risk that's in your environment. Cable shielding, obviously, is another option as well, having the various shielding put in place for these cables. This does protect from electromagnetic interference and eavesdropping. One of the things that you will deal with in the CISSP is around tempest. Tempest is the I don't think I'm trying to write a word for it, but it's the standard in which it's set up, so that you will not allow electromagnetic eavesdropping off of spurious types of electromagnetic current. So let's say, for example, you have a communications channels that are sitting next to outlets so, contrary to popular belief, you can listen to those kinds of communications or tap those kinds of communications off of electrical outlets, and so those are things that you'd have those properly shielded. You'd have them also shielded in the fact that you won't get interference because, again, you don't want to have a highly sensitive system, or just maybe a highly performing system that you need to have active, get interrupted by electromagnetic current coming from a outlet. So those are things to kind of consider as it relates to layer one. Layer two is the data link layer. Now this is going to be various areas that are around securing the data link layer to prevent unauthorized access to the network. One of the things you may deal with is around MAC address filtering. Now this is where the each individual device has its MAC address and this MAC address does tie, is tied specifically to an Ethernet port or an Ethernet card that is tied to your system. That MAC address is supposed to be unique. Now I have seen situations where manufacturers will accidentally make the same MAC address for that Ethernet card and you've been in a situation where you're like, why is there two MAC addresses on this network? It doesn't happen very often but it can, and I think maybe one of the aspects that and I don't know is for a fact, but maybe the manufacturing for companies will make these with multiple MACs thinking well, the odds are high that they're not going to be in the same area. You may buy one in Beijing and then it may end up being put also in Florida. They anticipate that that may not be the case. They would be the same MAC address but technically they're supposed to make different MAC addresses for each Ethernet environment or each Ethernet connector. The VLAN this is. You can also use VLAN segmentation with the data link layer and VLAN segmentation obviously is virtual LAN. This is enabling the ability for having these virtual lands to isolate traffic and restrict the access that might be on that network. Vlans are very important and very popular, especially when you have a smaller network. But you can VLAN those off and that's just a logical way in which you can separate these various traffic from each other. They are very popular and they do work really, really well. I'd highly recommend them. A switch security features obviously there's enabling ports, disabling ports. One of the pieces that I've seen with Switch is you will have you can go in and actually turn the ports on and off. So when you're doing the configuration of that and you'll learn this if you get your CC when was it? I think I have it. Ccna yeah, that's what I've got. If you have your CCNA, you will deal with turning on ports and turning off ports. This works really well, except for when the fact is is that if you don't tell somebody about it and you don't say consistently and you don't have documentation when that port doesn't work, people will go why is this port not working? And they will get frustrated, get mad, possibly rip out the switch and put in a new one because the ports aren't working. But it could have been just as simple as a configuration with inside the switch. So, but they're very helpful. You can limit those to MAC addresses and you can limit the ports from being able to being able to have lots of data flow to them. Ie that would be some sort of MAC flooding attacks that could happen against those. That's aspects that you would need to consider if you're using the Layer 2. Layer 3 controls is that you're looking at protecting the network from unauthorized access as well. Now this is where you get into firewall rules that are set up specifically around IP addresses, ports and protocols. Access control lists these are one of the things that you would use to help control the access within these. The Layer Network 3 layer Access control lists are basically you're configuring your routers and switches to permit or deny traffic based on the source or destination IP addresses. So if you have a switch, that are the devices that are coming from a certain IP range, you can set that up at the network layer to deny or to potentially black hole those IP addresses and not allow them access to anything. So, again, that's just one more control you can put at the network layer. Obviously, vpns these are implementing encrypted tunnels that are allowing people access outside your organization and it does allow them to be able to communicate over public networks. Now, when you was in China or around the globe, you may use VPNs. Obviously, in China that is something that is not acceptable. They is not legal to use VPNs inside China but before a lot of the changes, I know many people did use those. But they go through the Great Firewall and in the process of going through the China Great Firewall they can be discovered and blocked. So obviously, going into China and using a VPN, you use that at your own risk. It's highly not. It's not recommended that you do that, but there are still many people that will try that. But if you are going someplace else around the globe, you may wanna use a VPN to protect your traffic from anybody who may be snooping Outside the United States. Internet cafes are a very large part of the world and you can get into an internet cafe and you may have people that are snooping your traffic while you're surfing. I would anticipate that is highly likely if you are doing that. So if you're at an internet cafe, just anticipate you're gonna probably come out very dirty. Obviously, malware is running rampant in these cafes. A lot of these cafes are used for attacks against other entities around the world, especially since they can be used without a whole lot of retribution. One example around that is we know around the globe, many people say well, the Chinese are attacking. They have Chinese IP addresses that are attacking XYZ. They may be folks within China that are doing that. It also could be folks within another country it could be Russia, it could be Ukraine, it could be anywhere that they're using these internet cafes to attack various IPs around the globe. So just because it's coming from an IP in China does not necessarily mean that it is a group of state-sponsored Chinese hackers that are coming after you. Now, it could be I don't know, but that is a possibility and these things happen here in the United States as well. You have anybody's computer can be used to attack somebody else. So having an IP address of saying where someone is attacking you from is pretty weak and I wouldn't recommend. I wouldn't hang my hat on the fact that you have a group of people that from Mali who want to attack you. That's probably not the case. When we deal now with the transport layer, that's layer four, this is there's security controls around the transport layer and this is one of the pieces is TLS. Now, in the past you've talked about SSL, ssh, but we're going to talk about TLS, and TLS is Transport Layer Security. Right now I think it's in 1.2 or 1.3. These protocols allow transmission, secure transmissions between systems and it does ensure that you have confidentiality and integrity of these systems. So you definitely want to incorporate some level of TLS in your environment as best as you possibly can. Many times in people's networks you'll run into this where there's TLS on any outbound connections, but device to device connections inside your network are not using any form of TLS. So you have to determine is your internal network something that you want to be protected from? Ssl is your secure software socket layer? Obviously that is similar to TLS, but obviously it has been deprecated a bit. They don't recommend the use of SSL. It's more along the lines of using TLS and using SSL has been around a while, but they've moved on to the TLS versus SSL. However, you will see it in many, many places Now. The next is Intrusion Detection and Prevention Systems IDS, slash, aps systems. Now we've talked about this on CIS's PSYBER training many times around. Deploying these solutions to you can do it to multiple different ways. You can use it to monitor network traffic for attacks. You can use it to stop potential attacks that may be occurring. They can be just something that's in the line, a bump in the line that you're using it as a way to filter traffic as well. So there's ways you can use the IDS and IPS systems. Now I would say that, depending upon how the world is moving, many of these IDS and IPSs are virtual. If you have a cloud environment. If you're not using a cloud environment, obviously, then you would have a physical device that you would have within your network. They do cause challenges if you have these devices in your network, especially if they are in full block mode. I shouldn't say I haven't seen a lot of people use them in full block mode unless they don't have much of an IT staff, but they again I'm using from my history and my background. They may not be the best solutions. This is a little bit dated, but we did run into a lot of problems with IPSs. Now that may have changed a lot, and they've gotten these things with. I use air quotes with machine learning and AI much better at detecting an issue and actually blocking the issue, and we've seen that even with the cloud type appliances. But what I would say, though, is that when you put an IPS inside your network and you just put it in block mode, just keep in mind that you might be adding some more level of complexity, that, if things go wrong, it could actually complicate your life just a little bit. Just a point of thought on that, and actually, if someone wants to send me back a note on that, that would be great. I'd like to know how other people are thinking of IDS and IPSs, because that would actually help educate me just a bit, not something I deal with. I have dealt with strongly in the last few years, layer five and layer six, so we're dealing with the session and the presentation presentation. There we go Better word presentation layer. So when we're going to talk about those two aspects. When you're dealing with session and presentation, the encryption is a big factor of things that occur within the session and the presentation layers, and then, obviously, encryption is used for confidentiality during transmission. Another part of this is digital signatures. Descending digital signatures will help immensely when verifying the authenticity and the integrity of the data. Not everyone uses digital signatures within their environments, but when used, they can help to understand who is actually making the communications. They do add a lot of complexity to your network and you do have to decide if that's something worth that or not. Obviously, in layer five and six, you're dealing with secure coding practices. These are where you're developing applications to help deal with mitigating common vulnerabilities. There's ways within. We call it the CICD pipeline, which is your continuous integration, continuous development pipeline. You can create aspects in there. Where it will create, it will look for common vulnerabilities that are in the market today. So, for example, if you have a certain application that you've created and you want to test to see if there's any CVE, which is your vulnerability exploitation, I think it's critical common vulnerability exploitation, cve that if you have a CVE that could be used to be exploited against whatever you're advocating, whatever you're creating, then you could have that run in the CICD pipeline to look for current known CVEs. Now, this happens especially if you have different plugins that are coming into your application that you're creating. But the one thing to consider is that it will help you, at least give you. It's not a panacea that works all the time and it will miss certain CVEs. However, it does provide you a very significant amount of notification if any of these applications or the plugins that are associated with these applications are vulnerable to any known issues that are happening at the time. So, again, it's a really good way, if you're a developer, to incorporate that within your environment. Now, the application layer this is what we're looking at is the various authentication methods will be used around the application layer. So one of the aspects around this would be your two factor authentication biometrics. Those fall within the application layer and they are dealing with authentication as it relates to things that are connected to your environment. Input validation if you're a developer, one of the things that comes in is, if you are in code and you have your inputs, you want to make sure that they meet certain validation criteria, ie you aren't allowed to put any sort of JavaScript into the input form. You limit the characters based on, let's say, if it's a first name, your first name character list would only be let's say, 25 would be a typical number that most people don't have a first name that's 25 characters long. So you'd put these input validations. You would not just allow anything to be added. Now, as we all know, especially if you've done any development work, what we want to do is get the product out as fast as you can. So what ends up happening? They put the input in the input line for their code, they just drop it in there and then they move on. They don't actually put any constraints around it. So it's one thing you want to consider when it comes to input validation and then secure API design. This is where your secure design principles when developing APIs, obviously you want to do is to prevent any unauthorized access or data leakage that may occur due to your API being enabled and potentially incorrectly configured. Okay, so we're going to get into voice over IP, or otherwise known as VoIP. Now, voip will fall into domain four, and so one of the things that comes into VoIP and you will see this on your CISSP exam is some key questions around VoIP and some commonly used protocols that are in VoIP will be called the session initiation protocol and real time transport protocol. So we're going to kind of go into some of those and then you can see on Thursday there'll be some questions that are be associated with these. So when we're dealing with VoIP, we're going to be talking about the session initiation protocol. Now this protocol is a signaling protocol used for establishing, modifying and terminating your obviously your multimedia sessions with IP networks. And this is where it's a very important factor with VoIP, just because you have to have the ability so that, let's say, you have a communication with someone using voice over IP In the past, if you have a telephone, obviously it enables and then you can turn it off. But if you have a data stream that's going out with your voice, you have to have the ability to turn that off or to be able to turn it on with a using the protocols or using a network capability. And so when you're dealing with that this is the OSI model you're dealing with various aspects of. When we're talking about the application layer, specifically, it relies on text based messages to initiate and control calm sessions. So the functions around SIP are key things that you'll need to know that. They'll ask you on the CISSP and these will be questions that you know, the zinger questions, where you may come in and go. What does that actually mean? So remember the SIP and the RTP. So when you're dealing with SIP, it's going to have user location. Now SIP will does allow users to be located and you want this in some cases because with your phone you have the ability in your mobile phone to have some level of caller ID. Well, you want that capability potentially to be available for people. So it will use the user location in your in your voice over IP call. Now, the one thing to keep in mind when it comes to voice over IP calls, if you're using any sort of proxy, it's going to use that proxy IP address as where you are at. So that may not be totally legitimate and totally correct, but it will give at least a general direction of where you might be. Again, I've had situations where I've made phone calls because of network protocol or network routing that we have in place. You know, I live in Wichita and I'll make a phone call and it'll show up in as I'm calling from Dallas, texas. So there are some of those aspects that may not be correct. You may have to go in a hard program in the location if you start running into some challenges. But again, that's based on the user location Session setup. This is where the simple facilitate the setup of the communication session by exchanging sip messages between each of the parties that are involved in the call, and so you have your user set location setup. You have your session setup and you think about this as a TCP IP handshake. It's the same kind of concept, it's just using voice over IP. Then you have call control. Now, if simple, provide mechanisms for various call control, like call forwarding, call holding, transferring and then all the soul, conference calling. Then session management this allows for session negotiation management and the supporting of or or removal of media streams during a session. So if you have multiple communications that are coming in through your voice over IP session, you can remove them with the session that you're potentially on. And then the lastly is presence information. This allows the exchange of presence information, including the availability and willingness to communicate. Ie, is your little red light on saying that I'm in a meeting or is it green saying that you are available? Now, you'll see this a lot in teams or any or zoom any sort of voice over IP communication conference calls. They will have that in place. So, again, user location, session setup, call control, session management and then presence information. Now, as we roll into real time transport protocol, okay, we got, we have basically have SIP and we have RTP. So back now we're to RTP. This is designed for real time transmissions of audio and video over IP network. So you have the first part kind of talks about where you're at, who you are and are you available. Now the transport protocol deals with the actual transmission of audio and video over these IP networks. Now it works over the transport layer I wish what you would anticipate and it works in conjunction with other protocols like SIP, to use the transmission of the data. Now some key functions of RTP we got packetization and timing. It does provide audio and video data in small packets for transmission. This does include synchronization on the receiver's end. So when you're dealing with typical video that's being transmitted, you do. These packets will may be in a UDP format, which is a user data grant grant protocol. Udp is designed to be basically barrage type noise not noise is right, the right word but barrage type data. The ultimate goal is because if there is any sort of packet loss, you it doesn't need to have a TCP IP handshake to do that, it's just got UDP. Now, when you're dealing with payload identification, rtp assigns a unique identifier or a payload to the various different types of media that are being used, and the purpose of this is to basically interpret and process the packets accordingly. So you're going to have these small packets that are set up that will be sending it out and they'll be synchronized, and then you're going to have the payload type of what's actually being sent. Then you're going to have a sequence number. Now the secret sequence number allows each packet to basically be reconstructed when it comes in. So it's not a barrage UDP type of PASH or BLAST, it's actually brought up in a sequence so that it can be re enabled or reconfigured when it comes to the receiver's end. And then time stamping RTP includes timestamps of each packet to also help with the synchronization process, especially when they're dealing across multiple and different devices. And then, lastly, we're going to get into QoS. Obviously we've talked about QoS in the CISP. Cyber Training with is your quality of service. You'll get this in network packets a lot, where our network environments, where you want to have a high quality of service. If you have a high quality of service means that the connections are good. You have great connectivity and great bandwidth. If you have a poor quality of service, you can deal with packet loss and so forth. You can set up network devices to maintain a certain level of quality of service. In the case of dealing with RDP, rtp provides mechanisms to prioritize and manage your network resources, utilizing QoS, and it does help provide the data as it rolls in. So we're dealing with CISP and RTP in VoIP systems. How do they work together? Well, they work together to basically facilitate, obviously, the voice and video communications, and so key some key things to keep in mind. You know CISP will handle the call setup, the signaling and all the control aspects as working out with the actual voice over IP call, as well as managing the communication sessions between the individuals that are on the call. Now RTP is responsible for transport and delivery of the real time audio. Like we mentioned before, it is dealing with the audio and the video associated with each of the sessions. So CISP sets it up, rtp delivers it, and so if you keep those things in mind when you're at they're asking a question on the CISP, you'll know what do they actually mean versus I don't know what SIP or RTP actually means that SIP sets it up, rtp delivers it. Now, when you're dealing with security around SIP and RTP, there are some challenges around it comes to VoIP around around security, and they've tried to implement many different areas to help with this problem. So they basically you need to ensure that SIP consider security considerations will include the protecting against call hijacking, eavesdropping and unauthorized session manipulation. I will say, though, that there's depending on the VoIP system you use. Some of these aren't as strong as others, and one of this continues to be one of the areas where hackers will try to get access to, because they know if they can get into some sort of voice communications, they can get a lot of information versus, obviously, email. Now, when I was working the previous life, we would use email communications as well as voice communications to try to help us understand what is the information that we're trying to gather. If you can tap a phone call and listen in on a conversation, that can go wonders into understanding. What does all this data mean? Now, rtp security configurations may involve ensuring confidentiality, integrity and availability, but they will also work with real-time data transmissions. Okay, so this is encryption of the media could be in place. Now I will tell you, with VoIP systems, the encryption is always not in place. Depends upon, again, the VoIP system you are using. Whatsapp is a good example of that. They use and encryption, but you don't see a lot of other companies saying, yes, we do that as well. That isn't always the case, but WhatsApp does. They have from for many years, which obviously WhatsApp is owned by Facebook, but they do utilize some level of encryption between these communications that occur. A lot of my friends from around the globe use WhatsApp in their daily activities. Now, what are some of the security risks that are associated with VoIP? As you're dealing with VoIP, there's always the issue around wanting to make sure we maintain the CIA triad, especially when you're dealing with any sort of voice communications. So eavesdropping is where these unintended there's the unintended interception of voice data packets, which can lead the exposure of sensitive information, and that can happen even in VoIP systems. It just depends. Now, one of the things this could be where you are joining the call and you don't know who that's eavesdropping right there. Where you're getting to a large conference call and you're joining the call and you're basically being a lurker sitting in the corner. That is eavesdropping and it's a great way to gather information, especially if you can get in and not pay attention to people will not pay attention to you. It works very well when you have a very large conference call that's going on. And now one of the aspects around that is if you don't have your name tied to your phone number, as obviously when you're dealing with SIP then it could be a highlighter in the fact that, wait a minute, what's his phone number, who is this person? What is your name, and then you can get rid of them. If you want Call hijacking, this is manipulating the VoIP signal protocols to redirect or hijack an ongoing call. Obviously, that's redirecting it to somebody else. Denial of service attacks obviously overwhelming the VoIP system and rendering it unavailable for actual users. I've seen this happen in many cases where, if the network traffic is so high, you will lose your VoIP communications. So something to keep in mind is if you do lose VoIP, do you have a backup? Are you going to use to have your folks use cell phones? Are there satellite communications? How do you want to have a backup solution in the event your voice over IP goes down. Toll fraud this is something that was around for a long time, for many years, especially when you had long distance phone calls and the actual cost that was associated with those. Don't see it as much now, but it still can happen where VoIP call VoIP long distance calls maybe have a toll that's associated with them and can create an expense to an organization. If that's being charged, I see it pretty light at this moment, unless there's somebody out there that can tell me maybe there were its situations where it's occurred. That would be awesome. I do not know of too much toll fraud that occurs on today. So obviously we talked about some of the aspect. What are some of the security controls you can put in place for VoIP is encryption, authentication, various access controls. You may have IDS and IPS systems, obviously to look at that and then QoS is a really good part of ensuring that you have some level of security in place. Now, when you're dealing with VoIP, there are some regulatory requirements around this and a lot of them deal with privacy aspects. I mean you can have, if you do have, a VoIP system on a environment that's tied to the PCI DSS standards, which is basically your payment credit card information, you do have to have segregation through network firewalls to ensure that those communications stay separate. However, when it comes to VoIP, many of the main concerns you'll deal with from a regulatory or compliance point of view would be tied to your privacy aspects of it. Okay, so we're going to talk about iSCSI. Iscsi is Internet, small Computer Systems Interface. So it's India, sierra, charlie, sierra, india. So some of the basics around iSCSI. So we'll kind of go to the back, just take one step back. So SCSI. Scsi is Small Computer Systems Interface and it is an interface that's designed to connect storage devices obviously hard drives, tape drives, optical drives and so forth to computers, and it does provide a communications pathway for data between the computer and the host bus adapter, which is typically called the HBA, on that storage device. So that's a SCSI and you'll see that on hard drives they'll have a SCSI connector and the bottom line is it's designed for high speed data transfers against these types of devices. Well, now you roll in iSCSI, okay, so this is something that deals with the internet and it's dealing with small computers as well. So SCSI uses parallel connections where the SCSI bus is connected specifically to the computer's SCSI controller, or we talked about just a minute ago, the host bus adapter. It can support multiple devices, each having a unique SCSI ID. So as an example, if you like, I mentioned you have a hard drive. You can put multiple hard drives inside of a computer and therefore each of them would have their own. You have slave and master, and that it's tied to a SCSI ID. Now it's that's a standard of commands to facilitate communication between the computer and the storage device itself, and it does allow the reading and writing and all those things that you deal with as it relates to a hard drive. So that's your SCSI right and it will determine how that all works. Now it also organizes your device, your devices, in what we call logical units. Now you'll deal with a SAN, which is your storage array network. Your SAN will talk about LUNs, which is a logical unit number which is tied to your SCSI. You'll. I've seen it and I've heard of it, people talking about various LUNs and I didn't really understand what that meant, but it's designed specifically around a drive and so you're going to have a LUN, which is a logical unit, as identified by the logical unit number, which is your LUN number, and these all are connected to your SCSI bus. Now, as it relates to iSCSI, iscsi is the Internet Small Computer System interface and this protocol encapsulates SCSI commands within IP packets. This allows a SCSI to be transmitted over IP networks. So it does allow for remote storage access of these various devices over an IP network, hence the I right. So it allows you to have a typically at hard drive, something that had to be connected to a device connected specifically to your computer. Now you have storage by consolidation. This is leveraging IP networks. The iSCSI will enable the storage consolidation by centralizing storage and making them accessible to multiple computers Instead of a physically attached storage device set up to one specific computer. Iscsi will allow you to be located remotely and facilitating centralized management, scalability and flexibility. Iscsi data transmissions encapsulate the SCSI commands and the data that's into IP packets, allowing them to transmit it over TCP IP networks. So bottom line is the SCSI's allow you to do this where in the past it's been connected to a hard or a hard written computer. So real quickly, some of the benefits as you deal with iSCSI obviously, storage consolidation is a big factor. Flexibility and scalability, right, you can scale these things up. You can put them anywhere around the globe and any part of your network and they will all be networkable. You'll have to be able to provide remote access. Obviously that's a big factor in today's world where you can share data and you can use this as a remote backup type system. And then iSCSI does leverage current IP networks, making them much more compatible with your standard ethernet that you have in place. Now the implications associated with iSCSI obviously data confidentiality is important because the data that's transmitted over the IP networks you want to make sure that it's encrypted to prevent any unauthorized access. So, confidentiality of any data transmitted. Obviously you want to do that. Also, authentication you want to ensure that you're authenticated to allow people access to this data. They don't just allow anyone on your network to be able to gain access to these drives. Obviously that's tied into. Also access controls. You may have limited access controls to them. That could be done through VLANs, that could be done through network segmentation or it could be done through devices specifically set up, so one device talking to another device. I talked about network segmentation. Obviously, separate the iSCSI traffic through VLANs to make sure that you unauthorized access is denied. And then data integrity you want to ensure you have some level of integrity, checks on the data to ensure that the data that's being transmitted and now stored is actually viable. Which we talk about a lot in DR and business continuity is the fact that even though you have backups, that does not mean they're actually going to work. And then one last thing around it is the performance and scalability considerations you do need to when you're dealing with iSCSI drives. You need to consider your network bandwidth, ensuring that you have the bandwidth to be able to allow this data to be transferred over a network. If you don't have that, then you may want to reconsider the use of iSCSI drives. Quality of service obviously around your network doesn't have the ability to ensure that you have constant and consistent performance on your network. And then load balancing If you do have some level of traffic that's operating on your network, is it load balanced between multiple systems so that you can distribute the traffic across various network paths? And then that way you've got all of your resources properly utilized. Okay, that's all I've got for today's podcast. I hope you guys have a wonderful day. Go check me out at CISSP Cyber Training. There's a lot of great stuff out there. Got my blueprint, we've got lots of CISSP questions. I'm actually coming out with some new ones that you'll be seeing Trying to find a way to help you get more CISSP questions and have them available to you. So, just trying to figure that out, you'll be seeing more of that Coming up. Sign up for my email list. You'll be getting questions set to you on a weekly basis just to help you understand the CISSP. If you see my CISSP Cyber Training membership, you'll get access directly to my blueprint, which will walk you through, step by step, what you need to do to be prepared for the CISSP exam. That was the one thing I struggled with the most was being prepared and understanding. What do I actually study for? I don't know. This is where the blueprint comes into play, so go ahead, check it out Again at CISSPCybertrainingcom. All right, have a wonderful day, guys, and we will catch you on the flip side, see ya.