The “Microsoft Message Analyzer” is a protocol analyzer built into Windows Server.
Technically a protocol sniffer just gathers packets while a protocol analyzer actually helps you break them down and, well, analyze them. But in reality most tools in one category provide at least some functionality in the other.
Interesting legal complication (though it makes sense): In a corporate environment, it’s important to only provide/view password strength information when cracking user passwords, as displaying the full password can make it unclear who is actually using a particular account in the logs.
Data Sanitization: The removal of data from a device in a fashion designed to make recovery as difficult as possible.
Types of data sanitization:
Some other tools that Exam Cram mentions explicitly:
“Unified Endpoint Management” (UEM) is a single “pane of glass” that combines MDM, EMM, and MAM that covers all sorts of devices - everything from laptops to smartphones (and often desktops too, despite them not actually being mobile).
The Microsoft Endpoint Security Manager provides UEM for Windows. Intune is the MDM component of this.
Despite iOS’s popularity among the upper classes, world wide there are roughly 4 Android device for every iOS device.
SELinux/SEAndroid operate under an implicit deny model.
Things a microSD HSM can do:
ITPro.TV defines COPE (Corporate-Owned, Personally Enabled) broadly as the traditional corporate-owned device model.
This episode is a walk-through of the Microsoft Endpoint Security Manager.
Heh. Dan Lowrie gives a shout-out to Signal as an example of end-to-end encrypted messaging.
IMEI = International Mobile Equipment Identifier. A bit like a MAC address for mobile devices on GSM and UTMS networks.
IMSI = International Mobile Subscriber Identifier. Identifies a particular user (unlike the IMEI, which identifies a device). Used on GSM and UTMS networks, stored in SIM cards.
Wi-Fi network standard names:
NFC works over a distance of ~4”. Operates at 13.56 MHz.
Infrared tops out at ~16 Mbps.
This table isn’t really 100% accurate (though it’s better than the one that ITPro.TV displayed). Actual USB standards are a freakin’ mess.
There are 24 active GPS satellites + 3 standbys. GPS is a US system; alternatives are GLONASS (Russia), Galileo (European Union), and BeiDou (China).
RFID tags come in two varieties: Passive (powered by the reader) and active (self-powered).
SCADA = Supervisory Control and Data Acquisition
ICS = Industrial Control Systems
General control mechanical and electrical automation in heavy industry and critical infrastructure. Increasingly called “operational technology” (OT).
IoT = Internet of Things
Put computers in all the things, because what could possibly go wrong? Mostly distinguished from OT by being more robust in a network environment and generally being built using a Linux or Windows base.
Embedded systems are just embedded micro-computers. More often found in IoT than OT.
There’s also a variety of specialized, proprietary systems for which minimal documentation exists online:
Many of these are controlled using “real-time operating systems” (RTOS) that are designed with low latency in mind.
Communication standards commonly used in specialized devices:
With the exception of 5G, these are all distinguished by being very low power and very low bandwidth.
Security concerns? It’s basically a universe of crap. Have fun!