Rearrange IP address section and expand to include config mgmt, other minor tweaks

[konklone]

This moves IP addresses out of the section that we describe as Information an attacker could plausibly use to help them compromise a live system., and into its own section as information about our technical environment we simply may wish to withhold.

I scope it to some IP addresses, and I added other configuration management details, since we do (sometimes) have private devops/config repos associated with public code repos. These fall into the same bucket of information which we do not believe pose direct threats to our infrastructure (the way that Secrets and Undisclosed vulnerabilities definitely do), but which we generally exercise some latitude to withhold.

[brittag]

Ah, the tricky bit here is that this separated-out section about technical information is still underneath the "Sensitive information we need to protect" heading. The way this is currently structured, the points under that heading are a translation of points from the CUI list.

If we don't consider config/routing details to be CUI (in other words: if we don't consider this "information that if not protected, could result in adverse effects to information systems"), we'd need to rearrange this section further. I can try that.