Do you think you know how to secure your customer's Cisco Unified CallManager (CCM) against voice over IP (VoIP)
hackers? Take this quiz to test your practical knowledge.
True or False?
- Cisco Unified CallManager 5.x runs on an MCS.
- Skinny Client Control Protocol (SCCP) or "Skinny" is the name of Cisco's proprietary signaling protocol.
- By itself and disconnected from the CallManager, a Cisco IP phone cannot play a dial tone.
- There is no easy way to disable the Web management interface from Cisco's CallManager interface.
- In a VoIP environment, you should always turn off Cisco Discovery Protocol (CDP) to prevent inside sniffing.
- When Dynamic Host Configuration Protocol (DCHP) snooping is enabled, the Cisco switch can prevent a spoofed DCHP server from assigning IP addresses.
- Configuring your switches and routers with the proper ingress and egress filtering rules must be done manually.
- The Virtual Network Computing (VNC) program should remain enabled after use with CallManager because it contains a built-in control that limits access from within the network.
- A Cisco-specific countermeasure for mitigating flooding attacks is to ensure that quality of service (QoS) settings are properly configured, and Cisco provides this in a step-by-step guide.
- Services enabled by default on the IP phone should always remain enabled for the highest level of security.
How did you do? Could you stand to learn a bit more about preventing hack attacks on your customer's CCM?
Download Chapter 7, Cisco Unified CallManager, from Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions written by David Endler and Mark Collier and published by McGraw-Hill Professional.
Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions
By David Endler and Mark Collier
Published by McGraw-Hill
ISBN-10: 0072263644; ISBN-13: 9780072263640; Published: November 28, 2006; Copyright 2007; Pages: 539; Edition: 1st.