1.

C and E

Integrity and loss of control are typically terms to describe one's personal life rather than IP telephony security.

2.

B and F

Secure signaling is accomplished through Transport Layer Security (TLS). This security is crucial because CallManager sends the keys for SRTP (which secures the media) through signaling to the IP phone.

3.

D and F

The trusted introducer and its clients must trust the root of a system. The root guarantees the identity of the trusted introducer. Only the trusted introducer can guarantee the authenticity of any member of the system.

4.

C and D

In Cisco IP telephony PKI infrastructures, the CAPF has a self-signed certificate because the IP phones refer to this as the CA of the PKI. Only the Cisco IP Phone 7940, 7960, and 7970 (and subsequent) models can have LSCs because these are the only models that support device security at this point.

5.

C and F

Securing enrollment through a PKI can be a sticky situation. The best method is to perform the enrollment over a trusted network (or significantly secured public network). Otherwise, you must manually perform mutual out-of-band authentication between the PKI user and CA.

   
6.

C

CAPF enrollment supports the use of authentication strings. This is known as the manual enrollment method, which requires the administrator to visit each IP phone he wants to enroll and enter the correct string from the CAPF.

7.

B

The CTL client uses a smart token for key storage. This smart token exists on a USB key attached to the server running the CTL client. The smart token never leaves the key, but, rather, acts as a separate authentication engine to validate the CTL.

8.

D

TLS allows both the server and the IP phone to authenticate each other through a signed certificate. This also allows them to authenticate the signaling message to ensure they came from the correct source.

9.

B and D

Certificates are only exchanged between the Cisco CallManager server and the IP phone. The IP phones themselves do not exchange certificates directly. Likewise, the encrypted transmission of SRTP session keys occurs between the IP phones and the Cisco CallManager rather than between the IP phones.

10.

E

The most accurate list of tasks is to enable services, set cluster to mixed mode, create a signed CTL, deploy certificates to the IP phones, and set the device security mode.

Part I: Cisco CallManager Fundamentals

Introduction to Cisco Unified Communications and Cisco Unified CallManager

Cisco Unified CallManager Clustering and Deployment Options

Cisco Unified CallManager Installation and Upgrades

Part II: IPT Devices and Users

Cisco IP Phones and Other User Devices

Configuring Cisco Unified CallManager to Support IP Phones

Cisco IP Telephony Users

Cisco Bulk Administration Tool

Part III: IPT Network Integration and Route Plan

Cisco Catalyst Switches

Configuring Cisco Gateways and Trunks

Cisco Unified CallManager Route Plan Basics

Cisco Unified CallManager Advanced Route Plans

Configuring Hunt Groups and Call Coverage

Implementing Telephony Call Restrictions and Control

Implementing Multiple-Site Deployments

Part IV: VoIP Features

Media Resources

Configuring User Features, Part 1

Configuring User Features, Part 2

Configuring Cisco Unified CallManager Attendant Console

Configuring Cisco IP Manager Assistant

Part V: IPT Security

Securing the Windows Operating System

Securing Cisco Unified CallManager Administration

Preventing Toll Fraud

Hardening the IP Phone

Understanding Cryptographic Fundamentals

Understanding the Public Key Infrastructure

Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

Configuring Cisco IP Telephony Authentication and Encryption

Part VI: IP Video

Introducing IP Video Telephony

Configuring Cisco VT Advantage

Part VII: IPT Management

Introducing Database Tools and Cisco Unified CallManager Serviceability

Monitoring Performance

Configuring Alarms and Traces

Configuring CAR

Using Additional Management and Monitoring Tools

Part VIII: Appendix

Appendix A. Answers to Review Questions

Index



Authorized Self-Study Guide Cisco IP Telephony (CIPT)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
ISBN: 158705261X
EAN: 2147483647
Year: 2004
Pages: 329

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net