| Appendix A. Answers to Review Questions

1.	E and F Cryptographic services include functions for authenticity, confidentiality, integrity, and nonrepudiation.
2.	A and F Because of its speed, symmetric encryption is a good choice for real-time encryption of bulk data. This speed is achieved because the encryption key is the same as the decryption key.
3.	D and F Asymmetric encryption is very powerful because it provides a public key (capable of handling encryption and decryption of data) and a private key (also capable of handling encryption and decryption of data). Asymmetric encryption is often used to create signatures and for key exchange only because of the high overhead associated with the algorithm.
4.	B and F If a hacker obtains a hash of some data, the only method they can use to reverse engineer the data is to use a brute force attack, which is computationally difficult. Hash does work well for ensuring data does not change accidentally; however, it does not protect against man-in-the-middle attacks. Because of this, hashing is often combined with an encryption algorithm, such as AES. AES can use MD5 or SHA-1 for hashing data.
5.	F Only F does not apply to digital signatures. Digital signatures are created by encrypting the result of a hashing process using a private key.
6.	D SHA-1 is the modern standard for creating a 160-bit hash. MD5 is no longer recommended because it can run into problems with duplicate hashes on large amounts of data.
7.	A Nonrepudiation methods prove to others that a certain source sent some data. This is very similar to authentication; however, authentication can only prove to YOU that a certain device sent the data rather than proving to OTHERS that a certain device sent the data.
8.	B Rivest, Shamir, and Adleman (RSA) is the only asymmetric algorithm in this list.

9.	A Asymmetric algorithms use two keys: one public and one private. The public key can be used for encryption and decryption of data and is sent to any requesting host. The private key can be used for encryption and decryption of data and is kept strictly for the sending host.
10.	D With current mathematical algorithms, it is feasibly impossible to generate a private key from a public key.

Part I: Cisco CallManager Fundamentals

Introduction to Cisco Unified Communications and Cisco Unified CallManager

Cisco Unified CallManager Clustering and Deployment Options

Cisco Unified CallManager Installation and Upgrades

Part II: IPT Devices and Users

Cisco IP Phones and Other User Devices

Configuring Cisco Unified CallManager to Support IP Phones

Cisco IP Telephony Users

Cisco Bulk Administration Tool

Part III: IPT Network Integration and Route Plan

Cisco Catalyst Switches

Configuring Cisco Gateways and Trunks

Cisco Unified CallManager Route Plan Basics

Cisco Unified CallManager Advanced Route Plans

Configuring Hunt Groups and Call Coverage

Implementing Telephony Call Restrictions and Control

Implementing Multiple-Site Deployments

Part IV: VoIP Features

Media Resources

Configuring User Features, Part 1

Configuring User Features, Part 2

Configuring Cisco Unified CallManager Attendant Console

Configuring Cisco IP Manager Assistant

Part V: IPT Security

Securing the Windows Operating System

Securing Cisco Unified CallManager Administration

Preventing Toll Fraud

Hardening the IP Phone

Understanding Cryptographic Fundamentals

Understanding the Public Key Infrastructure

Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

Configuring Cisco IP Telephony Authentication and Encryption

Part VI: IP Video

Introducing IP Video Telephony

Configuring Cisco VT Advantage

Part VII: IPT Management

Introducing Database Tools and Cisco Unified CallManager Serviceability

Monitoring Performance

Configuring Alarms and Traces

Configuring CAR

Using Additional Management and Monitoring Tools

Part VIII: Appendix

Appendix A. Answers to Review Questions

Index