Symmetric keys provide the fast encryption standards needed by today's applications; however, these keys need a method for exchange over an unsecured network. PKI provides a solution to this challenge.


A and F

Because of its speed, symmetric encryption is a good choice for real-time encryption of bulk data. This speed is achieved because the encryption key is the same as the decryption key.


D and F

The trusted introducer and its clients must trust the root of a system. The root guarantees the identity of the trusted introducer. Only the trusted introducer can guarantee the authenticity of any member of the system.



A certificate includes the identity of the issuer of the certificate, the identity of the owner of the certificate, and the public key of the owner.


C and F

Securing enrollment through a PKI can be a sticky situation. The best method is to perform the enrollment over a trusted network (or significantly secured public network). Otherwise, you must manually perform mutual out-of-band authentication between the PKI user and CA.



Certificate revocation is needed whenever the private key is not trustworthy anymore. This can occur through a loss of the private key (from a system rebuild or replacement), or a malicious compromise of the private key (from an intruder).



The web server certificate is used to authenticate the server to the client and to encrypt the symmetric session keys used for the authentication and encryption of the data stream.



The Diffie-Hellman algorithm is commonly used as an automated method to securely exchange symmetric keys over a public network.



Asymmetric algorithms use two keys: one public and one private. The public key can be used for encryption and decryption of data and is sent to any requesting host. The private key can be used for encryption and decryption of data and is kept strictly for the sending host.



Certificates are not secret information and do not need to be encrypted in any way. The idea is not to hide anything but to ensure the authenticity and integrity of the information contained in the certificate.

Part I: Cisco CallManager Fundamentals

Introduction to Cisco Unified Communications and Cisco Unified CallManager

Cisco Unified CallManager Clustering and Deployment Options

Cisco Unified CallManager Installation and Upgrades

Part II: IPT Devices and Users

Cisco IP Phones and Other User Devices

Configuring Cisco Unified CallManager to Support IP Phones

Cisco IP Telephony Users

Cisco Bulk Administration Tool

Part III: IPT Network Integration and Route Plan

Cisco Catalyst Switches

Configuring Cisco Gateways and Trunks

Cisco Unified CallManager Route Plan Basics

Cisco Unified CallManager Advanced Route Plans

Configuring Hunt Groups and Call Coverage

Implementing Telephony Call Restrictions and Control

Implementing Multiple-Site Deployments

Part IV: VoIP Features

Media Resources

Configuring User Features, Part 1

Configuring User Features, Part 2

Configuring Cisco Unified CallManager Attendant Console

Configuring Cisco IP Manager Assistant

Part V: IPT Security

Securing the Windows Operating System

Securing Cisco Unified CallManager Administration

Preventing Toll Fraud

Hardening the IP Phone

Understanding Cryptographic Fundamentals

Understanding the Public Key Infrastructure

Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

Configuring Cisco IP Telephony Authentication and Encryption

Part VI: IP Video

Introducing IP Video Telephony

Configuring Cisco VT Advantage

Part VII: IPT Management

Introducing Database Tools and Cisco Unified CallManager Serviceability

Monitoring Performance

Configuring Alarms and Traces

Configuring CAR

Using Additional Management and Monitoring Tools

Part VIII: Appendix

Appendix A. Answers to Review Questions


Authorized Self-Study Guide Cisco IP Telephony (CIPT)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
ISBN: 158705261X
EAN: 2147483647
Year: 2004
Pages: 329

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net