Browse Definitions:
Quiz

VoIP security threats

As VoIP becomes increasingly prevalent, so do the threats aimed at subverting its security. After all, letters IP in VoIP stand for Internet Protocol and that means attackers have a ready-made bag of tricks to pick from. How much do you know about the threats to VoIP security? Take our quiz to find out.

1. The most serious threat to VoIP security is the old-fashioned __________ attack, in which users are deprived of connectivity or other resources they would normally expect to have.
What is it?

2. This protocol allows the destination receiver to compensate for delay jitter caused by packet loss. An attacker can use it to disrupt calls by interjecting sounds into a VoIP call.
What is it?

3. This is a service that allows a caller to masquerade as someone else by falsifying the number that appears on the recipient's caller ID display. An attacker can use it to make a VoIP call appear to come from a trusted source.
What is it?

4. This type of packet is normally sent when a participant in a multicast event leaves the session. In a session tear-down attack, an attacker uses it to suddenly terminate a VoIP call.
a. BYE packet
b. CYA packet
What is it?

5. Because some VoIP products don't support encryption, they make this type of unauthorized listening relatively easy.
a. monitoring
b. eavesdropping
What is it?

6. Beware! If you get a computerized voice message asking you to call your bank because there's been suspicious activity in your checking account, be sure to look up your bank's phone number and not rely on the phone number left in the message. What type of attack could this message be?
Answer

7. In August 2009, Symantec issued a security bulletin about Trojan.Peskyspy. What VoIP service provider did Trojan.Peskyspy target?
a. Windows Live
b. Skype
c. Google
d. Yahoo
Answer

8. Once the bane of the traditional telco, phreaks are now exploiting VoIP vulnerabilities. What do phreaks do?
Answer

9. This is the Internet protocol for initiating interactive user sessions. VoIP attackers use it to intercept calls by transferring register requests to the attacker's IP address instead of the legitimate recipient's.
What is it?

10. If SPIT becomes as rampant as spam, it could render enterprise VoIP systems unusable. What does SPIT stand for?
Answer

How did you do? Let us know!

This was last updated in September 2009

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

SearchSecurity

  • Web application firewall (WAF)

    A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are ...

  • MD5

    The MD5 hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output...

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable ...

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

  • mass notification system (MNS)

    A mass notification system is a platform that sends one-way messages to inform employees and the public of an emergency.

  • disaster recovery as a service (DRaaS)

    One approach to a strong disaster recovery plan is DRaaS, where companies offload data replication and restoration ...

SearchStorage

  • secondary storage

    Secondary storage is used to protect inactive data written from a primary storage array to a nonvolatile tier of disk, flash or ...

  • VRAM (video ram)

    VRAM (video RAM) is a reference to any type of random access memory (RAM) used to store image data for a computer display.

  • ZFS

    ZFS is a local file system and logical volume manager created by Sun Microsystems to control the placement, storage and retrieval...

SearchSolidStateStorage

  • SSD RAID (solid-state drive RAID)

    SSD RAID (solid-state drive RAID) is a methodology commonly used to protect data by distributing redundant data blocks across ...

  • Tier 0

    Tier 0 (tier zero) is a level of data storage that is faster, and perhaps more expensive, than any other level in the storage ...

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close