Browse Definitions:
Quiz

VoIP security threats

As VoIP becomes increasingly prevalent, so do the threats aimed at subverting its security. After all, letters IP in VoIP stand for Internet Protocol and that means attackers have a ready-made bag of tricks to pick from. How much do you know about the threats to VoIP security? Take our quiz to find out.

1. The most serious threat to VoIP security is the old-fashioned __________ attack, in which users are deprived of connectivity or other resources they would normally expect to have.
What is it?

2. This protocol allows the destination receiver to compensate for delay jitter caused by packet loss. An attacker can use it to disrupt calls by interjecting sounds into a VoIP call.
What is it?

3. This is a service that allows a caller to masquerade as someone else by falsifying the number that appears on the recipient's caller ID display. An attacker can use it to make a VoIP call appear to come from a trusted source.
What is it?

4. This type of packet is normally sent when a participant in a multicast event leaves the session. In a session tear-down attack, an attacker uses it to suddenly terminate a VoIP call.
a. BYE packet
b. CYA packet
What is it?

5. Because some VoIP products don't support encryption, they make this type of unauthorized listening relatively easy.
a. monitoring
b. eavesdropping
What is it?

6. Beware! If you get a computerized voice message asking you to call your bank because there's been suspicious activity in your checking account, be sure to look up your bank's phone number and not rely on the phone number left in the message. What type of attack could this message be?
Answer

7. In August 2009, Symantec issued a security bulletin about Trojan.Peskyspy. What VoIP service provider did Trojan.Peskyspy target?
a. Windows Live
b. Skype
c. Google
d. Yahoo
Answer

8. Once the bane of the traditional telco, phreaks are now exploiting VoIP vulnerabilities. What do phreaks do?
Answer

9. This is the Internet protocol for initiating interactive user sessions. VoIP attackers use it to intercept calls by transferring register requests to the attacker's IP address instead of the legitimate recipient's.
What is it?

10. If SPIT becomes as rampant as spam, it could render enterprise VoIP systems unusable. What does SPIT stand for?
Answer

How did you do? Let us know!

This was last updated in September 2009

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • PCAOB (Public Company Accounting Oversight Board)

    The Public Company Accounting Oversight Board (PCAOB) is a Congressionally-established nonprofit that assesses audits of public ...

  • cyborg anthropologist

    A cyborg anthropologist is an individual who studies the interaction between humans and technology, observing how technology can ...

  • RegTech

    RegTech, or regulatory technology, is a term used to describe technology that is used to help streamline the process of ...

SearchSecurity

  • supercookie

    A supercookie is a type of tracking cookie inserted into an HTTP header by an internet service provider to collect data about a ...

  • email spam

    Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple...

SearchHealthIT

SearchDisasterRecovery

  • disaster recovery as a service (DRaaS)

    One approach to a strong disaster recovery plan is DRaaS, where companies offload data replication and restoration ...

  • data recovery

    Data recovery restores data that has been lost, accidentally deleted, corrupted or made inaccessible. Learn how data recovery ...

  • disaster recovery plan (DRP)

    A company's disaster recovery policy is enhanced with a documented DR plan that formulates strategies, and outlines preparation ...

SearchStorage

  • GlusterFS (Gluster File System)

    GlusterFS (Gluster File System) is an open source distributed file system that can scale out in building-block fashion to store ...

  • virtual memory

    Virtual memory is a memory management capability of an OS that allows a computer to compensate for physical memory shortages by ...

  • yottabyte (YB)

    A yottabyte is a measure of theoretical storage capacity and is 2 to the 80th power bytes, or, in decimal, approximately 1,000 ...

SearchSolidStateStorage

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

  • SSD caching

    SSD caching, also known as flash caching, is the temporary storage of data on NAND flash memory chips in a solid-state drive so ...

  • NVDIMM (Non-Volatile Dual In-line Memory Module)

    An NVDIMM (non-volatile dual in-line memory module) is hybrid computer memory that retains data during a service outage.

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close