Browse Definitions :
Quiz

VoIP security threats

As VoIP becomes increasingly prevalent, so do the threats aimed at subverting its security. After all, letters IP in VoIP stand for Internet Protocol and that means attackers have a ready-made bag of tricks to pick from. How much do you know about the threats to VoIP security? Take our quiz to find out.

1. The most serious threat to VoIP security is the old-fashioned __________ attack, in which users are deprived of connectivity or other resources they would normally expect to have.
What is it?

2. This protocol allows the destination receiver to compensate for delay jitter caused by packet loss. An attacker can use it to disrupt calls by interjecting sounds into a VoIP call.
What is it?

3. This is a service that allows a caller to masquerade as someone else by falsifying the number that appears on the recipient's caller ID display. An attacker can use it to make a VoIP call appear to come from a trusted source.
What is it?

4. This type of packet is normally sent when a participant in a multicast event leaves the session. In a session tear-down attack, an attacker uses it to suddenly terminate a VoIP call.
a. BYE packet
b. CYA packet
What is it?

5. Because some VoIP products don't support encryption, they make this type of unauthorized listening relatively easy.
a. monitoring
b. eavesdropping
What is it?

6. Beware! If you get a computerized voice message asking you to call your bank because there's been suspicious activity in your checking account, be sure to look up your bank's phone number and not rely on the phone number left in the message. What type of attack could this message be?
Answer

7. In August 2009, Symantec issued a security bulletin about Trojan.Peskyspy. What VoIP service provider did Trojan.Peskyspy target?
a. Windows Live
b. Skype
c. Google
d. Yahoo
Answer

8. Once the bane of the traditional telco, phreaks are now exploiting VoIP vulnerabilities. What do phreaks do?
Answer

9. This is the Internet protocol for initiating interactive user sessions. VoIP attackers use it to intercept calls by transferring register requests to the attacker's IP address instead of the legitimate recipient's.
What is it?

10. If SPIT becomes as rampant as spam, it could render enterprise VoIP systems unusable. What does SPIT stand for?
Answer

How did you do? Let us know!

This was last updated in September 2009

SearchCompliance

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close