As The Organization
As the organization’s IT security professional, you have been asked by your organization’s CIO and CEO to suggest steps and techniques that would mitigate risks associated with VoIP and SIP applications at the same time, maintaining the controls provided via C-I-A model.
Provide a well-developed (remember who the intended recipients are) response outlining your recommendations. Be sure to substantiate each of your recommendations for mitigating identifiable risks.
Please be sure to provide your response via the proper thread under the discussion question link for this chapter. Please do not submit your reply via email, use only the thread provided by Canvas to submit your responses.
The book mentions some of the risks for VoIP and SIP applications being:
Eavesdropping
Call control
Denial of service (Dos) or distributed denial of service (DDoS)
Poor network performance
Server failure
Disclosure of confidential information
Recommendations to mitigate risks associated with VoIP:
Construction of a reliable and properly configured network:
Ensuring the right equipment is being used, and there is redundancy built into the network infrastructure will help increase the availability, and uptime of services.
Ensuring the network is configured to separate different data (i.e. Voice data, Computer data) through VLANs and using Quality of Service (QoS) routing for voice services will help the integrity of the data being transmitted for VoIP, and also leave the data more secure.
Controlled management of network devices, and user accounts:
Having the computers and other network devices managed by authentication through a server will keep unauthorized devices from accessing the network, and ensure the overall integrity of the network as a whole.
Proper management of user accounts will ensure the information and access to devices on the network confidential.
Set up a solid user policy:
Having a clear and well thought out user policy will keep the work environment and ultimately
Provide a well-developed (remember who the intended recipients are) response outlining your recommendations. Be sure to substantiate each of your recommendations for mitigating identifiable risks.
Please be sure to provide your response via the proper thread under the discussion question link for this chapter. Please do not submit your reply via email, use only the thread provided by Canvas to submit your responses.
The book mentions some of the risks for VoIP and SIP applications being:
Eavesdropping
Call control
Denial of service (Dos) or distributed denial of service (DDoS)
Poor network performance
Server failure
Disclosure of confidential information
Recommendations to mitigate risks associated with VoIP:
Construction of a reliable and properly configured network:
Ensuring the right equipment is being used, and there is redundancy built into the network infrastructure will help increase the availability, and uptime of services.
Ensuring the network is configured to separate different data (i.e. Voice data, Computer data) through VLANs and using Quality of Service (QoS) routing for voice services will help the integrity of the data being transmitted for VoIP, and also leave the data more secure.
Controlled management of network devices, and user accounts:
Having the computers and other network devices managed by authentication through a server will keep unauthorized devices from accessing the network, and ensure the overall integrity of the network as a whole.
Proper management of user accounts will ensure the information and access to devices on the network confidential.
Set up a solid user policy:
Having a clear and well thought out user policy will keep the work environment and ultimately