CAS-001 Question #18: Real Exam Question with Answer & Explanation

The correct answer is A: SIP and SRTP traffic analysis. SPIT (Spam over Internet Telephony) is the VoIP equivalent of email spam-it involves sending large volumes of unsolicited voice calls or messages over a VoIP network. Since VoIP sessions are initiated and managed using SIP (Session Initiation Protocol) and secured with SRTP (Secu

Question

The security administrator is worried about possible SPIT attacks against the VoIP system. Which of the following security controls would MOST likely need to be implemented to detect this type of attack?

Options

ASIP and SRTP traffic analysis
BQoS audit on Layer 3 devices
CIP and MAC filtering logs
DEmail spam filter log

Explanation

SPIT (Spam over Internet Telephony) is the VoIP equivalent of email spam-it involves sending large volumes of unsolicited voice calls or messages over a VoIP network. Since VoIP sessions are initiated and managed using SIP (Session Initiation Protocol) and secured with SRTP (Secure Real-time Transport Protocol), analyzing SIP traffic is the correct method to detect anomalous call volumes, spoofed caller IDs, and patterns indicative of SPIT. Option B (QoS audit on Layer 3 devices) monitors performance/bandwidth but does not identify SPIT content or patterns. Option C (IP and MAC filtering logs) is useful for access control but not for detecting application-layer spam patterns. Option D (email spam filter log) addresses email spam, not VoIP spam-these are entirely different protocols and attack surfaces.

Community Discussion

No community discussion yet for this question.

Full CAS-001 Practice