CISSP · Question #1412
An organization recently upgraded to a Voice over Internet Protocol (VoIP) phone system. Management is concerned with unauthorized phone usage. Security consultant is responsible for putting together
The correct answer is A. Use phone locking software to enforce usage and PIN policies.. The best solution to secure the VoIP phones and prevent unauthorized phone usage is to use phone locking software to enforce usage and PIN policies. Phone locking software can restrict the access to the phone features and functions based on the user's PIN, role, or location. Phon
Question
An organization recently upgraded to a Voice over Internet Protocol (VoIP) phone system. Management is concerned with unauthorized phone usage. Security consultant is responsible for putting together a plan to secure these phones. Administrators have assigned unique personal identification number codes for each person in the organization. What is the BEST solution?
Options
- AUse phone locking software to enforce usage and PIN policies.
- BInform the user to change the PIN regularly. Implement call detail records (CDR) reports to track
- CHave the administrator enforce a policy to change the PIN regularly. Implement call detail records
- DHave the administrator change the PIN regularly. Implement call detail records (CDR) reports to
How the community answered
(23 responses)- A74% (17)
- B4% (1)
- C17% (4)
- D4% (1)
Explanation
The best solution to secure the VoIP phones and prevent unauthorized phone usage is to use phone locking software to enforce usage and PIN policies. Phone locking software can restrict the access to the phone features and functions based on the user's PIN, role, or location. Phone locking software can also enforce policies such as PIN expiration, PIN complexity, PIN history, and PIN lockout. Phone locking software can also generate logs and reports of the phone usage and activity. This way, the phone locking software can enhance the security, accountability, and compliance of the VoIP phone system . The other solutions are not as effective, because they rely on the user or the administrator to change the PIN regularly, which may not be feasible, consistent, or secure. Implementing call detail records (CDR) reports to track usage is a good practice, but it does not prevent unauthorized phone usage in the first place.
Topics
Community Discussion
No community discussion yet for this question.