| 1:
 | Which of the following objectives are fundamental in the design of SAFE IP telephony networks? Designation of responsibilityQuality of serviceIntegration with existing network infrastructureAuthentication of users and devices (identity)Flexibility of the designSecure management
 | 
| 2: | What network feature should be deployed throughout the network infrastructure to ensure a successful IP telephony design? QoSACLsAuthenticationIDSIPS
 | 
| 3: | Which of the following is one of the key axioms in the SAFE IP telephony design? Security and attack mitigation based on policyVoice and data segmentationUser authenticationOptions for high availability (some designs)Secure management
 | 
| 4: | Which of the following protocols currently are used in IP telephony products? IGMPMGCPSIPCGMPCDPQ.773H.323
 | 
| 5: | Why does a firewall need to be "intelligent" when dealing with H.323 traffic? The firewall must be capable of recognizing the traffic to encrypt it properly.H.323 uses multiple static ports for signaling and media streams, and the firewall needs to know about those.H.323 traffic must be authenticated at the firewall, and, therefore, the firewall needs to be capable of recognizing that traffic.H.323 utilizes multiple dynamic ports for call sessions, and the firewall must be capable of determining those ports from the signaling channel.H.323 cannot use NAT, and, therefore, the firewall must be capable of identifying H.323 traffic appropriately.
 | 
| 6: | Which of the following is a tool that you can use to reconstruct a voice conversation? dsniffTCPdumpARPwatchVOMITMITM
 | 
| 7: | Which of the following are legitimate connections that should be allowed through the stateful firewall protecting the call-processing manager? PC web browser connecting to voice-mail serverIP phone connecting to PC clients in the data segmentCall establishment and configuration trafficBrowsing of the IP phone web servers by PC clientsConnections from IP phones in the voice segment and the voice-mail systemCommunication between the voice-mail system and the call-processing manager
 | 
| 8: | What are the two most common recommended methods of authentication for IP phones? Device authenticationNetwork authenticationProxy authenticationUser authenticationNull authentication
 | 
| 9: | Security design reliance should be based on which of the following? VLAN segmentationData sharing between voice and data VLANsAccess controlLayered security best practicesMulticast join restriction
 | 
| 10: | Which of the following are services provided by the edge router in the small IP telephony design? VLAN segmentationStateful firewallingNATQoSAll of these answers are correct
 | 
| 11: | What is the purpose of the call-processing manager in each of the SAFE IP telephony designs? The call-processing manager provides data services to IP telephony devices in the module.The call-processing manager provides voice services to IP telephony devices in the module.The call-processing manager does not provide voice-mail storage in the modules.The call-processing manager provides data storage for the IP phones.
 | 
| 12: | What two basic designs are possible in the small and medium blueprints for IP telephony? HubSpokeHeadendRemoteBranch
 | 
| 13: | What is the purpose of the Layer 3 switches in the server module? The switches in the module are not Layer 3 switches; they are Layer 2 switches.No special purpose is assigned to the Layer 3 switches in this module.The Layer 3 switches provide routing and switching services to both voice and data traffic, in addition to filtering, QoS, VLANs, and private VLANs to the servers. They also provide for traffic inspection through the use of integrated NIDS.The Layer 3 switches provide firewall services through the use of an integrated firewall service module.
 |