IS management is considering a Voice-over Internet Protocol (VoIP) network to reduce telecommunication
costs and management asked the IS auditor to comment on appropriate security controls. Which of the
following security measures is MOST appropriate?
![PrepAway - Latest Free Exam Questions & Answers](https://www.briefmenow.org/img/pa5.jpg)
A.
Review and, where necessary, upgrade firewall capabilities
B.
Install modems to allow remote maintenance support access
C.
Create a physically distinct network to handle VoIP traffic
D.
Redirect all VoIP traffic to allow clear text logging of authentication credentials
Explanation:
Firewalls used as entry points to a Voice-over Internet Protocol (VoIP) network should be VoIP-capable. VoIP
network services such as H.323 introduce complexities that are likely to strain the capabilities of older firewalls.
Allowing for remote support access is an important consideration. However, a virtual private network (VPN)
would offer a more secure means of enabling this access than reliance on modems. Logically separating the
VoIP and data network is a good idea. Options such as virtual LANS (VLA.NS), traffic shaping, firewalls and
network address translation (NAT) combined with private IP addressing can be used; however, physically
separating the networks will increase both cost and administrative complexity. Transmitting or storing clear text
information, particularly sensitive information such as authentication credentials, will increase network
vulnerability. When designing a VoIP network, it is important to avoid introducing any processing that will
unnecessarily in crease latency since this will adversely impact VoIP quality.