A security analyst wants to harden the company's VoIP PBX.
The analyst is worried that credentials may be intercepted and compromised when IP phones authenticate with the BPX.
Which of the following would best prevent this from occurring?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
To prevent credentials from being intercepted and compromised when IP phones authenticate with the VoIP PBX, the best solution is to use Secure Real-time Transport Protocol (SRTP). SRTP provides encryption for voice and multimedia communication over IP networks, including the authentication process. It is designed to ensure the confidentiality, integrity, and authenticity of data in transit.
Option A is, therefore, the correct answer.
Option B, placing the phones and PBX in their own VLAN, is a good security practice to isolate and secure devices, but it may not necessarily prevent credential interception.
Option C, restricting phone connections to the PBX, is also a good security practice, but it does not provide encryption or prevent credential interception.
Option D, requiring Secure SIP (SIPS) on connections to the PBX, is also a good security practice, but SIPS only provides encryption for signaling, not for voice or multimedia communication.
Therefore, A, Implement SRTP between the phones and the PBX, is the best solution for preventing credential interception and ensuring secure communication between the VoIP phones and the PBX.