The VoIP Security Implementation training course provides an overview of advanced Vulnerability Assessment techniques within VoIP. At the end of this course, trainees will be able to plan and realize Vulnerability Assessment sessions, concerning VoIP and SIP/H 323.
Common VoIP attacks will be analyzed, discussed and countermeasures provided. All technical aspects of VoIP security including threats and vulnerabilities and protection mechanisms to secure signaling and media will be covered.
VoIP Security: An Introduction
- Overview of VoIP security challenges
- How VoIP relates to overall data security strategy
- How VoIP relates to traditional telecom security
- Introduction to the OSI model
- Learning VoIP security using the OSI model: An introduction
- VoIP architectural vulnerabilities
Physical Layer Security
- Cabling and devices
- Data center and server access, etc.
Data Link Layer Security
- Firewalls and NATâ€™s
- DoS Attacks
Transport Layer Security
- Digest authentication
Session Layer Security
- SIP standard and attacks
- IETF RFC VoIP standards
- Application-level security vulnerabilities
- Vendor-specific issues
Presentation Layer Security
- Rights and access levels
Application Layer Security
- Password issues with VoIP and applications
- User authentication
- Remote system access issues
Network Security Issues and VoIP
Network Policies and Security Management
Security Best Practices
- Security audit methods
- Vendor management
- Testing systems and devices: Available tools
- Network security planning teams, network administrators, IT and telecom engineers, and IT security management.
- Networking and VoIP networks basic understanding.