As the organization’s IT security professional, you have been asked by your organization’s CIO and CEO to suggest steps and techniq ues that would mitigate risks associated with VoIP and SIP applications at the same time, maintaining the controls provided via C-I-A model. Provide a well-developed (remember who the intended recipients are) response outlining your recommendations. Be sure to substantiate each of your recommendations for mitigating identifiable risks. Please be sure to provide your response via the proper thread under the discussion question link for this chapter.Please do not submit your reply via email, use only the thread provided by Canvas to submit your responses. The book mentions some of the risks for VoIP and SIP applications being: Eavesdropping Call control Denial of service (Dos) or distributed denial of service (DDoS) Poor network performance Server failure Disclosure of confidential information Recommendations to mitigate risks associated with VoIP: Construction of a reliable and properly configured network: Ensuring the right equipment is being used, and there is redundancy built nto the network infrastructure will help increase the availability, and uptime of services.
Ensuring the network is configured to separate different data (i. e. Voice data, Computer data) through VLANs and using Quality of Service (QOS) routing for voice services will help the integrity of the data being transmitted for VoIP, and also leave the data more secure. Controlled management of network devices, and user accounts: Having the computers and other network devices managed by authentication through a server will keep unauthorized devices from accessing the network, and ensure the overall ntegrity of the network as a whole.
- Thesis Statement
- Structure and Outline
- Voice and Grammar
Proper management of user accounts will ensure the information and access to devices on the network confidential. Set up a solid user policy: Having a clear and well thought out user policy will keep the work environment and ultimately the network secured. Password restrictions and change durations (confidentiality) Ensuring users secure their area, or are aware of their surroundings when discussing sensitive information (confidentiality/integrity)