Class Details

Price: $1,750

Course Includes:

  • Class exercises in addition to training instruction
  • Courseware books, notepads, pens, highlighters and other materials
  • Full breakfast with variety of bagels, fruits, yogurt, doughnuts and juice
  • Tea, coffee, and soda available all day
  • Freshly baked cookies every afternoon - * only at participating locations

This PTS training course is available online and in-person. The three-day instructor-led course focuses on the skills, tools, and knowledge essential for evaluating vulnerabilities and risk while implementing security solutions in a VoIP work environment. Course topics include security threats such as eavesdropping, unauthorized access, denial of service, masquerading, fraud, and vulnerabilities in protocol design, network architecture, software, and system configuration.

For group training options, please call us at (240) 667-7757 or email promo@phoenixts.com. 

Course Outline

Module 1: Introduction to VoIP Security

  • The switch leaves the basement
  • What is VoIP?
  • VoIP Benefits
  • Protocols

Module 2: Asterisk Configuration and Features

  • What are we trying to accomplish?
  • What functions does a typical PBX perform?
  • PBX administration
  • Gateway interface
  • API
  • Dial Plans
  • Numbering Plans
  • Other functions
  • Voicemail and Asterisk PBX
  • How is VoIP different from Private Telephone Networks?
  • What Functionality is gained?

Module 3: The Hardware Infrastructure

  • Traitional PBX systems
  • PBX alternatives
  • VoIP Telephony and Infrastructure

Module 4: PSTN Architecture

  • PSTN: What it is and how it works
  • PSTN: Signal transmission
  • PSTN Call Flow
  • PSTN protocol security

Module 5: H.323 Architecture

  • The Primary H.323 VoIP Related Protocols
  • H235 Security Mechanisms

Module 6: SIP Architecture

  • Understanding SIP
  • SIP Functions and Features
  • Instant Messaging and SIMPLE

Module 7: Other VoIP Communication Architectures

  • Skype
  • Skype Messaging Sequence
  • H.248
  • H.248
  • IAX
  • IAX Messaging Sequence
  • MS Live Communication Server 2005

Module 8: Support Protocols

  • DNS Architecture
  • Operation
  • TFTP
  • Implications for TFTP
  • DHCP Protocol
  • Implication for DHCP
  • SDP Operation
  • Implication for SDP
  • Skinny Specification
  • Implications for Skinny

Module 9: Threats to VoIP Communication

  • Denial of Service or VoIP Service Disruption
  • Call Hijacking and Interception
  • H.323-Specific Attacks
  • SIP-Specific Attacks

Module 10: Validate Existing Security Infrasture

  • Security Policies and Procedures
  • Physical Security
  • Server Hardening

Module 11: Confirm User Identity

  • 802.1x and 802.1 li (WPA2)
  • Authentication Server
  • Public Key Infrastructure
  • Minor Authenticaion Methods

Module 12: Active Security Monitoring

  • Network Intrusion Detection Systems
  • Host-Based Intrusion Detection Systems
  • Logging
  • Penetration and Vulnerability Testing

Module 13: Logically Segregate Network Traffic

  • VLANS QoS and Traffic Shaping
  • NAT and IP Addressing
  • Firewalls
  • Access Control Lists

Module 14: IETF Encryption Solutions for VoIP

  • Suites from the IETF
  • S/MIME: Message Authentication
  • TLS: Key Exchange and Signaling Packet Security