CompTIA Security+ (SY0-501) — Question 76

A security analyst wants to harden the company's VoIP PBX. The analyst is worried that credentials may be intercepted and compromised when IP phones authenticate with the BPX. Which of the following would best prevent this from occurring?

Answer options

• A. Implement SRTP between the phones and the PBX.
• B. Place the phones and PBX in their own VLAN.
• C. Restrict the phone connections to the PBX.
• D. Require SIPS on connections to the PBX.

Correct answer: A

Explanation

Implementing SRTP (Secure Real-time Transport Protocol) encrypts the media streams between the IP phones and the PBX, which helps protect against credential interception. While placing devices in a VLAN can enhance security, it does not encrypt the authentication process. Restricting phone connections and requiring SIPS can improve security, but SRTP specifically addresses the concern of intercepted credentials during communication.