PBX query

in Security+
I'm taking my Security + exam next wednesday at Cambridge and I'm still wondering about this question as this one seems to have conflicting answers and I personally am not sure what Comptia would want me to answer.
The best of protection against the abuse of remote maintenance of PBX system is to:
keep maintenance features turned off until needed or insist on strong authentication before allowing remote maintenance.
To me they both seem the right answer.
Any ideas anyone?
The best of protection against the abuse of remote maintenance of PBX system is to:
keep maintenance features turned off until needed or insist on strong authentication before allowing remote maintenance.
To me they both seem the right answer.
Any ideas anyone?

If you don't know 24 then you don't know Jack!
Comments
Where did you find that question?
I could be wrong i'm just guessing...
D-boy
If I remember the study material correctly, the most common answer would be "keep maintenance features turned off until needed". It can't be abused if it isn't on. Given the small amount of time that remote access is needed, it would be best to leave it off until you need it, since after dialing in they would have full access behind the firewall.
Thats correct...this test is all about turning off services and features that are not needed at the time. It just limits what can happen to you.
A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
ps: I'm also a girl so not sure what the I.T. industry is like. Do you think girls will have to prove themselves harder in this area?
http://spaces.msn.com/members/hturtlegirl73/
By the way, does that "xxxxxxxxxxxx" signify a braindump site?
Like many industries the IT field can be a little difficult for women to take the first step into. However that is usually not because of any real barriers, but just the impression that it is a male dominated field. There are many females in all areas of IT and as far as I can see the only area that is a little light is upper management and that is more about the 'old boy' network of top management rather than anything else.
BTW, as Ten9t6 - the test seems to be more about turning features off rather than how to configure.
FIM website of the year 2007