PBX query

TURTLEGIRLTURTLEGIRL Member Posts: 361
I'm taking my Security + exam next wednesday at Cambridge and I'm still wondering about this question as this one seems to have conflicting answers and I personally am not sure what Comptia would want me to answer.

The best of protection against the abuse of remote maintenance of PBX system is to:

keep maintenance features turned off until needed or insist on strong authentication before allowing remote maintenance.

To me they both seem the right answer.

Any ideas anyone? icon_eek.gif
If you don't know 24 then you don't know Jack!

Comments

  • /usr/usr Member Posts: 1,768 ■■■□□□□□□□
    There is one right answer.
    icon_wink.gif


    Where did you find that question?
  • D-boyD-boy Member Posts: 595 ■■□□□□□□□□
    I would say "insist on strong authentication before allowing remote maintenance. " as you would aways want it on, if you use this option you don't have to keep switching it on and off... icon_wink.gif But then again if it's off then, wouldn't that be the best defence since there would be no way to attack it remotely...

    I could be wrong i'm just guessing... icon_redface.gif
    D-boy
  • /usr/usr Member Posts: 1,768 ■■■□□□□□□□
    I know the answer, I'm just careful when people post questions on message boards. I hate to seem like I'm implying that someone cheats, but the last thing I want to do is answer a test question.


    If I remember the study material correctly, the most common answer would be "keep maintenance features turned off until needed". It can't be abused if it isn't on. Given the small amount of time that remote access is needed, it would be best to leave it off until you need it, since after dialing in they would have full access behind the firewall.
  • Ten9t6Ten9t6 Member Posts: 691
    /usr wrote:
    I know the answer, I'm just careful when people post questions on message boards. I hate to seem like I'm implying that someone cheats, but the last thing I want to do is answer a test question.


    If I remember the study material correctly, the most common answer would be "keep maintenance features turned off until needed". It can't be abused if it isn't on. Given the small amount of time that remote access is needed, it would be best to leave it off until you need it, since after dialing in they would have full access behind the firewall.

    Thats correct...this test is all about turning off services and features that are not needed at the time. It just limits what can happen to you.
    Kenny

    A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
  • TURTLEGIRLTURTLEGIRL Member Posts: 361
    After studying relentlessly for 4 months with several books including, ms security +, wiley books, dummie books, syngress, and sybex. All on ebooks, I decided to look at test king to try out there demo exam and that's where the question came from. I have studied really hard for this one as that's the area I wish to be employed in. I want to go into the security area so I'm looking into getting MCSE. Not sure what my next options are. Have also looked at CEH book by ecouncil which is pretty good too.

    ps: I'm also a girl so not sure what the I.T. industry is like. Do you think girls will have to prove themselves harder in this area?



    http://spaces.msn.com/members/hturtlegirl73/
    If you don't know 24 then you don't know Jack!
  • porengoporengo Member Posts: 343
    Good luck on your exam!
  • /usr/usr Member Posts: 1,768 ■■■□□□□□□□
    I don't think women have to prove themselves more in this field, I just think it's an area that tends to attract more men. If you know your stuff, you'll be fine.

    All on ebooks, I decided to look at xxxxxxxxxxx to try out there demo exam and that's where the question came from.

    By the way, does that "xxxxxxxxxxxx" signify a braindump site? icon_confused.gif
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    GBAGIRL2
    Like many industries the IT field can be a little difficult for women to take the first step into. However that is usually not because of any real barriers, but just the impression that it is a male dominated field. There are many females in all areas of IT and as far as I can see the only area that is a little light is upper management and that is more about the 'old boy' network of top management rather than anything else.

    BTW, as Ten9t6 - the test seems to be more about turning features off rather than how to configure.
    www.supercross.com
    FIM website of the year 2007
Sign In or Register to comment.