|
Quick Links
 
|
EC-Council Certified VoIP Professional Exam (312-76)Credit Towards
Certification
Exam Details
Test Objectives
Module 01: Introduction to VoIP
§
What is VoIP?
§
Why use IP for Voice?
§
VoIP-Convergence of Technologies
§
Basic VoIP Architecture
§
Need of a Layered Architecture
§
VoIP Layers
§
TCP/IP Overview
o
Functions of TCP/IP Layers
§
VoIP Layers Vs. TCP/IP Layers
§
Public Switched Telephone Networking(PSTN)
§
Circuit Switching Vs. Packet Switching
§
Basic VoIP Features
§
Benefits of VoIP
§
Building The ROI Model
§
Disadvantages of VoIP
§
Future of VoIP
§
Growth in VoIP Subscribers
Module 02: Analog to Digital Conversions
§
Source:
o
A to D Conversion
o
Types of ADC's
o
Sigma Delta ADC
o
Successive Approximation ADC
o
Pipelined ADC
o
Flash ADC
o
Comparison of ADC's
o
Working of ADC's
o
Voice Compression
o
Encryption
o
Headers
§
Destination
o
Sequencing
o
Decryption
o
Decompression
o
Digital to Analog Conversion
Module 03: Traditional Voice Telephony Principles
§
Analog Signaling
§
Types of Analog Signaling
o
Earth & Magnet (E&M) Signaling
o
Loop-Start
o
Ground-Start
o
Dial-Pulse Signaling
o
Dual Tone Multi-Frequency Signaling
§
Analog Systems
§
Analog Network Components
§
Cabling
§
Basic Telephone System Operation
§
Plain Old Telephone Service (POTS)
§
Direct Inward Dialing (DID)
§
Digital Subscriber Line (DSL)
§
Digital Loop Carrier (DLC)
§
Passive Optical Network (PON)
§
Dial Plans
§
Four-Wire Circuit
§
Time Division Multiplexing (TDM)
§
Call Control Signaling
§
Signaling System 7 (SS7)
o
Signaling Points
o
Signaling Links
o
SS7 Protocol Stack
Module 04: VoIP Devices and Cisco Components
§
Basic VoIP Equipments
§
VoIP Network Components
o
Analog Telephone Adaptor (ATA)
o
Media Gateway
o
Features of Media Gateway
o
Media Gateway Controller
o
Signaling Gateway
o
Call Manager
o
VoIP Switches
o
IP Phones
o
Private Branch eXchange (PBX)
o
PSTN Gateway
o
Session
Controller
o
Modems
o
VoIP Router
·
Cisco's VoIP
Components
o
Types of VoIP Ports
·
Foreign Exchange
Station (FXS)
·
Foreign Exchange
Office (FXO)
·
Earth & Magnet
(E&M) Interface
o
VNM/VIC
·
VNM Models: NM-1V
·
VNM Models: NM-2V
·
VNM Models:
NM-HDV High-Density VNM
·
VIC Models:
VIC-2E/M
·
VIC-2FXS
·
VIC-2FXO
·
VWIC-2MFT-T1
o
Two-Port ISDN BRI Card
o
Four-Port Analog DID/FXS VICs
Module 05: Configuring VoIP
§
Prerequisites for VoIP Configuration
§
Voice Port Cabling and Configuration
o
Port Numbering: 1700 Series
o
Port Numbering: Cisco 1760
o
Port Numbering: 2600 and 3600 Series
o
Port Numbering: MC3810 Series
o
Port Numbering: 7200 Series
o
Port Numbering: AS5300 Series
o
Port Numbering: AS5x00 Series
§
Configuring Voice Ports
§
Configuring FXO or FXS Voice Ports
§
Configuring E&M Ports
§
Configuring to adjust Parameters of E&M Ports
§
Configuring DID Ports
§
Connection Command
§
Configuring Delay
o
Fine-Tuning FXS/FXO Ports
o
Fine-Tuning E&M Ports
o
Fine-Tuning DID Ports
o
Configuring POTS Dial Peers
o
Configuring Dial-Peer For VoIP
o
Configuring Dial-Peer For VoFR
o
Configuring Dial-Peer For VoATM
§
Configuring Trunking
o
Supervisory Disconnect
o
Configuring a Supervisory Disconnect Voice Class
o
Configuring ISDN BRI Voice Ports
o
Configuring ISDN PRI Voice Ports
o
Configuring ISDN PRI Voice Ports with Q.931
o
Configuring QSIG
o
Configuring T-CCS
§
Configuring H.323 Gateways
§
Configuring H.323 Gatekeepers
o
H.323 ID Addresses
o
Zone Prefixes
o
Gatekeeper Zone Prefix
o
Technology Prefixes
o
IP Precedence
o
RTP Priority
o
Traffic Shaping
§
Configuring cRTP
o
Enable cRTP on a Serial Interface
o
Enable cRTP with Frame Relay Encapsulation
o
Change the Number Of Header Compression Connections
o
Displaying Statistics
o
Configuring Custom Queuing
o
Enabling Custom Queuing
·
Applying
Configuration to an Interface
·
Enabling Priority
Queuing: Priority-List Command
·
Enabling Priority
Queuing: Set Up Configuration
·
Configuring the
Queue Limits
§
Applying Priority List to an Interface
o
Verifying Priority Queuing: Show Interface Command
o
Verifying Priority Queuing: Show Queuing Priority Command
§
Enabling Weighted Fair queuing
o
Verifying
Weighted Fair Queuing: Show Interface Command
o
Verifying
Weighted Fair Queuing: Show Queuing Command
§
Configuring Class-Based Weighted Fair Queuing (CBWFQ)
o
Defining Class
Maps
o
Creating Policies
o
Attaching
Policies to Interfaces
o
Verifying CBWFQ:
Show-Policy-Map Command
o
Verifying CBWFQ:
Show-Policy-Map Interface Command
o
Configuring
Packet Classification
o
IP Precedence
o
Verifying IP
Precedence
o
Policy Routing
o
Verifying Policy
Routing
§
Configuring RSVP
o
Verifying RSVP
§
Call Admission Control (CAC)
o
Verifying Call
Admission Control
o
Configuring
Priority Queuing with WFQ
o
Verifying
Priority Queuing with WFQ
§
Configuring Traffic Shaping
o
Verifying Traffic
Shaping
§
Configuring Congestion Avoidance with WRED
o
Verifying WRED
§
Configuring Link fragmentation and Interleaving
o
Verifying Link fragmentation and Interleaving
§
Configuring a Single-Router VoIP Network
o
Reviewing the Design
o
Configuring the Router: Step by Step
o
Testing and Verification
Module 06: Implementation and Applications of VoIP
§
VoIP Implementation Types
o
Phone to Phone Connection
o
Analog Telephone Adaptor (ATA) Setup
o
Phone to Phone Connection Using Gateway
o
Phone to Phone Connection Using Router
o
Computer to Computer Connection
o
Phone to Computer and Vice-Versa
§
IP-Enabled PBX (Private Branch Exchange) Method
§
IP Centric LAN Method
§
Satellite VoIP
§
Software Support for VoIP
§
Applications of VoIP
o
What is Skype?
o
System Requirements
o
Getting Started with Skype
o
Skype is Safe
o
Features of Skype
§
Skype for Windows
§
Skype for Mac OSX
§
Skype for LINUX
§
Skype for Business
§
Skype Web Toolbar
§
Skype Email Toolbar
§
Skype Office Toolbar
§
Skype for Mobile
Module 07: Quality of Service (QoS) of VoIP
§
Introduction to QoS
§
Quality of Experience (QoE) Vs. QoS
§
QoE for VoIP
§
Why is QoS needed in IP Transmission?
§
Why is QoS needed for VoIP Networks?
§
Factors Affecting Quality of Voice in VoIP
§
QoS Monitoring
o
Passive Monitoring
o
Active Monitoring
§
QoS Protocols
o
RTP
o
RTCP
o
RSVP
§
Multiprotocol Label Switching (MPLS)
§
Integrated Services (IntServ)
§
Differentiated Services (DiffServ)
§
IntServ Vs. DiffServ
Module 08: H.323 Standards
§
VoIP Standards
§
What is the need for VoIP Protocols?
§
Introduction to H.323
o
Network
Components of H.323
o
Components of
H.323
o
H.323 Protocols
Suite
o
H.323 Protocol
Stack
o
Control and
Signaling in H.323
o
H.323 Advantages
o
Network Address
Translation (NAT)
o
H.323 and NAT
§
H.225
o
H.225/Q.931 Call
Signaling
o
Q.931 Call
Signaling Messages
o
H.225/Q.931
Signaling
o
H.225
Registration, Admission, Status (RAS)
o
H.225/Q.931 RAS
o
Key RAS Messages
o
H.225 Protocol
Structure
o
H.225 Security
Considerations
o
H.235: Security
and Encryption for H.323
o
H.245 Call
Control Messages
o
H.245 Call
Control
o
H.245 Security
Mechanism
§
H.261 (Video Stream for Transport Using the Real-Time Transport)
§
H.263 (Bitstream in the Real-Time Transport Protocol)
§
DVB (Digital Video Broadcasting)
§
H.450.1
§
H.450.2
§
H.450.3
§
H.450.4
§
H.450.5
§
H.450.6
§
H.450.7
§
H.450.8
§
T.38
§
T.120
§
T.121
§
T.122
§
T.124
§
T.125
§
T.126
§
T.127
Module 09: SIP and Supporting Protocols
§
Session Initiation Protocol (SIP)
o
Components of SIP
o
SIP Messages
o
Headers for SIP Entities
o
SIP Functions
o
SIP: Supported Protocols
o
Understanding SIP's Architecture
o
Registering with a SIP Registrar
o
Requests through Proxy Servers
o
Requests through Redirect Servers
o
Peer to Peer
Architecture
o
Instant Messaging
and SIMPLE
o
SIP security
o
H.323 Vs. SIP
§
Session Description Protocol (SDP)
o
SDP Specifications
o
Security Issues
§
Real-Time Transport Protocol (RTP)
§
Real-Time Transport Control Protocol (RTCP)
§
Real-Time Transport Streaming Protocol (RTSP)
§
Simple Gateway Control Protocol (SGCP)
§
Session Announcement Protocol (SAP)
§
Skinny Client Control Protocol (SCCP)
§
Security Implications for Skinny
§
Dynamic Host Configuration Protocol (DHCP)
§
Trivial File Transfer Protocol (TFTP)
§
Hyper Text Transfer Protocol (HTTP)
§
Skype Protocol
§
Inter-Asterisk Exchange (IAX)
§
Simple Network Management Protocol (SNMP)
Module 10: Megaco Protocol
§
Media Gateway Control Protocol (MGCP)
§
History of Megaco (H.248)
§
Media Gateway Reference Architecture
§
MGCP Connections
§
Per-Call Requirements
§
Megaco Vs. MGCP
§
Megaco Protocol Design
§
Megaco Commands
§
Megaco Messaging
Sequence
§
Megaco Packages
§
Megaco IP Phone
Media Gateway
§
Role of Call
Processing Language
§
Call Processing
Language Characteristics
§
Protocol Security
Module 11: Resource Reservation Protocol
§
Resource Reservation Protocol (RSVP)
§
RSVP Setup
§
RSVP Message Structure
§
RSVP Message
§
RSVP Message Types
§
RSVP Object Fields
§
RSVP Object Classes
§
RSVP Operation
§
RSVP Data Payload
§
RSVP Quality of Service
§
RSVP Session Start-up
§
RSVP Reservation Style
§
RSVP Tunneling
§
RSVP Traffic Control Module
§
Security Implications
Module 12: Wireless VoIP
§
Voice Over WLAN (VoWLAN)
o
VoWLAN Call Routing
o
Characteristics of VoWLAN
o
Limitations of VoWLAN
§
Wireless VoIP
o
Wireless VoIP Deployment
o
Advantages of Wireless VoIP
o
Limitations of Wireless VoIP
o
Standards and Protocols
§
Unlicensed Mobile Access (UMA)
§
Wireless VoIP Gateway: AH1038
§
Wireless VoIP Gateway: D-Link DVG-G1402S
§
Wireless VoIP Gateway: Motorola HH1620 DSL
§
Wireless IP Phone
§
Wireless VoIP Phone: EZLoop
§
Wireless VoIP Phone: P-2000W_V2
§
Wireless VoIP
Phone: Shenzhen WP10W-S
§
Challenges to
Build Successful Wireless VoIP Product
§
Attacks on
Wireless VoIP
Module 13: Encryption Techniques for VoIP
§
Encryption
o
Why VoIP needs Encryption?
o
VoIP Encryption
o
How to Encrypt VoIP?
o
Pros & Cons of VoIP Encryption
o
Voice and Data Encryption Device (V/DED)
o
Speech Encryption
o
Media Encryption
o
Wireless Encryption
§
IPSec and Role of IPSec in VoIP
o
Transport Mode
o
Tunnel Mode
§
Solutions to VoIPSec Issues
o
IETF Encryption Solutions for VoIP
o
Suites from the IETF
o
S/MIME: Message Authentication
o
Transport Layer Security (TLS)
o
TLS: Key Exchange and Signaling Packet Security
o
Secure Real-Time Transport Protocol (SRTP)
o
SRTP: Voice/ Video Packet Security
Module 14: Troubleshooting VoIP Network
§
Issues of Network Slow Down
§
Troubleshooting Packet Loss
§
Troubleshooting Jitter
§
Troubleshooting Packetization Delay
§
Troubleshooting Bandwidth Problems
§
Troubleshooting Echo
§
Troubleshooting Voice Quality on Voice Ports
§
Troubleshooting Two-stage Dialing Failures
§
Troubleshooting Socket Failures
§
Troubleshooting Speech Recognition
§
Troubleshooting Cabling
§
Troubleshooting Private Branch Exchange (PBX) Problems
§
Troubleshooting Central Office (CO) Problems
§
Troubleshooting Trunk Signaling
§
Troubleshooting Gateways and Gatekeepers
§
Troubleshooting Dial Peers
§
Troubleshooting Serial Interfaces
§
Troubleshooting Frame Relay
§
Troubleshooting FXS and FXO Voice Ports
§
Troubleshooting E&M Voice Ports
§
Troubleshooting Dial Plans
§
Basic VoIP Issues and Solutions
§
Troubleshooting RSVP
§
Troubleshooting MGCP
§
Troubleshooting RTP
§
Troubleshooting RTSP
Module 15: VoIP Testing and Tools
§
Test Strategy
§
VoIP Network Component Testing
o
Gateway Testing
o
Gatekeeper Testing
o
IVR Testing
o
Billing and Prepaid Testing
o
NMS Testing
o
VoIP Test Suite
§
MediaPro: VoIP and Video Analyzer
§
323Sim: H.323 Simulator
§
Vulnerability Assessment
§
Penetration and Vulnerability Testing
§
VoIP Security Tools
§
VoIP Sniffing Tools
o
Auth Tool
o
VoIPong
o
Vomit
o
PSIPDump
o
Netdude
o
Oreka
o
Wireshark
o
Web Interface for SIP Trace (WIST)
o
RTP Break
§
VoIP Scanning and Enumeration Tools
o
SNScan
o
Netcat
o
Smap
o
SIPScan
o
SIPcrack
o
VoIPaudit
o
iWAR
o
SiVUS
o
SCTPscan
§
VoIP Packet Creation and Flooding Tools
o
Sipsak
o
SIPp
o
SIPNess Messenger
o
SIP Bomber
o
Spitter
o
Sip Send Fun
o
Scapy
§
VoIP Fuzzing Tools
o
Ohrwurm
o
Fuzzy Packet
o
SIP Forum Test Framework (SFTF)
o
Asteroid
o
SIP-Proxy
§
VoIP Signaling
Manipulation Tools
o
RTP Tools
o
Tcpdump
o
Windump
o
Ethereal (Wireshark)
o
Softperfect
Network Sniffer
o
Http Sniffer
o
Ether Detect
Packet Sniffer
o
Iris Network
Traffic Analyzer
o
SmartSniff
o
NetResident Tool
§
VoIP Troubleshooting Tools
o
P.862
o
P.563
o
RTCP-RFC3550
o
RTCP XR-RFC3611
o
Packet Statistics
o
Test Tools
o
Traceroute
o
VQmon
§
Other VoIP Tools
Module 16:
Threats to VoIP Communication Network
§
VoIP is Prone to Numerous Threats
§
VoIP Vulnerabilities
o
Denial of Service (DOS)
o
DoS Attack Scenarios
o
Eavesdropping
o
Packet Spoofing and Masquerading
o
Replay Attack
o
Call Redirection and Hijacking
o
ARP Spoofing
·
ARP Spoofing
Attack Scenarios
o
Service Interception
o
H.323-Specific Attacks
o
SIP Security
Vulnerabilities
Module 17: VoIP Security
§
Why VoIP Security?
§
Constituents of VoIP Security
§
VoIP Myths and Realities
§
Securing VoIP with DoS Attacks
§
Securing against Replay Attack
§
Securing ARP Caches against ARP Manipulation
§
Securing H.235 Protocol
§
Transport Layer Security (TLS)
§
Skype Protocol Security
§
IAX Protocol
Security
§
Security
Implications for TFTP
§
Security
Implications for HTTP
§
Security
Implications for DHCP
§
Security Policies
and Processes
§
Physical Security
o
Human Safeguard
Recommendations
o
Environmental
Safeguard Recommendations
§
Network Intrusion
Detection Systems
§
Host-Based
Intrusion Detection Systems
§
Guidelines for
Securing VoIP Network
§
Best-Practice
Approaches for Minimizing common VoIP Network Risks
Module 18: Logical Segregation of Network Traffic
§
Logical Separation of Data
§
Converged Network
§
Virtual LANs (VLANs)
o
VLAN Security
o
VLANs and Softphones
§
QoS and Traffic Shaping
§
NAT and IP Addressing
o
How does NAT Work?
o
NAT: Modes of Operation
o
NAT and Encryption
§
Authentication Header (AH)
o
AH: Transport and Tunnel Modes
§
Encapsulation Security Payload (ESP)
o
ESP Header: Transport Mode and Tunnel Mode
§
Firewalls
o
Deep packet Inspection (DPI)
o
Shallow packet
Inspection
o
Stateful
Inspection
o
Medium-Depth
Packet Inspection
§
VoIP-Aware Firewalls Issues
o
H.323 Firewalls
Issues
o
SIP Firewalls
Issues
o
Bypassing
Firewalls and NAT
o
Methods for
Enabling SIP
§
Access Control
Lists
Module 19: Hardware and Software VoIP Vendors
§
Alcatel
§
Global Crossing
§
Avaya
§
Whaleback
§
Nortel
§
Norstar VoIP Gateway
§
Polycom
§
Packet8
§
Vonexus
§
Infotel
§
Net 4 India
§
Dialexia
§
NGT
§
Qwest
§
Pingtel
§
Cisco
§
3Com
§
Vocalocity
§
Motorola
§
Nokia
Module 20: Regulatory Compliance of VoIP
§
Regulatory Compliance
o
Sarbanes-Oxley Act (SOX)
·
Management
Assessment of Internal Controls
·
SOX Compliance
and Enforcement
o
Gramm-Leach-Bliley Act (GLBA)
·
Privacy Rule
-Protection of Nonpublic Personal Information
·
Risk Management
Guidelines for VoIP Systems
·
Development and
Implementation of Information Security
o
Health Insurance Portability and Accountability Act (HIPAA)
·
Security
Standards for the Protection of PHI
·
Safeguards
Standard for the Protection of PHI
·
Types of
Safeguards
¾
Administrative
safeguards
¾
Physical
safeguards
¾
Technical
safeguards
o
Communication Assistance for Law Enforcement ACT (CALEA)
·
Assistance
Capability Requirements
·
Cooperation of
Equipment Manufacturers and Providers of Telecommunications
Support Services
·
Technical
Requirements and Standards
·
Steps to Resolve
CALEA
o
Enhanced 911 and Related Regulations
·
E911 Regulatory
Basics
o
European Union (EU) Regulatory Framework
·
EU Regulatory
Basics
Module 21:
VoIP Hacking
§
Types of VoIP Hacking
§
Stages of VoIP Hacking:
o
Foot printing
o
Scanning
o
Enumeration
§
Footprinting
o
Information Sources
o
Unearthing Information
o
Organizational Structure and
Corporate Locations
o
Help Desk
o
Job Listings
o
Phone Numbers and Extensions
o
VoIP Vendors
o
Resumes
o
WHOIS and DNS Analysis
o
Steps to Perform Footprinting
§
Scanning
o
Objectives of Scanning
o
Host/Device Discovery
o
ICMP Ping Sweeps
o
ARP Pings
o
TCP Ping Scans
o
SNMP Sweeps
o
Port Scanning and Service
Discovery
o
TCP SYN Scan
o
UDP Scan
o
Host/Device Identification
§
What is Enumeration?
o
Steps to Perform Enumeration
o
Banner Grabbing with Netcat
o
SIP User/Extension
Enumeration
·
REGISTER Username Enumeration
·
INVITE Username Enumeration
·
OPTIONS Username Enumeration
·
Automated OPTIONS Scanning
with sipsak
·
Automated REGISTER, INVITE
and OPTIONS Scanning with SIPSCAN against SIP server
·
Automated OPTIONS Scanning
Using SIPSCAN against SIP Phones
o
Enumerating TFTP Servers
o
SNMP Enumeration
o
Enumerating VxWorks VoIP
Devices
§
Steps to Exploit the Network
o
DoS & DDoS Attacks
o
Flooding Attacks
o
DNS Cache Poisoning
o
Sniffing TFTP Configuration
File Transfers
o
Performing Number Harvesting
and Call Pattern Tracking
o
Call Eavesdropping
o
Interception through VoIP
Signaling Manipulation
o
Man-In-The-Middle (MITM)
Attack
o
Application-Level
Interception Techniques
·
How to Insert Rogue
Application?
·
SIP Rogue Application
·
Listening to/Recording Calls
·
Replacing/Mixing Audio
·
Dropping Calls with a Rogue
SIP Proxy
·
Randomly Redirect Calls with
a Rogue SIP Proxy
·
Additional Attacks with a
Rogue SIP Proxy
o
What is Fuzzing?
·
Why Fuzzing?
·
Commercial VoIP Fuzzing tools
o
Signaling and Media
Manipulation
·
Registration Removal with
erase_registrations Tool
·
Registration Addition with
add_registrations Tool
o
VoIP Phishing
§
Covering Tracks
|
|
.gif){kind=small}