Questions derived from the CompTIA SY0-101 – Security+ Self Test Software Practice Test.
Objective: Infrastructure Security
SubObjective: Understand security concerns and concepts of the following types of devices: Firewalls, Routers, Switches, Wireless, Modems, RAS, Telecom, VPN, IDS, Network Monitoring/Diagnostics, Workstations, Servers, Mobile Devices
Item Number: SY0-18.104.22.168
Single Answer, Multiple Choice
Which entity will phreakers more likely attack?
- A PBX phone system
- An Ethernet network
- A Token Ring network
- A biometric access device
A. A PBX phone system
Phreakers will more likely attack a Private Branch Exchange (PBX) phone system.
Phreakers will not attack an Ethernet network, Token Ring network, or a biometric access device.
Phreaking is the fraudulent use of telephone services. A PBX phone system is actually a private telephone switch installed at a company’s location. When a PBX system is installed, several precautions should be taken to reduce fraud:
- Change the default PBX system passwords.
- Review the PBX phone bill regularly.
- Block remote calling after business hours
Changing the default PBX system passwords will ensure that phreakers cannot break into the system using the default password given at installation time. Phreakers commonly use this method to break into systems.
Reviewing the PBX phone bill regularly will allow you to recognize fraud more quickly. The PBX phone bill will list the calls made from the system and the time of the calls. Many times, phreakers will use the PBX system after hours to make illegal phone calls.
Blocking remote calling after hours will ensure that phreakers cannot make illegal phone calls after hours. The Direct Inward System Access (DISA) feature of a PBX system allows users to dial in to the PBX system remotely and make long-distance phone calls from within the system after entering an access code.
Wikipedia.org, Phreaking, http://en.wikipedia.org/wiki/Phreaking