Test Question: Cisco IP Phone Security Modes

Certification Focus: CCNA Voice, CCNP Voice, CCIE Voice

Cisco IP phones can use three different security modes of operation.  
What are they?

Cisco IP Phones will use one of the following three security modes:
  1. non-secure
  2. authenticated
  3. authenticated AND encrypted
Refer to Cisco's Security Guide for CUCM for more detail on each of these variations.  Also, take a look at the terminology below.  If there are any concepts that seem foreign, take some time to review at least the Security Overview section of this document.

Cisco Security Terminology
[From CUCM Security Guide 8.0x]

Access Control List (ACL)

List that defines rights and permissions to access system functions and resources. See Method List.


Process that verifies the identity of the communicating entity.


Process that specifies whether an authenticated user, service, or application has the necessary permissions to perform a requested action; in Cisco Unified Communications Manager, the security process that restricts certain trunk-side SIP requests to authorized users.

Authorization Header
A SIP user agent response to a challenge.


A message that contains the certificate holder name, the public key, and the digital signature of the certificate authority that is issuing the certificate.

Certificate Authority (CA)
Trusted entity that issues certificates: Cisco or a third-party entity.

Certificate Authority Proxy Function (CAPF)
Process by which supported devices can request locally significant certificates by using Cisco Unified Communications Manager Administration.

Certificate Trust List (CTL)

A file, which is created with the CTL Client and signed by the Cisco Site Administrator Security Token (security token), that contains a list of certificates for servers that the phone is to trust.


In digest authentication, a request to a SIP user agent to authenticate its identity.

Cisco Site Administrator Security Token (security token; etoken)

A portable hardware security module that contains a private key and an X.509v3 certificate that the Cisco Certificate Authority signs; used for file authentication, it signs the CTL file.

Device Authentication

Process that validates the identity of the device and ensures that the entity is what it claims to be before a connection is made.

Digest Authentication

A form of device authentication where an MD5 hash of a shared password (among other things) gets used to establish the identity of a SIP user agent.

Digest User
User name that is included in an authorization request that phones that are running SIP or SIP trunks send.

Digital Signature

Value that is generated by hashing the message and then encrypting the message with the private key of the signer; the recipient decrypts the message and the hash with the signer public key, produces another hash with the same hash function, then compares the two hashes to ensure that the messages match and the content is intact.

Digital signaling processor.

DSP Farm

A network resource for IP telephony conferencing that is provided by DSPs on a H.323 or MGCP gateway.


Process of translating data into ciphertext, which ensures the confidentiality of the information and that only the intended recipient can read the data. Requires an encryption algorithm and encryption key.

File Authentication

Process that validates digitally signed files that the phone downloads. The phone validates the signature to make sure that file tampering did not occur after the file creation.


An internet standard that defines a common set of codecs, call setup and negotiating procedures, and basic data transport methods.


A number, usually in hexadecimal, that is generated from a string of text by using a hash function, which creates a small digital "fingerprint" for the data.

Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)

An IETF-defined protocol that ensures (at a minimum) the identity of the HTTPS server; by using encryption, ensures the confidentiality of the information that is exchanged between the Tomcat server and the browser client.

Image Authentication
Process whereby a phone validates the integrity and source of a binary image prior to loading it on the phone.

Process that ensures that data tampering did not occur between entities.


Transport that provides secure H.225, H.245, and RAS signaling channels for end-to-end security.

Locally Significant Certificate (LSC)

A digital X.509v3 certificate that CAPF issues; installed on the phone or JTAPI/TAPI/CTI application.

Manufacture Installed Certificate (MIC)

A digital X.509v3 certificate that is signed by the Cisco Certificate Authority and installed in supported phones by Cisco Manufacturing; used as the authentication mechanism to CAPF when LSCs are installed in phones.

Man-in-the-Middle Attacks

Process that allows an attacker to observe and modify the information flow between Cisco Unified Communications Manager and the phone.

Multipoint Control Unit (MCU)

A flexible system to connect multiple H.323 endpoints and allow multiple users to participate in IP-based video conferences.


A hash function that is used with encryption.

Media Encryption

Process whereby the confidentiality of the media is protected with cryptographic procedures. Media encryption uses Secure Real-Time Protocol (SRTP) as defined in IETF RFC 3711.

Message/Data Tampering

Event when an attacker attempts to alter messages in transit, including ending a call prematurely.

Method List

Tool to restrict certain categories of messages that can come in on a SIP trunk during the authorization process; defines which SIP nonINVITE methods are allowed for a trunk-side application or device. Also method ACL.

Mixed Mode
Cisco Unified Communications Manager security mode that you configure to allow devices with secure/nonsecure profiles and RTP/ SRTP media to connect to Cisco Unified Communications Manager.

A unique, random number that the server generates for each digest authentication request; used to generate an MD5 hash.

Nonsecure Mode

Cisco Unified Communications Manager security mode that you configure to allow devices with nonsecure profiles and RTP media to connect to Cisco Unified Communications Manager.

Nonsecure Call

Call in which at least one device is not authenticated or encrypted.

Nonsecure Device

Device that uses UDP or TCP signaling and nonsecure media.


Public key infrastructure, which comprises the set of elements that is needed for public key encryption, including secure public key distribution, certificates, and certificate authorities.

Public / Private key

Keys that are used in encryption. Public keys are widely available, but private keys are held by their respective owners. Asymmetrical encryption combines both types.

Replay Attack

Event when an attacker captures information that identifies a phone or proxy server and replays information while pretending to be the actual device; for example, by impersonating the proxy server private key.


Real-Time Transport Protocol

System Administrator Security Token (SAST)

In CTI/JTAPI/TAPI applications, a token that is used to sign the CTL file for CTL download.

Simple Certificate Enrollment Protocol (SCEP)

A protocol that is used to communicate with a certificate authority that issues X.509 certificates.

Secure Call
Call in which all devices are authenticated, signaling is encrypted, and the media (voice stream) is encrypted.

Signaling Authentication
TLS process that validates that no tampering occurred to signaling packets during transmission.

Signaling Encryption

Process that uses cryptographic methods to protect the confidentiality of all signaling messages that are sent between the device and the Cisco Unified Communications Manager server.

SIP Realm

A string (name) that Cisco Unified Communications Manager uses to respond to a challenge.


Secure Real-Time Transport Protocol that secures voice conversation in the network and provides protection against replay attacks.

A cryptographic protocol that secures data communications such as e-mail on the Internet; equivalent to TLS, its successor.

Transport Layer Security (TLS)
A cryptographic protocol that secures data communications such as e-mail on the Internet; functionally equivalent to SSL.

Trust List

Certificate list without digital signatures.

Trust Store
A repository of X.509 certificates that an application, such as Cisco Unified Communications Manager, explicitly trusts.

An ITU-T cryptographic standard for importing PKI certificates, which includes certificate formats.

More Information
Cisco Unified Communications Manager Security Guide, Version 8.0(2) - Security Overview

1 comment:

  1. Interesting post concerning the facility of knowledge Review launches