|
Originally Posted by Telephone Security Audit Proposal The telephone security audit should answer the following questions:
• Does the PBX system allow transfer of calls outside the PBX system (i.e., to long-distance numbers)?
• What is the review policy for long-distance call charges?
• Does the PBX system have dial-up or Internet-based maintenance capabilities? How are those secured?
• Does the PBX system restrict the use of 700, 900, and 976 numbers?
• Does the PBX system restrict the use of Area Codes: 242, 246, 264, 268, 284, 340, 343 345, 441, 473, 649, 664, 758, 767,784, 809, 868, 869, and 876? (These Area Codes conform to the North American Numbering Plan and give the "appearance" of a continental U.S. call; however, the countries include Grenada, Montserrat Islands, Dominican Republic, and Trinidad & Tobago. The caller is not required to dial 011 before entering one of these Area Codes; therefore; these codes are the highest destination toll fraud routes.)
• Does the PBX block 1010 codes and Operator Assisted calls?
• Does the PBX allow internal telephones to be forwarded to the number 9?
• What is the minimum required length of a voicemail password?
• What is the maximum expiration time for a voicemail password?
• How many attempts are allowed to guess a voicemail password before disconnection? |
Linear Mode
