In a VoIP network, which of the following is the best protocol to protect the signaling traffic for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications?
A. Session Initiation Protocol (SIP)
B. SRTP
C. TLS/SSL
D. MGCP

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. TLS/SSL.

This question is equivalent to “In a VoIP network, which of the following is the best protocol to protect SIP.” It’s not asking about the SIP protocol itself but the protocol to protect or secure it.

The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications.

Source: Wikipedia

SIP is an application-level protocol similar to HTTP. It’s text-based and designed without much consideration for security. It’s protected by TLS/SSL.

Harold explains security issues in VoIP very nicely as follows:

There are three types of VoIP traffic, call control, gateway control, and media (audio and video). The media traffic is transferred by the RTP (Real-time Transport Protocol) protocol; SRTP is its secure version.

A media gateway connects the VoIP network to the traditional PSTN network and vice versa. A media gateway typically hosts a collection of telephony interfaces, e.g., FXO/FXS, E&M, T1/E1, etc.

Reference

• Session Initiation Protocol
• VoIP protocol architecture
• VoIP Protocols
• Call control
• Real-time Transport Protocol
• Media Gateway Control Protocol

在VoIP網絡中，下列哪一項是保護信令流量的最佳協議，以啟動，維護和終止包括語音，視頻和消息傳遞應用程序在內的實時會話？
A. Session Initiation Protocol (SIP)
B. SRTP
C. TLS/SSL
D. MGCP