Following the recent disclosure of security holes in Cisco-branded VoIP phones, how can companies go about testing the security of VoIP phones, and specifically the Cisco-branded phones that were affected by this disclosure?