What would BEST define a covert channel?

A. An undocumented backdoor that has been left by a programmer in an operating system

B. An open system port that should be closed.

C. A communication channel that allows transfer of information in a manner that violates the system's security policy.

D. A trojan horse.








 

Suggested Answer: The Answer:  A communication channel that allows transfer of information in a manner that violates the system's security policy.

Community Answer: C

A covert channel is a way for an entity to receive information in an unauthorized manner. It is an information flow that is not controlled by a security mechanism.
This type of information path was not developed for communication; thus, the system does not properly protect this path, because the developers never envisioned information being passed in this way.
Receiving information in this manner clearly violates the systems security policy. The channel to transfer this unauthorized data is the result of one of the following conditions: Oversight in the development of the product
Improper implementation of access controls
Existence of a shared resource between the two entities
Installation of a Trojan horse
The following answers are incorrect:
An undocumented backdoor that has been left by a programmer in an operating system is incorrect because it is not a means by which unauthorized transfer of information takes place.   Such backdoor is usually referred to as a Maintenance Hook.
An open system port that should be closed is incorrect as it does not define a covert channel.
A trojan horse is incorrect because it is a program that looks like a useful program but when you install it it would include a bonus such as a Worm, Backdoor, or some other malware without the installer knowing about it.
Reference(s) used for this question:
Shon Harris AIO v3 , Chapter-5 : Security Models & Architecture
AIOv4 Security Architecture and Design (pages 343 - 344)
AIOv5 Security Architecture and Design (pages 345 - 346)

This question is in SSCP Systems Security Certified Practitioner Exam
For getting Systems Security Certified Practitioner (SSCP) Certificate






Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISC. 
Trademarks, certification & product names are used for reference only and belong to ISC.
The website does not contain actual questions and answers from ISC's Certification Exams.