EC-Council
312-50V10 · Question #586
312-50V10 Question #586: Real Exam Question with Answer & Explanation
The correct answer is A: transfers information over, within a computer system, or network that is outside of the security. A covert channel is defined as a communication path that transfers information in a way that violates or circumvents the system's established security policy.
Question
A covert channel is a channel that
Options
- Atransfers information over, within a computer system, or network that is outside of the security
- Btransfers information over, within a computer system, or network that is within the security policy.
- Ctransfers information via a communication path within a computer system, or network for transfer
- Dtransfers information over, within a computer system, or network that is encrypted.
Explanation
A covert channel is defined as a communication path that transfers information in a way that violates or circumvents the system's established security policy.
Common mistakes.
- B. A channel that operates within the security policy is a legitimate, authorized communication path, which is the opposite of a covert channel.
- C. This option describes a generic communication path and omits the critical defining characteristic that the channel violates or is outside the security policy.
- D. Encryption alone does not define a covert channel; an encrypted channel can be fully authorized and within policy, while a covert channel may not use encryption at all.
Concept tested. Covert channel definition and security policy violation
Reference. https://csrc.nist.gov/glossary/term/covert_channel
Community Discussion
No community discussion yet for this question.