nerdexam
EC-Council

312-50V10 · Question #686

In Trojan terminology, what is a covert channel?

The correct answer is A. A channel that transfers information within a computer system or network in a way that violates. A covert channel is a communication path that transfers information in a manner that violates a system's security policy, allowing data to be exfiltrated without authorization.

Malware Threats

Question

In Trojan terminology, what is a covert channel?

Options

  • AA channel that transfers information within a computer system or network in a way that violates
  • BA legitimate communication path within a computer system or network for transfer of data
  • CIt is a kernel operation that hides boot processes and services to mask detection
  • DIt is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish

How the community answered

(44 responses)
  • A
    86% (38)
  • B
    5% (2)
  • C
    2% (1)
  • D
    7% (3)

Why each option

A covert channel is a communication path that transfers information in a manner that violates a system's security policy, allowing data to be exfiltrated without authorization.

AA channel that transfers information within a computer system or network in a way that violatesCorrect

A covert channel exploits mechanisms not originally intended for communication, such as timing variations or shared resources, to transmit data in ways that bypass security controls. Trojans commonly use covert channels to exfiltrate data or receive commands while evading detection by firewalls and intrusion detection systems. The defining characteristic is that the channel violates the security policy of the system or network it operates within.

BA legitimate communication path within a computer system or network for transfer of data

This describes an overt or legitimate communication channel, which is an authorized path explicitly permitted by security policy, the opposite of a covert channel.

CIt is a kernel operation that hides boot processes and services to mask detection

Hiding boot processes and services describes rootkit behavior, specifically kernel-level rootkits, which is a separate concept from covert channel communication.

DIt is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish

Reverse HTTP tunneling using HTTPS describes a specific tunneling technique used for firewall evasion, which may utilize a covert channel but is not the definition of a covert channel itself.

Concept tested: Definition of covert channel in Trojan communication

Source: https://csrc.nist.gov/glossary/term/covert_channel

Topics

#covert channel#Trojan#data exfiltration#information transfer

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice