nerdexam
EC-Council

312-50V11 · Question #646

Which definition among those given below best describes a covert channel?

The correct answer is B. Making use of a protocol in a way it is not intended to be used.. A covert channel is defined by using a legitimate protocol or resource in an unintended way to secretly transfer information.

Evading IDS, Firewalls, and Honeypots

Question

Which definition among those given below best describes a covert channel?

Options

  • AA server program using a port that is not well known.
  • BMaking use of a protocol in a way it is not intended to be used.
  • CIt is the multiplexing taking place on a communication link.
  • DIt is one of the weak channels used by WEP which makes it insecure.

How the community answered

(19 responses)
  • B
    95% (18)
  • C
    5% (1)

Why each option

A covert channel is defined by using a legitimate protocol or resource in an unintended way to secretly transfer information.

AA server program using a port that is not well known.

A server using a non-standard or little-known port is simply unconventional port usage and does not meet the definition of a covert channel, which requires misuse of a protocol's intended function.

BMaking use of a protocol in a way it is not intended to be used.Correct

A covert channel exploits a legitimate resource, protocol, or mechanism in a manner not intended by its designers to secretly pass information and bypass security policies. Classic examples include tunneling data inside ICMP echo packets, DNS queries, or HTTP headers - all of which repurpose standard protocols for unauthorized, hidden communication.

CIt is the multiplexing taking place on a communication link.

Multiplexing is a legitimate, intentional networking technique for sharing a communication link and has no inherent relationship to covert or unauthorized information transfer.

DIt is one of the weak channels used by WEP which makes it insecure.

WEP's insecurity stems from flawed cryptographic key management and IV reuse, which is an encryption vulnerability unrelated to the concept of covert channels.

Concept tested: Definition and identification of covert channels

Source: https://csrc.nist.gov/glossary/term/covert_channel

Topics

#covert channel#protocol misuse#tunneling#IDS evasion

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice