312-50V13 Question #155: Real Exam Question with Answer & Explanation

Question

In Trojan terminology, what is a covert channel?

Options

• AA channel that transfers information within a computer system or network in a way that violates
• BA legitimate communication path within a computer system or network for transfer of data
• CIt is a kernel operation that hides boot processes and services to mask detection
• DIt is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish

Explanation

A covert channel is a method of transferring information in a way that is hidden or not intended by the system's design, often violating security policies.

Common mistakes.

• B. A legitimate communication path is an overt channel, designed for communication, which is the antithesis of a covert channel.
• C. While rootkits might utilize covert channels, 'a kernel operation that hides boot processes and services' describes a rootkit's specific functionality for evasion, not the general definition of a covert channel.
• D. Reverse tunneling using HTTPS is a specific technique for creating a communication link, which could be used to establish a covert channel, but it is not the definition of a covert channel itself.

Concept tested. Covert channels (Trojan context)

Reference. https://learn.microsoft.com/en-us/security/compass/data-exfiltration#covert-channels

No community discussion yet for this question.