nerdexam
EC-Council

312-50V9 · Question #548

Which definition among those given below best describes a covert channel?

The correct answer is B. Making use of a protocol in a way it is not intended to be used.. A covert channel is best defined as using a protocol or system resource in a way it was not originally intended, creating a hidden communication path that bypasses security controls.

Evading IDS, Firewalls, and Honeypots

Question

Which definition among those given below best describes a covert channel?

Options

  • AA server program using a port that is not well known.
  • BMaking use of a protocol in a way it is not intended to be used.
  • CIt is the multiplexing taking place on a communication link.
  • DIt is one of the weak channels used by WEP which makes it insecure.

How the community answered

(21 responses)
  • B
    95% (20)
  • D
    5% (1)

Why each option

A covert channel is best defined as using a protocol or system resource in a way it was not originally intended, creating a hidden communication path that bypasses security controls.

AA server program using a port that is not well known.

A server listening on a non-standard or non-well-known port is simply using an uncommon port assignment and does not misuse or repurpose any protocol in an unintended way.

BMaking use of a protocol in a way it is not intended to be used.Correct

A covert channel exploits a legitimate protocol or resource outside its intended purpose to secretly transmit information - for example, encoding data in IP header fields, DNS query names, or ICMP payloads that are not normally used for data transfer. This definition captures the essential characteristic: repurposing an existing, trusted mechanism to establish a hidden communication path that evades detection by security controls designed around normal usage patterns.

CIt is the multiplexing taking place on a communication link.

Multiplexing is a standard, intended networking technique for sharing a communication link among multiple channels and is unrelated to hidden or unauthorized communication.

DIt is one of the weak channels used by WEP which makes it insecure.

WEP weaknesses refer to cryptographic vulnerabilities in the 802.11b encryption protocol and describe broken security - not a mechanism for creating a hidden communication channel.

Concept tested: Covert channel definition and protocol misuse

Source: https://csrc.nist.gov/glossary/term/covert_channel

Topics

#covert channel#protocol misuse#traffic tunneling#evasion techniques

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice