CISSP-ISSMP · Question #116
CISSP-ISSMP Question #116: Real Exam Question with Answer & Explanation
The correct answer is A: Maintenance hook. Maintenance hook is a hardware or software mechanism, which is installed to permit system maintenance and to bypass the system's security protections. This vulnerability is sometimes referred to as a trapdoor. Answer option D is incorrect. Covert channel is an unintended communic
Question
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
Options
- AMaintenance hook
- BLack of parameter checking
- CTime of Check to Time of Use (TOC/TOU) attack
- DCovert channel
Explanation
Maintenance hook is a hardware or software mechanism, which is installed to permit system maintenance and to bypass the system's security protections. This vulnerability is sometimes referred to as a trapdoor. Answer option D is incorrect. Covert channel is an unintended communication lane between two or more subjects sharing a common resource, which supports the transfer of information in such a manner that violates the system's security policy. Answer option B is incorrect. Lack of parameter checking is the failure to check the size of input streams specified by parameters. Answer option C is incorrect. Time of Check to Time of Use (TOC/TOU) is an attack that exploits the difference in the time in which the security controls were applied and the time the authorized service was used.
Topics
Community Discussion
No community discussion yet for this question.