nerdexam
(ISC)2

CISSP · Question #764

An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet to move data into and out of the

The correct answer is D. Covert channel. The organization has experienced a covert channel attack, which is a technique of hiding or transferring data within a communication channel that is not intended for that purpose. In this case, the attacker has used the payload portion of the ping packet, which is normally used t

Submitted by sofia.br· Mar 5, 2026Communication and Network Security

Question

An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet to move data into and out of the network. What type of attack has the organization experienced?

Options

  • AData leakage
  • BUnfiltered channel
  • CData emanation
  • DCovert channel

How the community answered

(62 responses)
  • A
    8% (5)
  • B
    2% (1)
  • C
    3% (2)
  • D
    87% (54)

Explanation

The organization has experienced a covert channel attack, which is a technique of hiding or transferring data within a communication channel that is not intended for that purpose. In this case, the attacker has used the payload portion of the ping packet, which is normally used to carry diagnostic data, to move data into and out of the network. This way, the attacker can bypass the network security controls and avoid detection. Data leakage (A) is a general term for the unauthorized disclosure of sensitive or confidential data, which may or may not involve a covert channel. Unfiltered channel (B) is a term for a communication channel that does not have any security mechanisms or filters applied to it, which may allow unauthorized or malicious traffic to pass through. Data emanation is a term for the unintentional radiation or emission of electromagnetic signals from electronic devices, which may reveal sensitive or confidential information to eavesdroppers.

Topics

#covert channel#ICMP tunneling#network attacks#data exfiltration

Community Discussion

No community discussion yet for this question.

Full CISSP Practice