CISSP PRACTICE QUESTIONS – 20210307

Effective CISSP Questions

Your company implemented a couple of private branch exchanges (PBXs) connected through ISDN trunks for voice communication. As a system architect, you are designing a SIP-based system that incorporates VoIP and web conferencing and provides end-to-end encryption. To prevent cooperating entities from exfiltrating data, which of the following intra system flaws should be verified and mitigated?
A. D channel
B. Side channel
C. Covert channel
D. Out-of-band overt channel

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Covert channel.

Covert Channel

  • A covert channel is “an unintended or unauthorized intra-system channel that enables two cooperating entities to transfer information in a way that violates the system’s security policy but does not exceed the entities’ access authorizations.” (CNSSI 4009-2015)
  • A covert channel is “an unintended or unauthorized intra-system channel that enables two cooperating entities to transfer information in a way that violates the system’s security policy but does not exceed the entities’ access authorizations.” (RFC 4949, V2)

Side Channel

“Side-channel attacks work by monitoring the emissions produced by electronic circuits when the victim’s computer is being used. In addition to exploiting information about power consumption and electromagnetic fields, an attacker may actually listen to the sounds a central processing unit (CPU) produces and use that information to reverse engineer what the computer is doing. This type of side-channel attack is called an acoustic cryptanalysis attack.” (TechTarget)

Out-of-band Overt Channel

Out-of-band is a neutral term that refers to a separate channel independent of the other channel and used for different purposes, e.g., control, signaling, key exchange, etc. The D-channel of ISDN is used for telephony signaling, while the B-channel is for data transmission. SIP is for VoIP signaling, while RTP transmits voice datagrams. IPsec establishes an independent channel for key exchange, while another channel for the secure transmission of data.

D-Channel as Out-of-band Channel
D-Channel as Out-of-band Channel (Source: Blueworx Product Information Center)

D-channel is a legitimate ISDN channel for signaling; it’s not an illegal or unauthorized channel used for exfiltrating data. Overt channel refers to “communications path within a computer system or network designed for the authorized transfer of data.” (CNSSI 4009-2015)

ISDN Channels
ISDN Channels (Source: https://netcert.tripod.com/ccna/wan/isdn.html)

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

貴公司建置了幾個透過ISDN中繼線路(trunk)連接的電話交換機系統(PBX),以進行語音通信。 作為系統架構師,您正在設計一個基於SIP的系統,以結合VoIP和網絡會議及提供端到端(end-to-end)的加密。 為了防止合作實體(cooperating entities)洩露數據,應驗證並緩解以下哪項系統缺陷(flaws)?
A. D channel
B. Side channel
C. Covert channel
D. Out-of-band overt channel

Leave a Reply