CISSP PRACTICE QUESTIONS – 20211124

Effective CISSP Questions

A covert channel is an unintended or unauthorized intra-system channel that enables two cooperating entities to transfer information in a way that violates the system’s security policy but does not exceed the entities’ access authorizations. Which of the following is the most critical element to formulate a covert storage channel? (Wentz QOTD)
A. Signaling channel
B. Foothold
C. Slack space
D. Master boot record

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Slack space.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Slack Space
Slack Space (Source: http://darkfaqs.chat.ru/cleanup.htm)

There are two types of covert channels: covert storage channels and covert timing channels. According to IETF RFC 4949 Ver 2, a covert storage channel is a system feature that enables one system entity to signal information to another entity by directly or indirectly writing a storage location that is later directly or indirectly read by the second entity, while a covert timing channel is a system feature that enables one system entity to signal information to another by modulating its own use of a system resource in such a way as to affect system response time observed by the second entity.

Slack space is a typical means used to formulate a covert storage channel.

Reference


隱蔽通道(covert channel)是一種非預期的或未經授權的系統內通道,它使兩個合作實體能夠以違反系統安全策略但不超過實體訪問授權的方式傳輸信息。 以下哪項是製定隱蔽存儲通道的最關鍵要素? (Wentz QOTD)
A. 信令通道
B. 立足點 (foothold)
C. 鬆弛空間 (slack space)
D. 主引導記錄 (MBR)



Leave a Reply