Which of the following is an unintended communication path that is NOT protected by the system’s normal security mechanisms?

Which of the following is an unintended communication path that is NOT protected by the system’s normal security mechanisms?
A .  A trusted path
B .  A protection domain
C .  A covert channel
D .  A maintenance hook

View Answer

Answer: C

Explanation: A covert channel is an unintended communication path within a system, therefore it is not protected by the system’s normal security mechanisms. Covert channels are a secret way to convey information.

Covert channels are addressed from TCSEC level B2.

The following are incorrect answers:

A trusted path is the protected channel that allows a user to access the Trusted Computing Base (TCB) without being compromised by other processes or users.

A protection domain consists of the execution and memory space assigned to each process.

A maintenance hook is a hardware or software mechanism that was installed to permit system maintenance and to bypass the system’s security protections.

Reference used for this question: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 6: Operations Security (page 219).