A shared resource matrix is a technique commonly used to locate:
A covert channel is a way for an entity to receive information in an unauthorized manner. It is an information
flow that is not controlled by a security mechanism.
The channel to transfer this unauthorized data is the result of one of the following conditions:
Improper oversight in the development of the product
Improper implementation of access controls within the software
Existence of a shared resource between the two entities which are not properly controlled
By using a shared resource matrix a covert channel can be located.
A: A shared resource matrix is not used to locate malicious code. Malicious code, such as viruses or Trojan
horses, is used to infect a computer to make it available for takeover and remote control.
B: A shared resource matrix is not used to locate the security flaw of covert channels, but not to locate security
flaws in general.
C: You do not use a shared resource matrix to locate a trapdoor. A backdoor (or trapdoor) in a computer
system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized
remote access to a computer, or obtaining access to plaintext while attempting to remain undetected. The
backdoor may take the form of a hidden part of a program; a separate program (e.g., Back Orifice) may subvertthe system through a rootkit.
Conrad, Eric, Seth Misenar and Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012,