What is surreptitious transfer of information from a higher classification compartment to a lower classification
compartment without going through the formal communication channels?

A.
Object Reuse

B.
Covert Channel

C.
Security domain

D.
Data Transfer

Explanation:
A covert channel is a way for an entity to receive information in an unauthorized manner. It is an informationflow that is not controlled by a security mechanism.
Incorrect Answers:
A: Object reuse does not refer to transfer of security classification of different levels. Object Reuse is related to
data remanence.
Data remanence is the residual physical representation of information that was saved and then erased in some
fashion. This remanence may be enough to enable the data to be reconstructed and restored to a readable
form. This can pose a security threat to a company that thinks it has properly erased confidential data from its
media. If the media is reassigned (object reuse), then an unauthorized individual could gain access to your
sensitive data.
C: A security domain is the determining factor in the classification of an enclave of servers/computers and is not
related to security classification of data
D: A Data transfers is just the transfer of information through a transmission media. At this level of abstraction
security is not addressed.

Conrad, Eric, Seth Misenar and Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012,
p. 378
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 253-254