What would BEST define a covert channel?

A.
An undocumented backdoor that has been left by a programmer in an operating system

B.
An open system port that should be closed.

C.
A communication channel that allows transfer of information in a manner that violates the system’s security
policy.

D.
A Trojan horse.

Explanation:
A covert channel is a way for an entity to receive information in an unauthorized manner. It is an information
flow that is not controlled by a security mechanism. This type of information path was not developed for
communication; thus, the system does not properly protect this path, because the developers never envisioned
information being passed in this way. Receiving information in this manner clearly violates the system’s security
policy.
The channel to transfer this unauthorized data is the result of one of the following conditions:
Improper oversight in the development of the product
Improper implementation of access controls within the software
Existence of a shared resource between the two entities which are not properly controlled
Incorrect Answers:
A: An undocumented backdoor that has been left by a programmer in an operating system could be used in a
covert channel. However, this is not the BEST definition of a covert channel.
B: An open system port that should be closed could be used in a covert channel. However, an open port is not
the definition of a covert channel.
D: A Trojan horse could be used in a covert channel. However, a Trojan horse is not the definition of a covert
channel.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 378-379