Which of the following are the two commonly defined types of covert channels?
A.
Storage and Timing
B.
Software and Timing
C.
Storage and Kernel
D.
Kernel and Timing
Explanation:
A covert channel is a way for an entity to receive information in an unauthorized manner. It is an information
flow that is not controlled by a security mechanism.
Covert channels are of two types: storage and timing.
A covert storage channel involves direct or indirect reading of a storage location by another process. A covert
timing channel depends upon being able to influence the rate that some other process is able to acquire
resources, such as the CPU.
A covert storage channel is a “covert channel that involves the direct or indirect writing of a storage location by
one process and the direct or indirect reading of the storage location by another process. Covert storage
channels typically involve a finite resource (e.g. sectors on a disk) that is shared by two subjects at different
security levels.
A covert timing channel is a “covert channel in which one process signals information to another by modulating
its own use of system resources (e.g. CPU time) in such a way that this manipulation affects the real response
time observed by the second process
Incorrect Answers:
B: Software and Timing are not defined types of covert channels.
C: Kernel is not a defined type of covert channel.
D: Kernel is not a defined type of covert channel.http://www.isg.rhul.ac.uk/~prai175/ISGStudentSem07/CovertChannels.ppt
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 378-379