Which of the following is used to describe a method of transferring traffic by using legitimate communication channels?
A. an open channel
B. an overt channel
C. a covert channel
D. a back door channel
Explanation:
An overt channel is a method of sending traffic by using legitimate communication channels. An overt channel is a transmission or other communication that is authorized and is performed in compliance with an company’s security policies. For example, a user may initiate a File Transfer Protocol (FTP) connection from a local host to an FTP server at a remote branch.
By contrast, a covert channel is a transmission that violates a company’s security policies. A covert channel is typically established in order to transfer information without the knowledge of a company or the computer user, often by using a process or protocol that is not designed to carry information. For example, an attacker may use the payload of an Internet Control Message Protocol (ICMP) packet to exfiltrate data from a corporate server. Data exfiltration is the process of copying an organization’s sensitive data, such as personally identifiable information (PII), and sending that data to a third party. Both IP version 6 (IPv6) and ICMP can be used for covert communication by tunneling, which is the process of wrapping malicious traffic inside network traffic that appears to be legitimate. In addition, encrypted ICMP payloads might be used to carry out command-and-control (C2) tasks on hosts that have compromised by the attacker.
A back door channel is an example of a covert channel. The term back door refers to a method of accessing data in a manner that bypasses legitimate methods. For example, an attacker might create a Trojan horse that, when installed, creates a back door that the attacker can use to access a computer without the computer user’s knowledge or permission. In programming, a trap door is a back door created by an application’s programmers that provides a secret entry point into the application.
An open channel is not a term used to describe a method of transferring traffic by using legitimate communication channels. An open channel could refer to an open connection that uses either a covert or an overt channel.