What security risk does a covert channel create?
A.
A process can signal information to another process.
B.
It bypasses the reference monitor functions.
C.
A user can send data to another user.
D.
Data can be disclosed by inference.
Explanation:
The risk is not that a process can signal another process. The risk is that the
signaling bypasses the reference monitor functions
(ie the communication is not screened by the security kernel that implements the reference
monitor).
Wikipedia says: “a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy.” This would make A as the correct answer.
0
0
I fully agree with Ahmed
0
0