Systems Security Certified Practitioner (SSCP) — Question 1

What would BEST define a covert channel?

Answer options

• A. An undocumented backdoor that has been left by a programmer in an operating system
• B. An open system port that should be closed.
• C. A communication channel that allows transfer of information in a manner that violates the system's security policy.
• D. A trojan horse.

Correct answer: C

Explanation

The correct answer, C, accurately describes a covert channel as it facilitates communication that breaches the established security protocols of a system. Options A and D refer to specific types of malware or vulnerabilities, which do not pertain to the concept of covert channels. Option B mentions a system port issue, which is unrelated to the definition of a covert channel.