Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which of following responses correspond to an example of covert channel attack ?
TOCTOU - Time of Check to Time of Use is a covert channel attack that is based on the time gap that may occur between check and effective usage of the result of that check.
TOCTOU - This term is a form of timing attack and the term refers to the noise produced by an analog wrist watch.
TOCTOU - This term does not refer to a covert channel attack. Covert channel attacks only refer to conveying messages through communication ports in violation of policy.
TOCTOU - Time of Change to Time of Usage is a covert channel attack that uses change management flaws.
The original question is wrong and I have removed the explanation because of this. According to a number of CISSP study guides, e.g., The Total CISSP Exam Prep: Practice Questions and Answers By Thomas R. Peltier, Patrick D. Howard, Bob Cartwright, covert channels are distinct from TOCTOU attacks. A covert channel "uses an undetected communication channel that permits two processes to communicate in violation of security policy" while a TOCTOU attack "exploits a flaw whereby controls that carefully validate parameters validated by system controls are changed before the parameters are used" (p. 54 available on Google Books).
Likewise a Google book, Eleventh Hour CISSP: Study Guide, by By Eric Conrad, Seth Misenar, Joshua Feldman, lists covert channels and TOCTOU as separate types of attacks (pg. 105).
If you're wondering why CISSP questions are in the CEH test it's because CISSP covers CEH material.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.