which was installed to permit system maintenance and to bypass the system’s security protections?

Which of the following architecturally related vulnerabilities is a hardware or software mechanism,
which was installed to permit system maintenance and to bypass the system’s security protections?

Which of the following architecturally related vulnerabilities is a hardware or software mechanism,
which was installed to permit system maintenance and to bypass the system’s security protections?

A.
Maintenance hook

B.
Lack of parameter checking

C.
Time of Check to Time of Use (TOC/TOU) attack

D.
Covert channel

Explanation:
Maintenance hook is a hardware or software mechanism, which is installed to permit system
maintenance and to bypass the system’s security protections. This vulnerability is sometimes
referred to as a trapdoor.
Answer option D is incorrect. Covert channel is an unintended communication lane between two or
more subjects sharing a common resource, which supports the transfer of information in such a
manner that violates the system’s security policy.
Answer option B is incorrect. Lack of parameter checking is the failure to check the size of input
streams specified by parameters.
Answer option C is incorrect. Time of Check to Time of Use (TOC/TOU) is an attack that exploits the
difference in the time in which the security controls were applied and the time the authorized
service was used.
CISM Review Manual 2010, Contents. “Information Security Program Management”



Leave a Reply 0

Your email address will not be published. Required fields are marked *