Shared Resource Matrix | Locating Technique | CISA Exam Preparation

Shared Resource Matrix

Next Question

Question

A shared resource matrix is a technique commonly used to locate:

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

D.

Analyzing resources of a system is one standard for locating covert channels because the basis of a covert channel is a shared resource.

The following properties must hold for a storage channel to exist: 1

Both sending and receiving process must have access to the same attribute of a shared object.

2

The sending process must be able to modify the attribute of the shared object.

3

The receiving process must be able to reference that attribute of the shared object.

4

A mechanism for initiating both processes and properly sequencing their respective accesses to the shared resource must exist.

Note: Similar properties for timing channel can be listed The following answers are incorrect: All other answers were not directly related to discovery of Covert Channels.

225 http://www.cs.ucsb.edu/~sherwood/cs290/papers/covert-kemmerer.pdf http://www.cs.utexas.edu/~byoung/cs361/lecture16.pdf http://www.cs.utexas.edu/~byoung/cs361/lecture16.pdf.

A shared resource matrix is a security technique that is commonly used to locate covert channels. A covert channel is a method used to transfer information from one system or process to another in a way that was not intended or authorized by the system's designers.

The shared resource matrix is a visual representation of the resources shared by different users and processes within a system. It lists all the resources that are shared and the users or processes that have access to each resource. This includes resources such as files, databases, and network connections.

By examining the shared resource matrix, security analysts can identify potential covert channels that may be used to transfer information between users or processes that should not have direct communication. Covert channels can be created by exploiting shared resources, such as manipulating file permissions or using network protocols in unintended ways.

Therefore, option D is the correct answer. A shared resource matrix is not commonly used to locate malicious code, security flaws, or trap doors, but instead, it is used to locate covert channels.