CISA Exam-Testing Concept-OSI Architecture (Domain-5)

p={color:#000;}.

Domain-5

Testing Concept-OSI Architecture

Hemang Doshi

CISA, ACA, DISA, FIII

Details about this E-Book:

The objective of this e-book is to ensure that CISA candidate get adequate knowledge on concept of ‘OSI Layers ’. Concepts have been simplified for easy reference of CISA candidates.

Questions, Answers and Explanation (QAE) on concept are designed in accordance with CISA exam pattern.

 

 

Seven layers of OSI Model:

 

 

 

Memory Technique to remember 7 layers:

 

P D| N T [|*] *S P A

 

Or

 

Please do not tell sales people anything

 

Or

 

Please do not teach stupid people anything

 

Or

 

Please do not throw sausage pizza away

 

Or

 

People desperately need to see pamela anderson

 

 

 

 

 

 

 

Physical Layer (1^st^ layer):

 

-Physical layer is concerned with electrical and physical specifications for hardware.

 

-This layer defines the cable, connector, cards and physical aspects of hardware required for physical connection of device to the network.

 

Data Link Layer (2^nd^ layer):

 

-Data link layer connects to another device on the same network using a MAC address.

 

-Bit stream (received from physical layer) is converted into data packets and sent to network layer.

 

-Data packets (received from network layer) is converted into bit stream and sent to physical layer.

 

-Frames of data link layer consist of original data and control fields for synchronization, error detection and flow control.

 

 

Network Layer (3^rd^ layer):

 

-Responsibilities of network layer is to insert information into packet header for proper addressing and routing.

 

-Network layer understands the IP addresses and is responsible for routing.

 

-Network layer provides confidentiality, authentication, and data integrity services.

 

 

Transport Layer (4^th^ layer):

 

-Transport layer is concerned with reliability of data transfer between two systems.

 

-Transport layer ensure that data reaches its destination.

 

-Transport layer also make sure that packets on the receiving system are delivered in proper sequence.

 

-Transport layer uses connection-oriented protocols.

 

-Transport layer implements a flow control mechanism that can detect congestion, reduce data

transmission rates during congestion and increase transmission rates when the network appears to

no longer be congested.

 

 

Session Layer (5^th^ layer):

 

-Session layer is used to control connections that are established between systems.

 

-It establishes, manages and terminates the connection between the application layers.

 

-It is like telephone call in which first we established the connection, then exchange a message and then finally terminate the session.

 

 

Presentation Layer (6^th^ layer):

 

-Presentation layer coverts data into presentable format that is acceptable by all.

 

-Presentation layer provides services such as encryption, text compression and re-formatting.

 

Application Layer (7^th^ layer):

 

-Application layer contains programs that communicate directly with the end user.

 

-Application Layer works closed to the user.

 

-Application layer provides interface for applicants to communicate.

 

 

Functions of Seven Layers:

 

 

Point to remember for CISA Exam:

 

(1)Data link layer works on MAC address whereas Network layer works on IP address.

 

(2)Network layer inserts IP address and routing whereas transport layer ensure proper delivery.

 

(3)When CISA question is about electric signal or hardware devices, our answer should be physical layer.

 

(4)When CISA question is about MAC address, our answer should be data link layer.

 

(5)When CISA question is about routing or IP address, our answer should be network layer.

 

(6)When CISA question is about reliable delivery or connection oriented or congestion control or order of sequence, our answer should be transport layer.

 

(7)When CISA question is about establishing connection, our answer should be session layer.

 

(8)When CISA question is about acceptable format, our answer should be presentation layer.

 

(9)When CISA question is about end user, our answer should be application layer.

 

 

Question, Answer & Explanation on OSI Layers:

Below QAE are solely on the concept of OSI layers. Candidates are advised to attempt below questions multiple times. More emphasis to be given on explanation part for better understanding.

Which of the ISO/OSI model layers provides service for how to route packets between nodes?

 

A. Application layer

B. Physical layer

C. Network layer

D. Data link layer

 

Answer: C. Network

 

Explanation:

Responsibility of network layer is to insert information into packet header for proper addressing and routing. Network layer understands the IP addresses and is responsible for routing.

 

Which OSI layer tracks the order in which packets are delivered to address the out-of-sequence message?

 

A. Physical layer

B. Transport layer

C. Application layer

D. Network layer

 

Answer: B. Transport layer

 

Explanation:

Transport layer is concerned with reliability of data transfer between systems. Transport layer ensure that data reaches its destination. Transport layer includes the protocols that are able to tract the orders in which packets are delivered. Typically each transported packet will have a serialized number that the receiving system will use to make sure that packets are delivered in order. Transport layer also make sure that packets on the receiving system are delivered in proper order.Neither the network, physical or application layers address re-sequencing.

 

Which of the following OSI layer contains programs that communicate directly with the end user?

 

A. Physical layer

B. Transport layer

C. Application layer

D. Network layer

 

Answer: C. Application layer

 

Explanation:

Application layer contains programs that communicate directly with the end user. Application layer provides interface for applicants to communicate.

 

Which of the following OSI layer controls the connection established between the systems?

 

A. Session layer

B. Transport layer

C. Application layer

D. Network layer

 

Answer: A. Session layer

 

Explanation:

The session layer in OSI module is used to control the connection established between the systems.

It establishes, manages and terminates the connection between the application layers. It is like telephone call in which first we established the connection, then exchange a message and then finally terminate the session.

 

Which of the following OSI layer is primarily concerned with reliability of data transfer between the systems?

 

A. Session layer

B. Transport layer

C. Application layer

D. Network layer

 

Answer: B. Transport layer

 

Explanation:

Transport layer is concerned with reliability of data transfer between systems. Transport layer ensure that data reaches its destination. Transport layer also make sure that packets on the receiving system are delivered in proper order.

 

 

Which of the OSI model is concerned with electrical and physical specifications for the devices?

 

A. Data link

B. Physical

C. Transport

D. Session

 

Answer: B. Physical

Explanation:

Physical layer is concerned with electrical and physical specifications for devices. It provides hardware that transmits and receives the bit. Physical layer defines the cable, connector, cards and physical aspects of hardware required for physical connection of device to the network.

 

Which of the following OSI layers handles congestion control?

 

A. Session layer

B. Transport layer

C. Application layer

D. Network layer

 

Answer: B. Transport layer

 

Explanation:

The transport layer is responsible for reliable data delivery. This layer implements a flow control

mechanism that can detect congestion, reduce data transmission rates and increase transmission

rates when the network appears to no longer be congested.

 

Which of the OSI model layers provides for routing services?

 

A. Data link

B. Network

C. Transport

D. Session

 

Answer: B. Network

Explanation:

Responsibility of network layer is to insert information into packet header for proper addressing and routing. Network layer understands the IP addresses and is responsible for routing.

 

What kind of protocols does the Transport Layer provide to ensure reliable communication?

 

A. Non-connection-oriented protocols

B. Connection-oriented protocols

C. Application-oriented protocols

D. Non-application-oriented protocols

Answer: B. Connection-oriented protocols

 

Explanation:

The transport layer of the TCP/IP protocol suite provides for connection-oriented protocols to ensure reliable communication.

 

Which of the following protocols is the FIRST to establish security for the user application?

 

A. Data link

B. Network

C. Transport

D. Session

 

Answer: D. Session

 

Explanation:

The session layer provides functions that allow two applications to communicate across the

network. The functions include security, recognition of names, logons and so on. The session

layer is the first layer where security is established for user applications.

 

Which of the following OSI layers provides confidentiality, authentication, and data integrity services?

 

A. Network layer

B. Presentation layer

C. Session layer

D. Physical layer

 

Answer: A. Network layer

 

The network layer is responsible for transmitting a message from source to destination. It provides routing (path control) services to establish connections across communications networks. Achieving this goal requires confidentiality, authentication, and data integrity services.

 

[* Other CISA Exam- Study Material *]

 

Domain 1

 

Steps of Risk Assessment

 

https://www.youtube.com/watch?v=F2j8xhPaFTg

 

https://www.Shakespir.com/books/view/622303

 

Types of Risk

 

https://www.youtube.com/watch?v=FvuvARXcjss

 

 

Compliance & Substantive Testing

https://youtu.be/3-u2mpIZzW8

 

https://www.Shakespir.com/books/view/625599

 

 

Difference between Inherent Risk & Residual Risk

 

https://www.youtube.com/watch?v=72kv6yOpXEI

 

Difference between Vulnerability & Threat

 

https://www.youtube.com/watch?v=6KxEbth2Ziw

 

Audit Charter

 

https://www.youtube.com/watch?v=rbCJ3ceDuso

 

https://www.Shakespir.com/books/view/633923

 

COBIT-5

 

https://youtu.be/WfwjpDdBqr4

 

Internal Controls

 

https://youtu.be/RuX2hLnm3vY

 

Control Self Assessment (CSA)

 

https://youtu.be/cGcMmt-03as

 

https://www.Shakespir.com/books/view/658967

 

Sampling

 

https://youtu.be/Ynif7SqvkvM

 

https://www.Shakespir.com/books/view/661847

 

 

Domain 2

 

Outsourcing Functions

 

https://youtu.be/vQsX6ZQSDXk

 

IT Strategy Committee & IT Steering Committee

 

https://youtu.be/Za9VMrSe094

 

IT Alignment with Business Objectives

 

https://www.youtube.com/watch?v=FEsP2LXSF9U

 

https://www.Shakespir.com/books/view/633047

 

IT Balanced Score Card

 

https://youtu.be/tvNAvAL9ZIg

 

https://www.Shakespir.com/books/view/639816

 

Roles of various functions of IT

 

https://youtu.be/UMDZrfp1W2Q

 

https://www.Shakespir.com/books/view/645822

 

 

 

Domain 3

 

Online Auditing Techniques

 

https://www.youtube.com/watch?v=HmGFIJlLu-4

 

https://www.Shakespir.com/books/view/637926

 

Parity-Checksum-CRC

 

https://youtu.be/Y14jVvOKqaU

 

https://www.Shakespir.com/books/view/656262

 

Check Digit

 

https://youtu.be/VH2yd3A6bMc

 

https://www.Shakespir.com/books/view/656262

 

PERT-CPM-Gantt Chart-FPA-EVA-Timebox

 

https://youtu.be/zYZYvcr_-3M

 

https://www.Shakespir.com/books/view/666753

 

Testing in SDLC

 

https://www.youtube.com/watch?v=43nFUFzTbBU

 

https://www.Shakespir.com/books/view/687052

 

 

 

Domain 4

 

Recovery Time Objective (RTO) and Recovery Point Objective (RPO)

 

https://youtu.be/2rDusGnW9qw

 

https://www.Shakespir.com/books/view/646456

 

 

Alternate Recovery Site

 

https://youtu.be/jCpcqaazkY4

 

https://www.Shakespir.com/books/view/647476

 

Domain 5

 

Digital Signature

 

https://youtu.be/_N3jisd1Vis

 

https://www.Shakespir.com/books/view/648923

 

Wireless (Wi-Fi)Security

 

https://youtu.be/csbd_V9PknI

 

https://www.Shakespir.com/books/view/651918

 

Firewall Types

 

https://youtu.be/x650kcv6Mfk

 

https://www.Shakespir.com/books/view/654726

 

Firewall Implementation

 

https://youtu.be/lltKNTdjg4Y

 

https://www.Shakespir.com/books/view/654726

 

Logical Access

 

https://www.Shakespir.com/books/view/630325

 

Classification of Information Assets

 

https://youtu.be/z7MwD8_ayCs

 

https://www.Shakespir.com/books/view/669437

 

 

Asymmetric Encryption

 

https://www.Shakespir.com/books/view/674900

 

https://youtu.be/mCM6dyQ_KmQ

 

 

Elements of Public Key Infrastructure

 

https://www.Shakespir.com/books/view/679445

 

https://youtu.be/ZqVciCzS3ng

 

Biometrics

 

https://www.Shakespir.com/books/view/685250

 

https://youtu.be/EmTOytQv4yM

 

 

IDS & IPS

 

https://youtu.be/0J49Ij_l8VU

 

https://www.Shakespir.com/books/view/692601

 

---

---