Free Access ISACA.CISA.v2022-08-28.q129 Practice Test (Page 5)

Question 16

Which of the following protocol does NOT work at the Application layer of the TCP/IP Models?

A.HTTP

B.FTP

C.NTP

D.TCP

Correct Answer: D

Section: Information System Operations, Maintenance and Support
Explanation:
The NOT keyword is used in the question. You need to find out a protocol which does not work at application layer. TCP protocol works at transport layer of a TCP/IP models.
For your exam you should know below information about TCP/IP model:
Network Models

Layer 4. Application Layer
Application layer is the top most layer of four layer TCP/IP model. Application layer is present on the top of the Transport layer. Application layer defines TCP/IP application protocols and how host programs interface with Transport layer services to use the network.
Application layer includes all the higher-level protocols like DNS (Domain Naming System), HTTP (Hypertext Transfer Protocol), Telnet, SSH, FTP (File Transfer Protocol), TFTP (Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transfer Protocol) , DHCP (Dynamic Host Configuration Protocol), X Windows, RDP (Remote Desktop Protocol) etc.
Layer 3. Transport Layer
Transport Layer is the third layer of the four layer TCP/IP model. The position of the Transport layer is between Application layer and Internet layer. The purpose of Transport layer is to permit devices on the source and destination hosts to carry on a conversation. Transport layer defines the level of service and status of the connection used when transporting data.
The main protocols included at Transport layer are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
Layer 2. Internet Layer
Internet Layer is the second layer of the four layer TCP/IP model. The position of Internet layer is between Network Access Layer and Transport layer. Internet layer pack data into data packets known as IP datagram's, which contain source and destination address (logical address or IP address) information that is used to forward the datagram's between hosts and across networks. The Internet layer is also responsible for routing of IP datagram's.
Packet switching network depends upon a connectionless internetwork layer. This layer is known as Internet layer. Its job is to allow hosts to insert packets into any network and have them to deliver independently to the destination. At the destination side data packets may appear in a different order than they were sent. It is the job of the higher layers to rearrange them in order to deliver them to proper network applications operating at the Application layer.
The main protocols included at Internet layer are IP (Internet Protocol), ICMP (Internet Control Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse Address Resolution Protocol) and IGMP (Internet Group Management Protocol).
Layer 1. Network Access Layer
Network Access Layer is the first layer of the four layer TCP/IP model. Network Access Layer defines details of how data is physically sent through the network, including how bits are electrically or optically signaled by hardware devices that interface directly with a network medium, such as coaxial cable, optical fiber, or twisted pair copper wire.
The protocols included in Network Access Layer are Ethernet, Token Ring, FDDI, X.25, Frame Relay etc.
The most popular LAN architecture among those listed above is Ethernet. Ethernet uses an Access Method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection) to access the media, when Ethernet operates in a shared media. An Access Method determines how a host will place data on the medium.
IN CSMA/CD Access Method, every host has equal access to the medium and can place data on the wire when the wire is free from network traffic. When a host wants to place data on the wire, it will check the wire to find whether another host is already using the medium. If there is traffic already in the medium, the host will wait and if there is no traffic, it will place the data in the medium. But, if two systems place data on the medium at the same instance, they will collide with each other, destroying the data. If the data is destroyed during transmission, the data will need to be retransmitted. After collision, each host will wait for a small interval of time and again the data will be retransmitted.
Protocol Data Unit (PDU):

The following answers are incorrect:
HTTP, FTP and NTP protocols works at application layer in TCP/IP model.
Reference:
CISA review manual 2014 page number 272

Question 17

When reviewing an organization's information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:

A.an information security framework.

B.industry best practices.

C.a risk management process.

D.past information security incidents.

Question 18

.Which of the following processes are performed during the design phase of the systemsdevelopment life cycle (SDLC) model?

A.Develop test plans.

B.Baseline procedures to prevent scope creep.

C.Define the need that requires resolution, and map to the major requirements of the solution.

D.Program and test the new system. The tests verify and validate what has been developed.

Question 19

An organization has outsourced the development of a core application. However, the organization plans to bring the support and future maintenance of the application back in-house. Which of the following findings should be the IS auditor's GREATEST concern?

A.A training plan for business users has not been developed.

B.The cost of outsourcing is lower than in-house development.

C.The vendor development team is located overseas.

D.The data model is not dearly documented.

Question 20

What is the PRIMARY purpose of audit trails?

A.To document auditing efforts

B.To correct data integrity errors

C.To establish accountability and responsibility for processed transactions

D.To prevent unauthorized access to data

Premium Bundle

Newest CISA Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing CISA Exam! BraindumpsPass.com now offer the updated CISA exam dumps, the BraindumpsPass.com CISA exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com CISA pdf dumps with Exam Engine here:

Access CISA Premium Version

(1435 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 4516ISACA.CISA.v2025-05-24.q773; 1564ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3714ISACA.CISA.v2023-03-29.q119; 2375ISACA.CISA.v2023-02-09.q181; 1484ISACA.CISA.v2023-02-06.q107; 4195ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5590ISACA.CISA.v2021-11-11.q194; 8785ISACA.CISA.v2021-10-08.q198; 9762ISACA.CISA.v2021-09-28.q199; 12216ISACA.CISA.v2021-09-11.q201

Latest Upload: 107Oracle.1Z0-1057-23.v2025-09-10.q47; 146Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 155TheSecOpsGroup.CNSP.v2025-09-08.q20; 204CFAInstitute.ESG-Investing.v2025-09-08.q173; 152PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 140Salesforce.Data-Architect.v2025-09-05.q216; 136Adobe.AD0-E605.v2025-09-05.q50; 176Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104