As per RFC, The DoD TCP/IP protocol model defines four layers, with the
layers having names, not numbers, as follows:
Application (process-to-process) Layer:
This is the scope within which applications create user data and communicate this data to
other processes or applications on another or the same host. The communications partners
are often called peers. This is where the "higher level" protocols such as SMTP, FTP, SSH,
HTTP, etc. operate.
Transport (host-to-host) Layer:
The Transport Layer constitutes the networking regime between two network hosts, either
on the local network or on remote networks separated by routers. The Transport Layer
provides a uniform networking interface that hides the actual topology (layout) of the
underlying network connections. This is where flow-control, error-correction, and
connection protocols exist, such as TCP. This layer deals with opening and maintaining
connections between internet hosts.
Internet (internetworking) Layer:
The Internet Layer has the task of exchanging datagrams across network boundaries. It is
therefore also referred to as the layer that establishes internetworking; indeed, it defines
and establishes the Internet. This layer defines the addressing and routing structures used
for the TCP/IP protocol suite. The primary protocol in this scope is the Internet Protocol,
which defines IP addresses. Its function in routing is to transport datagrams to the next IP
router that has the connectivity to a network closer to the final data destination.
Link (network access) Layer: This layer defines the networking methods with the scope of the local network link on which hosts communicate without intervening routers. This layer describes the protocols used to describe the local network topology and the interfaces needed to affect transmission of Internet Layer datagrams to next-neighbor hosts.
The DoD tcp/ip model DoD model Osi Model

Graphic above from: http://bit.kuas.edu.tw/
REALITY VERSUS THE STANDARD In real life today, this is getting very confusing. Many books and references will not use exactly the same names as the initial RFC that was published. For example, the Link layer is often times called Network Access. The same applies with Transport which is often times called Host-to-Host and vice versa.
The following answer is incorrect: The session layer is defined within the OSI/ISO model but not within the DOD model. Being incorrect it made it the best answer according to the question. It does not belong to the DoD TCP/IP Model.
Reference(s) Used for this question:
http://www.freesoft.org/CIE/RFC/1122/ http://bit.kuas.edu.tw/~csshieh/teach/np/tcpip/

Section: Cryptography
Explanation/Reference:
All of these statements pertaining to SSL are true except that it is primary use is to authenticate the client to the server using public key cryptography and digital certificates. It is the opposite, Its primary use is to authenticate the server to the client.
The following reference(s) were used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 170).

Section: Cryptography
Explanation/Reference:
A stream cipher is a type of symmetric encryption algorithm that operates on continuous streams of plain text and is appropriate for hardware-based encryption.
Stream ciphers can be designed to be exceptionally fast, much faster than any block cipher. A stream cipher generates what is called a keystream (a sequence of bits used as a key).
Stream ciphers can be viewed as approximating the action of a proven unbreakable cipher, the one-time pad (OTP), sometimes known as the Vernam cipher. A one-time pad uses a keystream of completely random digits. The keystream is combined with the plaintext digits one at a time to form the ciphertext. This system was proved to be secure by Claude Shannon in 1949. However, the keystream must be (at least) the same length as the plaintext, and generated completely at random. This makes the system very cumbersome to implement in practice, and as a result the one-time pad has not been widely used, except for the most critical applications.
A stream cipher makes use of a much smaller and more convenient key - 128 bits, for example. Based on this key, it generates a pseudorandom keystream which can be combined with the plaintext digits in a similar fashion to the one-time pad. However, this comes at a cost: because the keystream is now pseudorandom, and not truly random, the proof of security associated with the one-time pad no longer holds: it is quite possible for a stream cipher to be completely insecure if it is not implemented properly as we have seen with the Wired Equivalent Privacy (WEP) protocol.
Encryption is accomplished by combining the keystream with the plaintext, usually with the bitwise XOR operation.
Source: DUPUIS, Clement, CISSP Open Study Guide on domain 5, cryptography, April 1999.
More details can be obtained on Stream Ciphers in RSA Security's FAQ on Stream Ciphers.

Section: Risk, Response and Recovery
Explanation/Reference:
Enticement deals with someone that is breaking the law. Entrapment encourages someone to commit a crime that the individual may or many have had no intention of committing. Enticement is not necessarily illegal but does raise ethical arguments and may not be admissible in court. Enticement lures someone toward some evidence (a honeypot would be a great example) after that individual has already committed a crime.
Entrapment is when you persuade someone to commit a crime when the person otherwise had no intention to commit a crime. Entrapment is committed by a law enforcement player where you get tricked into committing a crime for which you woud later on get arrested without knowing you rare committing such a scrime. It is illegal and unethical as well.
All other choices were not applicable and only detractors.
References:
TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
and
CISSP Study Guide (Conrad, Misenar, Feldman). Elsevier. 2010. p. 428
and
http://www.dummies.com/how-to/content/security-certification-computer-forensics-and-inci.html

Section: Network and Telecommunications
Explanation/Reference:
Asynchronous Communication transfers data by sending bits of data in irregular timing patterns.
In asynchronous transmission each character is transmitted separately, that is one character at a time. The character is preceded by a start bit, which tells the receiving end where the character coding begins, and is followed by a stop bit, which tells the receiver where the character coding ends. There will be intervals of ideal time on the channel shown as gaps. Thus there can be gaps between two adjacent characters in the asynchronous communication scheme. In this scheme, the bits within the character frame (including start, parity and stop bits) are sent at the baud rate.
The START BIT and STOP BIT including gaps allow the receiving and sending computers to synchronise the data transmission. Asynchronous communication is used when slow speed peripherals communicate with the computer. The main disadvantage of asynchronous communication is slow speed transmission. Asynchronous communication however, does not require the complex and costly hardware equipments as is required for synchronous transmission.
Asynchronous communication is transmission of data without the use of an external clock signal. Any timing required to recover data from the communication symbols is encoded within the symbols. The most significant aspect of asynchronous communications is variable bit rate, or that the transmitter and receiver clock generators do not have to be exactly synchronized.
The asynchronous communication technique is a physical layer transmission technique which is most widely used for personal computers providing connectivity to printers, modems, fax machines, etc.
An asynchronous link communicates data as a series of characters of fixed size and format. Each character is preceded by a start bit and followed by 1-2 stop bits.
Parity is often added to provide some limited protection against errors occurring on the link.
The use of independent transmit and receive clocks constrains transmission to relatively short characters (<8 bits) and moderate data rates (< 64 kbps, but typically lower).
The asynchronous transmitter delimits each character by a start sequence and a stop sequence. The start bit (0), data (usually 8 bits plus parity) and stop bit(s) (1) are transmitted using a shift register clocked at the nominal data rate.
When asynchronous transmission is used to support packet data links (e.g. IP), then special characters have to be used ("framing") to indicate the start and end of each frame transmitted.
One character (none as an escape character) is reserved to mark any occurrence of the special characters within the frame. In this way the receiver is able to identify which characters are part of the frame and which are part of the "framing".
Packet communication over asynchronous links is used by some users to get access to a network using a modem.
Most Wide Area Networks use synchronous links and a more sophisticated link protocol Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 100.
and
http://en.wikipedia.org/wiki/Asynchronous_communication
and
http://www.erg.abdn.ac.uk/users/gorry/course/phy-pages/async.html
and
http://www.ligaturesoft.com/data_communications/async-data-transmission.html