CISSP-ISSAP · Question #132
Which of the following layers of the OSI model provides non-repudiation services?
The correct answer is A. The application layer. Application layer (A) provides non-repudiation services because it operates at the level where end-user protocols like email (S/MIME), digital signatures, and authentication mechanisms actually function - these are the tools that create auditable proof of who sent or received dat
Question
Which of the following layers of the OSI model provides non-repudiation services?
Options
- AThe application layer
- BThe data-link layer
- CThe presentation layer
- DThe physical layer
How the community answered
(43 responses)- A86% (37)
- B7% (3)
- C5% (2)
- D2% (1)
Explanation
Application layer (A) provides non-repudiation services because it operates at the level where end-user protocols like email (S/MIME), digital signatures, and authentication mechanisms actually function - these are the tools that create auditable proof of who sent or received data.
B (Data-link) is wrong - it handles node-to-node delivery and MAC addressing, with no concept of user identity or accountability. C (Presentation) is wrong - it deals with data formatting, encryption/decryption syntax, and compression, not identity verification or audit trails. D (Physical) is wrong - it's purely about bits and signals over wire/radio, with no awareness of users or transactions.
Memory tip: Non-repudiation requires identity - you can only prove someone "can't deny" an action if the layer knows who they are. Only the Application layer talks to actual users and applications, so it's the only one that can bind an action to a specific identity.
Topics
Community Discussion
No community discussion yet for this question.