| 🏠 Back to Exam Syllabus | 📺 RooCloud on YouTube | 🌐 RooCloud Practice Exams |
IT Components (Part 1 of 3)
This episode opens Domain 4 of the ISACA Certified Information Systems Auditor (CISA) exam prep series by introducing the building blocks of technology operations, from the physical infrastructure and data centers that house equipment through to the networking model that governs how data moves between systems. Understanding these foundations is essential for auditors who need to spot weak points in network design and trace service levels back to business objectives.
What this episode covers
- Technology operations scope — installing, configuring, monitoring, and supporting systems to lift productivity and protect data integrity.
- Seven core building blocks — infrastructure, network, applications, system monitoring, backup and recovery, virtualization and cloud, and documentation.
- OSI seven-layer model — the role each layer plays from physical signals up through application interfaces, and how encapsulation works.
- LAN physical media — copper twisted-pair, fiber-optic, and wireless radio, with their interference and security trade-offs.
- LAN topology — the historical bus, ring, and star layouts, and why only star is used in new construction today.
- LAN connecting devices — repeaters, bridges, switches, and routers, and when to prefer each.
- LAN risks and controls — the main threats and the layered access and encryption controls that address them.
Watch the full episode above for the worked examples and detailed explanations of each concept.
Frequently Asked Questions
What are the core building blocks of technology operations?
The core building blocks are infrastructure covering hardware, networking gear, and data centers with climate control and backup power; the network that connects everything and moves data; applications and software; system monitoring that watches health and catches issues early; backup and disaster recovery; virtualization and cloud for flexibility; and documentation and knowledge management so the team can share what it knows.
How does the seven-layer reference model describe network communication?
The model splits communication into seven layers each with one job: the physical layer carries signals, data link moves data across one physical link, network handles addressing and routing, transport delivers data reliably, session manages the conversation, presentation formats data including encryption, and application gives programs a doorway to the network. Each layer talks to its counterpart on the remote system as if connected directly, and each layer wraps data in a header on the way down and strips it on the way up.
What are the main local area network risks and how are they controlled?
Key LAN risks include unauthorized changes that damage data integrity, remote connections that expose the network to outsiders, viruses and worms spreading across segments, user impersonation, traffic sniffing, and address spoofing. Controls include declaring file and program ownership, limiting access to only what each person needs, enforcing strong sign-on rules, using switches to block unknown devices, encrypting local traffic, and locking idle desktops.
What is the role of a router compared with a switch in a local network?
A switch connects devices within the same network segment using hardware addresses and provides dedicated high-speed ports for efficient traffic handling. A router connects separate networks and makes forwarding decisions using network-layer addresses, making it smarter but slower because it examines every packet. Routers can become bottlenecks in busy environments, so they should be placed carefully and switches used wherever possible within segments.
📚 Master the ISACA CISA Exam!
Ready to test your knowledge? Access chapter-specific Multiple Choice Questions (MCQs) and full-length practice exams for the ISACA CISA certification at RooCloud.com. Solve the chapter-wise questions to reinforce this lesson before moving to the next episode.
Reference: This article is based on concepts discussed in IT Components (Part 1 of 3).