Cyclic redundancy check (CRC) is the only option that operates at the session, transport, or network layer of the OSI model. CRC is a technique or algorithm that calculates a checksum or a hash value for a data block or a packet, and appends it to the data or the packet. CRC can be used to detect errors or corruption in the data or the packet during transmission or storage, by comparing the checksum or the hash value at the sender and the receiver. CRC can operate at different layers of the OSI model, such as the session layer (e.g., NetBIOS), the transport layer (e.g., TCP), or the network layer (e.g., IP).
A. Data at rest encryption is not a technique or algorithm that operates at the session, transport, or network layer of the OSI model, but rather a technique or algorithm that operates at the physical layer of the OSI model. Data at rest encryption is the process of transforming or encoding data into an unreadable or unintelligible form, using a secret key or algorithm, when the data is stored on a physical device, such as a disk, a tape, or a flash drive.
B. Configuration management is not a technique or algorithm that operates at the session, transport, or network layer of the OSI model, but rather a process or function that operates at the application layer of the OSI model. Configuration management is the process of controlling and documenting the changes and updates to the software, hardware, or network components of an information system, to ensure the consistency, quality, and security of the system.
C. Integrity checking software is not a technique or algorithm that operates at the session, transport, or network layer of the OSI model, but rather a technique or algorithm that operates at the application layer of the OSI model. Integrity checking software is the software that monitors and verifies the integrity or the authenticity of the files, programs, or systems, by using cryptographic techniques, such as hashing, digital signatures, or certificates.
References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 4, page 199; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 4, page 166
