OSI Model — 7 Layers
| # | Layer | Examples | PDU |
| 7 | Application | HTTP, HTTPS, DNS, FTP, SMTP, WebSocket | Message |
| 6 | Presentation | TLS/SSL, JSON, XML, JPEG | Data |
| 5 | Session | Session tokens, TLS handshake setup | Data |
| 4 | Transport | TCP, UDP | Segment |
| 3 | Network | IP, ICMP, routers | Packet |
| 2 | Data Link | Ethernet, Wi-Fi, switches, MAC | Frame |
| 1 | Physical | Cables, fibre, radio, voltage | Bit |
Mnemonic: All People Seem To Need Data Processing (7 → 1)
TCP vs UDP
| Feature | TCP | UDP |
| Connection | Connection-oriented (3-way handshake) | Connectionless |
| Reliability | Guaranteed delivery, retransmit on loss | Best-effort, no retransmit |
| Ordering | In-order | May arrive out of order or not at all |
| Overhead | Higher (ACK, retransmit, flow control) | Minimal header (8 bytes) |
| Use cases | HTTP/S, SSH, email, file transfer | DNS, video streaming, gaming, VoIP |
TCP 3-Way Handshake
Client → Server: SYN (seq=x)
Server → Client: SYN-ACK (seq=y, ack=x+1)
Client → Server: ACK (ack=y+1)
[CONNECTION OPEN]
// Close: FIN → FIN-ACK → FIN → ACK (4-way)
HTTP Methods
| Method | Action | Idempotent | Safe |
| GET | Retrieve | Yes | Yes |
| POST | Create | No | No |
| PUT | Replace entire resource | Yes | No |
| PATCH | Partial update | Depends | No |
| DELETE | Delete | Yes | No |
HTTP Status Codes
| Range | Key codes |
| 2xx Success | 200 OK · 201 Created · 204 No Content |
| 3xx Redirect | 301 Moved Permanently · 302 Found · 304 Not Modified |
| 4xx Client Error | 400 Bad Request · 401 Unauthorized · 403 Forbidden · 404 Not Found · 409 Conflict · 422 Unprocessable · 429 Too Many Requests |
| 5xx Server Error | 500 Internal Server Error · 502 Bad Gateway · 503 Unavailable · 504 Gateway Timeout |
DNS Record Types
A → IPv4 address (example.com → 93.184.216.34)
AAAA → IPv6 address
CNAME → Alias to another hostname (www → example.com)
MX → Mail exchange server
TXT → Arbitrary text (SPF, DKIM, domain verification)
NS → Nameserver for the domain
// Resolution order:
// 1. Browser cache → 2. OS /etc/hosts → 3. Recursive resolver
// → 4. Root NS → 5. TLD NS (.com) → 6. Authoritative NS → IP
Common Ports
| Port | Protocol | Transport |
| 22 | SSH | TCP |
| 53 | DNS | UDP (TCP for zone transfers) |
| 80 | HTTP | TCP |
| 443 | HTTPS | TCP |
| 3306 | MySQL | TCP |
| 5432 | PostgreSQL | TCP |
| 6379 | Redis | TCP |
TLS Handshake (Simplified)
// TLS 1.3
Client → Server: ClientHello (cipher suites, key share)
Server → Client: ServerHello (chosen cipher, key share, certificate)
Client: Verify certificate against trusted CAs
Client → Server: Finished (encrypted with shared secret derived via ECDHE)
Server → Client: Finished
// All subsequent data encrypted with symmetric key
// Guarantees:
// Confidentiality — encrypted
// Integrity — tamper detection (HMAC / AEAD)
// Authentication — certificate proves server identity
Key Rules
- Focus on layers 4 (TCP/UDP), 3 (IP), and 7 (HTTP/DNS) — layers 5 and 6 are rarely tested separately.
- TCP = reliable + ordered + connected; UDP = fast + unreliable + connectionless.
- HTTP is stateless — every request is independent; cookies/sessions/JWTs add state on top.
- 401 = not authenticated (no/bad credentials); 403 = authenticated but not authorised.
- DNS TTL: lower TTL → faster propagation but more DNS load; typical TTL = 300–3600 seconds.