Unit 5

Application Layer (Layer 7)

Topmost layer (Layer 7) of OSI model. Provides network services directly to user applications. Handles interface between user software and network. Doesn't transmit data - formats and requests lower layers.

Key Services: File transfer, email, web access, remote login, name resolution

DNS (Domain Name System)

What DNS Does

Translates human-readable domains (google.com) → machine-readable IPs (142.250.190.78)

DNS Resolution Process

Browser: Type google.com
Local cache check
Recursive resolver → ISP DNS
Root servers (13 worldwide) → TLD (.com)
TLD → Authoritative NS
Google NS returns IP → Cached (TTL)

DNS Record Types

Type	Purpose	Example
A	IPv4	google.com → 142.250.190.78
AAAA	IPv6	google.com → 2607:f8b0:...
CNAME	Alias	www → google.com
MX	Mail	google.com → gmail-smtp...
NS	Name server	google.com → ns1.google.com

Port: UDP/TCP 53 | Security: DNSSEC

FTP (File Transfer Protocol)

Modes

Mode	Client Says	Connection
Active	"You call me"	Server→Client (port 20)
Passive	"I'll call you"	Client→Server (random port)

Commands

Command	Purpose	Example
USER	Username	USER john
PASS	Password	PASS secret123
LIST	Directory	LIST
RETR	Download	RETR file.txt
STOR	Upload	STOR file.txt

Ports: Control=21, Data=20 | Security: FTPS, SFTP

WWW & HTTP

WWW Components

Browser (Chrome, Firefox)
Web Server (Apache, Nginx)
HTML/CSS/JS content
HTTP/HTTPS protocol

URL Structure

        https://www.example.com:8080/path/to/page.html?query=value#section

        Protocol | Domain | Port | Path | Params | Anchor

HTTP Methods

Method	Purpose	Idempotent	Safe
GET	Retrieve	Yes	Yes
POST	Send	No	No
PUT	Update	Yes	No
DELETE	Remove	Yes	No

Status Codes

Code	Category	Meaning
200	Success	OK
301	Redirection	Moved Permanently
404	Client Error	Not Found
500	Server Error	Internal Error

Ports: HTTP=80, HTTPS=443

TELNET

Remote terminal access over TCP 23. Gets interactive shell remotely.

TELNET vs SSH

Feature	TELNET	SSH
Encryption	None	Encrypted
Auth	Password	Keys+Password
Security	Insecure	Secure
Port	23	22

Bluetooth

Versions

Version	Speed	Range	Feature
4.0	1 Mbps	10m	Low Energy
5.0	2 Mbps	40m	Better range
5.2	2 Mbps	240m	LE Audio

Architecture: Piconet (1 master + 7 slaves), Scatternet | Frequency: 2.4 GHz

Firewalls

Types

Type	Layer	Inspection
Packet Filter	L3	IP/Port
Stateful	L3+L4	Connection tracking
Proxy	L7	Deep inspection
NGFW	All	App-aware + threats

Rules Example

        ALLOW TCP 192.168.1.0/24 → 80 (web)

        ALLOW UDP 192.168.1.0/24 → 53 (DNS)

        DENY TCP port 23 (Telnet)

        ALLOW ESTABLISHED,RELATED

Cryptography

Key Concepts

Term	Meaning
Symmetric	Same key (AES)
Asymmetric	Public/private (RSA)
Hash	One-way (SHA-256)
Signature	Authenticity proof

TLS Handshake

Client Hello (ciphers)
Server Hello + Certificate
Client verifies → Key exchange
Session keys derived
Encrypted data

Algorithms: AES-256, RSA-4096, SHA-256, Diffie-Hellman