Quiz Entry - updated: 2026.07.14
Explain the OSI model and why understanding it matters for security.
7 layers from Physical to Application; it matters because attacks and defenses live at different layers — a L3-4 firewall can't stop a L7 SQL injection.
* The seven OSI layers, each with a representative security concern — attacks and defences live at different layers. *
7 layers of network communication, each with distinct security implications:
| Layer | Name | Function | Security Example |
|---|---|---|---|
| 7 | Application | HTTP, FTP | WAF, input validation |
| 6 | Presentation | Encryption, serialization | TLS |
| 5 | Session | Connection management | Session hijacking |
| 4 | Transport | TCP/UDP, ports | Firewall rules |
| 3 | Network | IP routing | IP filtering, VPN |
| 2 | Data Link | MAC addresses, Ethernet | ARP spoofing |
| 1 | Physical | Cables, signals | Physical access control |
Why it matters: Attacks and defenses operate at different layers. A network firewall (L3-4) can't stop SQL injection because the malicious payload is valid HTTP at the transport level — you need a WAF (L7) for that.
Tip: "All People Seem To Need Data Processing" (layers 7→1) or "Please Do Not Throw Sausage Pizza Away" (1→7).
Go deeper:
Wikipedia — OSI model — the full seven-layer reference model, layer by layer with its protocols.