Layer 7: Application
The Application Layer is the closest to the end user and provides network services to applications.
Key Points
- Provides interfaces for applications to use network services
- Handles high-level protocols and data manipulation
- Manages application-specific network services
- Examples include email clients, web browsers, and file transfer applications
- Implements resource sharing and remote process access
- Provides distributed information services
RFC References
Attacks
SQL Injection: Inserting malicious SQL code into application queries to manipulate or retrieve data from the database.
Cross-Site Scripting (XSS): Injecting malicious scripts into web pages viewed by other users, potentially stealing sensitive information or performing unauthorized actions.
DDoS Attacks: Overwhelming application resources with a flood of requests, making the service unavailable to legitimate users.