AP CSP Big Idea 4 TCP/IP and DNS
AP CSP TCP/IP, HTTP, HTTPS & DNS: Complete Guide (2025‑2026)
Protocols are agreed-upon rules that allow different computers and networks to communicate reliably. AP CSP Big Idea 4 tests four key protocols: IP (addressing and routing), TCP (reliable delivery), DNS (translating names to addresses), and HTTP/HTTPS (web communication). Each solves a different problem; together they make the web work seamlessly.
Contents
The Four Key Protocols
Every web page load uses all four protocols. DNS happens first (name lookup), then IP routing, then TCP connection, then HTTP/HTTPS content transfer.
- Assigns every device a unique IP address
- Breaks data into packets
- Routes each packet across networks
- Best-effort delivery (no guarantee)
- IPv4: 32-bit addresses (e.g. 192.168.1.1)
- Establishes connection before sending
- Numbers every packet for ordering
- Requests retransmission of lost packets
- Confirms delivery with acknowledgments
- Guarantees data arrives complete and in order
A student asks: ‘If IP already handles routing packets, why do we need TCP? Can’t IP just deliver everything reliably?’
Explain why IP alone is insufficient and what TCP adds.
IP is ‘best effort’ — it routes packets but makes no guarantees. Packets can be lost if a router is overloaded, arrive out of order if they took different paths, or be duplicated. TCP adds reliability on top of IP: it numbers every packet, the receiver sends acknowledgments, and the sender retransmits anything not acknowledged. Together: IP handles where to send each packet; TCP handles whether it arrived correctly. Separating these concerns lets each protocol be optimized independently.
How DNS Works
- Type 142.250.80.46 to visit Google
- Memorize hundreds of IP addresses
- Update your address book when servers move
- No human-readable names for websites
- Impossible to scale to billions of sites
- Type google.com — DNS handles the rest
- DNS server looks up the IP address
- Returns 142.250.80.46 to your browser
- Your browser connects to that IP
- DNS updates automatically when servers change
A user types apcsexamprep.com into a browser. Their computer has never visited this site before and does not know the IP address.
Describe the DNS lookup process that occurs before any web content is fetched.
DNS lookup steps: (1) Browser checks local DNS cache — not found. (2) Browser asks the local DNS resolver (usually provided by ISP). (3) If resolver doesn’t know, it asks a root DNS server, which directs it to the .com nameserver. (4) The .com nameserver directs to the apcsexamprep.com nameserver. (5) That nameserver returns the IP address. (6) The IP address is returned to the browser, which then establishes a TCP connection to that IP. This entire process typically takes milliseconds.
HTTP vs. HTTPS
- Request: GET /page.html HTTP/1.1
- Response: HTML content sent back
- Traffic visible to anyone on the network
- ISP can read all content
- No certificate verification — could be anyone
- Same HTTP but wrapped in TLS encryption
- All traffic encrypted end-to-end
- Certificate verifies the domain identity
- ISP can see destination but not content
- Padlock icon in browser address bar
A student logs into a school website over public WiFi. The site uses HTTP (not HTTPS). Another person on the same WiFi network uses a packet-sniffing tool.
What can the packet-sniffer see? What would HTTPS prevent?
With HTTP, the packet-sniffer can read everything: the login form submission including username and password, all page content, all data sent to and from the server. With HTTPS, the packet-sniffer can see only the destination domain (e.g., school.edu) but cannot read any content — it is all encrypted. HTTPS prevents eavesdropping on the content of communication, even on shared networks. This is why all modern sites that handle any sensitive data must use HTTPS.
Common Exam Pitfalls
IP assigns addresses and routes packets (best-effort). TCP adds reliability (acknowledgments, retransmission, ordering). They solve different problems.
HTTPS means the connection is encrypted and the domain is verified. The organization behind the domain could still be malicious. Phishing sites use HTTPS. The padlock means encrypted transit, not trustworthy content.
DNS also handles email routing (MX records), subdomain configuration, load balancing across multiple servers, and security records. For AP CSP, focus on the primary function: translating human-readable names to IP addresses.
TCP/IP is a protocol suite — TCP and IP are separate protocols that work together. They can also operate independently: UDP (User Datagram Protocol) uses IP without TCP’s reliability overhead, used for video streaming and gaming where speed matters more than perfect delivery.
Check for Understanding
1. Which protocol is responsible for translating google.com into an IP address?
- TCP — it establishes connections to named servers.
- HTTP — it handles web requests by name.
- DNS — it maintains a directory of domain names and their IP addresses.
- IP — it routes packets to named destinations.
2. Which statement best describes the difference between IP and TCP?
- IP handles reliable delivery; TCP handles routing.
- IP routes packets across networks (best-effort); TCP ensures reliable, ordered delivery.
- IP is used for web traffic; TCP is used for email.
- IP works only on wired networks; TCP works on both wired and wireless.
3. Consider these statements:
I. HTTPS encrypts data transmitted between browser and server.
II. A site using HTTPS is guaranteed to be run by a trustworthy organization.
III. HTTP sends data in plaintext that can be read by anyone on the same network.
Which are correct?
- I only
- I and III only
- II and III only
- I, II, and III
4. A user submits a login form on a site using HTTP over public WiFi. What can someone on the same WiFi network potentially see?
- Only that the user is visiting the site — form data is always encrypted.
- The username and password entered in the form, because HTTP does not encrypt the data.
- Nothing — form submissions use a separate encrypted channel.
- Only the IP address of the server, not any content.
5. Why does loading a single web page typically involve both TCP and UDP?
- TCP is used for secure pages (HTTPS); UDP is used for unsecure pages (HTTP).
- The web page HTML uses TCP for reliable delivery; embedded videos may use UDP for lower latency.
- TCP routes packets; UDP translates domain names.
- Only TCP is used — UDP is not used in web browsing.
6. Which sequence correctly describes what happens when you type a URL and press enter?
- TCP connection → DNS lookup → IP routing → HTTP request
- DNS lookup → TCP connection → HTTP request → IP routing
- DNS lookup → IP routing + TCP connection → HTTP request → response received
- HTTP request → DNS lookup → TCP connection → IP routing
Frequently Asked Questions
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
Prefer email? Reach me directly at [email protected]