AP CSP Big Idea 4 TCP/IP and DNS

AP CSP Topics › TCP/IP, HTTP & DNS

AP CSP TCP/IP, HTTP, HTTPS & DNS: Complete Guide (2025‑2026)

Protocols are agreed-upon rules that allow different computers and networks to communicate reliably. AP CSP Big Idea 4 tests four key protocols: IP (addressing and routing), TCP (reliable delivery), DNS (translating names to addresses), and HTTP/HTTPS (web communication). Each solves a different problem; together they make the web work seamlessly.

4Protocols working together every time you load a web page: DNS, IP, TCP, HTTP
1.5BWebsites registered globally — DNS maps every one to an IP address
443Port number for HTTPS — the S stands for Secure (encrypted via TLS)

The Four Key Protocols

DNS Lookup + HTTP Request Flow 1. You type google.com in browser 2. DNS Lookup google.com → 142.250.80.46 3. TCP Connect 3-way handshake to server IP 4. HTTP Request GET /index.html sent to server 5. Response HTML, CSS, JS sent back Protocols involved in loading one webpage: DNS — name to IP TCP — reliable delivery IP — addressing & routing HTTP/HTTPS — web content All four protocols work together every time you load a page

Every web page load uses all four protocols. DNS happens first (name lookup), then IP routing, then TCP connection, then HTTP/HTTPS content transfer.

IP (Internet Protocol)
Addressing and routing
  • Assigns every device a unique IP address
  • Breaks data into packets
  • Routes each packet across networks
  • Best-effort delivery (no guarantee)
  • IPv4: 32-bit addresses (e.g. 192.168.1.1)
TCP (Transmission Control Protocol)
Reliable delivery on top of IP
  • Establishes connection before sending
  • Numbers every packet for ordering
  • Requests retransmission of lost packets
  • Confirms delivery with acknowledgments
  • Guarantees data arrives complete and in order
Scenario — Why Both TCP and IP?

A student asks: ‘If IP already handles routing packets, why do we need TCP? Can’t IP just deliver everything reliably?’

Explain why IP alone is insufficient and what TCP adds.

Answer

IP is ‘best effort’ — it routes packets but makes no guarantees. Packets can be lost if a router is overloaded, arrive out of order if they took different paths, or be duplicated. TCP adds reliability on top of IP: it numbers every packet, the receiver sends acknowledgments, and the sender retransmits anything not acknowledged. Together: IP handles where to send each packet; TCP handles whether it arrived correctly. Separating these concerns lets each protocol be optimized independently.

How DNS Works

Without DNS
What you’d need to know
  • Type 142.250.80.46 to visit Google
  • Memorize hundreds of IP addresses
  • Update your address book when servers move
  • No human-readable names for websites
  • Impossible to scale to billions of sites
With DNS
Human-readable names mapped to IPs
  • Type google.com — DNS handles the rest
  • DNS server looks up the IP address
  • Returns 142.250.80.46 to your browser
  • Your browser connects to that IP
  • DNS updates automatically when servers change
Scenario — DNS as the Internet’s Phone Book

A user types apcsexamprep.com into a browser. Their computer has never visited this site before and does not know the IP address.

Describe the DNS lookup process that occurs before any web content is fetched.

Answer

DNS lookup steps: (1) Browser checks local DNS cache — not found. (2) Browser asks the local DNS resolver (usually provided by ISP). (3) If resolver doesn’t know, it asks a root DNS server, which directs it to the .com nameserver. (4) The .com nameserver directs to the apcsexamprep.com nameserver. (5) That nameserver returns the IP address. (6) The IP address is returned to the browser, which then establishes a TCP connection to that IP. This entire process typically takes milliseconds.

HTTP vs. HTTPS

HTTP (Hypertext Transfer Protocol)
Unencrypted web communication
  • Request: GET /page.html HTTP/1.1
  • Response: HTML content sent back
  • Traffic visible to anyone on the network
  • ISP can read all content
  • No certificate verification — could be anyone
HTTPS (HTTP Secure)
Encrypted web communication
  • Same HTTP but wrapped in TLS encryption
  • All traffic encrypted end-to-end
  • Certificate verifies the domain identity
  • ISP can see destination but not content
  • Padlock icon in browser address bar
Scenario — HTTP vs. HTTPS Risk

A student logs into a school website over public WiFi. The site uses HTTP (not HTTPS). Another person on the same WiFi network uses a packet-sniffing tool.

What can the packet-sniffer see? What would HTTPS prevent?

Answer

With HTTP, the packet-sniffer can read everything: the login form submission including username and password, all page content, all data sent to and from the server. With HTTPS, the packet-sniffer can see only the destination domain (e.g., school.edu) but cannot read any content — it is all encrypted. HTTPS prevents eavesdropping on the content of communication, even on shared networks. This is why all modern sites that handle any sensitive data must use HTTPS.

Common Exam Pitfalls

1
Confusing IP addressing with TCP reliability

IP assigns addresses and routes packets (best-effort). TCP adds reliability (acknowledgments, retransmission, ordering). They solve different problems.

2
Thinking HTTPS means the website is trustworthy

HTTPS means the connection is encrypted and the domain is verified. The organization behind the domain could still be malicious. Phishing sites use HTTPS. The padlock means encrypted transit, not trustworthy content.

3
Thinking DNS only translates domain names

DNS also handles email routing (MX records), subdomain configuration, load balancing across multiple servers, and security records. For AP CSP, focus on the primary function: translating human-readable names to IP addresses.

4
Believing TCP/IP is a single protocol

TCP/IP is a protocol suite — TCP and IP are separate protocols that work together. They can also operate independently: UDP (User Datagram Protocol) uses IP without TCP’s reliability overhead, used for video streaming and gaming where speed matters more than perfect delivery.

Check for Understanding

1. Which protocol is responsible for translating google.com into an IP address?

  • TCP — it establishes connections to named servers.
  • HTTP — it handles web requests by name.
  • DNS — it maintains a directory of domain names and their IP addresses.
  • IP — it routes packets to named destinations.
DNS (Domain Name System) is the internet’s directory service, mapping human-readable domain names to numeric IP addresses. Without DNS, users would need to type IP addresses directly.

2. Which statement best describes the difference between IP and TCP?

  • IP handles reliable delivery; TCP handles routing.
  • IP routes packets across networks (best-effort); TCP ensures reliable, ordered delivery.
  • IP is used for web traffic; TCP is used for email.
  • IP works only on wired networks; TCP works on both wired and wireless.
IP routes packets from source to destination (best-effort, no guarantee). TCP adds reliability on top of IP: it ensures all packets arrive, in order, with lost packets retransmitted.

3. Consider these statements:
I. HTTPS encrypts data transmitted between browser and server.
II. A site using HTTPS is guaranteed to be run by a trustworthy organization.
III. HTTP sends data in plaintext that can be read by anyone on the same network.

Which are correct?

  • I only
  • I and III only
  • II and III only
  • I, II, and III
Statement I is correct — HTTPS wraps HTTP in TLS encryption. Statement III is correct — HTTP traffic is unencrypted and readable by packet-sniffers. Statement II is false — HTTPS verifies domain ownership, not organizational trustworthiness. Phishing sites routinely use HTTPS.

4. A user submits a login form on a site using HTTP over public WiFi. What can someone on the same WiFi network potentially see?

  • Only that the user is visiting the site — form data is always encrypted.
  • The username and password entered in the form, because HTTP does not encrypt the data.
  • Nothing — form submissions use a separate encrypted channel.
  • Only the IP address of the server, not any content.
HTTP sends all data in plaintext. A form submission over HTTP transmits the username, password, and all other form fields as readable text visible to anyone capturing network traffic on the same network.

5. Why does loading a single web page typically involve both TCP and UDP?

  • TCP is used for secure pages (HTTPS); UDP is used for unsecure pages (HTTP).
  • The web page HTML uses TCP for reliable delivery; embedded videos may use UDP for lower latency.
  • TCP routes packets; UDP translates domain names.
  • Only TCP is used — UDP is not used in web browsing.
HTML content requires complete, accurate delivery (TCP). Embedded video streams prioritize low latency over perfect delivery (UDP is acceptable for video because a lost frame is less disruptive than the delay of retransmission).

6. Which sequence correctly describes what happens when you type a URL and press enter?

  • TCP connection → DNS lookup → IP routing → HTTP request
  • DNS lookup → TCP connection → HTTP request → IP routing
  • DNS lookup → IP routing + TCP connection → HTTP request → response received
  • HTTP request → DNS lookup → TCP connection → IP routing
DNS lookup must happen first to get the IP address. Then TCP establishes a connection to that IP (using IP routing). Then HTTP sends the request. Then the server sends the response back through the same connection.

Frequently Asked Questions

What is TLS and how does it relate to HTTPS?
TLS (Transport Layer Security) is the encryption protocol that HTTPS uses. When you see HTTPS, the HTTP protocol is being run on top of a TLS-encrypted connection. TLS provides: encryption (data cannot be read in transit), authentication (the server’s identity is verified via certificate), and integrity (data cannot be modified in transit without detection).
What is a port number?
A port number identifies a specific application or service on a device. IP addresses identify devices; port numbers identify processes on those devices. HTTP typically uses port 80; HTTPS uses port 443; email (SMTP) uses port 25. When you visit https://example.com, your browser connects to port 443 at example.com’s IP address.
Does the AP CSP exam require memorizing port numbers or IP address formats?
No. You should understand the concepts: IP addresses identify devices, DNS translates names to addresses, TCP provides reliable delivery, and HTTPS provides encrypted web communication. You do not need to memorize specific port numbers, IPv4 vs. IPv6 formats, or the technical details of the TLS handshake.

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]