Day 3 of my SOC journey — and things are getting real.
Today I focused on how communication actually happens inside networks:
TCP/IP basics
4-layer model
TCP vs UDP
TCP handshake
DHCP + DORA
💡 Biggest insight:
Everything in SOC — alerts, logs, attacks —
depends on how data flows.
If you don’t understand this, you’re just guessing.
⚡ TCP = reliable
⚡ UDP = fast
Both matter.
What’s next?
MAC Address, ARP, ICMP, and Ping
Top comments (0)