CREST Practitioner Security Analyst (CPSA) Practice 2026 - Free CPSA Practice Questions and Study Guide

In the context of the OSI model, Protocol Data Units (PDUs) vary at each layer. Between the session layer and the application layer, data is referred to simply as "data." This reflects the nature of the information being transmitted at these layers, which is ultimately user-level data, such as text, audio, or video files, among other content types.

The session layer is responsible for establishing, managing, and terminating connections between applications, while the application layer provides network services directly to the user's applications. Because both the session and application layers interact closely with user data, and there is no encapsulation occurring at this level like there is at the transport or network layers, the PDU is classified as "data" in this context.

In contrast, PDUs are called "segments" in the transport layer, "packets" in the network layer, and "frames" in the data link layer due to the encapsulation process as data moves down the OSI model. Each PDU name reflects the specific responsibilities and roles of the respective layers in handling the data. Thus, the identification of PDUs as "data" accurately describes the nature of what is being processed at both the session and application layers.