CIST 1601 – Fundamentals of Information SecurityFinal Exam ReviewUser Datagram Protocol (UDP) also exists at layer ?, but unlike TCP, UDP is connectionless. UDPsends data to the target system without any regard to reliable connections or error correction. If UDP detects an error, it drops the packet.That is the great trade-off. TCP is reliable but typically slower because of the extra overhead. UDP is faster but has no built-in reliability.The Domain Name System (DNS)is a distributed database that helps mapthe nameof a device to its IP address. Its formal structure is a “hierarchical distributed database.” The idea behind itis similar in concept to a phone book – we’d much rather keep up with a person’s name than have to remember his or her telephone number. Similarly, people would much rather remember “” than 126.96.36.199.DNS security risk– if an attacker compromises a DNS server, and names are mapped to the wrong IP address, what could happen?Dynamic Host Configuration Protocol (DHCP)automates configurationof computers by auto-assigning IP addresses and other information. Example: If you had a thousand new computers to set up on a network, you could either manually configure them one by one or set up a DHCP server to hand out IP addresses automatically.Internet Control Message Protocol (ICMP)is a managementandcontrol protocol. The ping command sends an ICMP ‘echo’ request to test connectivity to a destination device.What is a Virtual Private Network (VPN)? A method of encrypting IP packets from one end to another, as in a tunnel.What is a “WAP”? Wireless Access Point, A radio transceiver device that transits and receives IP communications via wireless LAN technology. Wireless NetworkingWEP– Wired Equivalent Privacy – Basic encryption, easilybroken. Very weak.WPA– WiFi Protected Access – A stopgap encryption scheme to address WEP weaknesses.WPA2– WiFi Protected Access version 2 – Uses AESto protect data. Current best option. Check your notes on chapter 9 to review AES. Chapter 11 - Malicious Code and ActivityMalware– Malicious Software– Application designed to infiltrate target systems and carry out activities that are unknown or unintended by the victim.