title: “[03] CISSP Cheatsheet - Datagram (UDP & Connectionless Protocols)” date: 2026-07-05 authors:
- Your Name
๐ Topic: Datagram (UDP & Connectionless Protocols)
Domain: D6 โ Security Engineering
Tags: #cissp #networking #udp
๐งพ Definition
A datagram is a self-contained, connectionless packet typically associated with the User Datagram Protocol (UDP). Datagram delivery is best-effort and does not guarantee ordering, delivery, or duplicate protection.
๐ Key Points
- UDP/datagram protocols are lightweight and used for DNS, DHCP, RTP, and some real-time applications.
- Lack of connection state makes them susceptible to spoofing and amplification attacks.
- Security controls include filtering, rate limiting, and application-layer protections.
โ ๏ธ CISSP Insight
- CISSP focus: know protocol characteristics and how they influence security design (e.g., when to use TCP vs UDP and how to mitigate UDP risks).
โ๏ธ Key Difference / Trap
- UDP vs TCP
- UDP = connectionless, no guarantees
- TCP = connection-oriented, reliable
- Trap: Assuming UDP traffic is harmless; it can be abused for DDoS amplification.
๐๏ธ Example
An attacker spoofs UDP DNS queries to an open resolver to amplify a DDoS attack; defenders mitigate by restricting open resolvers and applying rate limits.
๐ References
- RFC 768 โ User Datagram Protocol (UDP)
- NIST SP 800-115 โ security testing and considerations
- OWASP and vendor guidance on UDP-based services
๐ Quick Recall
- Datagram = UDP; lightweight but needs filtering and rate limiting to mitigate abuse