TCP is a connection oriented protocol which has a 'handshake' to setup a connection and after that it is able to send data.
It also has mechanisms to request retransmission of lost packets etc.
UDP is connection less (fire and forget) so there is no 'handshake' overhead, just submit the packet and hope it arrives at the destination.
Both are part of the IP protocol suite.
Here is a nice video on general network/firewall stuff http://www.warriorsofthe.net/
And the wiki for IP, TCP and UDPhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/User_Datagram_Protocol
I can't see an option in CIS where you can define IP in/out AND TCP or UDP, it's either IP in/out or TCP/UDP in/out.
If you use IP option in the firewall rules you basically allow TCP and UDP and ICMP traffic
with that rule.
Where if you use TCP or UDP or ICMP
you restrict it to that type of traffic only.
Next to the traffic there are ports that are used to connect to a service, like 80 for http server, 25 for sending out mail via SMTP etc.
Here is a list of those ports that are reserved for special purposes.http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
http traffic = TCP traffic on port 80
dns traffic = UDP and TCP traffic on port 53
ping traffic = ICMP traffic
Hope this helps a bit.