10GBaseT A 2006 standard to provide 10 Gbps connections over unshielded or shielded twisted pair cables, over distances up to 100 meters using category 6a (category 6 can reach 55 meters).
100BaseT The IEEE 802.3 specification for running Ethernet at 100 Mbps over twisted-pair cabling. The maximum length of a 100BASET segment is 100 meters (328 feet).
1000BaseLX A standard for Gigabit Ethernet intended for use with long-wavelength (LX) transmissions over long cable runs of fiber optic cabling.
1000BaseSX A fiber optic Gigabit Ethernet standard for operation over multimode fiber.
1000BaseT An IEEE 802.3ab standard that specifies Gigabit Ethernet over Category 5 or better UTP cable. The standard allows for full-duplex transmission using four pairs of twisted cable up to 100 meters.
568A/568B standards Telecommunications standards from the Telecommunications Industry Association (TIA) and the Electronics Industry Association (EIA). These 568 standards specify the pin arrangements for the RJ-45 connectors on UTP or STP cables. The number 568 refers to the order in which the wires within the UTP cable are terminated and attached to the connector.
A An address record. This refers to one of three machines typically: the host sending data, the host receiving data, or an intermediary between the two (the next hop).
AAA Authentication, authorization, and accounting. Authentication is the process to determine whether someone is authorized to use the network—if the person can log on to the network. Authorization refers to identifying the resources a user can access after the user is authenticated. Accounting refers to the tracking methods used to identify who uses the network and what they do on the network.
AAAA Authentication, authorization, accounting, and auditing. Authentication is the process to determine whether someone is authorized to use the network—if the person can log on to the network. Authorization refers to identifying the resources a user can access after the user is authenticated. Accounting refers to the tracking methods used to identify who uses the network and what they do on the network. Auditing refers to the ability to associate actions with the machine/user in question.
AAAA record The DNS record that maps a hostname to a 128-bit IPv6 address. This is also known as the IPv6 address record.
access point (AP) A transmitter and receiver (transceiver) device commonly used to facilitate communication between a wireless client and a wired network. Wireless APs are used with the wireless infrastructure network topology to provide a connection point between WLANs and a wired Ethernet LAN.
ACK The acknowledgment message sent between two hosts during a TCP session.
ACL (access control list) The list of trustees assigned to a file or directory. A trustee can be any object available to the security subsystem. The term ACL is also used with routers and firewall systems to refer to the list of permitted computers or users.
Active Directory Used in Windows network environments, this is a directory services system that enables network objects to be stored in a database. This database can then be divided and distributed among different servers on the network.
active hub A hub that has power supplied to it for the purposes of regenerating the signals that pass through it.
ad hoc topology Defines a wireless network layout whereby devices communicate directly among themselves without using an access point. Sometimes called an unmanaged or peer-to-peer wireless topology.
address A set of numbers used to identify and locate a resource or device on a network. An example is an IP address such as 192.168.2.1.
administrator A person responsible for the control and security of the user accounts, resources, and data on a network.
Administrator account On a Windows system, the default account that has rights to access everything and to assign rights to other users on the network. Unlike other user accounts, the Administrator account cannot be deleted.
ADSL (asymmetric digital subscriber line) A service that transmits digital voice and data over existing (analog) phone lines.
AES (Advanced Encryption Standard) An encryption algorithm for securing sensitive networks used by U.S. government agencies. Has become the encryption standard for corporate networks.
AH (Authentication Header) One of the two separate protocols IPsec consists of (the other being ESP). AH provides the authentication and integrity checking for data packets.
antivirus software A software application that detects and removes viruses.
AP (wireless access point) A network device that offers connectivity between wireless clients and (usually) a wired portion of the network.
APC (angle polished connector) A connector commonly used with fiber cables—usually single mode—to keep the signal from bouncing back down the line.
APIPA (Automatic Private IP Addressing) A technology implemented on certain Windows platforms through which a system assigns itself an IP address in the absence of a DHCP server. Addresses are assigned from the 169.254.x.x address range.
application layer Layer 7 of the OSI model, which provides support for end users and for application programs using network resources.
application-level firewall Application-layer firewalls operate at the application layer of the OSI model. Application layer firewalls can inspect data packets traveling to or from an application.
application log A log file on a Windows system that provides information on events that occur within an application.
APT (Advanced Persistent Tool) Although CompTIA uses Tool, most use Threat as the last word of the acronym. In either case, it is an unauthorized person in a network, undetected, for an exceedingly long period of time.
archive bit A flag that is set on a file after it has been created or altered. Some backup methods reset the flag to indicate that it has been backed up.
ARIN (American Registry for Internet Numbers) The regional Internet registry responsible for managing both IPv4 and IPv6 IP number distribution.
ARP (Address Resolution Protocol) A protocol in the TCP/IP suite used to resolve IP addresses to MAC addresses. Specifically, the ARP command returns a Layer 2 address for a Layer 3 address.
ARP ping The ARP utility that resolves IP addresses to MAC addresses. The ARP ping utility tests connectivity by pinging a MAC address directly.
ARP table A table of entries used by ARP to store resolved ARP requests. Entries can also be manually stored.
array A group of devices arranged in a fault-tolerant configuration. See also RAID.
AS (autonomous system) A collection of connected IP routing prefixes under the control of a network administrator or entity that offers a common and defined routing policy to the Internet.
ASIC (application-specific integrated circuit) An integrated circuit designed for a particular use instead of for general-purpose uses.
ASP (application service provider) A vendor who provides computer-based services over the network.
attenuation The loss of signal experienced as data transmits over distance and across the network medium.
ATM (Asynchronous Transfer Mode) A packet-switching technology that provides transfer speeds ranging from 1.544 Mbps to 622 Mbps.
AUP (acceptable use policy) A policy created by an organization defining what is acceptable on their resources (network, computers, and so on).
authentication The process by which a user’s identity is validated on a network. The most common authentication method is a username and password combination.
B (bearer) channel In ISDN, a 64 Kbps channel that carries data. See also D (delta) channel.
backbone A network segment that acts as a trunk between other network segments. Backbones typically are high-bandwidth implementations, such as fiber-optic cable.
backup schedule A document or plan that defines what type of backups are made, when, and what data is backed up.
bandwidth The width of the range of electrical frequencies, or how many channels the medium can support. Bandwidth correlates to the amount of data that can traverse the medium at one time, but other factors determine the maximum speed supported by a cable.
baseband A term applied to any medium that can carry only a single data signal at a time. Compare with broadband.
baseline A measurement of performance of a device or system for the purposes of future comparison. Baselining is a common server administration task.
baud rate The speed or rate of signal transfer. Baud rate bandwidth is measured in cycles per second, or hertz (Hz). The word baud is derived from the name of French telegraphy expert J. M. Baudot.
BCP (business continuity plan) The strategy for addressing potential threats to a company and creation of systems to aid in the prevention of threats and recovery from problems.
beaconing In a wireless network, beaconing refers to the continuous transmission of small packets (beacons) that advertise the presence of a base station (access point).
BERT (bit-error rate test) A test to see the number of received bits of a data stream that has changed due to noise, interference, or other distortion.
BGP (Border Gateway Protocol) Used between gateway hosts on the Internet. BGP examines the routing table, which contains a list of known routers, the addresses they can reach, and a cost metric associated with the path to each router so that the best available route is chosen. BGP communicates between the routers using TCP.
binary A base 2 numbering system used in digital signaling. It uses only the numbers 1 and 0.
binding The process of associating a protocol with a NIC.
biometrics The science and technology of measuring and analyzing biological data. Biometrics are used for security purposes to analyze and compare characteristics such as voice patterns, retina patterns, and hand measurements.
BIOS (Basic Input/Output System) A basic set of instructions that a device needs to operate.
bit An electronic digit used in the binary numbering system. Bit is a contraction of the terms binary and digit.
blackout A total loss of electrical power.
BLE (Bluetooth Low Energy) A form of Bluetooth networking tech-nology that uses very little energy.
Bluetooth A low-cost, short-range RF technology designed to replace many of the cords used to connect devices. Bluetooth uses 2.4 GHz RF and provides transmission speeds up to 24 Mbps.
BNC (British Naval Connector/Bayonet Neill-Concelman) connector A family of connectors typically associated with thin coaxial cabling and 10BASE2 networks. BNC connectors use a twist-and-lock mechanism to connect devices to the network.
BOOTP (Bootstrap Protocol) A TCP/IP protocol used by a network device to obtain an IP address and other network information, such as server address and default gateway from a configuration server.
bound medium Describes any medium that has physical constraints, such as coaxial, fiber-optic, and twisted pair. Compare with unbound medium.
boundless medium See unbound medium.
BPDU (bridge protocol data unit) Identifies the status of ports and bridges across the network. BPDUs are simple data messages exchanged between switches. They contain information on ports and provide the status of those ports to other switches.
BRI (Basic Rate Interface) An ISDN digital communications line that consists of three independent channels: two B channels each at 64 Kbps and one D channel at 16 Kbps. ISDN BRI is often referred to as 2B+D. See also ISDN and PRI.
bridge A device that connects and passes packets between two network segments that use the same communications protocol. Bridges operate at the data link layer of the OSI model. A bridge filters, forwards, or floods an incoming frame based on the packet’s MAC address.
bridging address table A list of MAC addresses that a bridge keeps and uses when it receives packets. The bridge uses the bridging address table to determine which segment the destination address is on before it sends the packet to the next interface or drops the packet (if it is on the same segment as the sending node).
broadband A communications strategy that uses analog or digital signaling over multiple communications channels.
broadcast A packet-delivery system in which a copy of a packet is transmitted to all hosts attached to the network.
broadcast storm An undesirable condition in which broadcasts become so numerous that they bog down the flow of data across the network.
brownout A short-term decrease in the voltage level, usually caused by the startup demands of other electrical devices.
BSSID (basic service set identifier) The BSSID is the MAC address of the wireless access point (AP).
buffer An area of memory in a device used to temporarily store data before it is forwarded to another device or location.
bus topology A linear LAN architecture in which all devices connect to a common cable, called a bus or backbone.
butt set The butt set is typically associated with telephony systems. It is used to test and access the phone line using clip wires that attach to the phone cable.
BYOD (bring your own device) A policy governing employees bringing personally owned devices (laptops, smartphones, and the like) to the workplace and the use of those devices to access company data.
byte A set of bits (usually 8) that operate as a unit to signify a character.
CaaS (Communication as a Service) A cloud computing model for providing ubiquitous access to shared pools of configurable resources.
cable modem A device that provides Internet access over cable television lines.
cable stripper A tool used to strip the sheathing from copper cabling.
cable tester A device used to check for electrical continuity along a length of cable. Cable tester is a generic term that can be applied to devices such as volt/ohm meters and TDRs.
caching-only server A type of DNS server that operates the same way as secondary servers except that a zone transfer does not take place when the caching-only server is started.
CAM (content addressable memory) A type of computer memory used in high-speed searching applications.
CAN (campus-area network) A wide-area network (WAN) created to service a campus area.
CARP (Common Address Redundancy Protocol) A protocol that enables multiple hosts on the same network to share a set of IP addresses and thus provides failover redundancy. It is commonly used with routers and firewalls and can provide load balancing.
carrier A signal that carries data. The carrier signal is modulated to create peaks and troughs, which represent binary bits.
CASB (cloud access security broker) Software that sits between cloud service users and cloud applications to monitor all activity and enforce security policies.
CAT (Computer and Telephone) A designation of resources, usually wiring, used to provide service to computers or telephones.
CAT3 Data-grade cable that can transmit data up to 10 Mbps with a possible bandwidth of 16 MHz.
CAT5 Data-grade cable that typically was used with Fast Ethernet operating at 100 Mbps with a transmission range of 100 meters.
CAT5e Data-grade cable used on networks that run at 10/100 Mbps and even up to 1000 Mbps. Category 5e cabling can be used up to 100 meters, depending on the implementation and standard used. Category 5e cable provides a minimum of 100 MHz of bandwidth.
CAT6 High-performance UTP cable that can transmit data up to 10 Gbps.
CAT6a Also called augmented 6. Offers improvements over Category 6 by offering a minimum of 500 MHz of bandwidth. It specifies transmission distances up to 100 meters with 10 Gbps networking speeds.
CAT7 Offers improvements over Category 6a by offering 600 MHz of bandwidth and improved crosstalk suppression. It specifies transmission distances up to 100 meters with 10 Gbps networking speeds.
CCTV (closed-circuit TV) An acronym for video cameras used to watch a particular place and send (transmit) to a particular location.
CDMA (code division multiple access) A multiple-access channel method used to provide bandwidth sharing.
change control A process in which a detailed record of every change made to the network is documented.
channel A communications path used for data transmission.
CHAP (Challenge Handshake Authentication Protocol) A protocol that challenges a system to verify identity. CHAP is an improvement over Password Authentication Protocol (PAP) in which one-way hashing is incorporated into a three-way handshake. RFC 1334 applies to both PAP and CHAP.
checksum A basic method of error checking that involves calculating the sum of bytes in a section of data and then embedding the result in the packet. When the packet reaches the destination, the calculation is performed again to make sure that the value is still the same.
CIDR (classless interdomain routing) An IP addressing scheme that enables a single IP address to designate many unique IP addresses. CIDR addressing uses an IP address followed by a / and the IP network prefix. An example of a CIDR address is 192.168.100.0/16. CIDR is sometimes called supernetting.
circuit-level firewall A type of network security system whereby network traffic is filtered based on specified session rules and may be restricted to recognized computers only.
circuit switching A method of sending data between two parties in which a dedicated circuit is created at the beginning of the conversation and is broken at the end. All data transported during the session travels over the same path, or circuit.
Class A network A TCP/IP network that uses addresses from 1 to 126 and supports up to 126 subnets with 16,777,214 unique hosts each.
Class B network A TCP/IP network that uses addresses from 128 to 191 and supports up to 16,384 subnets with 65,534 unique hosts each.
Class C network A TCP/IP network that uses addresses from 192 to 223 and supports up to 2,097,152 subnets with 254 unique hosts each.
Class D network Class D network addresses within the range of 224.0.0.0 to 239.255.255.255 are used for multicasting data to multicast-capable hosts on a network.
client A node that uses the services from another node on a network.
client/server networking A networking architecture in which front-end, or client, nodes request and process data stored by the back-end, or server, node.
cloud computing The hosting, storage, and delivery of computing as a service rather than a product. The end user accesses remotely stored programs and other resources through the Internet without the need for expensive local networking devices, services, and support. Various industry cloud computing concepts include public, private, hybrid, and community cloud.
clustering A technology that enables two or more computers to act as a single system to provide improved fault tolerance, load balancing, and failover capability.
CNAME (canonical name) Specifies an alias or nickname for a canonical hostname record in a Domain Name System (DNS) database. CNAME records are used to give a single computer multiple names (aliases).
coaxial cable A data cable, commonly referred to as coax, that is made of a solid copper core insulated and surrounded by braided metal and covered with a thick plastic or rubber covering. Coax is the standard cable used in cable television and in older bus topology networks.
cold site A disaster recovery site that provides office space, but the customer provides and installs all the equipment needed to continue operations.
cold spare A redundant piece of hardware stored in case a component should fail. Typically used for server systems.
collision The result of two frames simultaneously transmitting on an Ethernet network and colliding, thereby destroying both frames.
collision domain A segment of an Ethernet network between managing nodes, where only one packet can be transmitted at a time. Switches, bridges, and routers can be used to segment a network into separate collision domains.
communication The transfer of information between nodes on a network.
concentrator A device that combines several communications channels into one. It is often used to combine multiple terminals into one line.
connectionless communication Packet transfer in which delivery is not guaranteed.
connection-oriented communication Packet transfer in which delivery is guaranteed.
connectivity The linking of nodes on a network for communication to take place.
convergence When a change in the network routing is made, it takes some time for the routers to detect and accommodate this change; this is known as convergence.
copy backup Normally, a backup of the entire hard drive. A copy backup is similar to a full backup, except that the copy backup does not alter the state of the archive bits on files.
CoS (class of service) A parameter used in data and voice to differentiate the types of payloads being transmitted.
cost A value used to encourage or discourage the use of a certain route through a network. Routes that are to be discouraged are assigned a higher cost, and those that are to be encouraged are assigned a lower cost. See also metric.
CPU (central processing unit) The main processor in a computing device.
cracker A person who attempts to break software code or gain access to a system to which he or she is not authorized. See also hacker.
cracking The process of attempting to break software code, normally to defeat copyright protection or alter the software’s functioning. Also the process of attempting to gain unauthorized access to a computer system. See also hacker.
CRAM-MD5 A challenge-response authentication mechanism.
CRC (cyclical redundancy check) A method used to check for errors in packets that have been transferred across a network. A computation bit is added to the packet and recalculated at the destination to determine whether the entire content of the packet has been correctly transferred.
crimper A tool used to join connectors to the ends of network cables.
crossover cable A cable that can be used to directly connect two devices—such as two computer systems—or as a means to expand networks that use devices such as hubs or switches. A traditional crossover cable is a UTP cable in which the wires are crossed for the purposes of placing the transmit line of one device on the receive line of the other. A T1 crossover is used to connect two T1 CSU/DSU devices in a back-to-back configuration.
crosstalk Electronic interference caused when two wires are too close to each other, and the adjacent cable creates interference.
CSMA/CA (carrier sense multiple access with collision avoidance) A contention media access method that uses collision-avoidance techniques.
CSMA/CD (carrier sense multiple access with collision detection) A contention media access method that uses collision-detection and retransmission techniques.
CSU/DSU (channel service unit/data service unit) Acts as a translator between the LAN data format and the WAN data format. Such a conversion is necessary because the technologies used on WAN links are different from those used on LANs.
cut-through packet switching A switching method that does not copy the entire packet into the switch buffers. Instead, the destination address is captured into the switch, the route to the destination node is determined, and the packet is quickly sent out the corresponding port. Cut-through packet switching maintains a low latency.
CVW (collaborative virtual workspace) An environment, often called a CVE, used for collaboration and interaction of participants that may be spread over large distances.
CWDM (course wave-division multiplexing) Contrary to the CompTIA acronym, most in the industry use coarse for the C portion and it is a method of multiplexing in which different signals operate at different speeds. The best example of this is cable modems, allowing for different speeds of uploading and downloading.
DaaS (Desktop as a Service) Software that separates the desktop environment and associated application software from the physical client device that is used to access it.
data field In a frame, the field or section that contains the data.
data link layer Layer 2 of the OSI model, which is above the physical layer. Data comes off the cable, goes through the physical layer, and goes into the data link layer. The data link layer has two distinct sublayers: MAC and LLC.
datagram An information grouping transmitted as a unit at the network layer. See also packet.
dB Decibels. A measurement.
DB-25 A 25-pin connector used for serial port or parallel port connection between PCs and peripheral devices.
DB-9 A nine-pin connector used for serial port or parallel port connection between PCs and peripheral devices.
D (delta) channel The channel used on ISDN to communicate signaling and other related information. Use of the D channel leaves the B channels free for data communication. See also B (bearer) channel.
DCS (distributed computer system) A system in which the whole is divided into many parts. The best example of this is using multiple computers to work together and appear to the user as a single entity.
DDNS (Dynamic Domain Name Service) A form of DNS that enables systems to be registered and deregistered with DNS dynamically. DDNS is facilitated by DHCP, which passes IP address assignments to the DNS server for entry into the DNS server records. This is in contrast with the conventional DNS system, in which entries must be manually made.
DDoS (distributed denial of service) attack A DoS attack that utilizes more than one computer in the attack. See DoS (denial of service) attack.
dedicated line A dedicated circuit used in WANs to provide a constant connection between two points.
default gateway Normally a router or a multihomed computer to which packets are sent when they are destined for a host on a different network.
demarcation point The point at which communication lines enter a customer’s premises. Sometimes shortened to simply demarc.
destination address The network address to which data is sent.
DHCP (Dynamic Host Configuration Protocol) A protocol that provides dynamic IP addressing to DHCP-enabled workstations on the network.
dial-up networking Refers to the connection of a remote node to a network using POTS.
differential backup A backup of only the data that has been created or changed since the previous full backup. In a differential backup, the state of the archive bits is not altered.
dig On a Linux, UNIX, or Mac OS system, you can use the dig command to perform manual DNS lookups.
directory services A system that enables network resources to be viewed as objects stored in a database. This database can then be divided and distributed among different servers on the network. An example of directory services includes LDAP or Microsoft Active Directory.
disaster recovery plan A plan for implementing duplicate computer services if a natural disaster, a human-made disaster, or another catastrophe occurs. A disaster recovery plan includes offsite backups and procedures to activate information systems in alternative locations.
distance-vector routing A type of routing in which a router uses broadcasts to inform neighboring routers on the network of the routes it knows about. Compare with link-state routing.
DLC (data link control) The service provided by the data link layer of the OSI model.
DLP (data leak prevention) Also commonly expressed as data loss prevention, it is a system designed to detect and respond to potential breaches.
DLR (device level ring) A protocol that provides a means of detecting, managing, and recovering from faults in a ring-based topology network.
DMZ (demilitarized zone) An area for placing web and other servers that serve the general public outside the firewall, thereby isolating them from internal network access.
DNAT (Destination Network Address Translation) A technique for transparently changing the destination of an end route and performing the inverse function for any replies.
DNS (Domain Name Service) A service/system/server used to translate domain names, such as www.quepublishing.com, into IP addresses, such as 165.193.123.44. DNS uses a hierarchical namespace that enables the database of hostname-to-IP address mappings to be distributed across multiple servers.
DOCSIS (Data-Over-Cable Service Interface Specification) A telecommunications standard for transmitting high-speed data over existing cable TV systems.
domain A logical boundary of an Active Directory structure on Windows servers. Also, a section of the DNS namespace.
domain name server A server that runs application software that enables the server to perform a role associated with the DNS service.
DoS (denial of service) attack A type of hacking attack in which the target system is overwhelmed with requests for service, which keeps it from servicing any requests—legitimate or otherwise.
downtime A period of time during which a computer system or network is unavailable. This may be due to scheduled maintenance or hardware or software failure.
DR (designated router) An OSPF router intended to reduce network traffic by maintaining the complete routing database and then sending updates to the other routers on the shared network segment.
DSCP (differentiated services code point) An architecture that specifies a simple and coarse-grained mechanism for classifying and managing network traffic and providing QoS on modern networks.
DSL (digital subscriber line) A public network technology that delivers high bandwidth over conventional copper wiring over limited distances.
DSSS (direct sequence spread spectrum) A modulation technique in which the transmitted signal takes up more than the information signal that modulates the carrier or broadcast frequency.
DSU (data service unit) A network communications device that formats and controls data for transmission over digital lines. A DSU is used with a CSU.
DTE (data terminal equipment) A device used at the user end of a user network interface that serves as a data source, a destination, or both. DTE devices include computers, protocol translators, and multiplexers.
DWDM (dense wavelength-division multiplexing) A form of multiplexing optical signals that replaces SONET/SDH regenerators with erbium doped fiber amplifiers (EDFAs) and can also amplify the signal and allow it to travel a greater distance. The main components of a DWDM system include a terminal multiplexer, line repeaters, and a terminal demultiplexer.
dynamic routing A routing system that enables routing information to be communicated between devices automatically and that can recognize changes in the network topology and update routing tables accordingly. Compare with static routing.
dynamic window A flow control mechanism that prevents the sender of data from overwhelming the receiver. The amount of data that can be buffered in a dynamic window varies in size, hence its name.
E1 (E-Carrier Level 1) An E1 link operates over two separate sets of wires, typically twisted-pair cable, and carries data at a rate of 2.048 million bits per second. E1 is the European equivalent of T1 used in the United States.
E3 (E-Carrier Level 3) An E3 link carries 16 E1 signals with a data rate of 34.368 million bits per second. E3 is the European equivalent of T3 used in the United States.
EAP (Extensible Authentication Protocol) An extension of PPP that supports authentication methods more secure than a standard username and password combination. EAP is commonly used as an authentication protocol for token cards, smart cards, and digital certificates.
EDNS (Extension Mechanisms for DNS) As specified by the Internet Engineering Task Force as RFC 2671, EDNS increases the size of the flags fields, return codes, and label types available in basic DNS.
EGP (exterior gateway protocol) The exterior gateway protocol defines distance-vector protocols commonly used between hosts on the Internet to exchange routing table information. BGP is an example of an EGP. See BGP.
EIA/TIA The Electronic Industries Alliance/Telecommunications Industry Association is a trade organization responsible for a number of communications standards.
EIGRP (Enhanced Interior Gateway Routing Protocol) A protocol that enables routers to exchange information more efficiently than earlier network protocols. Routers configured to use EIGRP keep copies of their neighbors’ routing information and query these tables to help find the best possible route for transmissions to follow.
EMI (electromagnetic interference) External interference of electromagnetic signals that causes a reduction in data integrity and increased error rates in a transmission medium.
encapsulation A technique used by protocols in which header and trailer information is added to the protocol data unit as it is passed down through the protocol stack on a sending system. The reverse process, decapsulation, is performed at the receiving system as the packet travels up through the protocol suite.
encryption Modifying data for security purposes prior to transmission so that the data cannot be read without the decryption method.
ESD (electrostatic discharge) A condition created when two objects of dissimilar electrical charge come into contact with each other. The result is that a charge from the object with the higher electrical charge discharges itself into the object with the lower-level charge. This discharge can be harmful to computer components and circuit boards.
ESP (Encapsulated Security Packets) One of the two separate protocols IPsec consists of (the other being AH). ESP provides encryption services.
ESS (extended service set) The ESS refers to two or more basic service sets (BSS) connected, therefore using multiple APs. The ESS is used to create WLANs or larger wireless networks and is a collection of APs and clients.
ESSID (extended service set identifier) The terms ESSID and SSID are used interchangeably, but they are different. The SSID is the name used with basic service set (BSS) networks, and the ESSID is the network name used with an ESS wireless network design. With an ESS, not all APs necessarily use the same name.
Ethernet The most common LAN technology. Ethernet can be implemented using coaxial, twisted-pair, or fiber-optic cable. Ethernet typically uses the CSMA/CD media access method and has various implementation standards.
EUI (extended unique identifier) A naming convention for MAC addresses.
Event Viewer A utility available on Windows server systems and client systems. It is commonly used to gather systems information and also is used in the troubleshooting process.
failover The automatic switching from one device or system to another. Servers can be configured in a failover configuration so that if the primary server fails, the secondary server automatically takes over.
Fast Ethernet The IEEE 802.3u specification for data transfers of up to 100 Mbps over twisted-pair cable. See also 100BASE-FX, 100BASE-T, and 100BASE-TX.
fault tolerance The capability of a component, system, or network to endure a failure.
FC (Fibre Channel) See Fibre Channel.
FCoE (Fibre Channel over Ethernet) A technology that encapsulates Fibre Channel frames over Ethernet networks allowing FC to use 10 Gigabit Ethernet networks (or higher) while preserving the Fibre Channel protocol.
FCS (frame check sequence) A method of error detection added to a frame in a communications protocol.
FDDI (Fiber Distributed Data Interface) A high-speed data transfer technology designed to extend the capabilities of existing LANs by using a dual-ring topology and a token-passing access method.
FDM (frequency-division multiplexing) A technology that divides the output channel into multiple smaller-bandwidth channels, each of which uses a different frequency range.
FHSS (frequency hopping spread spectrum) A multiple access method of transferring radio signals in the frequency-hopping code division multiple access (FH-CDMA) scheme.
fiber-optic cable Also known as fiber optics or optical fiber, a physical medium that can conduct modulated light transmissions. Compared with other transmission media, fiber-optic cable is more expensive, but it is not susceptible to EMI or crosstalk, and it is capable of high data rates and increased distances.
Fibre Channel A technology that defines full gigabit-per-second (commonly runs at 2-, 4-, 8-, and 16-gigabit per second data rates) data transfer over fiber-optic cable. Commonly used with storage-area network (SAN) implementations.
firewall A program, system, device, or group of devices that acts as a barrier between one network and another. Firewalls are configured to enable certain types of traffic to pass while blocking others.
flow control A method of controlling the amount of data transmitted within a given period of time. Different types of flow control exist. See also dynamic window and static window.
FM (frequency modulation) One form of radio modulation, this communication technique transmits information over a radio wave.
FQDN (fully qualified domain name) The entire domain name. It specifies the name of the computer, the domain in which it resides, and the top-level DNS domain (for example, www.marketing.quepublishing.com).
fragment-free switching A switching method that uses the first 64 bytes of a frame to determine whether the frame is corrupted. If this first part is intact, the frame is forwarded.
frame A grouping of information transmitted as a unit across the network at the data link layer of the OSI model.
Frame Length field In a data frame, the field that specifies the length of a frame.
Frame Type field In a data frame, the field that names the protocol being sent in the frame.
frequency The number of cycles of an alternating current signal over a unit of time. Frequency is expressed in hertz (Hz).
FTP (File Transfer Protocol) A protocol that provides for the transfer of files between two systems. FTP users authenticate using clear-text sign-in procedures, making FTP an unsecure protocol. FTP is part of the TCP/IP suite and operates at Layer 7 of the OSI model.
FTPS (File Transfer Protocol Security) A file transfer protocol that uses SSL/TLS to add security.
F-type connecter A screw-type connector used with coaxial cable. In computing environments, it is most commonly used to connect cable modems to ISP equipment or incoming cable feeds.
full backup A backup in which files, regardless of whether they have been changed, are copied to the backup medium. In a full backup, the files’ archive bits are reset.
full duplex A system in which data simultaneously transmits in two directions. Compare with half duplex.
gateway A hardware or software solution that enables communications between two dissimilar networking systems or protocols. A gateway can operate at any layer of the OSI model but is commonly associated with the application layer.
Gb (gigabit) 1 billion bits, or 1000 Mb.
GBIC (gigabit interface converter) A Gigabit Ethernet and Fibre Channel transceiver standard.
Gbps (gigabits per second) The throughput of a given network medium in terms of 1 billion bps.
Gigabit Ethernet An IEEE 802.3 specification that defines standards for data transmissions of 1 Gbps. See also 1000BASE-T.
GLBP (Gateway Load Balancing Protocol) A proprietary Cisco protocol that adds basic load-balancing functionality in an attempt to overcome the limitations of existing redundant router protocols.
GPG (GNU Privacy Guard) An IETF RFC 4880-compliant alternative to the PGP suite of cryptographic software.
GRE (generic routing encapsulation) A routing encapsulation method that comes in a plain wrapper.
GSM (Global System for Mobile Communications) A standard created by the European Telecommunications Standards Institute (ETSI) used to describe communication protocols for second-generation (2G) cellular networks and devices. It has now become the default global standard for mobile communications in more than 219 countries and territories.
guaranteed flow control A method of flow control in which the sending and receiving hosts agree on a rate of data transmission. After the rate is determined, the communication takes place at the guaranteed rate until the sender is finished. No buffering takes place at the receiver.
HA (high availability) A system goal/attribute aimed at ensuring operational uptime higher than normal.
hacker A person who carries out attacks on a computer software program. See also cracker.
half duplex A connection in which data is transmitted in both directions but not simultaneously. Compare with full duplex.
handshake The initial communication between two data communication devices, during which they agree on protocol and transfer rules for the session.
hardware address The hardware-encoded MAC address burned into every NIC.
hardware loopback A device plugged into an interface for the purposes of simulating a network connection. This enables the interface to be tested as if it is operating while connected.
HDLC (High-Level Data Link Control) An ISO developed bit-oriented synchronous data link layer protocol used for point-to-point or point-to-multipoint connections.
HDMI (High-Definition Multimedia Interface) An audio/video interface for transferring data and compressed or uncompressed data to a monitor, projector, television, or digital audio device.
HIDS (host intrusion detection system) A intrusion detection system that is based at the host (rather than the network). It monitors and analyzes data coming to and from the host.
HIPS (host intrusion prevention system) A intrusion prevention system that is based at the host (rather than the network). It responds and reacts to threats coming to and from the host.
hop The means by which routing protocols determine the shortest way to reach a given destination. Each router constitutes one hop. If a router is four hops away from another router, for example, three routers, or hops, exist between the first router and the destination. In some cases, the final step is also counted as a hop.
horizontal cross-connect Ties the telecommunication room to the end user. Specifically, the horizontal cabling extends from the telecommunications outlet, or network outlet with RJ-45 connectors, at the client end. It includes all cable from that outlet to the telecommunication room to the horizontal cross-connect. The term horizontal cross-connect refers to the distribution point for the horizontal cable.
host Typically refers to any device on the network that has been assigned an IP address.
host firewall A firewall system installed and configured on and used for an individual host. Contrast to a network firewall that provides firewall services for all network nodes.
host ID An identifier used to uniquely identify a client or resource on a network.
hostname A name assigned to a system for the purposes of identifying it on the network in a more user-friendly manner than by the network address.
HOSTS file A text file that contains hostname-to-IP address mappings. All commonly used platforms accommodate static name resolution using the HOSTS file.
hot site A disaster recovery term used to describe an alternative network site that can be immediately functional in the event of a disaster at the primary site.
hot spare In a RAID configuration, a drive that sits idle until another drive in the RAID array fails, at which point the hot spare takes over the role of the failed drive.
hotspot An area in which an access point provides public wireless broadband network services to mobile visitors through a WLAN. Hotspots are often located in heavily populated places such as airports, hotels, and coffee shops.
hot swap The removal and replacement of a component in a system while the power is still on and the system is functioning.
HSPA (High-Speed Packet Access) A telephony protocol designed to increase speeds over previous protocols by combining features from others.
HSRP (Hot Standby Router Protocol) A Cisco proprietary protocol used for establishing redundant gateways.
HT (High Throughput) A feature of 802.11n for increased throughput on the network. The newer Very High Throughput (VHT) 802.11ac standard further increases network throughput.
HTTP (Hypertext Transfer Protocol) A protocol used by web browsers to transfer pages, links, and graphics from the remote node to the user’s computer.
HTTPS (Hypertext Transfer Protocol Secure) A protocol that performs the same function as HTTP but does so over an encrypted link, ensuring the confidentiality of any data that is uploaded or downloaded. Also referred to as S-HTTP.
hub A largely obsolete hardware device that acts as a connection point on a network that uses twisted-pair cable. It operates at the physical layer of the OSI model and forwards signals to all ports. Also known as a concentrator or a multiport repeater.
HVAC (heating, ventilation, and air conditioning) A self-defining acronym.
Hz (hertz) Equivalent to cycles per second, hertz is the unit of frequency defined as the number of cycles per second of a periodic phenomenon.
IaaS (Infrastructure as a Service) The most basic method of cloud service computing; the users install everything from the operating system up.
IANA (Internet Assigned Numbers Authority) An organization responsible for IP addresses, domain names, and protocol parameters. Some functions of IANA, such as domain name assignment, have been devolved into other organizations.
ICA (Independent Computer Architecture) Contrary to the CompTIA acronym, the C is more correctly Computing, and this is a Cisco proprietary protocol for application servers.
ICANN (Internet Corporation for Assigned Names and Numbers) The nonprofit organization responsible for coordinating domain names and addresses.
ICMP (Internet Control Message Protocol) A network layer Internet protocol documented in RFC 792 that reports errors and provides other information relevant to IP packet processing. Utilities such as ping and tracert use functionality provided by ICMP.
ICS (Internet connection sharing) The use of one device with access to the Internet as an access point for other devices to connect.
ICS (industrial control system) A general term used to describe industrial control systems such as supervisory control and data acquisition (SCADA) systems.
IDF Some networks use multiple wiring closets. When this is the case, the wiring closet, known as the main distribution frame (MDF), connects to secondary wiring closets, or intermediate distribution frames (IDFs). See also MDF.
IDS (intrusion detection system) A software application or hardware device that monitors a network or system for malicious or non-policy-related activity and reports to a centralized management system.
IEEE (Institute of Electrical and Electronics Engineers) A professional organization that, among other things, develops standards for networking and communications.
IEEE 1394 A standard that defines a system for connecting up to 63 devices on an external bus. IEEE 1394 is used with consumer electronic devices such as video cameras and MP3 players. IEEE 1394 is based on a technology developed by Apple called FireWire. FireWire was subsequently replaced by Thunderbolt.
IEEE 802.1 A standard that defines the OSI model’s physical and data link layers. This standard allows two IEEE LAN stations to communicate over a LAN or WAN and is often called the internetworking standard.
IEEE 802.1X An IEEE security standard designed for authenticating wireless devices. This standard uses Extensible Authentication Protocol (EAP) to provide a central authentication server to authenticate each user on the network.
IEEE 802.3 A standard that specifies physical layer attributes, such as signaling types, data rates, and topologies, as well as the media access method used. It also defines specifications for the implementation of the physical layer and the MAC sublayer of the data link layer, using CSMA/CD. This standard also includes the original specifications for Fast Ethernet.
IEEE 802.11 The original IEEE wireless standard, which defines standards for wireless LAN communication.
IEEE 802.11a A wireless networking standard operating in the 5 GHz band. 802.11a supports a maximum theoretical data rate of 54 Mbps. Depending on interference, 802.11a could have a range of 150 feet at the lowest speed setting. Higher-speed transmissions would see a lower range. 802.11a uses the CSMA/CA media access method and is incompatible with 802.11b and 802.11g.
IEEE 802.11ac The 802.11ac wireless standard provides even higher throughput for WLANs on the 5 GHz frequency range. The specifications goal is at least 1 gigabit per second throughput for multistation WLANs and a single station link throughput of at least 500 Mbps. It supports MIMO spatial streams as well as the newer MU-MIMO technology. 802.11ac is backward compatible with 802.11b, g, and n.
IEEE 802.11b A commonly deployed IEEE wireless standard that uses the 2.4 GHz RF range and offers speeds up to 11 Mbps. Under ideal conditions, the transmission range can be as far as 75 meters.
IEEE 802.11g An IEEE wireless standard that is backward compatible with 802.11b. 802.11g offers a data rate of 54 Mbps. Like 802.11b, 802.11g uses the 2.4 GHz RF range.
IEEE 802.11n The 802.11n wireless standard significantly increased throughput in both the 2.4 GHz and 5 GHz frequency range. The baseline goal of the standard reaches speeds of 100 Mbps, but given the right conditions, 802.11n speeds can reach 600 Mbps. 802.11n is backward compatible with 802.11b and g.
IETF (Internet Engineering Task Force) A group of research volunteers responsible for specifying the protocols used on the Internet and the architecture of the Internet.
ifconfig A command used on Linux- and UNIX-based systems to obtain configuration for and configure network interfaces.
IGMP (Internet Group Management Protocol) A protocol used for communication between devices within the same multicast group. IGMP provides a mechanism for systems to detect and make themselves aware of other systems in the same group.
IGP The interior gateway protocol (IGP) identifies the protocols used to exchange routing information between routers within a LAN or interconnected LANs. See EGP.
IGRP (Interior Gateway Routing Protocol) A distance vector interior gateway protocol (IGP) developed by Cisco.
IKE (Internet Key Exchange) An IPsec protocol that uses X.509 certificates for authentication.
IMAP4 (Internet Message Access Protocol version 4) A protocol that enables email to be retrieved from a remote server. It is part of the TCP/IP suite, and it is similar in operation to POP3 but offers more functionality.
incremental backup A backup of only files that have been created or changed since the last backup. In an incremental backup, the archive bit is cleared to indicate that a file has been backed up.
infrared A wireless data communication method that uses light pulses in the infrared range as a carrier signal.
infrastructure topology A wireless topology that defines a wireless network composed of an access point connected to a wired LAN. Wireless devices communicate with the wired LAN through the access point (AP).
inherited rights The file system or directory access rights valid at a given point as a result of those rights being assigned at a higher level in the directory structure.
intelligent hub/switch A hub or switch that contains some management or monitoring capability.
intelligent UPS A UPS that has associated software for monitoring and managing the power provided to the system. For information to be passed between the UPS and the system, the UPS and system must be connected, which normally is achieved through a serial or USB connection.
interface A device, such as a card or plug, that connects pieces of hardware with a computer so that information can be moved from place to place (for example, between computers and printers, hard drives, and other devices, or between two or more nodes on a network). Also, the part of an application or operating system that the user sees.
interference Anything that can compromise a signal’s quality. On bound media, crosstalk and EMI are examples of interference. In wireless environments, atmospheric conditions that degrade a signal’s quality would be considered interference.
internal loopback address Functionality built in to the TCP/IP stack that enables you to verify the correct functioning of the stack. You can ping any IPv4 address in the 127.x.x.x range, except the network address (127.0.0.0) or the broadcast address (127.255.255.255). The address 127.0.0.1 is most commonly used. In IPv6, the localhost (loopback) address is 0:0:0:0:0:0:0:1 or can also be expressed as ::1.
Internet domain name The name of an area of the DNS namespace. The Internet domain name normally is expressed along with the top-level domain to which it belongs (for example, comptia.org).
Internet layer In the TCP/IP architectural model, the layer responsible for addressing, packaging, and routing functions. Protocols that operate at this layer are responsible for encapsulating packets into Internet datagrams. All necessary routing algorithms are run here.
internetwork A group of networks connected by routers or other connectivity devices so that the networks function as one network.
InterNIC (Internet Network Information Center) Now known just as NIC (Network Information Center), this is the organization that was primarily responsible for domain name allocation.
intrusion detection The process or procedures that warn you about successful or failed unauthorized access to a system.
IoT (Internet of Things) A network of physical devices embedded with software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.
IP (Internet Protocol) A network layer protocol, documented in RFC 791, that offers a connectionless internetwork service. IP provides features for addressing, packet fragmentation and reassembly, type-of-service specification, and security.
IP address The unique address used to identify the network number and node address of a device connected to a TCP/IP network. IPv4 addresses typically are expressed in dotted-decimal format, such as 192.168.1.1. A typical IPv6 address looks like 2001:0:4137:9e76:18d1:2094:b980:a30.
IPS (intrusion prevention system) A network device that continually scans the network, looking for inappropriate activity.
ipconfig A Windows command that provides information about the configuration of the TCP/IP parameters, including the IP address.
IPsec (IP Security) A protocol used to provide strong security standards for encryption and authentication on virtual private networks.
IPv4 (Internet Protocol version 4) A suite of protocols used for communication on a local area network and for accessing the Internet.
IPv6 (Internet Protocol version 6) The newer version of IP, which has a larger range of usable addresses than IPv4, and enhanced security.
IrDA A wireless networking technology that uses infrared beams to send data transmissions between devices.
ISAKMP (Internet Security Association and Key Management Protocol) Defined by RFC 2408, ISAKMP is a protocol typically used by IKE for key exchange.
iSCSI (Internet Small Computer System Interface) An IP-based networking storage standard for linking and managing data storage facilities. iSCSI allows SCSI commands to be sent over IP networks, including LANs, WANs, and the Internet.
ISDN (Integrated Services Digital Network) An internationally adopted standard for providing end-to-end digital communications between two points. ISDN is a dialup technology allowing data, voice, and other source traffic to be transmitted over a dedicated link.
ISDN terminal adapter A device that enables communication over an ISDN link.
IS-IS (Intermediate System-to-Intermediate System) A link-state protocol that discovers the shortest path for data to travel using the shortest path first (SPF) algorithm. IS-IS routers distribute topology information to other routers, allowing them to make the best path decisions.
ISO (International Organization for Standardization) A voluntary organization founded in 1946 that is responsible for creating international standards in many areas, including communications and computers. This also includes the development of the OSI model.
ISP (Internet service provider) A company or organization that provides facilities for clients to access the Internet.
IT (information technology) A fascinating field of study and career choice.
ITS (intelligent transportation system) A traffic management system intended for use in creating smart transportation networks.
IV (initialization vector) A fixed-size input used in cryptography. The larger initialization vector, the more it increases the difficulty in cracking and minimizes the risk of replay.
Kb (kilobit) 1000 bits.
Kbps (Kilobits per second) A measurement of the number of kilobits transmitted, or capable of being transmitted, in a second.
KB (kilobyte) 1000 bytes.
Kerberos A network authentication protocol designed to ensure that the data sent across networks is encrypted and safe from attack. Its primary purpose is to provide authentication for client/server applications.
KVM (keyboard video mouse) A device that allows one keyboard, one mouse, and one monitor to be used with multiple devices.
L2TP (Layer 2 Tunneling Protocol) A VPN protocol that defines its own tunneling protocol and works with the advanced security methods of IPsec. L2TP enables PPP sessions to be tunneled across an arbitrary medium to a home gateway at an ISP or corporation.
LACP (Link Aggregation Control Protocol) An IEEE specification that provides a control method of bundling several physical ports into one single channel.
LAN (local-area network) A group of connected computers located in a single geographic area—usually a building or office—that shares data and services.
latency The delay induced by a piece of equipment or device used to transfer data.
LC (local connector) A media connector used with fiber-optic cabling.
LDAP (Lightweight Directory Access Protocol) A protocol used to access and query compliant directory services systems, such as Microsoft Active Directory.
learning bridge A bridge that builds its own bridging address table instead of requiring someone to manually enter information. Most modern bridges are learning bridges. Also called a smart bridge.
LEC (local exchange carrier) A regulatory term used in telephony to represent the local telephone provider.
LED (light-emitting diode) A type of semiconductor that emits light and is commonly used in displays.
legacy An older computer system or technology.
line conditioner A device used to stabilize the flow of power to the connected component. Also known as a power conditioner or voltage regulator.
link light An LED on a networking device, such as a hub, switch, or NIC. The illumination of the link light indicates that, at a hardware level, the connection is complete and functioning.
link-state routing A dynamic routing method in which routers tell neighboring routers of their existence through packets called link-state advertisements (LSAs). By interpreting the information in these packets, routers can create maps of the entire network. Compare with distance-vector routing.
Linux A UNIX-like operating system kernel created by Linus Torvalds. Linux is distributed under an open-source license agreement, as are many of the applications and services that run on it.
LLC (logical link control) layer A sublayer of the data link layer of the OSI model. The LLC layer provides an interface for network layer protocols and the MAC sublayer.
LLDP (Link Layer Discovery Protocol) A protocol used by network devices for advertising on an IEEE 802 local area network.
logical addressing scheme The addressing method used in providing manually assigned node addressing.
logical topology The appearance of the network to the devices that use it, even if in physical terms the layout of the network is different. See also physical topology.
loop A continuous circle that a packet takes through a series of nodes in a network until it eventually times out.
loopback plug A device used for loopback testing.
loopback testing A troubleshooting method in which the output and input wires are crossed or shorted in a manner that enables all outgoing data to be routed back into the card.
LSA (link state advertisements) A method of OSPF communication in which the router sends the local routing topology to all other local routers in the same OSPF area.
LTE (Long-Term Evolution) A wireless communication standard more commonly referred to as 4G LTE.
LWAPP (Lightweight Access Point Protocol) More commonly known as Lightweight, this is a protocol simplifying communication with multiple access points at the same time.
MaaS (Mobility as a Service) Also known as Transportation as a Service, this is a shift toward mobility solutions that are consumed as a service as opposed to personal vehicles.
MAC (Media Access Control) address A six-octet number, described in hexadecimal, that uniquely identifies a host on a network. It is a unique number burned into the network interface.
MAC layer In the OSI model, the lower of the two sublayers of the data link layer. It is defined by the IEEE as being responsible for interaction with the physical layer.
MAN (metropolitan-area network) A network that spans a defined geographic location, such as a city or suburb.
master name server The supplying name server that has authority in a DNS zone.
Mb (megabit) 1 million bits. Used to rate transmission transfer speeds.
Mbps (megabits per second) A measurement of the number of megabits sent, or capable of being sent, in a second.
MB (megabyte) 1 million bytes. Usually refers to file size.
MBps (megabytes per second) A measurement of the number of megabytes sent in a second.
MDF The main distribution frame is a type of wiring closet. The primary wiring closet for a network typically holds the majority of the network gear, including routers, switches, wiring, servers, and more. This is also typically the wiring closet where outside lines run into the network. This main wiring closet is known as the MDF. One of the key components in the MDF is a primary patch panel. The network connector jacks attached to this patch panel lead out to the building for network connections. See also IDF.
MDI (medium-dependent interface) A type of port found on Ethernet networking devices, such as hubs and switches, in which the wiring is straight through. MDI ports are sometimes called uplink ports. They are intended for use as connectivity points to other hubs and switches.
MDIX (media dependent interface crossover) A type of port found on Ethernet networking devices in which the wiring is crossed so that the transmit line of one device becomes the receive line of the other. MDI-X is used to connect hubs and switches to client computers.
media converter Network media converters are used to interconnect different types of cables within an existing network. For example, the media converter can be used to connect newer Gigabit Ethernet technologies with older 100BASE-T networks.
media tester Defines a range of software or hardware tools designed to test a particular media type.
mesh A type of network topology in which each node connects to every other node. The mesh network provides a high level of redundancy because it provides alternative routes for data to travel should a single route become unavailable.
metric A value that can be assigned to a route to encourage or discourage the use of the route. See also cost.
MGCP (Media Gateway Control Protocol) A protocol for controlling IP-based media gateways through the public switched telephone networks (PSTNs).
MIB (Management Information Base) A data set that defines the criteria that can be retrieved and set on a device using SNMP.
microsegmentation The process of using switches to divide a network into smaller segments.
microwaves A wireless technology sometimes used to transmit data between buildings and across vast distances.
MIMO (multiple input, multiple output) The use of multiple antennas—often at both the transmitter and receiver—to improve communications in IEEE 802.11n and 802.11ac Wi-Fi networks.
MLA (master license agreement) The main contract defining services to be offered by a provider.
MMF (multimode fiber) A type of fiber in which many beams of light travel through the cable, bouncing off the cable walls. This strategy actually weakens the signal, reducing the length and speed at which the data signal can travel. See also SMF.
modem (modulator-demodulator) A device used to modulate and demodulate the signals that pass through it. It converts the direct current pulses of the serial digital code from the controller into the analog signals compatible with the telephone network.
MOA (memorandum of agreement) An agreement expressing a convergence of will between the parties and indicating an intended common line of action.
MOU (memorandum of understanding) An agreement (bilateral or multilateral) between parties defining terms and conditions of an agreement.
MPLS (multiprotocol label switching) A technology designed to speed up network traffic flow by moving away from the use of traditional routing tables. Instead of routing tables, MPLS uses short labels to direct packets and forward them through the network.
MS-CHAP (Microsoft Challenge Handshake Authentication Protocol) An implementation of CHAP specific to Microsoft operating systems and commonly offered in both server and desktop operating systems.
MSA (master service agreement) A contract between parties, in which the parties agree to most of the terms that will govern future transactions or future agreements.
MSDS (material safety data sheet) A document defining the hazards of working with a chemical or compound, safety precautions, and guidelines for dealing with spills or accidents.
MT-RJ connector A media connector used with fiber-optic cabling.
MTBF (mean time between failures) The predicted time between inherent failures of a system.
MTTR (mean time to recovery) The average time that a device will take to recover from a failure.
MTU (maximum transmission unit) The largest data size that a protocol/layer can transmit.
multicast A single-packet transmission from one sender to a specific group of destination nodes.
multihomed A term used to refer to a device that has more than one network interface.
multimeter A tool used to measure voltage, current, and resistance.
multiplatform A term used to refer to a programming language, technology, or protocol that runs on different types of CPUs or operating systems.
multiplexing A technique of combining multiple channels over a transmission path and then recovering or demultiplexing the separate channels at the receiving end. Examples include FDM, TDM, CDM, and WDM.
MU-MIMO (multiuser multiple input, multiple output) A set of advanced MIMO technologies included with IEEE 802.11ac that dramatically enhances wireless throughput.
MX (Mail Exchanger) A DNS record entry used to identify the mail server.
NAC (Network Access Control) A computer networking security solution that uses a set of network protocols with the goal to unify endpoint security solutions such as antivirus, vulnerability assessment, and authentication.
name server A server that contains a database of name resolution information used to resolve network names to network addresses.
NAS (network-attached storage) An array of disks providing network storage capacity to the users on the network. It is a specialized file-level computer storage device connected to a network.
NAT (Network Address Translation) A standard that enables the translation of IP addresses used on one network to a different IP address that is acceptable for use on another network. This translation enables multiple systems to access an external network, such as the Internet, through a single IP address.
NCP (Network Control Protocol) A protocol used to define control between network protocols or layers.
NDR (non-delivery receipt) A message informing the sender that a previous message has not been delivered because a delivery problem occurred.
NetBEUI (NetBIOS Extended User Interface) A nonroutable, Microsoft proprietary networking protocol designed for use in small networks.
NetBIOS (Network Basic Input/Output System) A software application that enables different applications to communicate between computers on a LAN.
netstat A Windows operating system command-line utility that displays protocol statistics and current TCP/IP network connections.
network card See NIC.
network ID The part of a TCP/IP address that specifies the network portion of the IP address. The network ID is determined by the class of the address, which in turn is determined by the subnet mask used.
network interface layer The bottom layer of the TCP/IP architectural model, which is responsible for sending and receiving frames.
network layer Layer 3 of the OSI model, which is where routing based on node addresses (IP addresses) occurs.
network operating system An operating system that runs on the servers on a network. Network operating systems include Windows Server, UNIX, and Linux.
NFC (near field communication) Any protocol that enables two electronic devices to establish communication by bringing them within 1.6 inches of each other. This is gaining in popularity for use with a smartphone and electronic payment systems.
NFS (Network File System) A file sharing and access protocol most commonly associated with UNIX and Linux systems.
NGFW (Next Generation Firewall) Combining a traditional firewall with any other network device (such as an intrusion prevention system) to get additional functionalities.
NIC (network interface card) A hardware component that serves as the interface, or connecting component, between a network and the node. It has a transceiver, a MAC address, and a physical connector for the network cable. Also called a network adapter or network card.
NIDS (network intrusion detection system) An intrusion detection system that analyzes and monitors at the network level rather than the host level.
NIPS (network intrusion prevention system) A network security system that monitors, blocks, and reports malicious network activity.
NIU (network interface unit) A generic term for a network interface device (NID) or point of demarcation.
nm (nanometer) A measurement equal to one billionth of a meter.
NMS (network management system) An application that acts as a central management point for network management. Most NMS systems use SNMP to communicate with network devices. See also SNMP.
NNTP (Network News Transfer Protocol) An Internet protocol that controls how news articles are to be queried, distributed, and posted. NNTP uses port 119.
noise Another name for EMI. See also EMI.
nslookup Windows and Linux/UNIX command-line utility used to query Domain Name System (DNS) servers and clients to obtain DNS information.
NTP (Network Time Protocol) A protocol used to communicate time synchronization information between devices on the network. NTP is part of the TCP/IP suite. NTP uses port 123.
OCSP (online certificate status protocol) A protocol used for obtaining the revocation status of an X.509 digital certificate.
OCx (Optical Carrier) A set of standards used for digital signals with SONET fiber networks.
OS (operating system) The main computer program that manages and integrates all the applications running on a computer. The OS handles all interactions with the processor.
OSI (Open Systems Interconnect) reference model A seven-layer model created by the ISO to standardize and explain the interactions of networking protocols.
OSPF (Open Shortest Path First) A link-state routing protocol used on TCP/IP networks. Compare with distance-vector routing.
OTDR (optical time-domain reflectometer) A tool used to locate problems with optical media, such as cable breaks.
OUI (Organizationally Unique Identifier) A 24-bit number that uniquely identifies a vendor, a manufacturer, or other organization globally or worldwide.
PaaS (Platform as a Service) A cloud computing service model in which the provider supplies the operating system and the user is responsible for the stack above it.
packet A packet refers to a unit of data that travels in communication networks.
packet filtering A firewall method in which each packet that attempts to pass through the firewall is examined to determine its contents. The packet is then allowed to pass, or it is blocked, as appropriate.
packet sniffer A device or application that enables data to be copied from the network and analyzed. In legitimate applications, it is a useful network troubleshooting tool.
PAN (personal-area network) A network layout whereby devices work together in close proximity to share information and services, commonly using technologies such as Bluetooth or infrared.
PAP (Password Authentication Protocol) A simple authentication protocol in which the username and password are sent to the remote-access server in clear text, making it possible for anyone listening to network traffic to steal both. PAP typically is used only when connecting to older UNIX-based remote-access servers that do not support any additional authentication protocols.
passive hub A hub that has no power and therefore does not regenerate the signals it receives. Compare with active hub.
password A set of characters used with a username to authenticate a user on a network and to provide the user with rights and permissions to files and resources.
PAT (Port Address Translation) A variation on NAT (Network Address Translation). With PAT, all systems on the LAN are translated into the same IP address, but with a different port number assignment. See also NAT.
patch A fix for a bug in a software application. Patches can be downloaded from the Internet to correct errors or security problems in software applications.
patch cable A cable, normally twisted pair, used to connect two devices. Strictly speaking, a patch cable is the cable that connects a port on a hub or switch to the patch panel, but today people commonly use the term to refer to any cable connection.
patch panel A device in which the cables used in coaxial or twisted-pair networks converge and are connected. The patch panel is usually in a central location.
PC (personal computer) A general-purpose computer intended for use by individual users.
PCM (phase change memory) A type of nonvolatile random-access memory (RAM).
PDoS (permanent denial of service) A Denial of Service type attack that damages a system so badly that it requires replacement or reinstallation of hardware.
PDU (protocol data unit) Data that contains control information, such as address information and user information.
peer-to-peer networking A network environment that does not have dedicated servers, where communication occurs between similarly capable network nodes that act as both clients and servers.
permissions Authorization provided to users that allows them to access objects on a network. Network administrators generally assign permissions. Permissions are slightly different from but are often used with rights.
PGP (Pretty Good Privacy) A popular encryption/decryption program used for cryptography.
physical address The MAC address on every NIC. The physical address is applied to a NIC by the manufacturer. Except for rare occurrences, it is never changed.
physical layer Layer 1 of the OSI model, where all physical connectivity is defined.
physical network diagram A diagram that displays the physical layout of a network, including placement of systems and all network cabling.
physical topology The actual physical layout of the network. Common physical topologies include star, bus, mesh, and ring. Compare with logical topology.
ping A TCP/IP stack utility that works with ICMP and that uses echo requests and replies to test connectivity to other systems.
PKI (public key infrastructure) A collection of software, standards, and policies combined to enable users from the Internet or other unsecured public networks to securely exchange data. PKI uses a public and private cryptographic key pair obtained and shared through a trusted authority.
plenum The space between the structural ceiling and a drop-down ceiling. It is commonly used for heating, ventilation, and air conditioning systems and to run network cables.
plug and play An architecture designed to enable the operating system to detect hardware devices and for the driver to be automatically loaded and configured.
PoE (Power over Ethernet) A technology that enables electrical power to be transmitted over twisted-pair Ethernet cable. The power is transferred, along with data, to provide power to remote devices.
policies and procedures Policies refer to an organization’s documented rules regarding what is to be done, or not done, and why. Network procedures differ from policies in that they identify the way in which tasks are to be performed.
polling The media access method for transmitting data in which a controlling device is used to contact each node to determine whether it has data to send.
POP3 (Post Office Protocol version 3) A protocol that is part of the TCP/IP suite used to retrieve mail stored on a remote server. The most commonly used version of POP is POP3. POP3 is an application layer protocol.
port In physical networking terms, a pathway on a networking device that enables other devices to be connected. In software terms, a port is the entry point into an application, a system, or a protocol stack.
port mirroring A process by which two ports on a device, such as a switch, are configured to receive the same information. Port mirroring is useful in troubleshooting scenarios.
POTS (plain old telephone system) The current analog public telephone system. See also PSTN.
PPP (Point-to-Point Protocol) A common dial-up networking protocol that includes provisions for security and protocol negotiation. Provides host-to-network and switch-to-switch connections for one or more user sessions.
PPPoE (Point-to-Point Protocol over Ethernet) An Internet connection authentication protocol that uses two separate technologies, Ethernet and PPP, to provide a method for multiple users to share a common digital subscriber line (DSL), cable modem, or wireless connection to the Internet.
PPTP (Point-to-Point Tunneling Protocol) A protocol that encapsulates private network data in IP packets. These packets are transmitted over synchronous and asynchronous circuits to hide the Internet’s underlying routing and switching infrastructure from both senders and receivers.
presentation layer Layer 6 of the OSI model, which prepares information to be used by the application layer.
PRI (Primary Rate Interface) A high-level network interface standard for use with ISDN. PRI is defined as having a rate of 1.544 Mbps, and it consists of a single 64 Kbps D channel plus 23 T1 B channels for voice or data. See also BRI and ISDN.
primary name server The DNS server that offers zone data from files stored locally on the machine.
private network A network to which access is limited, restricted, or controlled. Most corporate networks are private networks. Compare with public network.
proprietary A standard or specification created by a single manufacturer, vendor, or other private enterprise.
protocol A set of rules or standards that control data transmission and other interactions between networks, computers, peripheral devices, and operating systems.
protocol analyzer Protocol analyzers can be hardware- or software-based, with their primary function being to analyze network protocols such as TCP, UDP, HTTP, FTP, and more.
proxy A device, application, or service that acts as an intermediary between two hosts on a network, eliminating the capability for direct communication.
proxy server A server that acts as a go-between for a workstation and the Internet. A proxy server typically provides an increased level of security, caching, NAT, and administrative control.
PSK (pre-shared key) A value (key) shared with another party so that they can encrypt messages to then be securely sent.
PSTN (public switched telephone network) A term that refers to all the telephone networks and services in the world. The same as POTS, PSTN refers to the world’s collection of interconnected public telephone networks that are both commercial and government owned. All the PSTN is digital, except the connection between local exchanges and customers (which is called the local loop or last mile), which remains analog.
PTP (Point-to-Point) More commonly referenced as PPP, this protocol is used to establish a direct connection between two nodes.
PTR (pointer) A DNS record used to map an IP address to a hostname.
PUA (privileged user agreement) Established, and agreed upon, rules of behavior that define what privileged users can and cannot do with their elevated permissions.
public network A network, such as the Internet, to which anyone can connect with the most minimal of restrictions. Compare with private network.
punchdown block A device used to connect network cables from equipment closets or rooms to other parts of a building. Connections to networking equipment such as hubs or switches are established from the punchdown block. Also used in telecommunications wiring to distribute phone cables to their respective locations throughout the building.
punchdown tool A hand tool that enables the connection of twisted-pair wires to wiring equipment such as a patch panel.
PVC (permanent virtual circuit) A permanent dedicated virtual link shared in a Frame Relay network, replacing a hardwired dedicated end-to-end line.
QoS (quality of service) Describes the strategies used to manage and increase the flow of network traffic. QoS features enable administrators to predict bandwidth use, monitor that use, and control it to ensure that bandwidth is available to the applications that need it.
QSFP (quad small factor pluggable) A compact, hot-pluggable transceiver used for data communications.
RADIUS (Remote Authentication Dial-In User Service) A security standard that employs a client/server model to authenticate remote network users. Remote users are authenticated using a challenge-and-response mechanism between the remote-access server and the RADIUS server.
RARP (Reverse Address Resolution Protocol) A protocol, part of the TCP/IP suite, that resolves MAC addresses to IP addresses. Its relative ARP resolves IP addresses to MAC addresses. RARP resides on the network layer of the OSI model.
RAS (Remote Access Service) A Windows service that enables access to the network through remote connections.
RDP (Remote Desktop Protocol) A presentation layer protocol that supports a Remote Desktop Connection between an RDP client (formerly known as “Windows Terminal Client”) and a server.
regulations Regulations are actual legal restrictions with legal consequences.
remote control In networking, having physical control of a remote computer through software.
remote node A node or computer connected to a network through a remote connection. Dialing in to the Internet from home is an example of the remote node concept.
repeater A device that regenerates and retransmits signals on a network. Repeaters usually are used to strengthen signals going long distances.
resolver A system that requests the resolution of a name to an IP address. This term can be applied to both DNS and WINS clients.
restore To transfer data from backup media to a server. The opposite of backup.
RF (radio frequency) A rate of oscillation used by radio waves and radio signals.
RFC (Request For Comments) The process by which standards relating to the Internet, the TCP/IP suite, and associated technologies are created, commented on, and approved.
RFI (radio frequency interference) Interference that affects radio frequency communication.
RFP (request for proposal) A document that solicits proposals, often through a bidding process.
RG (Radio Guide) More frequently used as Radio Grade, this is a specification commonly used with connection types.
RG-6/59 Designations for the coaxial cable used in thin coaxial networks that operate on the Ethernet standard.
rights An authorization provided to users that allows them to perform certain tasks. The network administrator generally assigns rights. Slightly different from but often used with the term permissions.
RIP (Routing Information Protocol) A protocol that uses hop count as a routing metric to control the direction and flow of packets between routers on an internetwork.
RJ (Registered Jack) A specification for a family of cable connectors.
RJ-11 connector A connector used with telephone systems. Can have up to six conductors.
RJ-45 connector A connector used with twisted-pair cable. Can support eight conductors for four pairs of wires.
route The entire path between two nodes on a network.
router A device that works at the network layer of the OSI model to control the flow of data between two or more network segments.
RPO (recovery point objective) The maximum acceptable period in which data might be lost from a major incident.
RSA An algorithm for public-key cryptography. Can be used for encryption purposes. RSA is used as a secure solution for e-commerce.
RSH (Remote Shell) A protocol, and corresponding application, used to remotely run a shell across an IP-based network.
RSTP (Rapid Spanning Tree Protocol) The default protocol for preventing loops on Ethernet networks.
RTO (recovery time objective) The acceptable duration of time within which a business process must be restored after a disaster to avoid unacceptable consequences associated with a break in business continuity.
RTP (Real-Time Transport Protocol) The Internet-standard protocol for the transport of real-time data, including audio and video.
RTSP (Real-Time Streaming Protocol) A protocol used for establishing and maintaining communications with a media server.
RTT (Round Trip Time or Real Transfer Time) A measurement of the length of time it takes for data to be sent and returned.
SA (security association) The establishment of shared security attributes between two entities on a network to support secure communications between them.
SaaS (Software as a Service) A cloud computing service model in which a user runs everything supplied by the provider.
sag A momentary drop in the voltage provided by a power source.
SC (Standard Connector) A type of connector used with fiber cabling.
SCADA (supervisory control and data acquisition) A system operating with coded signals to remotely control a device or equipment.
SCP (Secure Copy Protocol) A basic file-copying protocol that uses Secure Shell (SSH) technology to provide security to the transfer.
SDLC (software development life cycle) The life cycle of software development.
SDN (software defined network) An approach to networking that allows network administrators to programmatically manage network behavior dynamically via open interfaces and provide abstraction of lower-level functionality.
SDP (Session Description Protocol) A format of streaming media initialization parameters.
SDSL (symmetrical digital subscriber line) A DSL implementation that offers the same speeds for uploads and downloads. It is not widely implemented in the home/small business environment and cannot share a phone line.
secondary name server A type of DNS server that gets its zone data from another DNS name server that has authority in that zone.
Security log A log located in the Windows Event Viewer that provides information on audit events that the administrator has determined to be security-related. These events include logons, attempts to log on, attempts to access areas that are denied, and attempts to log on outside normal hours.
segment A physical section of a network.
server A network node that fulfills service requests for clients. Usually referred to by the type of service it performs, such as file server, communications server, or print server.
server-based application An application run from a network share rather than from a copy installed on a local computer.
server-based networking A network operating system dedicated to providing services to workstations, or clients. See also client/server networking.
service pack A software update that fixes multiple known problems and in some cases provides additional functionality to an application or operating system.
session How long the dialog remains open between two nodes.
session layer Layer 5 of the OSI model, which establishes, manages, and terminates sessions between applications on different nodes.
SFP (small form-factor pluggable) A line of small optical transceivers that have recently become available.
SFTP (Secure File Transfer Protocol) An implementation of File Transfer Protocol (FTP) that uses Secure Shell (SSH) technology to provide additional authentication and encryption services for file transfers.
SGCP (Simple Gateway Control Protocol) A communication protocol used with VoIP.
SHA (Secure Hash Algorithm) A cryptographic hash algorithm used in security and defined by the United States National Security Agency.
shared system The infrastructure component routed directly into an internetwork’s backbone for optimal systems access. It provides connectivity to servers and other shared systems.
SIEM (Security Information and Event Management) Any of a family of products that combine security information management and event management to achieve a more holistic approach to security.
SIP (Session Initiation Protocol) An application layer protocol designed to establish and maintain multimedia sessions such as Internet telephony calls.
SLA (service level agreement) An agreement between a customer and provider detailing the level of service to be provided on a regular basis and in the event of problems.
SLIP (Serial Line Internet Protocol) An antiquated IP-based protocol for modem connections and serial ports.
SMB (server message block) An application-layer network protocol used primarily for providing shared access to files, printers, and ports as well as miscellaneous communications between nodes.
SMF (single-mode fiber) A type of fiber that uses a single direct beam of light, thus allowing for greater distances and increased transfer speeds. See also MMF.
SMS (Short Message Service) A text-based communication service for phones, web, and other devices.
SMTP (Simple Mail Transfer Protocol) An Internet protocol used for the transfer of email messages and attachments.
SNAT (Static NAT) A simple form of NAT. SNAT maps a private IP address directly to a static unchanging public IP address. See also NAT.
SNMP (Simple Network Management Protocol) Provides network devices with a method to monitor and control network devices; manage configurations, statistics collection, performance, and security; and report network management information to a management console. SNMP is part of the TCP/IP suite.
SNMP agent A software component that enables a device to communicate with, and be contacted by, an SNMP management system.
SNMP trap An SNMP utility that sends an alarm to notify the administrator that something within the network activity differs from the established threshold, as defined by the administrator.
SNTP (Simple Network Time Protocol) An IP-based protocol used to coordinate time among devices across the network.
SOA (start of authority) A record of information containing data on DNS zones and other DNS records. A DNS zone is the part of a domain for which an individual DNS server is responsible. Each zone contains a single SOA record.
SOHO (small office/home office) A small network typically serving 1 to 10 users.
SONET (Synchronous Optical Network) A U.S. standard for data transmission that operates at speeds up to 2.4 Gbps over optical networks referred to as OC-x, where x is the level. The international equivalent of SONET is Synchronous Digital Hierarchy (SDH).
SOP (standard operating procedure) The normal, accepted way that business is conducted.
source address The address of the host that sent the frame. The source address is contained in the frame so that the destination node knows who sent the data.
source-route bridge A bridge used in source-route bridging to send a packet to the destination node through the route specified by the sending node.
SOW (statement of work) A formal document that defines work activities to be performed for a client.
SPB (Shortest Path Bridging) Defined in IEEE 802.1aq, this is a standard defining a routing (Layer 2) protocol.
SPI (stateful packet inspection) A type of firewall that works at the network layer and keeps track of the state of active connections.
spike An instantaneous, dramatic increase in the voltage input to a device. Spikes are responsible for much of the damage done to network hardware components.
SPS (standby power supply) A type of power supply in which the SPS monitors the power line and switches to battery power as soon as it detects a problem. During the time it takes to switch to battery power, the computer does not receive any power and may power down. This is in contrast to an online UPS, which constantly provides battery power.
SSH (Secure Shell) An application, such as Telnet, that enables a session to be opened on a remote host. SSH differs from Telnet in that it provides additional authentication methods and encryption for data as it traverses the network. SSH uses TCP/IP port 22.
SSID (service set identifier) A unique client identifier sent over the WLAN that acts as a simple password used for authentication between a wireless client and an access point. The SSID is used to differentiate between networks. Therefore, the client system and the AP must use the same SSID.
SSL (Secure Sockets Layer) A method of securely transmitting information to and receiving information from a remote website. SSL is implemented through HTTPS. SSL operates at the presentation layer of the OSI model and uses TCP/IP port 443.
ST (Straight Tip or Snap Twist) A type of connector used with cabling.
STA (Spanning Tree Algorithm) A standard defined by IEEE 802.1 as part of STP to eliminate loops in an internetwork with multiple paths.
star A type of physical network design in which all nodes connect to a centralized device—in most cases a network switch.
static IP address An IP address manually assigned to a network device, as opposed to dynamically via DHCP.
static routing A routing method in which all routes must be entered into a device manually and in which no route information is exchanged between routing devices on the network. Compare with dynamic routing.
static window A mechanism used in flow control that prevents the sender of data from overwhelming the receiver. The amount of data that can be buffered in a static window is configured dynamically by the protocol.
ST connector ST refers to a type of fiber connector.
storage-area network (SAN) A subnetwork of storage devices, usually found on high-speed networks and shared by all servers on a network.
store-and-forward A fast-packet-switching method that produces higher latency than other switching methods because the entire contents of the packet are copied into the switch’s onboard buffers. CRC calculations are performed before the packet can be passed on to the destination address.
STP (shielded twisted-pair) Twisted-pair network cable that has shielding to insulate the cable from EMI.
STP (Spanning Tree Protocol) A protocol developed to eliminate the loops caused by the multiple paths in an internetwork. STP is defined in IEEE 802.1.
subdomain A privately controlled segment of the DNS namespace that exists under other segments of the namespace as a division of the main domain. Sometimes also called a child domain.
subnet A logical division of a network, based on the address to which all the devices on the network are assigned.
subnet mask A 32-bit address used to mask, or screen, a portion of an IP address to differentiate the part of the address that designates the network and the part that designates the host.
subnetting The process of using parts of the node portion of an assigned IP address to create more network IDs. Although subnetting increases the number of network IDs, it decreases the number of node addresses available for each network ID.
supernetting The process of aggregating IP network addresses and using them as a single network address range.
surge A voltage increase that is less dramatic than that of a spike but can last much longer. Sometimes called a swell. The opposite of a brownout.
surge protector An inexpensive and simple device placed between a power outlet and a network component to protect the component from spikes and surges. Also known as a surge suppressor.
SVC (switched virtual circuit) A virtual circuit dynamically established on demand to form a dedicated link. It is broken when transmission is complete.
switch A Layer 2 networking device that forwards frames based on destination addresses.
SYN A message sent to initiate a TCP session between two devices. The full term is synchronization packet.
synchronous transmission A digital signal transmission method that uses a precise clocking method and a predefined number of bits sent at a constant rate.
syslog (system log) A log, accessed through Event Viewer on Windows Server platforms, that provides information and warnings on events logged by operating system components and hardware devices. These events include driver failures, device conflicts, read/write errors, timeouts, and bad block errors.
T1/E1 T1 lines are a form of T-Carrier lines that offer transmission speeds of 1.544 Mbps. E1 refers to the European equivalent of T1. See also T-carrier.
T1 crossover See crossover cable.
T3/E3 T3 carrier lines offer transmission speeds of up to 44.736 Mbps, using 672 64 Kbps B channels. E3 refers to the European equivalent of T3. See also T-carrier.
TA (terminal adaptor) Also known as adapter, this is a device that connects a node to an ISDN network.
TACACS (Terminal Access Controller Access-Control System) A family of related protocols handling remote authentication and related services for networked access control through a centralized server.
TACACS+ (Terminal Access Controller Access Control System Plus) A security protocol designed to provide centralized validation of users who are attempting to gain access to a router or network access server (NAS). TACACS+ is a set of security protocols designed to provide authentication, authorization, and accounting (AAA) of remote users. TACACS+ uses TCP port 49 by default.
T-carrier (terrestrial carrier) T-carrier lines are high-speed dedicated digital lines that can be leased from telephone companies. T-carrier lines can support both voice and data transmissions and are often used to create point-to-point private networks.
TCP (Transmission Control Protocol) A connection-oriented, reliable data transmission communication service that operates at the transport layer of the OSI model. TCP is part of the TCP/IP suite.
TCP/IP (Transmission Control Protocol/Internet Protocol) A suite of protocols that includes TCP and IP. TCP/IP was originally designed for use on large internetworks but has now become the de facto protocol for networks of all sizes.
TCP/IP socket A socket, or connection to an endpoint, used in TCP/IP communication transmissions.
TDM (time-division multiplexing) Divides a single communication channel into multiple channels, enabling data signals to be transferred simultaneously as subchannels in one communication channel. Despite being only a single channel, data signals take turns sending data.
TDR (time-domain reflectometer) A device used to test copper cables to determine whether and where a break is on the cable. For optical cables, an optical TDR is used.
Telco (telephone company) A slang term for the telephone provider in question.
Telnet A standard terminal emulation protocol in the TCP/IP stack. Telnet is used to perform terminal emulation over TCP/IP via remote terminal connections, enabling users to log in to remote systems and use resources as if they were connected to a local system. Telnet has been replaced in most instances by the more secure SSH.
temperature monitor A device used to monitor temperature typically in a server room or wiring closet.
Terminal Services A service on Windows Server platforms that enables clients to connect to the server as if it were a multiuser operating system. All the processing for the client session is performed on the server. Only screen updates and user input are transmitted across the network connection. Window Server 2008 R2 and later versions have replaced Terminal Services with Remote Desktop Services (RDS).
TFTP (Trivial File Transfer Protocol) A simplified version of FTP that enables file transfers but does not offer any security or file management capabilities. TFTP uses TCP/IP port 69.
throughput tester A device used to test the actual data throughput of a network cable.
TIA (Telecommunications Industry Association) An organization that, along with the Electronic Industries Association (EIA), develops standards for telecommunications technologies.
TKIP (Temporal Key Integrity Protocol) Designed to address the shortcomings of the WEP security protocol. TKIP is an encryption protocol defined in IEEE 802.11i.
T-line A digital communication line used in WANs. Commonly used T designations are T1 (Trunk Level 1) and T3 (Trunk Level 3). It is also possible to use only part of a T1 line, which is known as fractional T1. T1 lines support a data transmission rate of up to 1.544 Mbps.
TLS (Transport Layer Security) A security protocol designed to ensure privacy between communicating client/server applications. When a server and client communicate, TLS ensures that no one can eavesdrop and intercept or otherwise tamper with the data message. TLS is the successor to SSL.
TMS (transportation management system) A software module that sits between warehouse management and an ERP system.
token A frame that provides controlling information. In a token ring network, the node that possesses the token is the one that is allowed to transmit next.
tone generator A device used with a tone locator to locate and diagnose problems with twisted-pair cabling. Commonly referred to as fox and hound.
toner probe A network tool used to locate the ends of a run of network cable.
topology The shape or layout of a physical network and the flow of data through the network. See also logical topology and physical topology.
ToS (Type of Service) A field in an IPv4 header that defines such things as the priority of the packet.
TPM (trusted platform module) A secure cryptoprocessor standard that employs a dedicated microcontroller to secure hardware by integrating cryptographic keys into the device.
trace route A function of the TCP/IP suite, implemented in utilities such as traceroute and tracert, which enables the entire path of a packet to be tracked between source and destination hosts. It is used as a troubleshooting tool.
tracert A Windows command-line utility used to track the route a data packet takes to get to its destination.
transmit To send data using light, electronic, or electric signals. In networking, this is usually done in the form of digital signals composed of bits.
transparent bridging A situation in which the bridges on a network tell each other which ports on the bridge should be opened and closed, which ports should be forwarding packets, and which ports should be blocking packets—all without the assistance of any other device.
transport layer Layer 4 of the OSI model. Protocols at this layer perform functions such as segmenting data so that it can be sent over the network and then reassembling the segmented data on the receiving end. The transport layer also deals with some of the errors that can occur in a stream of data, such as dropped and duplicated packets.
transport protocol A communications protocol responsible for establishing a connection and ensuring that all data has arrived safely. It is defined in Layer 4 of the OSI model.
Trojan A type of program that appears legitimate but performs some illicit activity when it is run.
TTL (Time To Live) A value assigned to a packet of data to prevent it from moving around the network indefinitely. The TTL value is decremented each time the packet crosses a router, until it reaches 0, at which point it is removed from the network.
TTLS (Tunneled Transport Layer Security) An extension of TLS that adds tunneling and is often combined with EAP.
twisted pair A type of cable that uses multiple twisted pairs of copper wire.
UC (unified communications) A combination of real-time (instant messaging, VoIP, and so on) with non-real-time (email, SMS, and so on) communications on the same platform.
UDP (User Datagram Protocol) A communications protocol that provides connectionless, unreliable communication services and operates at the transport layer of the OSI model. It requires a network layer protocol such as IP to guide it to the destination host.
unbound medium (or boundless medium) Any medium that does not have physical constraints. Examples of unbound media are infrared, wireless, and microwave. Compare with bound medium.
UNC (Universal Naming Convention) An industry-naming standard for computers and resources that provides a common syntax that should work in most systems, including Windows and UNIX. An example of a UNC name is \\servername\sharename.
unicast Communication that takes place over a network between a single sender and a single receiver.
UPC (Ultra Polished Connector) A type of connector used with fiber networks.
UPS (uninterruptible power supply) A system that provides protection against power surges and power outages. During blackouts, a UPS gives you time to shut down systems or devices on the network before the temporary power interruption becomes permanent. A UPS is also called battery backup.
uptime How long a device has been on and operating.
URL (uniform resource locator) A name used to identify a website and subsequently a page on the Internet. An example of a URL is www.quepublishing.com/products.
USB (universal serial bus) A type of interface between a computer system and peripheral devices. The USB interface enables you to add or remove devices without shutting down the computer. USB supports up to 127 devices. USB also supports autodetection and plug and play.
UTM (unified threat management) An approach to threat management that combines multiple security-related products (antivirus software, IPS, and so on) into a single management console.
UTP (unshielded twisted-pair) A type of cable that uses multiple twisted pairs of copper wire in a casing that does not provide much protection from EMI. The most common network cable in Ethernet networks, UTP is rated in categories including Category 1 through Category 7, as well as Category 5e and Category 6a.
VDSL (variable digital subscriber line) An asymmetric version of DSL that supports high-bandwidth applications such as VoIP and HDTV. It is the fastest available form of DSL and uses fiber-optic cabling.
vertical cross-connect The main or vertical cross-connect is the location where outside cables enter the building for distribution. This may include Internet and phone cabling.
virus A software program designed specifically to adversely affect a system or network. A virus is usually designed to be passed on to other systems with which it comes in contact.
VLAN (virtual LAN) A group of devices located on one or more LAN segments, whose configuration is based on logical instead of physical connections. This enables the devices to operate as if they were connected to the same physical switch, regardless of whether they are connected to the same switch.
VNC (virtual network connection) Enables remote login, in which clients can access their own desktops while being physically away from their computers.
VoIP (Voice over IP) Any of a number of technologies that enable voice communication across the Internet Protocol.
volume set Multiple disks or partitions of disks that have been configured to read as one drive.
VPN (virtual private network) A network that uses a public network such as the Internet as a backbone to connect two or more private networks. A VPN provides users with the equivalent of a private network in terms of security. VPNs can also be used as a means of establishing secure remote connectivity between a remote system and another network.
VRF (virtual routing and forwarding) A technology that allows multiple instances of a routing table to coexist within the same router at the same time.
VRRP (Virtual Router Redundancy Protocol) An IP-based routing protocol that automatically assigns available routers to participating hosts.
VTC (video teleconference) Any combination of audio and video real-time technologies.
VTP (VLAN Trunking Protocol) A Cisco proprietary protocol that manages the addition, deletion, and renaming of VLANs for the entire network. Information about changes to a VLAN or the addition of a new VLAN to a network is distributed to all switches on the network simultaneously and does not need to be done one at a time.
WAF (web application firewall) A firewall that filters, monitors, and blocks HTTP traffic to and from a web application; this differs from a regular firewall in that the WAF is able to filter the content of specific web applications.
WAN (wide-area network) A data communications network that serves users across a broad geographic area. WANs often use transmission devices such as modems or CSUs/DSUs to carry signals over leased lines or common carrier lines.
WAP (Wireless Application Protocol / Wireless Access Point) A protocol for wireless mobile access (now outdated) and the devices that make it possible for hosts to connect (widely used).
warm site A disaster recovery site offering most equipment and applications. Compare to a cold site that refers to a disaster recovery site with limited hardware and typically only a reserved location. A hot site is one with duplicate hardware and software and can be operational within minutes of a disaster.
web server A server that runs an application and makes the contents of certain directories on that server, or other servers, available to clients for download, via a protocol such as HTTP.
WEP (Wired Equivalent Privacy) A data encryption method used to protect the transmission between 802.11 wireless clients and access points. WEP security has come under scrutiny because it uses an insufficient key length and provides no automated method for distributing the keys.
Wi-Fi A voluntary standard that manufacturers can adhere to, which aims to create compatibility between wireless devices. Wi-Fi is an abbreviation for wireless fidelity.
WINS (Windows Internet Name Service) A NetBIOS name-to-IP address resolution service that runs on Windows Server platforms.
WINS database A dynamically built database of NetBIOS names and IP addresses used by WINS.
wire crimper A tool used to create networking cables. The type of wire crimping tool used depends on the cable being made.
wireless channel The band of frequency used for wireless communications. Each IEEE wireless standard specifies the channels that can be used.
wireless networking Networking that uses any unbound media, such as infrared, microwave, or radio waves.
wiring schematics Network documentation designed to show the physical wiring of a network. The wiring schematic can often be used in the troubleshooting process.
WLAN (wireless LAN) A local-area network created using wireless transmission methods, such as radio or infrared, rather than traditional wired solutions.
WMS (warehouse management system) A software module that is used to provide management tools for warehouse operations.
workstation A client computer on a network that does not offer any services of its own but that uses the services of the servers on the network.
worm A self-replicating program that can perform destructive acts to a single computer or across a network, both wired and wireless.
WPA (Wi-Fi Protected Access) A data encryption method used on 802.11 wireless LANs. WPA is an industry-supported standard designed to address WEP’s security shortcomings.
WPA2 (Wi-Fi Protected Access v2) A secure wireless data encryption method based on 802.11i that replaces WPA.
WPS (Wi-Fi Protected Setup) A security standard created by the Wi-Fi Alliance to increase security features of networks. The most visible manifestation of this is the button on some home routers that must be pressed to allow a new device to connect to the network within a short time period. Currently, WPS is not considered secure because flaws in the WPS PIN feature have been identified.
WWN (World Wide Name) A unique identifier assigned to a manufacturer by the Institute of Electrical and Electronic Engineers (IEEE). It is hard-coded into a Fibre Channel (FC) device.
WWW (World Wide Web) A service running on the Internet that has become so successful that it is often mistaken for the Internet itself.
XDSL (extended digital subscriber line) All the variations of DSL available are lumped together under the label XDSL.
XML (Extensible Markup Language) A set of rules for the encoding of documents in a machine-readable format.
Zeroconf (zero configuration) A set of tools and tricks/techniques that exist within TCP/IP with the goal of allowing devices to connect and configure without an administrator needing to manually configure anything.
zone transfer The passing of DNS information from one name server to a secondary name server.