This glossary defines the terms and abbreviations listed at the beginning of each chapter in the book.
AAA (authentication, authorization, and accounting) The primary framework to set up access control on a network device.
access attack A type of attack that exploits known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information. An access attack allows individuals to gain unauthorized access to information that they have no right to view.
access method A set of rules used by LAN hardware to direct traffic on the network. It determines which host or device uses the LAN next.
access point (AP) A device that connects to a wireless router and is used to extend the reach of a wireless network.
acknowledgment A notification sent from one network device to another to acknowledge that some event (for example, receipt of a message) has occurred.
Address Resolution Protocol (ARP) An internet protocol used to map an IP address to a MAC address. Defined in RFC 826.
adjacency table A table in a router that contains a list of the relationships formed between selected neighboring routers and end nodes for the purpose of exchanging routing information. Adjacency is based on the use of a common media segment.
alternating current An electrical current that changes direction at a uniformly repetitious rate. This type of electricity typically is provided by a utility company and is accessed through wall sockets.
American National Standards Institute (ANSI) A private nonprofit organization that oversees development of standards in the United States.
American Standard Code for Information Interchange (ASCII) An 8-bit code (7 bits plus parity) for character representation.
analog telephone A type of telephone that can transmit data over standard voice telephone lines for internet access. This type of service uses an analog modem to place a telephone call to another modem at a remote site. This method of connection is known as dialup.
AND (logical) One of three basic binary logic operations. ANDing yields the following results: 1 AND 1 = 1, 1 AND 0 = 0, 0 AND 1 = 0, 0 AND 0 = 0.
ARP cache Logical storage in a host’s RAM for ARP entries. See also ARP table.
ARP table Logical storage in a host’s RAM for ARP entries. See also ARP cache.
assigned multicast Reserved IPv6 multicast addresses for predefined groups of devices.
asymmetric switching A switching technique that allows for different data rates on different ports.
authentication, authorization, and accounting See AAA (authentication, authorization, and accounting).
automatic medium-dependent interface crossover (auto-MDIX) A feature on a switch port or hub port that detects the type of cable used between switches or hubs. Once the cable type is detected, the port is connected and configured accordingly. With auto-MDIX, a crossover cable or a straight-through cable can be used for connections to a copper 10/100/1000 port on the switch, regardless of the type of device on the other end of the connection.
availability The assurance of timely and reliable access to data services for authorized users. Network firewall devices, along with desktop and server antivirus software, can ensure system reliability and the robustness to detect, repel, and cope with breaches of network security. Building fully redundant network infrastructures, with few single points of failure, can reduce the impact of these threats.
baby giant frame An Ethernet frame with more than 1500 bytes of data. Also known as a jumbo frame.
bandwidth The rated throughput capacity of a given network medium or protocol. Bandwidth is listed as available or consumed data communication resources expressed in bits per second.
best effort Describes the agreement or the attempt to fulfill expectations or the requirements of a standard.
best-effort delivery Describes a network system that does not use a sophisticated acknowledgment system to guarantee reliable delivery of information.
Binary Number expressed using the base-2 number system.
Bluetooth (IEEE 802.15) A wireless personal area network (WPAN) standard that uses a device pairing process to communicate over distances from 1 to 100 meters.
Bootstrap Protocol (BOOTP) A protocol used by a network node to determine the IP address of its Ethernet interfaces in order to facilitate network booting.
bring your own device (BYOD) A policy that allows end users to use personal tools to access information and communicate across a business or campus network.
broadcast A form of transmission in which one device transmits to all devices within the network or on another network.
broadcast address A special address reserved for sending a message to all stations. Generally, a broadcast address is a MAC destination address of all ones. Compare with multicast address and unicast address.
brute-force attack An attempt to access usernames or passwords by trial and error.
buffered memory A memory chip that has a control chip built into the module. The control chip assists the memory controller in managing large quantities of RAM.
burned-in address (BIA) The MAC address that is permanently assigned to a LAN interface or NIC. It is called burned-in because the address is burned into a chip on the card, and the address cannot be changed. Also called universally administered address (UAA).
bus topology A network topology in which all end systems are chained to each other and terminated in some form on each end. Infrastructure devices such as switches are not required to interconnect the end devices. Legacy Ethernet networks were often bus topologies using coax cables because it was inexpensive and easy to set up.
cable connection The point at which a cable connects to the device.
cable internet A form of internet service that uses coaxial cable lines originally designed to carry cable television and connects an end user’s computer to the cable company.
cable tester A testing device used to check for wiring shorts, faults, or wires connected to the wrong pins.
Carrier Sense Multiple Access (CSMA) A media-access mechanism in which devices ready to transmit data first check the channel for a carrier. If no carrier is sensed for a specific period of time, a device can transmit. See also CSMA/CA and CSMA/CD.
Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) A media-access mechanism that regulates the transmission of data onto a network medium. CSMA/CA is similar to CSMA/CD except that devices first request the right to send, in order to avoid collisions. CSMA/CA is used in 802.11 WLANs.
Carrier Sense Multiple Access/Collision Detect (CSMA/CD) A media-access mechanism that requires a node wishing to transmit to listen for a carrier signal before trying to send. If a carrier is sensed, the node waits for the transmission in progress to finish before initiating its own transmission. If a collision occurs and is detected, the sending node uses the backoff algorithm before retransmitting.
cellular connection Cellular internet access that uses a cell phone network to connect. Wherever a user can get a cellular signal, the user can get cellular internet access. Performance is limited by the capabilities of the phone and the cell tower to which it is connected.
channel A communication path over a medium used to transport information from a sender to a receiver. Multiple channels can be multiplexed over a single cable.
circuit switched A switching system in which a dedicated physical circuit path exists between sender and receiver for the duration of the call. Used heavily in the telephone company network.
Cisco Express Forwarding (CEF) A Layer 3 switching method that speeds up packet forwarding by decoupling the usual strict interdependence between Layer 2 and Layer 3 decision making. The forwarding decision information is stored in several data structures for CEF switching. This forwarding information can be rapidly referenced to expedite packet forwarding decisions.
Cisco Internetwork Operating System (IOS) Generic term for the collection of network operating systems used by Cisco networking devices.
classful addressing A type of addressing in which a unicast IP address has three parts: a network part, a subnet part, and a host part. The term classful refers to the fact that the classful network rules are first applied to the address, and then the rest of the address can be separated into a subnet and host part to perform subnetting. Originally, IPv4 addresses were divided into five classes: Class A, Class B, Class C, Class D, and Class E. Classful addressing is not generally practiced in current network implementations.
classless addressing An IPv4 addressing scheme that uses a subnet mask that does not follow classful addressing limitations. It provides increased flexibility when dividing ranges of IP addresses into separate networks. Classless addressing is considered the best in current network implementations. See also variable length subnet masking (VLSM).
client A network device that accesses a service on another computer remotely through a network.
client/server A computer system setup in which tasks are distributed between a service provider (server) and a service user, such as a workstation (client). The server is used to store the applications and data, and the majority of the computer processing is done on the server.
cloud computing Computing resources (hardware and software) delivered as a service over a network. A company uses the hardware and software in the cloud, and a service fee is charged.
cloud storage Online storage that is accessed via the internet.
coaxial cable (coax) Cable consisting of a hollow outer cylindrical conductor that surrounds a single inner wire conductor. Two types of coaxial cable are currently used in LANs: 50-ohm cable, which is used for digital signaling, and 75-ohm cable, which is used for analog signaling.
collaboration A process in which more than one person works on a document or documents in real time across a network.
collision fragment Any frame less than 64 bytes in length. These frames are automatically discarded by receiving stations. Also called runt frame.
command-line interface (CLI) A user interface to a computer operating system or application that depends on textual commands being entered by the user.
communication Transmission and receipt of information.
communities Groups of people who share common experiences and hobbies and who exchange ideas and information. Communities allow for social interaction that is independent of location or time zone.
confidentiality The state of ensuring that only intended and authorized recipients—individuals, processes, or devices—can access and read data. Confidentiality is accomplished by having a strong system for user authentication, enforcing passwords that are difficult to guess, and requiring users to change passwords frequently. Encrypting data so that only the intended recipient can read it is also part of confidentiality.
congested A condition in which a network has more bits to transmit than the bandwidth of the communication channel can deliver.
congestion Traffic in excess of network capacity.
connection oriented Term used to describe data transfer that requires the establishment of a virtual circuit.
connection-oriented protocol A protocol that requires the establishment of a virtual circuit.
connectionless Term used to describe data transfer without the existence of a virtual circuit.
connectivity The state of being connected or interconnected to another device.
console Term used to describe data transfer that requires the establishment of a virtual circuit.
content addressable memory (CAM) table Memory that is accessed based on its contents rather than on its memory address. Also known as associative memory.
contention-based access method A nondeterministic method of networking, which means any device can try to transmit data across the shared medium whenever it has data to send.
converged data network A network that aggregates various forms of traffic, such as voice, video, and data, on the same network infrastructure.
core The light transmission element at the center of optical fiber.
crimper A tool used to attach connectors to wires to make a cable.
crosstalk A source of interference that occurs when cables are bundled together for long lengths, in which the signal from one cable leaks out and enters adjacent cables. See also electromagnetic interference (EMI).
CSMA/Collision Avoidance (CSMA/CA) See Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA).
CSMA/Collision Detect (CSMA/CD) See Carrier Sense Multiple Access/Collision Detect (CSMA/CD).
custom cloud A cloud built to meet the needs of a specific industry, such as healthcare or media. Custom clouds can be private or public.
cut-through switching A frame forwarding method that forwards a frame before it is entirely received. At a minimum, the destination address of the frame must be read before the frame can be forwarded.
cyclic redundancy check (CRC) A type of hash function (one-way encryption) that is used to produce a small, fixed-size checksum of a block of data, such as a packet or a computer file. A CRC is computed and appended before transmission or storage and verified afterward by the recipient to confirm that no changes have occurred in transit. It is an error-checking technique in which the frame recipient calculates a remainder by dividing frame contents by a prime binary divisor and comparing the calculated remainder to a value stored in the frame by the sending node.
daemon A computer program that runs in the background and is usually initiated as a process. Daemons often support server processes.
data center A facility that houses computer systems and associated components, including redundant data communications connections, high-speed virtual servers, redundant storage systems, and security devices.
data network Infrastructure historically used by businesses to record and manage business systems. Data networks have evolved to enable the transmission of many different types of information services, including email, video, messaging, and telephony.
datagram A logical grouping of information sent as a network layer unit over a transmission medium without prior establishment of a virtual circuit. IP datagrams are the primary information units in the internet. Frames, messages, packets, and segments are also terms for datagrams. See also protocol data unit (PDU).
decapsulation A process by which an end device, after it receives data over some transmission medium, examines the headers and trailers at each successively higher layer, and eventually hands the data to the correct application. Sometimes called de-encapsulation.
decoding To convert from one form to another.
de-encapsulation See decapsulation.
default gateway A device on a network that serves as an access point to other networks. A default gateway is used by a host to forward IP packets that have destination addresses outside the local subnet. A router interface typically is used as the default gateway. When a computer needs to send a packet to another subnet, it sends the packet to its default gateway. Also known as the default router.
default route A route that needs zero (no) bits to match with the destination IP address of the packet.
denial of service (DoS) An attack that consumes system resources in order to prevent authorized people from using a service. To help prevent DoS attacks, it is important to stay up to date with the latest security updates for operating systems and applications.
destination The device that is the intended recipient of the message.
destination port number A UDP or TCP port number associated with the destination application on the remote device.
dial-up telephone connection An inexpensive communications option that uses any phone line and a modem. The low bandwidth provided by a dial-up modem connection is not sufficient for large data transfer, although it is useful for mobile access while traveling.
digital camera An input device that captures images and videos that can be stored, displayed, printed, or altered.
Digital Subscriber Line (DSL) An always-on internet service that provides high bandwidth and high availability. Voice and data signals are carried on different frequencies on the copper telephone wires. In general, small office and home office users connect using Asymmetrical DSL (ADSL), which means that the download speed is faster than the upload speed.
directed broadcast A term that describes IPv4 packets sent to all hosts in a particular network. In a directed broadcast, a single copy of the packet is routed to the specified network, where it is broadcast to all hosts on that network.
directly connected network A network that is connected to a router’s physical Ethernet or serial interfaces.
DMZ (demilitarized zone) An area of an internal network where resources are available to the internet, such as a web server, and where devices have IPv6 addresses and public IPv4 addresses accessible through the internet.
Domain Name System (DNS) An internet-wide system by which a hierarchical set of DNS servers collectively hold all the name-to-IP address mappings, and DNS servers refer users to the correct DNS server to successfully resolve a DNS name.
dotted decimal The representation of an IPv4 address using four decimal numbers separated by periods.
dual stack A term for a device that is enabled for both IPv4 and IPv6 protocols.
duplex A setting used for communications on a network. See also half duplex and full duplex.
duplex multimode LC connector A fiber connector that accepts both the transmitting and receiving fibers in a single connector.
Dynamic Host Configuration Protocol (DHCP) A protocol used to dynamically assign IP configurations to hosts. The services defined by the protocol are used to request and assign an IP address, a default gateway, and a DNS server address to a network host.
dynamic routing protocols Protocols such as EIGRP and OSPF that are used to access remote networks.
electromagnetic interference (EMI) Interference by magnetic signals caused by the flow of electricity. EMI can cause reduced data integrity and increased error rates on transmission channels. Electrical currents create magnetic fields, which in turn cause other electrical currents in nearby wires, and the induced electrical currents can interfere with proper operation of the other wire.
enable password An unencrypted password used to limit access to privileged EXEC mode from IOS user EXEC mode.
enable secret An encrypted password used to limit access to privileged EXEC mode from IOS user EXEC mode.
encapsulation The process by which a device adds networking headers and trailers to data from an application for the eventual transmission of the data onto a transmission medium.
encoding A process by which bits are represented on a medium.
end device Either the source or destination of a message transmitted over a network.
EtherChannel A logical interface on a Cisco device associated with a bundle of routed ports in order to aggregate bandwidth.
Ethernet A baseband LAN specification invented by Xerox Corporation and developed jointly by Xerox, Intel, and Digital Equipment Corporation. Ethernet networks use CSMA/CD and run over a variety of cable types at 10 Mbps. Ethernet is similar to the IEEE 802.3 series.
EUI-64 (Extended Unique Identifier–64) A process for creating an IPv6 interface ID by using the 48-bit Ethernet MAC address, inserting fffe in the middle, and flipping the seventh bit.
expectational acknowledgment An acknowledgment used by TCP where the ACK number is sent back to the source to indicate the next byte that the receiver expects to receive.
extended star topology A hierarchical star topology with devices connected to a central device and additional devices connected to those devices.
Extended Unique Identifier (EUI-64) See EUI-64 (Extended Unique Identifier–64).
extranet Part of a network that provides secure and safe access to individuals who work for a different organization but require access to the organization’s data.
fast-forward switching A type of switching that offers a low level of latency by immediately forwarding a packet after reading the destination address.
fault tolerant network A term for limiting the impact of a failure so that the fewest number of devices are affected and for the shortest time.
fiber-optic cable A physical medium that uses glass or plastic threads to transmit data. A fiber-optic cable consists of a bundle of these threads, each of which is capable of transmitting data into light waves.
fiber optics A technology that uses light to transmit data.
File Transfer Protocol (FTP) An application protocol that is part of the TCP/IP protocol stack and that is used for transferring files between network nodes. FTP is defined in RFC 959.
File Transfer Protocol Secure (FTPS) An encrypted version of FTP.
firewall A hardware or software device that protects a computer or a network by preventing undesirable traffic from entering internal networks.
firmware Permanent software programmed into ROM memory.
flow control The management of data flow between devices in a network. It is used to prevent too much data from arriving before a device can handle it, causing data overflow.
Forwarding Information Base (FIB) A data structure that contains all the known routes. Conceptually, the FIB is similar to a routing table. A networking device uses the FIB lookup table to make destination-based switching decisions.
fragmentation The division of IP datagrams to meet the MTU requirements of a Layer 2 protocol.
fragment-free switching A type of switching in which a switch stores the first 64 bytes of the frame before forwarding. It can be viewed as a compromise between store-and-forward switching and fast-forward switching.
full-duplex Bidirectional communication in which both devices can transmit and receive on the media at the same time.
gateway Normally, a relatively general term that refers to different kinds of networking devices. Historically, when routers were created, they were called gateways.
global configuration mode A mode used to configure global parameters or enter other configuration submodes, such as interface, router, and line configuration submodes.
global routing prefix An IPv6 prefix, or network, portion of an address that is assigned by the provider, such as an ISP, to a customer or site.
global unicast address (GUA) An IPv6 address similar to a public IPv4 address. It is a globally unique, internet-routable address. Global unicast addresses can be configured statically or assigned dynamically.
goodput Application-level throughput. It is the number of useful bits per unit of time from a certain source address to a certain destination, excluding protocol overhead and excluding retransmitted data packets.
graphical user interface (GUI) A user-friendly interface that uses graphical images and widgets, along with text, to indicate the information and actions available to a user when interacting with a computer.
half-duplex Unidirectional communication in which devices can transmit and receive on the media but cannot do so simultaneously.
hexadecimal (base 16) A number system using the digits 0 through 9, with their usual meaning, plus the letters A through F to represent hexadecimal digits with values of 10 to 15. The rightmost digit counts ones, the next counts multiples of 16, and 162 = 256.
hextet The unofficial term used to refer to a segment of 16 bits or 4 hexadecimal values. For IPv6 addressing, each digit is a single hextet, 16 bits, or 4 hexadecimal digits.
host address The IPv4 address of a network host. A network layer address.
HTTP (Hypertext Transfer Protocol) A protocol that provides a set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the World Wide Web.
HTTPS (Hypertext Transfer Protocol Secure) A set of rules for exchanging text, graphic images, sound, and video on the World Wide Web. HTTPS adds encryption and authentication services using Secure Sockets Layer (SSL) protocol or the newer Transport Layer Security (TLS) protocol.
hub A device that extends the reach of a network by regenerating the electrical signal. It also receives data on one port and then sends it out to all other active ports. Hubs are legacy devices and should not be used in today’s networks. Hubs do not segment network traffic.
hybrid cloud A cloud made up of two or more clouds (for example, part custom, part public), where each part remains a distinctive object, but the two are connected using a single architecture.
initial sequence number (ISN) A randomly chosen number that is used to begin tracking the flow of data from the client to the server for a session. The ISN in the header of each segment is increased by one for each byte of data sent from the client to the server as the data conversation continues.
Institute of Electrical and Electronics Engineers (IEEE) An international, nonprofit organization for the advancement of technology related to electricity. IEEE maintains the standards defining many LAN protocols.
Integrated Services Digital Network (ISDN) A broadband standard that uses multiple channels to send voice, video, and data over normal telephone wires.
integrity The assurance that information has not been altered in transmission from origin to destination. Data integrity can be compromised when information has been corrupted—willfully or accidentally. Data integrity is made possible by requiring validation of the sender as well as using mechanisms to validate that the packet has not changed during transmission.
interface A specialized port on a networking device that connects to individual networks. Because routers are used to interconnect networks, the ports on a router are referred to as network interfaces.
interface ID The host portion of an IPv6 global unicast address.
intermediary device A device that connects end devices to the network and can connect multiple individual networks to form an internetwork.
International Organization for Standardization (ISO) An international standards body that defines many networking standards and that created the OSI model.
International Telecommunications Union (ITU) A United Nations (UN) agency responsible for issues that concern information and communication technologies.
internet A network that combines enterprise networks, individual users, and ISPs into a single global IP network.
Internet Assigned Numbers Authority (IANA) An organization that assigns the numbers important to the proper operation of TCP/IP and the internet, including assigning globally unique IP addresses.
Internet Control Message Protocol (ICMP) A protocol that is part of the TCP/IP internet layer and that defines protocol messages used to inform network engineers of how well an internetwork is working. For example, the ping command sends ICMP messages to determine whether a host can send packets to another host.
Internet Message Access Protocol (IMAP) A protocol that describes a method to retrieve email messages. Copies of the messages are downloaded to the client application, but the original messages are kept on the server until manually deleted.
internet query A query that searches the internet, including Google search, the websites of organizations, whois, and more.
internet service provider (ISP) A company that helps create the internet by providing connectivity to enterprises and individuals, as well as interconnecting to other ISPs to create connectivity to all other ISPs.
intranet A private connection of LANs and WANs that belongs to an organization and that is designed to be accessible only by the organization’s members, employees, or others with authorization.
intrusion detection system (IDS) A system that passively monitors traffic on a network.
intrusion prevention system (IPS) A system that monitors incoming and outgoing traffic, looking for malware, network attack signatures, and more. If it recognizes a threat, it can immediately stop it.
IPv4 address A 32-bit number, written in dotted decimal notation, used by the IPv4 protocol to uniquely identify an interface connected to an IP network. It is also used as a destination address in an IP header to allow routing. As a source address, it enables a computer to receive a packet and to know to which IP address a response should be sent.
IPv6 address A 126-bit address written in hexadecimal used by the IPv6 protocol. IPv6 addresses are the successor of IPv4 addresses.
jacket The outer part of a fiber-optical cable, which protects the cable from abrasion, moisture, and other contaminants.
jumbo frame An Ethernet frame with more than 1500 bytes of data. Also known as a baby giant frame.
kernel The portion of the operating system that interacts directly with computer hardware.
latency Refers to the amount of time, including delays, for data to travel from one given point to another.
LDAP (Lightweight Directory Access Protocol) A protocol used to maintain user identity directory information that can be shared across networks and systems.
limited broadcast A broadcast that is sent to a specific network or series of networks.
line of sight wireless An always-on service that uses radio signals for transmitting data and internet access. A clear path between the transmission tower and customer is required.
link-local IPv4 address An IPv4 address in the range 169.254.1.0 to 169.254.254.255. Communication using such an address has a TTL of 1 and is limited to the local network.
link-local IPv6 address An IPv6 address used to communicate with other devices on the same local link. With IPv6, the term link refers to a subnet. A link-local address is confined to a single link. Its uniqueness must only be confirmed on that link because it is not routable beyond the link.
local-area network (LAN) A network infrastructure that provides access to users and end devices in a small geographic area, which is typically an enterprise, a home, or a small business network owned and managed by an individual or an IT department.
logical address An address that is used to send a packet from a source device to a destination device on the same network or a different network. Typically an IP address.
Logical Link Control (LLC) The IEEE 802.2 standard that defines the upper sublayer of the Ethernet Layer 2 specifications (and other LAN standards).
logical topology diagram A map of the devices on a network, representing how the devices communicate with each other. It identifies the devices, ports, and addressing scheme.
loopback A special reserved IPv4 address, 127.0.0.1, or IPv6 address, ::1, that can be used to test TCP/IP applications. Packets sent to 127.0.0.1 (or ::1) by a computer never leave the computer or even require a working NIC. Instead, the packet is processed by IP at the lowest layer and is then sent back up the TCP/IP stack to another application on that same computer.
loopback adapter A device that tests the basic functionality of computer ports. The adapter is specific to the port being tested.
loopback interface A virtual interface that can be used to connect or identify a device using an IP address.
LTE A designation for a 4G technology that meets the 4G speed standards.
MAC address table On a switch, a table that lists all known MAC addresses and the bridge/switch port that should be used to forward frames sent to each MAC address.
Manchester encoding Use of a line code in which each bit of data is signified by at least one voltage level transition.
maximum transmission unit (MTU) The largest IP packet size allowed to be sent out a particular interface. Ethernet interfaces default to an MTU of 1500 because the data field of a standard Ethernet frame should be limited to 1500 bytes, and the IP packet sits inside the Ethernet frame’s data field. The Gigabit Ethernet standard supports jumbo frames, which can be as large as 9216 bytes, including tagging.
Media Access Control (MAC) The lower of the two sublayers of the IEEE standard for Ethernet. It is also the name of that sublayer (as defined by the IEEE 802.3 subcommittee).
media independent A term that describes the networking layers whose processes are not affected by the media being used. In Ethernet, these are all the layers from the LLC sublayer of the data link layer upward.
medium to large network A network used by a corporation or school that has many locations with hundreds or thousands of interconnected computers.
metropolitan-area network (MAN) A network that spans a large campus or a city.
modem A device that converts signals produced by one type of device to a form compatible with another device, often used to connect a home or small office to the internet.
multicast A message sent to selected hosts that are part of a group. A single packet is copied by the network and sent to a specific subset of network addresses. These addresses are specified in the destination address field. Compare with broadcast and unicast.
multimeter A device that measures AC/DC voltage, electric current, and other electrical characteristics and that can be used to test the integrity of circuits and the quality of electricity in computer components.
multimode fiber (MMF) Optical fiber that consists of a larger core and uses LED emitters to send light pulses.
multiplexing A process in which multiple digital data streams are combined into one signal.
Neighbor Advertisement message An ICMPv6 message sent by a device in response to an ICMPv6 Neighbor Solicitation message; it contains the IPv6 address and the corresponding MAC address.
Neighbor Discovery (ND) A protocol that provides address resolution, router discovery, and redirection services for IPv6 using ICMPv6.
Neighbor Solicitation message An ICMPv6 message sent by a device when it knows the IPv6 address but needs the corresponding MAC address.
NetBIOS (NetBT) A system through which older computer applications can communicate over large TCP/IP networks.
network address A dotted decimal number defined by IPv4 to represent a network or subnet. It represents the network in which hosts reside. Also called a network number or network ID.
Network Address Translation (NAT) A technique used to translate IP addresses to different addresses that is commonly used to translate RFC 1918 addresses that are not routed on the internet to public domain addresses that can be routed on the internet.
Network Address Translation 64 (NAT64) A technique that allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4. An IPv6 packet is translated to an IPv4 packet and vice versa.
network architecture A collection of technologies that support the infrastructure and the programmed services and rules, or protocols, that move data across a network.
network attached storage (NAS) Servers that are connected to a network to provide file-level data storage to clients using a centralized storage location.
network infrastructure The architecture defining the connections within a network; refers to the physical hardware and connections used to transmit data.
network interface card (NIC) Computer hardware, typically used for LANs, that allows a computer to connect to some networking cable. The NIC can then send and receive data over the cable at the direction of the computer.
next hop The next gateway to which a Layer 3 packet is delivered in order to reach the destination.
nibble boundary The point between nibbles, which are each 4 bits or 1 hexadecimal digit. By borrowing bits from the interface ID, the best practice is to subnet on a nibble boundary.
noise Interference, such as EMI or RFI, that causes unclean power and may cause errors in a computer system.
nonreturn to zero (NRZ) A line code in which 1s are represented by one significant condition and 0s are represented by another.
nonvolatile memory Memory whose contents are not erased when the computer is powered off.
Non-Volatile Memory Express (NVMe) A specification that was developed specifically to allow computers to take greater advantage of the features of SSDs by providing a standard interface between SSDs, the PCIe bus, and operating systems.
nonvolatile RAM (NVRAM) RAM that does not lose its contents when the device is powered off.
nslookup A service or a program used to look up information in Domain Name System (DNS).
octet A group of 8 binary bits. It is similar to, but not the same as, a byte. One application in computer networking is to use octets to divide IPv4 addresses into four components.
octet boundary The part of an IPv4 address that falls between octets.
organizationally unique identifier (OUI) The first half of a MAC address. Manufacturers must ensure that the value of the OUI has been registered with the IEEE. This value identifies the manufacturer of any Ethernet NIC or interface.
output device A hardware device that takes the data processed from input and passes on the information for use.
overhead Resources used to manage or operate a network. Overhead consumes bandwidth and reduces the amount of application data that can be transported across the network.
packet switched A network architecture that routes packets along the path perceived as the most efficient and allows a communications channel to be shared by multiple connections.
parallel port A port that has a 25-pin receptacle used to connect various peripheral devices.
peer-to-peer (P2P) A type of networking in which each device serves as both a client and a server portion of an application. P2P also describes a small local network where a host can play the role of a client and/or a server.
peer-to-peer file sharing A system that allows people to share files with each other without having to store and download them from a central server. The user joins a P2P network by simply installing the P2P software. P2P file sharing has not been embraced by everyone. Many people are concerned about violating the laws of copyrighted materials.
personal-area network (PAN) A network that connects devices, such as mice, keyboards, printers, smartphones, and tablets, within the range of an individual person.
physical address An address used for NIC-to-NIC communications on the same Ethernet network.
physical media The cabling and connectors used to interconnect network devices.
physical port A connector or an outlet on a networking device where the media are connected to an end device or another networking device.
physical topology The arrangement of the nodes in a network and the physical connections between them. It provides a representation of how the media are used to connect the devices.
physical topology diagram A diagram that identifies the physical locations of intermediary devices and cable installation.
ping A troubleshooting tool used to verify network connectivity by sending a packet to a specific IP address and waiting for the reply.
ping sweep The process of systematically pinging all network addresses in a given range or subnet. This is similar to going through a section of a telephone book and calling each number to see who answers.
POP3 See Post Office Protocol 3 (POP3).
port (1) With Ethernet hub and switch hardware, another name for an interface, which is a physical connector in the switch into which a cable can be connected. (2) With TCP and UDP, a software function that uniquely identifies a software process on a computer that uses TCP or UDP. (3) With PCs, a physical connector on a PC, such as a parallel port or a USB port.
port number A TCP or UDP field used to identify the source or destination application.
port scan A method of determining what TCP or UDP ports are open or listening on a remote device.
Post Office Protocol (POP) A protocol that allows a computer to retrieve email from a server.
Post Office Protocol 3 (POP3) A protocol used by email clients to retrieve messages from an email server.
power over Ethernet (PoE) The powering of network devices over Ethernet cable. PoE is defined by two different standards: IEEE 802.3af and Cisco.
powerline networking An emerging trend for home networking that uses existing electrical wiring to connect devices.
power-on self-test (POST) The hardware check that the basic input/output system (BIOS) performs on the main components of a computer at boot.
preferred format The IPv6 address format x:x:x:x:x:x:x:x, with each x consisting of four hexadecimal values.
prefix length In IP subnetting, the portion of a set of IP addresses whose values must be identical for the addresses to be in the same subnet.
private address As defined in RFC 1918, an IP address that does not have to be globally unique because the address exists inside packets only when the packets are inside a single private IP internetwork. Private IP addresses are popularly used in most companies today, with NAT translating the private IP addresses into globally unique IP addresses.
private cloud A repository of cloud-based applications and services intended for a specific organization or entity, such as the government.
privileged executive (EXEC) mode An IOS administrative level mode that supports access to configuration and management commands.
protocol A written specification that defines what tasks a service or device should perform. Each protocol defines messages, often in the form of headers, plus the rules and processes by which the messages are used to achieve some stated purpose.
protocol analyzer A network monitoring device that gathers information regarding the status of a network and devices attached to it. Also known as a network analyzer or packet sniffer.
protocol data unit (PDU) A generic term that refers to the data, headers, and trailers about which a particular networking layer is concerned.
protocol suite A delineation of networking protocols and standards into different categories, called layers, along with definitions of which sets of standards and protocols need to be implemented to create products that can be used to create a working network.
proxy server A computer system that has the authority to act as another computer to function as a relay between client and server.
public address An IP address that has been registered with IANA or one of its member agencies to guarantee that the address is globally unique. Globally unique public IP addresses can be used for packets sent through the internet.
public cloud Cloud-based applications and services made available to the general population.
quality of service (QoS) A control mechanism that can provide different priorities to different users or data flows or guarantee a certain level of performance to a data flow in accordance with requests from the application program.
queuing In routing and switching, a backlog of packets or frames waiting to be forwarded out an interface.
radio frequency interference (RFI) Noise that interferes with information being transmitted across unshielded copper cabling.
random-access memory (RAM) Also known as read/write memory, memory that can have new data written to it and that can have stored data read from it. RAM is the main working area, or temporary storage, used by a CPU for most processing and operations. A drawback of RAM is that it requires electrical power to maintain data storage. If the computer is turned off or loses power, all data stored in RAM is lost unless the data was previously saved to disk. Memory boards with RAM chips plug into the motherboard.
read-only memory (ROM) Nonvolatile memory located on the motherboard and other circuit boards that contain instructions that can be directly accessed by a CPU.
real-time traffic Data traffic that carries signal output as it happens or as fast as possible. Real-time traffic is sensitive to latency and jitter.
reconnaissance attack An attack that is used to discover and map systems, services, or vulnerabilities.
redundancy In internetworking, a network architecture designed to eliminate network downtime caused by a single point of failure. Redundancy includes the replication of devices, services, or connections that support operations even in the occurrence of a failure.
reference model A conceptual framework to help understand and implement the relationships between various protocols.
Regional Internet Registry (RIR) One of the five organizations responsible for allocating IP addresses within particular geographic regions.
remote network An IP network that can be reached by forwarding a packet to a router.
repeater A device that regenerates weak signals to extend the distance a signal can travel.
Request for Comments (RFC) A series of documents and memoranda encompassing new protocols, research, innovations, and methodologies applicable to internet technologies. RFCs are developed by the IETF for the TCP/IP protocol suite.
response timeout The amount of time a service waits on a response before taking some action. A protocol defines how long a service waits and what action is taken if a response timeout occurs.
ring topology A physical network topology in which each system is connected to its respective neighbors, forming a ring. The ring does not need to be terminated, unlike in the bus topology. Legacy Fiber Distributed Data Interface (FDDI) and Token Ring networks used ring topologies.
RJ-11 connector A physical network interface used to connect a computer to a standard telephone line.
RJ-45 connector A standardized physical network interface for connecting telecommunications or data equipment. The most common twisted-pair connector is an 8-position, 8-contact (8P8C) modular plug and jack.
ROM See read-only memory (ROM).
round-trip time (RTT) The time required for a networking PDU to be sent and received and a response PDU to be sent and received. In other words, the time between when a device sends data and when the same device receives a response.
router A network layer device that forwards data packets between networks. Routers use IP addresses to forward traffic to other networks.
Router Advertisement (RA) message An ICMPv6 message sent by a router to provide addressing information to hosts using SLAAC.
Router Solicitation message An ICMPv6 message sent by devices to request an ICMPv6 Router Advertisement message.
routing The process by which a router receives an incoming frame, discards the data link header and trailer, makes a forwarding decision based on the destination IP address, adds a new data link layer header and trailer based on the outgoing interface, and forwards the new frame out the outgoing interface.
runt frame Any frame less than 64 bytes in length. A runt frame is automatically discarded by a receiving station. Also called a collision fragment.
satellite connection Internet access provided using satellites and satellite dishes to serve areas that would otherwise have no internet connectivity at all. A satellite dish requires a clear line of sight to the satellite.
scalable network A network that can expand quickly to support new users and applications without impacting the performance of the service being delivered to existing users.
Secure Shell (SSH) A protocol that provides a secure remote connection to a host through a TCP application.
segment (1) A collision domain that is a section of a LAN that is bound by bridges, routers, or switches. (2) In a LAN using a bus topology, a continuous electrical circuit that may be connected to other such segments with repeaters. (3) With TCP, to accept a large piece of data from an application and break it into smaller pieces. (4) With TCP, one of the smaller pieces of data that results from the segmentation process.
segmentation In TCP, the process of breaking a large chunk of data into small enough pieces to fit within a TCP segment without breaking any rules about the maximum amount of data allowed in a segment.
selective acknowledgment (SACK) An optional TCP feature that makes it possible for the destination to acknowledge bytes in discontinuous segments. With SACK, the source host only needs to retransmit the specific unacknowledged data rather than retransmitting all data since the last acknowledged data.
sequence number Information placed in a data header to ensure correct sequencing of the arriving data.
server Computer hardware or software that is used by multiple concurrent users or provides services to many users. For example, a web server consists of web server software running on some computer.
Server Message Block (SMB) An application level network protocol mainly applied to shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network.
session A related set of communications transactions between two or more network devices.
shell The portion of the operating system that interfaces with applications and the user.
shielded twisted-pair (STP) cable A type of network cabling that includes twisted-pair wires, with shielding around each pair of wires, as well as another shield around all wires in the cable.
Simple Mail Transfer Protocol (SMTP) An application layer protocol that provides electronic mail services to transfer mail from client to server and between servers.
single-mode fiber (SMF) Optical fiber that consists of a very small core and uses laser technology to send a single ray of light in data transmission.
SLAAC See stateless address autoconfiguration (SLAAC).
slash notation A method of expressing a network prefix that uses a forward slash (/) followed by the network prefix—for example, 192.168.254.0/24, where the /24 represents the 24-bit network prefix in slash format.
small office/home office (SOHO) network A network in which computers can connect to a corporate network or access centralized, shared resources.
smart home technology Technology that is integrated into everyday appliances to allow them to interconnect with other devices, making them more “smart,” or automated.
SMB/CIFS Protocols that allow for sharing of files, printers, and other resources between nodes on a network. CIFS is a dialect of SMB.
SNMP (Simple Network Management Protocol) A protocol that enables network administrators to monitor network operations from centralized monitoring stations.
socket A logical communications endpoint within a network device. A socket is typically represented by a Layer 3 address and a Layer 4 port number.
socket pair The combination of the source IP address and source port number or the destination IP address and destination port number.
socket type A connector on a motherboard that houses a CPU and forms the electrical interface and contact with the CPU.
Solicitation (RS) message See Router Solicitation message.
solicited node multicast address The IPv6 multicast address associated with an IPv6 unicast address that is mapped to a special Ethernet multicast address.
source The originator of a message.
source IP address The IP address of the originating host that is placed into an IP packet header.
source port number The port number associated with the originating application on a local device.
spoofing A process in which a person or program masquerades as another to gain access to data and a network.
SSH File Transfer Protocol (SFTP) An extension to Secure Shell (SSH) protocol that can be used to establish a secure file transfer session.
standard An agreed-upon set of rules.
star topology A physical topology in which a central device or central site interconnects other devices or sites.
stateful A term that refers to tracking of actual conversations and their state of the communication session for a protocol, such as TCP.
stateful DHCPv6 Similar to DHCP for IPv4, a type of DHCP that provides IPv6 address, prefix length, and other information, such as the DNS server and domain name. It does not provide a default gateway address.
stateful packet inspection (SPI) A process in which incoming packets must be legitimate responses to requests from internal hosts, and unsolicited packets are blocked unless specifically permitted. SPI can also include the capability to recognize and filter out specific types of attacks, such as denial-of-service (DoS) attacks.
stateless address autoconfiguration (SLAAC) A plug-and-play IPv6 feature that enables devices to connect themselves to the network without any configuration and without any servers (like DHCP servers).
stateless DHCPv6 A type of DHCP that provides information other than the IPv6 address and prefix length, such as DNS server and domain name. It does not provide a default gateway address.
static route A remote network in a routing table that has been manually entered into the table by a network administrator.
store-and-forward switching A frame forwarding method that receives an entire frame and computes the CRC. CRC uses a mathematical formula, based on the number of bits (1s) in the frame, to determine whether the received frame has an error. If the CRC is valid, the switch looks up the destination address, which determines the outgoing interface. Then the frame is forwarded out the correct port.
subnet A group of IP addresses that have the same value in the first part of the IP addresses, for the purpose of allowing routing to identify the group by that initial part of the addresses. IP addresses in the same subnet typically sit on the same network medium and are not separated from each other by any routers. IP addresses on different subnets are typically separated from one another by at least one router. Subnet is short for subnetwork.
subnet ID Part of the IPv6 global unicast address used by an organization to identify subnets within its site. The larger the subnet ID, the more subnets available.
subnet mask A dotted decimal number that helps identify the structure of IPv4 addresses. The mask represents the network and subnet parts of related IPv4 addresses with binary 1s and the host part of related IPv4 addresses with binary 0s.
subnetwork See subnet.
switch Hardware that microsegments a LAN and that connects multiple devices on a network by receiving data and using filtering and forwarding to send the data to the intended destination device.
switch fabric The integrated circuits and the accompanying machine programming in a switch that allow the data paths through the switch to be controlled.
switched virtual interface (SVI) A virtual interface for which there is no associated physical hardware on the device. An SVI is created in software. The virtual interfaces are used as a means to remotely manage a switch over a network. They are also used for routing between VLANs.
syslog A protocol that allows networking devices to send their system messages across the network to syslog servers.
system speaker A case speaker that a motherboard uses to indicate the computer’s status during POST.
TCP/IP model A conceptual framework that consists of layers that perform functions necessary to prepare data for transmission over a network.
Telecommunications Industry Association/ Electronic Industries Association (TIA/EIA) An organization that develops standards that relate to telecommunications technologies. Together, the TIA and the Electronic Industries Alliance (EIA) have formalized standards, such as EIA/TIA-232, for the electrical characteristics of data transmission.
Telnet A non-secure network service that supports CLI access to a remote host. It also can be used to verify the application layer software between source and destination stations.
terminal emulation A network application in which a computer runs software that makes it appear to a remote host as a directly attached terminal.
test-net address The IPv4 address block 192.0.2.0 to 192.0.2.255 (192.0.2.0/24) that is set aside for teaching and learning purposes. These addresses can be used in documentation and network examples.
three-way handshake The process used by TCP to establish a session.
throughput The actual data transfer rate between two computers at some point in time. Throughput is impacted by the slowest-speed link used to send data between the two computers, as well as myriad variables that might change during the course of a day.
Time-to-Live (TTL) A field in the IP header that prevents a packet from indefinitely looping around an IP internetwork. A router decrements the TTL field each time it forwards a packet, and if it decrements the TTL to 0, the router discards the packet, which prevents it from looping forever.
topology The arrangement networking components or nodes. Examples include star, extended star, ring, and mesh.
traceroute (tracert) A command on many computer operating systems that discovers the IP addresses and possibly hostnames of the routers used by the network when sending a packet from one computer to another.
traffic prioritization A quality of service (QoS) process in which frames are forwarded in priority order based on their marking.
Transmission Control Protocol (TCP) A Layer 4 protocol of the TCP/IP model that lets applications guarantee delivery of data across a network.
Trivial File Transfer Protocol (TFTP) A protocol similar to FTP that enables the transfer of files from one computer to another over a network. TFTP is supported by UDP, whereas FTP is supported by TCP.
Trojan horse A type of malware named after the wooden horse the Greeks used to infiltrate Troy. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing Trojans on their systems.
troubleshooting The systematic process used to locate the cause of a fault in a computer system and correct the relevant hardware and software issues.
troubleshooting process steps The systematic approach to locating the cause of a fault in a computer system and correcting the relevant hardware and software issues by identifying the problem, establishing a theory of probable cause, testing the theory to determine the cause, establishing a plan of action, verifying full system functionality, and documenting the issue.
tunneling The process of encapsulating an IP packet inside another IP packet.
twisted-pair A type of cable that consists of a pair of insulated wires wrapped together in a regular spiral pattern to control the effects of electrical noise.
unicast A type of message sent to a single network destination. Compare with broadcast and multicast.
unique local address An IPv6 address that is similar to an RFC 1918 private address for IPv4. Unique local addresses are used for local addressing within a site or between a limited number of sites. These addresses should not be routable in the global IPv6 internet. Unique local addresses are in the range FC00::/7 to FDFF::/7.
unknown unicast An Ethernet frame that does not have an entry in the switch’s MAC address table for the destination MAC address.
unshielded twisted-pair (UTP) cable A general type of cable, with the cable holding twisted pairs of copper wires and the cable itself having little shielding.
unspecified address An IPv6 all-0s address represented in the compressed format as ::/128 or just ::. It cannot be assigned to an interface and is only to be used as a source address in an IPv6 packet. An unspecified address is used as a source address when a device does not yet have a permanent IPv6 address or when the source of the packet is irrelevant to the destination.
User Datagram Protocol (UDP) A connectionless transport layer protocol in the TCP/IP protocol stack. UDP is a simple protocol that exchanges datagrams without acknowledgments or guaranteed delivery, requiring that error processing and retransmission be handled at a higher layer.
user executive (EXEC) mode The limited CLI mode where the commands available to the user are a subset of those available at the privileged level. In general, use the user EXEC commands to temporarily change terminal settings, perform basic tests, and list system information.
user password A password that allows access to the BIOS based on a defined level, such as full access, limited access, view only access, or no access.
variable-length subnet masking (VLSM) A process that makes it possible to specify a different subnet mask for the same network number on different subnets. VLSM can help optimize available address space.
virtual circuit A logical connection created within a network between two network devices.
virtual classroom A logical classroom environment created as a collaboration space without physical restraints.
virtual local-area network (VLAN) A network of end devices that behave as if they are connected to the same network segment, even though they might be physically located on different segments of a LAN. VLANs are configured through software on the switch and router (IOS on Cisco routers and switches).
virtual terminal (vty) A text-based logical interface on an IOS device. It is accessed using Telnet or SSH to perform administrative tasks. A vty line is also called a virtual type terminal.
virtualization The creation of a virtual version of something, such as a hardware platform, an operating system (OS), a storage device, or a network resource. As an example, a virtual machine consists of a set of files and programs running on an actual physical system.
virus A type of malware that propagates by inserting a copy of itself into, and becoming part of, another program. It spreads from one computer to another, leaving infections as it travels.
voice over IP (VoIP) Voice data encapsulated in an IP packet that allows it to traverse already implemented IP networks without needing its own network infrastructure.
volatile memory Memory whose contents are erased every time the computer is powered off.
well-known multicast address An assigned multicast address that is a reserved multicast address for a predefined group of devices.
well-known multicast IPv6 address A predefined IPv6 multicast address used to reach a group of devices running a common protocol or service.
wide-area network (WAN) A network infrastructure that provides access to other networks over a wide geographic area, which is typically owned and managed by a telecommunications service provider.
Wi-Fi (IEEE 802.11) A wireless LAN (WLAN) technology that uses a contention-based protocol known as CSMA/CA. The wireless NIC must first listen before transmitting to determine if the radio channel is clear. If another wireless device is transmitting, the NIC must wait until the channel is clear. Wi-Fi, which is a trademark of the Wi-Fi Alliance, is used with certified WLAN devices based on the IEEE 802.11 standards.
Wi-Fi analyzer A mobile tool for auditing and troubleshooting wireless networks.
WiMAX (IEEE 802:16) Worldwide Interoperability for Microware Access, a wireless standard that uses a point-to-multipoint topology to provide wireless broadband access.
window size In the TCP header that is set in a sent segment, the maximum amount of unacknowledged data the host is willing to receive before the other sending host must wait for an acknowledgment. Used for flow control.
wireless access point (WAP) A network device that provides connectivity of wireless clients to connect to a data network. A wireless AP uses radio waves to communicate with the wireless NICs in the devices and other wireless access points.
wireless internet service provider (WISP) An ISP that connects subscribers to a designated access point or hotspot using wireless technologies similar to those found in home wireless local-area networks (WLANs).
wireless LAN (WLAN) A network that is similar to a LAN but that wirelessly connects users and devices in a small geographic area instead of using a wired connection. A WLAN uses radio waves to transmit data between wireless devices.
wireless mesh network (WMN) A technology that uses multiple access points to extend a WLAN.
wireless network interface card (NIC) A device that connects a computer to a network using radio frequencies.
wireless router A device that connects multiple wireless devices to a network and may include a switch to connect wired hosts.
worm Malware that is similar to a virus in that it replicates functional copies of itself and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. A worm does not need to attach to a program to infect a host but can enter a computer through a vulnerability in the system.
Zigbee (IEEE 802.15.4) A specification used for low-data-rate, low-power communications. It is intended for applications that require short ranges, low data rates, and long battery life. Zigbee is typically used for industrial and Internet of Things (IoT) environments such as wireless light switches and medical device data collection.