10BASE-T

An IEEE 802.3 Ethernet standard that has a maximum segment length of 100m and has data transmission speed. 10BASE-T can use Category 3, 4, or 5 unshielded a 10Mbps twisted-pair (UTP) or shielded twisted-pair (STP) cables for connectivity.

802.11a

An IEEE wireless networking standard released in 1999 that uses the 5GHz frequency range. 802.11a clients can theoretically transmit at a maximum speed of 54Mbps.

802.11b

An IEEE wireless networking standard released in 1999 that uses the 2.4GHz frequency range. 802.11b clients can theoretically transmit at a maximum speed of 11Mbps.

802.11g

An IEEE wireless networking standard released in 2003 that uses the 2.4GHz frequency range. 802.11g clients can theoretically transmit at a maximum speed of 54Mbps. This standard is backward-compatible with 802.11b clients.

802.11n

A predraft standard for wireless networking that uses Multiple Input, Multiple Output (MIMO) signals to achieve higher throughput. Current predraft equipment uses the 2.4GHz frequency range.

802.1q

An IEEE frame-tagging method over trunk ports that insert the 4-byte VLAN identifier inside the original Ethernet frame.

802.1x

An authentication protocol geared toward LAN environments. 802.1x requires that users authenticate to the network before they are granted wired or wireless access.

A

AAA (Authentication, Authorization, and Accounting)

A group of three services that are used in conjunction with an authentication server and a software service such as Terminal Access Controller Access Control System (TACACS) or Remote Authentication Dial-in User Service (RADIUS) to provide a secure network connection with a record of user activities.

ABR (Area Border Router)

A router that sits between multiple areas in a hierarchical OSPF network. These routers are responsible for summarizing subnets to the rest of the OSPF autonomous system. Because they must maintain topology information from several areas, these routers are typically robust in resources.

access attack

A class of attack in which a hacker attempts to access another user account or network device through improper means.

access-class

The command used to apply an access list to vty ports.

access port

A switch port that has a single VLAN assigned to it. These are typically used for connectivity between end devices.

active, inactive, and deleted PVC status

The three states of a Frame Relay PVC. Active means that the connection is good on both ends. Inactive means that the remote router is misconfigured. Deleted means that the local router is misconfigured.

adjacency

A term that describes the state after two OSPF neighbors have synchronized their topology databases.

administrative distance

An arbitrary value between 1 and 255 that is assigned to determine the trustworthiness of the routing sources.

advertised distance

The composite metric to a destination that is being advertised from our EIGRP neighbors.

AES (Advanced Encryption Standard)

The newest encryption algorithm. It is managed by the National Institute of Standards and Technology (NIST), a division of the U.S. government. It was designed to increase encryption strength beyond the DES and 3DES standards and yet be more efficient on the device’s processor. As it stands today, AES offers 128-, 192-, and 256-bit encryption.

AH (Authentication Header)

One of the components that powers the IPsec security suite of protocols. AH defines capabilities for authentication and data-integrity algorithms but does not provide the capability for encryption.

application layer

Layer 7 of the OSI model. Provides an interface between a host’s communication software and any necessary external applications (that is, email, file transfers, and terminal emulation). This layer can also evaluate what resources are necessary to communicate between two devices and determine their availability.

area

A subdivision of an autonomous system composed of groups of contiguous networks and attached hosts. Used in link-state routing protocols to minimize routing update overhead and confine network instability.

ARP (Address Resolution Protocol)

A protocol that maps a known IP address to a MAC address by sending a broadcast ARP. When the destination IP address is on another subnet, the sender broadcasts ARP for the router’s Ethernet port or default gateway, so the MAC address sent back is that of the router’s Ethernet port.

ASP (AppleTalk Session Protocol)

A session layer protocol that manages client/server based communications, but is specific to AppleTalk client and server devices.

asynchronous

A serial interface that does not synchronize the clocks for the bit stream of the sending and receiving end of a serial link.

ATM (Asynchronous Transfer Mode)

A packet-switched connection type that reaches high speeds by dividing all packets into equal-sized cells of 53 bytes each.

attenuation

A term used to describe how a signal loses strength over long distances.

authentication

The process of requiring or prompting for credentials before a device can access the network.

autonomous system

A collection of routing devices under the same administrative control.

autonomous system number

An indicator in an IGRP and EIGRP configuration that identifies the autonomous system the routers are actively sending routing updates.

auxiliary port

An out-of-band management connection used to connect to an external modem with a rollover cable.

B

backbone area

Also known as the transit area, Area 0 is an area to which all other areas must connect.

backbonefast

Cisco STP enhancement that skips the max-age timer when switches learn of a failure indirectly.

backbone router

Any router that is connected to Area 0.

Backward Explicit Congestion Notification (BECN)

A signaling method used by a Frame Relay service provider that attempts to drop the speed of a router sending excessive data.

balanced hybrid routing protocol

A class of routing protocol that uses the best characteristics from link-state and routing protocols. These advanced routing protocols efficiently and quickly build their routing information and converge when topology changes occur.

bandwidth

The total amount of information that can traverse a communications medium measured in millions of bits per second. Bandwidth is helpful for network performance analysis. Also, availability is increasing but limited.

bandwidth speed

An interface configuration command that assigns a logical speed to the interface for accurate routing metrics.

banner motd delimiting_char banner delimiting_char

A global configuration command to create a message-of-the-day login banner.

BDR (Backup Designated Router)

A routers that is elected in OSPF as a redundant device in case the Designated Router fails.

Bearer channel (B channel)

Used as a building block for ISDN connections. Provides 64Kbps of bandwidth per channel.

bellman-ford algorithm

A routing algorithm used by RIP and IGRP, which entails routing updates being received and updated before propagating the message to other routing devices.

binary

A computer language that is represented by a bit value of 0 or 1.

blocking

Ports that are not the root or the designated port in a STP election that are left in a blocking state. Data is not transmitted on these ports, but BPDUs can still be received.

bluetooth

A wireless technology that uses a short-range wireless radio connection to allow various devices to interconnect. Such devices include cell phones, PCs, and personal digital assistants (PDAs). The only requirement to establish connectivity is a 10 meter range (approximately 33 feet) between communicating devices. When in range, Bluetooth uses an RF link in the 2.4GHz range that has a 720Kbps per channel capacity to transfer voice or data.

BOD (Bandwidth On Demand)

A Cisco extension to the PPP Multilink concept that allows more DDR connections to be brought up as bandwidth is needed and disconnected as bandwidth is not needed.

boolean AND

A mathematical operation that can be used to identify the network ID and broadcast IP given an IP address and subnet mask.

boot field

The last hexadecimal character in a configuration register that specifies where to find an IOS.

bootstrap

Instructions loaded from ROM to activate the IOS loading code.

boot system location filename

A global configuration command that specifies locations and filenames to load the IOS.

BPDU (Bridge Protocol Data Unit)

A Layer 2 message sent in an STP environment to advertise bridge IDs, root bridge MAC addresses, and root path costs.

BPDU guard

A Cisco enhancement to PortFast that prevents loops by moving an access port to a disabled state if a BPDU is received.

BRI (Basic Rate Interface)

An Integrated Services Digital Network (ISDN) line that consists of two 64Kbps bearer (B) channels and one 16Kbps data (D) channel. Voice, video, and data traffic can be carried over the B channels. Signals between telephone company switches use the D channel.

bridge

A hardware device at the Data Link layer that connects two segments in a single network or connects two networks. They simply forward data between those segments/networks without analyzing or redirecting the data.

bridge ID

A Spanning Tree Protocol switch identifier composed of a combination of bridge priority and MAC address.

broadband

A term used to describe high-speed Internet connections such as DSL or cable modems.

broadcast

An Ethernet LAN address in which a frame is sent to all devices in the same LAN. Broadcast addresses are always the same value—FFFF.FFFF.FFFF.

broadcast domain

A group of nodes that can receive each other’s broadcast messages and are segmented by routers.

broadcast IP

The last IP address in a network. Every host bit for the broadcast IP address is turned on (or all 1s).

Broadcast MultiAccess (BMA) topology

Consists of multiple devices that access the same medium and can hear each others’ broadcasts and multicast messages such as Ethernet networks.

broadcast subnet

The last subnet in a network, which has all 1s in the subnet field.

BSS (Basic Service Set)

Describes a network topology with an independent wireless access point managing a group of clients.

bus topology

A network topology that is set up so that the network nodes are connected via a single cable (also referred to as a trunk or a backbone). Electrical signals are sent from one end of the cable to the other.

C

CAM (Content-Addressable Memory) table

A table in RAM that stores MAC addresses in a switch.

CAS (Channel Associated Signaling)

A type of connection that incorporates signaling information with the data being sent. Also called Robbed Bit Signaling (RBS).

CCS (Common Channel Signaling)

A type of connection that separates signaling information from the data transmission. ISDN is a CCS-style technology.

CDP (Cisco Discovery Protocol)

A Layer 2 Cisco-proprietary protocol that advertises information to directly connected Cisco neighbors.

cdp enable

An interface configuration command to enable CDP on an interface (on by default).

cdp run

A global configuration command to enable CDP on a device (on by default).

CHAP (Challenge Handshake Authentication Protocol)

A strong authentication type used with PPP encapsulation. Passwords are hashed and sent multiple times over the course of a WAN connection.

CIR (Committed Information Rate)

The minimum speed guaranteed to a customer by a Frame Relay service provider.

circuit switched network

A WAN connection type that encompasses dial-on-demand technologies such as modems and ISDN.

Cisco, ANSI, and Q933A LMI signaling

The three forms of Frame Relay LMI signaling. Cisco IOS 11.2 and later automatically detect the Frame Relay signaling type. Earlier versions of the IOS must be coded manually.

cisco frame relay encapsulation

A Cisco-proprietary Frame Relay encapsulation that can be used only when communicating through a Frame Relay service provider to other Cisco routers.

classful routing protocol

Routing updates contain only the classful networks, without any subnet mask. Summarization is automatically done when a router advertises a network out an interface that is not within the same major subnet. Classful routing protocols must have a FLSM design and do not operate correctly with discontiguous networks.

Classless Interdomain Routing (CIDR)

A way to allocate and specify Internet addresses used in routing. Offers more flexibility than the original system of IP address classes.

classless routing protocol

Routing updates can contain subnetted networks because the subnet mask is advertised in the updates. Route summarization can be manually configured at any bit boundary. Classless routing protocols support VLSM designs and discontiguous networks.

CLI (Command-Line Interface)

An interface that defines the method used to communicate with an operating system. In the case of Cisco, this is IOS.

client mode

A VTP mode in which you cannot create, modify, or delete VLANs. Forwards advertisements received from the server but does not save VLAN configuration to the VLAN database.

clock rate speed

An interface configuration command that specifies the clocking speed in bps.

collision domain

A group of nodes that share the same media and are segmented by switches. A collision occurs if two nodes attempt a simultaneous transmission.

composite metric

A metric used by IGRP and EIGRP composed of bandwidth plus delay by default. Can also support Reliability, Load, and MTU as well.

config-register register

A global configuration command to alter the configuration register.

configuration register

A 16-bit (four hexadecimal characters) value in NVRAM that specifies how the router or switch should operate during initialization.

connected interface

As soon as we assign an IP address to a working (up/line protocol up) interface, the router associates the entire subnet of the interface’s IP address in the routing table.

console port

An out-of-band management connection used to connect to a PC with a rollover cable.

copy from to

A privileged EXEC command that copies files from one location to another.

cost

An arbitrary number typically based on the link’s bandwidth.

count to infinity

When routers are continuously passing updates to unreachable networks between each other in a routing loop, the metric continues to increase forever.

CPE (Customer Premises Equipment)

Refers to equipment located on the customer premises, such as the router and typically the CSU/DSU.

crosstalk

An electrical or magnetic field that is a result of one communications signal that can affect the signal in a nearby circuit.

CSMA/CD

A process that sends a jam signal to notify the devices that there has been a collision. The devices then halt transmission for a random back-off time.

CSU/DSU (Channel Service Unit/Data Service Unit)

A device that serves as an intermediary between the service provider and the WAN router. In most cases, the CSU/DSU provides clocking for the router.

ctrl+shift+6, x

A keystroke to suspend Telnet sessions and cancel lookups and pings.

cut-through

A frame transmission method that looks only at the destination MAC address in an Ethernet frame and forwards it.

D

data integrity

Using measures to ensure that data does not change in transmission. This typically is described as hashing data.

data link layer

Layer 2 of the OSI model. Ensures reliable data transfer from the Network layer to the Physical layer for transmission across the network.

data packet

A packet that transports data across the internetwork and is supported by IP and IPX protocols.

DCE (Data Circuit-Terminating Equipment)

Also called Data Communications Equipment. The term used to identify a device that connects the Data Terminal Equipment (DTE) to a service provider’s communications line. Types of DCE are modems, CSU/DSUs, and BRI NT-1s.

DDR (Dial-on-Demand Routing)

A technology used to bring up network connections when needed and disconnect them after the need is satisfied. Typically used for ISDN connections.

DE (Discard Eligible)

Any traffic exceeding the CIR in a Frame Relay network is automatically marked by the service provider as Discard Eligible, which means that it could be dropped in case of network congestion.

default gateway

A gateway of last resort in switches and PCs. This default gateway is the IP address that hosts and switches send their traffic to when the destination is on another segment.

default route

A gateway of last resort for a router when there isn’t a specific match for an IP destination network in the routing table (such as packets destined for the Internet).

demarc (demarcation)

The point at which the telco terminates its line to the customer.

DES (Data Encryption Standard)

One of the first electronic encryption algorithms to be used. It was originally developed by IBM to support a 56-bit key. By today’s standards, DES is considered a relatively weak encryption.

designated port

On each STP segment, the switch with the lowest cumulative cost to the root has the designated port.

dialer interface

A logical interface that contains a configuration that can be applied to a physical interface when needed.

dialer list/dialer group

The syntax used to create a list of interesting traffic (dialer list) and apply that list to an interface (dialer group).

dialer map

Used to manually map a remote IP address to the phone number a router should dial to reach it.

dialer pool

A pool of physical interfaces that a logical, dialer interface can draw from when attempting to make a connection.

dialer profile

A newer form of DDR connection that allows you to define different configurations to be applied to an ISDN interface when certain destinations are dialed.

diffie-hellman algorithm

An asymmetric (public and private key) algorithm that allows for secure exchange of encryption keys over a public network.

Digital Signal Level 1 (DS1)

Also called a T1, this line offers a 1.544Mbps data transmission speed. A single T1 consists of 24 digital signal level 0 (DS0) channels that are 64Kbps each and an additional 8Kbps that are reserved for management overhead.

dijkstra SPF algorithm

A routing algorithm used by OSPF and IS-IS that builds and calculates the shortest path to all known destinations.

discarding state

A Rapid Spanning Tree nonforwarding port state that entails a port that does not participate in the switched topology because BPDU updates are not actively being sent and MAC addresses are not being learned. Similar to 802.1d Spanning Tree Protocol’s blocking state.

disconnect conn#

A user or privileged EXEC command to disconnect a suspended Telnet session.

discontiguous network

A major network separated by another major network that is automatically summarized, causing routing confusion.

distance vector routing protocol

A class of routing protocol in which the entire routing table is periodically sent to directly connected neighbors regardless of a topology change. These routing protocols manipulate the routing table updates before sending that information to their neighbors and are slow to converge when a topology change occurs.

distributed DoS attack

A type of DoS attack in which multiple systems are compromised to send a DoS attack to a specific target.

DLCI (Data Link Connection Identifier)

A data link address used by Frame Relay.

DNA SCP (Digital Network Architecture Session Control Protocol)

A proprietary Digital Equipment Corporation Networking (DECnet) Session layer protocol. Also referred to as a DECnet session.

DNS (Domain Name System)

An Application layer protocol that resolves hostnames and fully qualified domain names, such as www.cisco.com, into IP addresses.

DoS (Denial of Service) attack

A class of attack that is implemented to deny a service that is normally available to a user or organization.

DR (Designated Router)

Elected in OSPF to minimize routing update overhead that can occur in broadcast and nonbroadcast multiaccess topologies.

DTE (Data Terminal Equipment)

A device at the user end of a network that is connected to the service provider via the DCE device. Types of DTE are PCs, routers, and servers.

DTP (Dynamic Trunking Protocol)

A protocol used by Cisco to negotiate trunking.

DUAL (Diffusing Update Algorithm)

The algorithm used by EIGRP to determine the best loop-free path to a destination, as well as alternative paths in certain conditions.

dual-ring topology

A network topology that uses two rings for redundancy purposes. If a failure occurs on one ring, the other provides operability.

duplex

A device’s communication mode. Can be either half duplex or full duplex, depending on the connection type.

Dynamic Host Configuration Protocol (DHCP)

An Application layer protocol that works dynamically to provide an IP address, subnet mask, domain name, and default gateway to network clients.

dynamic NAT

Automatically performs NAT translations between two or more pools of addresses.

E

EGP (Exterior Gateway Protocol)

A routing protocol that advertises networks between autonomous systems.

EIA/TIA-232, -449, and -530

Physical serial interface standards on CSU/DSU devices.

EIGRP (Enhanced Interior Gateway Routing Protocol)

A Cisco-proprietary enhancement of IGRP to support classless routing, multiple routed protocols, a 32-bit composite metric, and the DUAL algorithm for fast convergence and loop-free routing.

EMI (ElectroMagnetic Interference)

The interference caused by electromagnetic signals, which can decrease data integrity.

enable password password

A global configuration command that sets a clear-text password for entering privileged EXEC mode.

enable secret password

A global configuration command that sets an MD5 encrypted password for entering privileged EXEC mode.

Encapsulating Security Payload (ESP)

One of the engines that can power the IPsec security suite of protocols. ESP defines capabilities for authentication, data integrity, and encryption algorithms.

encapsulation

The process of adding a header or trailer to the Protocol Data Unit at each layer of the OSI model.

encryption

The process of scrambling data, thus making it unreadable, before transmitting it over the network.

erase startup-config

A privileged EXEC command that deletes the startup-config in NVRAM to return the router or switch to the original “out-of-box” configuration after reboot.

error-disabled

A port security state in which a violation has occurred and the interface has been disabled.

ESS (Extended Service Set)

A wireless topology that includes two or more wireless access points, providing extended wireless coverage across the network.

etherchannel

A Cisco link aggregation method that bundles multiple links between two switches into a single logical link.

ethernet

A LAN specification introduced in the 1970s when Xerox needed a networking system to connect PCs.

exec-timeout minutes seconds

A line configuration command that specifies the length of terminal inactivity before closing the EXEC session.

extended access list

A list of permit and deny statements capable of matching network traffic based on the protocol used, source IP address, source port number, destination IP address, and destination port number.

F

feasible distance

The composite metric composed of the advertised distance to a destination plus the composite metric to reach that advertising router from the local router.

feasible successor route

A backup route in the EIGRP topology table that is enabled if the successor route fails. Determined if the advertised distance of the candidate feasible successor is less than the feasible distance of the successor route.

FECN (Forward Explicit Congestion Notification)

A signaling method used by a Frame Relay service provider. It attempts to drop the speed of a router sending excessive data by having a receiving router send traffic back to the sender tagged as a BECN message.

FEXT (Far-end Crosstalk)

The crosstalk measured at the far end of the cable from where the transmission was sent.

fiber

A cable that uses light rather than electrical signals to send data transmissions. These optical light signals travel a fiberglass core, and you might hear this technology referred to as fiber optics or optical cabling. Fiber is not susceptible to electromagnetic interference.

filter

A program or device that uses a defined set of criteria to break up data and signals.

flapping

A term used to describe a failing interface that is constantly going up and down.

flash

A type of system memory that is installed on either an electrically erasable, programmable, read-only memory (EEPROM), or Personal Computer Memory Card International Association (PCMCIA) card. Flash memory contains the Cisco Internetworking Operating System (IOS) image. The router uses flash by default to locate the IOS when it is booted. Configuration files might also be stored on a flash card. Flash is also nonvolatile memory.

floating route

A route with a higher administrative distance that enters the routing table when the primary route fails.

flow control

A process that provides buffer controls that prevent packet flooding to the destination host. Buffers store bursts of data for processing when the transmission is complete.

FLSM (Fixed-Length Subnet Mask)

A design that assumes that subnet routes from different parts of their classful network all use the same subnet mask that they use. Any subnetted networks must contain the same subnet mask throughout the topology.

forward-delay timer

The time to transition from listening to learning and learning to forwarding. Each forward delay is 15 seconds.

forwarding

An STP port state in which the interface transmits and receives data.

fragment-free

A frame transmission method that checks the first 64 bytes for frame fragments (due to collisions) before forwarding the frame.

frame

A packet that is formatted by the Data Link layer of the OSI model for transmission to the Physical layer.

frame relay

One of the more popular packet-switched connection types that establishes site-to-site connections through a service provider network. Can attain speeds up to T3 and uses DLCI numbers as its Layer 2 addressing.

FTP (File Transfer Protocol)

An Application layer protocol that allows a user to transfer files and provides access to files and directories.

full duplex

Bidirectional transmissions enabling higher throughput because CSMA/CD is disabled. Connections to other switches or devices can be full-duplex.

full-mesh design

A costly, but fully redundant, packet-switched network design in which all routers are directly connected to all other routers through virtual circuits.

full-mesh topology

A network topology that is set up so that each device is directly connected to every other device on the network. This connection method has built-in redundancy. If one link goes down, the device transmits via another link.

G

GBIC (Gigabit Interface Converter)

An interface module that can be inserted into the Gigabit Ethernet slot on a switch to allow for different media connections to that port. The physical media can range from copper to single-mode fiber. A GBIC is also hot-swappable, so it can be installed without interrupting service to that switch.

global address

A type of IPv6 address with the broadest scope. These addresses are for global use—that is, for Internet communications.

H

half duplex

One-way communication transmission with suboptimal throughput because it operates in a collision domain in which CSMA/CD must be enabled. When connected to a hub, half duplex must be run.

hashing

The process of running data through an algorithm that generates a result based on the actual data. This result is known as the hash. In most cases, this result is then sent with the data to the receiving device. The receiving device can then rerun the hash algorithm and compare the results to ensure that the data did not change in transmission.

HDLC (High-level Data Link Control)

A WAN encapsulation that can be used over leased lines and circuit-switched connections. Does not have many features, but uses minimal network overhead when communicating. Cisco’s version of HDLC is proprietary.

hold-down timer

A routing loop mitigation process in which a router ignores any information about an alternative route with a higher metric to a poisoned subnet for an amount of time.

hop

A metric determined by the number of routers along the destination path.

host mask

255.255.255.255 or /32 subnet mask used on loopback interfaces to represent a single host.

hostname hostname

A global configuration command to name the router.

HSSI (High-Speed Serial Interface)

A high-speed interface that offers up to 52Mbps transmission rates to the WAN from a Cisco router. The higher speed capacity is relevant if the corporate backbone requires high-speed Internet access and VPN connectivity.

HTTP (HyperText Transfer Protocol)

An Application layer protocol that enables web browsing with the transmission of Hypertext Markup Language (HTML) documents on the Internet.

HTTPS (Secure HyperText Transfer Protocol)

An Application layer protocol that enables secure web browsing using SSL. A secure connection is indicated when the URL begins with https:// or when there is a lock symbol in the lower-right corner of the web page that is being viewed.

hub

A multiple port repeater. A smaller hub consists of four or five ports and might be called a workgroup hub. When data is received, the hub then retransmits that data on all the other ports.

hub-and-spoke design

One of the lowest-cost designs in a packet-switched network. All offices connect to a central office (the hub) through a single virtual circuit connection. If the hub router goes down, all connectivity through the packet-switched network is lost.

I–J–K

ICMP (Internet Control Messaging Protocol)

A Network layer protocol that provides ping and traceroute utilities.

idle timer/fast idle timer

Configuration parameters used with DDR connections to set the amount of time the connection should stay online without seeing interesting traffic.

IDS (Intrusion Detection System)

A passive device that listens to traffic passing through a network to generate alerts and issue TCP resets if necessary.

IETF frame relay encapsulation

An industry-standard Frame Relay encapsulation that can be used when communicating with non-Cisco routers through a Frame Relay service provider.

IGP (Interior Gateway Protocol)

A routing protocol that advertises networks and metrics within an autonomous system.

IGRP (Interior Gateway Routing Protocol)

A Cisco-proprietary distance vector routing protocol that uses a composite metric to determine the optimal path.

in-band

Management signals traversing over the same networking paths and interfaces as the data stream.

information query

A type of query that is sent via the Internet to resolve hostnames from IP addresses or vice versa.

infrared

A wireless technology that uses infrared beams to pass data across the network. A television remote uses infrared technology to send requests to the television set. Speeds can reach a maximum of 16Mpbs, and signals are used for short distance communications.

inside global address

NAT terminology that describes the public address assigned to the NAT gateway.

inside local address

NAT terminology that describes the private addresses behind the NAT gateway.

Integrated Services Digital Network (ISDN)

A circuit-switched network that combines multiple B channels that can handle 64Kbps each with a single signaling (D) channel to form a WAN connection between two locations.

interesting traffic

Used when configuring DDR to tell the router what traffic is valuable enough to initiate a call using the DDR connection.

interface configuration

A configuration mode that sets parameters specific to the interface.

interface range media port_range

A switch global configuration command that navigates several switch ports that will ultimately share similar configuration parameters.

internetwork

The connection of more than one network. These networks are linked by hardware devices to function as a larger single network. An internetwork can also be called an internet.

inter-VLAN routing

Traffic routed from one VLAN to another by using an external router or a Layer 3 switch.

inverse ARP

A method that allows a Frame Relay router to automatically discover the remote routers by sending Inverse ARP messages to each local DLCI number it receives from the service provider.

inverse mask/wildcard mask

A complete reversal of the subnet mask that is used primarily when configuring OSPF and access list.

IOS

The software developed and maintained by Cisco to support a full array of system functions, applications (including Internet applications), and network hardware in a single software package.

IP (Internet Protocol)

A Network layer protocol that uses logical or virtual addressing to get a packet from a source to its destination. IP addresses are used by routers to make forwarding decisions.

ip access-group

A command used to apply an access list to an interface.

ip address address subnet_mask

An interface configuration command that assigns an IP address to an interface.

ip address dhcp

An interface configuration command that dynamically obtains an IP address for the interface.

ip default-gateway gateway_IP

A switch global configuration command that sets a default route/gateway of last resort for a Layer 2 switch.

ip dhcp pool

A global configuration command that defines a DHCP address pool.

ip domain-lookup

A global configuration command that enables dynamic name resolution lookups.

ip host hostname IP

A global configuration command to create a static map of an IP address to a hostname.

ip name-server dns_server_IP

A global configuration command that specifies up to six DNS servers for dynamic resolution.

IP security (IPsec)

A protocol framework that provides many types of security for network communication. IPsec is commonly used in VPN connections.

IPS (Intrusion Prevention System)

An active device that is inline with the traffic path on a network. An IPS listens promiscuously to all incoming traffic to identify attacks, which the system can then block.

IPv4 (IP version 4)

A version of IP addressing that uses 32-bit addresses grouped into four octets. Each octet has a minimum value of 0 and a maximum value of 255. IPv4 addresses are presented in dotted decimal format.

IPv6 (IP version 6)

An IP address format that was created in the event that the IPv4 address space is exhausted. IPv6 addresses are 128 bits long and are represented by 32 hexadecimal digits broken into eight smaller groups of 4 bits, which are separated by colons.

ISL (InterSwitch Link)

A Cisco frame-tagging method over trunk ports that encapsulates the original frame with a 26-byte header and a 4-byte CRC.

L

LACP (Link Aggregation Control Protocol)

An IEEE standardized dynamic bundling protocol for negotiating EtherChannel bundles.

LAN (Local-Area Network)

An internetwork that is limited to a local or small geographic area. An example of a LAN would be the individual computers or workstations that are connected on one floor of a building.

LCP (Link Control Protocol)

A sublayer protocol of PPP responsible for negotiating authentication, multilink, compression, and callback.

learning

An STP port state in which the interface begins to build MAC addresses learned on the interface.

leased line

Typically the most expensive WAN connection that constructs a dedicated, point-to-point connection between locations.

line configuration

A configuration mode that sets parameters specific to the terminal line.

link-local address

An IPv6 address type that can only go as far as the Layer 2 domain. These addresses are autogenerated when an IPv6 node goes online and are assigned automatically.

link-state routing protocol

A class of routing protocols in which all possible link states are stored in an independent topology table in which the best routes are calculated and put into the routing table. The topology table is initially synchronized with discovered neighbors followed by frequent hello messages. These routing protocols are faster to converge than distance vector routing protocols.

listening

An STP port state in which the interface begins to transition to a forwarding state by listening and sending BPDUs. No user data sent.

LLC (Logical Link Control)

A Data Link sublayer defined by IEEE 802.2.

LMI (Local Management Interface)

The signaling method used between a Frame Relay service provider and the customer premises equipment.

local access rate/line speed

The maximum physical speed a WAN connection is capable of reaching.

login

A line configuration command that enables prompting of a password on the terminal lines.

longest-match rule

In routing logic, dictates that when there are several subnetted entries for a destination network, the smallest and most specific subnet is chosen over others.

loopback interface

A virtual interface that does not go down unless the router is turned off. Used by OSPF to determine the Router ID.

LRE (Long-Reach Ethernet)

An Ethernet specification developed by Cisco to provide broadband service over existing telephone-grade or Category 1, 2, or 3 wiring. Speeds vary between 5 to 15Mbps and can reach a maximum segment length of up to 5000m.

LSA (Link State Advertisement)

Used by OSPF to send hello messages and update information on attached interfaces, metrics used, and other variables.

LSU (Link State Update)

A specific type of LSA that entails new information being sent to neighbor routers after an adjacency has been formed with that neighbor.

M

MAC (Media Access Control)

A Data Link sublayer defined by IEEE 802.3.

MAC address

A hard-coded (burned-in) address on the network interface controller (NIC) of the Physical layer node attached to the network.

MAN (Metropolitan Area Network)

An internetwork that is larger than a LAN but smaller than or equal in size to a WAN.

management VLAN

VLAN 1 by default. The management VLAN contains the switch’s management IP address and CDP and VTP advertisements.

man-in-the-middle attack

A type of access attack that occurs when a hacker eavesdrops or listens for network traffic and intercepts a data transmission. As soon as the transmission is intercepted, the untrustworthy host can position itself between the two communicating hosts, interpret the data, and steal information from the packets sent.

max-age timer

The maximum length of time a bridge port saves its configuration BPDU information. The value is 20 seconds by default.

MD5 (Message Digest 5)

A hashing algorithm created in 1991 by Ronald Rivest, an MIT professor. Uses a 128-bit hash.

metro ethernet

A new type of technology allowing for low-cost, high-speed fiber connections between offices within metropolitan areas.

microsegmentation

The process in which a switch creates a dedicated path for sending and receiving transmissions with each connected host. Each host then has a separate collision domain and a dedicated bandwidth.

MIMO (Multiple Input, Multiple Output)

An implementation of 802.11 wireless technology that uses multiple antennas at both the transmitter and receiver to improve the performance of the wireless connection.

MPPC (Microsoft Point-to-Point Compression)

A PPP compression algorithm developed by Microsoft for Windows dial-up clients.

modem

A device that converts a digital signal into an analog signal for transmission over a telephone line. The signal is converted back into a digital format when it reaches the device on the other end of that telephone line.

multicast

An Ethernet LAN address in which a frame can be sent to a group of devices in the same LAN. IEEE Ethernet multicast addresses always begin with 0100.5E in hexadecimal format. The last three bytes can be any combination.

multimode

A type of fiber cable that is generally used for shorter distances and is ideal for a campus-sized network.

multiplexing

Combining multiple messages over a single channel.

N

named access list

An access list identified by a name rather than a number. Can be standard or extended, and allows the deletion of individual access list lines.

NAT (Network Address Translation)

A technique that translates a private IP address to a public IP address for outbound transmission to the Internet. NAT also translates a public IP address to a private IP address for inbound transmission on the internal network.

native VLAN

VLAN 1 by default. Traffic originating from the native VLAN is not tagged over the trunk link.

NAT overload

Allows multiple internal clients to share a single Internet IP address using port numbers to distinguish requests.

NAT pool

NAT terminology that describes a pool of addresses that a router can use for NAT translations.

NBMA (NonBroadcast MultiAccess)

A WAN network design that allows multiple clients to attach, but not send broadcast messages to each other. Frame Relay is an example of an NBMA network.

NCP (Network Control Protocol)

A sublayer protocol of PPP responsible for enabling multiple Network layer protocols to work over a PPP-encapsulated WAN connection.

neighbor table

A table used by link-state and balanced hybrid routing protocols that maintains all neighbors discovered by receiving hello messages from other routers using the same routing protocol.

network ID

Also called a network number or subnet ID, this address is the first IP address in a network. Every host bit for the network ID address is turned off (or all 0s).

network interface

A network component that provides connectivity from an end-user PC or laptop to the public network. Depending on the interface, you might see up to three light-emitting diodes (LEDs) that help to determine status of the connection.

network layer

Layer 3 of the OSI model. Determines the best path for packet delivery across the network. Routed protocols such as IP are used to determine logical addressing that can identify the destination of a packet or datagram. The most common network device found at the Network layer is a router; however, Layer 3 switches might also be implemented.

NEXT (Near-end Crosstalk)

The crosstalk measured at the transmitting end of a cable.

NFS (Network File System) (pertaining to a session layer)

A Session layer protocol that accesses remote resources transparently and represents files and directories as if local to the user system.

NFS (Network File System) (pertaining to an application layer)

An Application layer protocol that allows users with different operating systems (that is, NT and Unix workstations) to share files.

NNTP (Network News Transfer Protocol)

An Application layer protocol that offers access to Usenet newsgroup postings.

nonbroadcast multiaccess topology

Consists of multiple devices that access the same medium and cannot hear each other’s broadcasts and multicast messages such as Frame Relay networks.

no shutdown

An interface configuration command that administratively enables an interface.

NTP (Network Time Protocol)

An Application layer protocol that synchronizes clocks on the Internet to provide accurate local time on the user system.

NVRAM (NonVolatile Random-Access Memory)

A type of system memory that stores the startup configuration. This configuration is loaded when the router is booted.

O

ODR (On-Demand Routing)

An enhancement to CDP that enables a stub router to advertise the connected IP prefix.

OSI model

A layered architecture model created by the International Organization for Standardization (ISO) to internetwork various vendor specific networks.

OSPF (Open Shortest Path First)

An open-standard classless routing protocol that uses cost as a metric and uses areas to minimize routing overhead.

OSPF priority

An arbitrary number configured on an OSPF interface to influence a DR and BDR election. Default is 1.

out-of-band

Management signals traversing a dedicated channel separate from the data stream.

outside global address

NAT terminology that describes an Internet valid address accessible from any device connected to the Internet.

outside local address

NAT terminology that describes an Internet valid address as it is seen from the internal network.

P

packet

A unit of data that contains control information and might also be referred to as a datagram. Packets are used by the Network layer of the OSI model.

packet sniffer

A software program or piece of hardware that captures, decodes, and analyzes traffic sent over a network.

packet-switched network

A type of WAN connection that establishes connections using virtual circuits. ATM, Frame Relay, and X.25 fall under this category of connection.

PAgP (Port Aggregation Protocol)

A proprietary dynamic bundling protocol for negotiating EtherChannel bundles.

PAP (Password Authentication Protocol)

A weak authentication type used with PPP encapsulation. Usernames and passwords are transmitted a single time in clear-text format.

partial-mesh design

A packet-switched network design that compromises between cost and redundancy by providing key locations with multiple virtual circuit connections.

partial-mesh topology

A network topology that has direct connectivity between some of the network devices, but not all of them, such as the full mesh topology.

passive interface

A routing process command that defines an interface that stops sending routing updates. The interface still can accept routing updates.

password attack

A type of access attack in which a hacker attempts to obtain a password for a device.

password password

A line configuration command that specifies the password to be prompted on a terminal line.

PAT (Port Address Translation)

A technique that translates a Transport protocol connection (TCP or UDP) from an outside network host/port to an internal network host/port.

PDU (Protocol Data Unit)

A unit that includes the message and the protocol/control information from the forwarding layer of the OSI model.

physical layer

Layer 1 of the OSI model. Moves bits between nodes. Electrical, mechanical, procedural, and functional requirements are defined at the Physical layer to assist with the activation, maintenance, and deactivation of physical connectivity between devices.

ping (Packet Internet Groper)

An echo request sent by a device that uses ICMP at the Network layer to validate that an IP address exists and can accept requests. The response is called an echo response.

ping sweep

A tool that sends an echo request to numerous host IP addresses at the same time to see which host(s) respond(s) with an echo reply.

POE (Power Over Ethernet)

A technology that allows an end device to receive power over a copper Ethernet cable. End devices that might use PoE include IP telephones, wireless access points, video cameras, and card scanners.

point-to-multipoint/multipoint subinterface

A subinterface that allows multiple DLCI numbers to be mapped to remote IP addresses under the same logical interface.

point-to-point subinterface

A subinterface typically used for Frame Relay that assigns a single DLCI number to a single subinterface and creates a point-to-point style connection through a packet-switched cloud.

point-to-point topology

A network topology in which two routing devices are separated by a segment.

poison reverse

A routing loop mitigation process in which a router receives a poisoned route and overrides the split horizon rule to send the subnet as “possibly down” back to the source.

POP3 (Post Office Protocol 3)

An Application layer protocol that receives email by accessing an Internet server.

portfast

A Cisco STP enhancement that skips the listening and leaning port states for end-devices.

port redirection

NAT terminology that describes statically translating from one port to another.

port scan

A software program that surveys a host network for open ports.

port security

A method to limit the number of MAC addresses that are dynamically learned on a switch port.

POST (Power-On Self Test)

A test performed by a ROM chip to initially test the hardware on bootup.

PPP (Point-to-Point Protocol)

A WAN encapsulation type that provides many features and is supported by nearly all router vendors.

PPP multilink

An industry-standard feature that allows multiple connections to be bundled into a single, logical connection between two network locations.

PPPoA (PPP over ATM)

An encapsulation typically used by DSL service providers to gain the features of PPP over an ATM connection.

PPPoE (PPP over Ethernet)

An encapsulation typically used by DSL service providers to gain the features of PPP over an Ethernet connection.

predictor compression

A dictionary-based compression type that attempts to predict the traffic patterns that will be sent over a WAN connection. Is good for links that have very few types of traffic. Uses more memory resources than the sister compression type, Stacker.

presentation layer

Layer 6 of the OSI model. Presents data to the Application layer and acts as a data format translator.

PRI (Primary Rate Interface)

A type of ISDN connection that uses 23 B channels and a single D channel. Provides bandwidth equivalent to a T1 line.

private IP address

An address that is not routable over the Internet. These include the 10.0.0.0/8 network, the 172.16.0.0 to 172.31.255.255/16 networks, and the 192.168.0.0 to 192.168.255.255/24 networks.

privileged EXEC

The highest privileged command mode, which allows full access to all commands.

process ID

A number between 1 and 65535 that represents a unique instance of an OSPF process. The process ID is locally significant (it does not have to match in all routers in the OSPF autonomous system).

protect

A port security violation action in which frames from unsecure MAC addresses are dropped until the number of MAC addresses drops below the maximum.

proxy ARP (Proxy Address Resolution Protocol)

A protocol that allows a router to respond to an ARP request that has been sent to a remote host. Some UNIX machines (especially Solaris) rely on Proxy ARP versus default gateways.

public IP address

An address that is routable over the Internet.

PVC (Permanent Virtual Circuit)

A permanently established virtual circuit through a service provider network.

PVST (Per-VLAN Spanning Tree)

An instance of Spanning Tree Protocol runs for each active VLAN in a switched network.

Q

Q.921

The ISDN D channel protocol used at the Data Link layer.

Q.931

The ISDN D channel protocol used at the Network layer.

QoS (Quality of Service)

The method of prioritizing certain types of traffic when congestion affects performance.

R

RAM (Random-Access Memory)

A type of memory that is used for short-term storage of a machine’s running IOS and running configuration. This is the only type of system memory that is not permanent.

RARP (Reverse Address Resolution Protocol)

A protocol that maps a known MAC address to an IP address.

reconnaissance attack

A class of passive attack in which a hacker surveys a network and collects data for a future attack.

redistribution

A method of configuring routing protocols to advertise networks from other routing protocols.

reload

A privileged EXEC command to perform a reboot of the router or switch.

remote-access VPN

A VPN connection type that allows telecommuting or mobile workers to connect to the corporate network from their PCs.

repeater

A device consisting of a transmitter and a receiver. When the repeater receives a signal, it amplifies the signal and then retransmits. This effectively enables the signal to travel over a greater distance.

restrict

A port security violation action in which a violation increases the violation counter and an SNMP alert is generated.

resume conn#

A user or privileged EXEC command resumes a suspended Telnet session.

RF (Radio Frequency)

A method of broadcasting that uses alternating current to produce radio waves. RF typically is used in 802.11 wireless networking.

ring topology

A network topology that is set up so that one device is directly connected to two other devices on the same network. When a device emits a data signal transmission, it is sent in a single direction to the next connected device. The transmission continues to pass along each device successively until it arrives back at the original transmitting device. This method creates a ring or a loop.

RIP (Routing Information Protocol)

A standard distance vector routing protocol that uses hop count as its only metric.

RIPv2 (RIP version 2)

An enhancement to RIP to support classless updates, router authentication, and multicast updates.

ROM (Read-Only Memory)

A type of system memory that contains the basic code for booting a device and maintaining power-on self test (POST), ROM Monitor (ROMmon), bootstrap, and RxBoot.

ROMmon (ROM Monitor)

A small codeset in ROM that allows you to perform elementary functions to manually get the router or switch back to a functioning state.

root bridge

The base of the STP topology calculations elected based on the lowest Bridge ID.

root port

A nonroot bridge port that has the lowest cumulative cost to a root bridge.

routed protocol

A protocol such as IP that can be routed using a router.

route poison

A routing loop mitigation process in which a router sets a failed subnet to an infinite metric and advertises it to its neighbor.

router ID

The IP address by which a device is known to an OSPF autonomous system. Determined by the highest active loopback IP address that is configured when the OSPF process starts. If your router does not have a loopback interface, it uses the highest physical interface IP address.

router-on-a-stick

An inter-VLAN routing method by trunking to an external router with subinterfaces.

route summarization

The process of advertising multiple network IDs into a single route.

route update packet

A packet that sends updates to neighbor routers about all networks connected to that internetwork and is supported by routing protocols such as RIP, EIGRP, and OSPF.

routing protocol

A protocol that exchanges network routes between routing devices to dynamically advertise networks. RIP, OSPF, and EIGRP are examples of routing protocols.

routing table

The routing logic stored in RAM, where packet forwarding decisions are made.

RPC (Remote Procedure Call)

A Session layer protocol that is the basis for client/server communications. Calls are created on the client and then carried out on the server.

RSTP (Rapid Spanning Tree Protocol)

IEEE 802.1w RSTP incorporates similar technologies as Cisco’s PortFast, UplinkFast, and BackboneFast.

running-config

The active configuration running in RAM.

RxBoot

Also known as a mini-IOS, RxBoot is a limited IOS in ROM with enough functionality to load an IOS from a TFTP server.

S

SAN (Storage-Area Network)

A subnetwork or special-purpose network. Allows users on a larger network to connect various data storage devices with clusters of data servers.

SDM (Security Device Manager)

A web-based tool that was developed by Cisco for its IOS software-based routers. SDM gives users the option to configure and monitor a router without relying heavily on the CLI.

server mode

The default VTP mode that enables you to create, modify, and delete VLANS. These VLANs are advertised to other switches and saved in the VLAN database.

service password-encryption

A global configuration command that encrypts all passwords that are clear text in the configuration.

session layer

Layer 5 of the OSI model. Handles dialog control among devices.

setup mode

An interactive dialog session to establish an initial configuration. Setup mode is automatically loaded when there is a missing startup-config in NVRAM.

SHA-1 (Secure Hash Algorithm 1)

A hashing algorithm published in 1995 by the NIST to increase the strength of the hash algorithm from the original MD5 standard. Uses a 160-bit hash.

show cdp neighbors

A user or privileged EXEC command to display the device ID, local interface, holdtime, capability, platform, and port ID learned from CDP advertisements of directly connected neighbors.

show cdp neighbors detail

A user or privileged EXEC command to display the output of the show cdp neighbors command in addition to the Cisco IOS version and the Layer 3 address of directly connected neighbors.

show controller

A user or privileged EXEC command to display the interface microcode including whether a DTE or DCE cable connected to the interface.

show dhcp lease

A user or privileged EXEC command to display the IP address assigned to the interface(s) configured by the ip address dhcp command.

show flash

A user or privileged EXEC command to display the filenames and sizes of IOS files stored in flash memory.

show interfaces

A user or privileged EXEC command to display the status of the interfaces as well as physical and logical address, encapsulation, bandwidth, reliability, load, MTU, duplex, broadcasts, collisions, and frame errors.

show ip dhcp bindings

A user or privileged EXEC command to display the IP addresses dynamically assigned to devices from the DHCP-enabled router.

show ip interface brief

A user or privileged EXEC command to display a summary of the interface statuses and logical addressing.

show sessions

A user or privileged EXEC command to verify active Telnet sessions initiated from local device.

show version

A user or privileged EXEC command to display the IOS version, system uptime, amount of RAM, NVRAM, flash memory, and configuration register.

SIA (Stuck In Active) timer

Enabled when an EIGRP router goes into an active state in the event of a topology change. The SIA timer is the amount of time a neighbor EIGRP router has to respond to a query. The default is 180 seconds.

single-mode

A type of fiber cable that is used to span longer distances than multimode fiber. Single-mode fiber also allows for a higher data rate and faster data transmission speeds.

site-to-site VPN

A VPN configuration that directly replaces a private line connection by establishing a permanent or semipermanent connection between sites.

SMTP (Simple Mail Transfer Protocol)

An Application layer protocol that sends email across the network.

smurf attack

A type of DoS attack in which multiple broadcast ping requests are sent to a single target from a spoofed IP address.

SNMP (Simple Network Management Protocol)

An Application layer protocol that monitors the network and manages configurations.

SPID (Service Provider Identifier)

Sometimes required on ISDN lines upon dial-in for billing purposes.

split-horizon

A distance vector routing protocol loop-prevention mechanism that prevents data from being sent back in the direction from which it was received.

SQL (Structured Query Language)

A Session layer protocol that functions as a query language that requests, updates, and manages databases.

SSH (Secure Shell)

A protocol that enables terminal encrypted connections to remote devices with an IP address.

SSL (Secure Socket Layer)

A protocol that provides a secure channel between two devices at the Application layer (Layer 7) of the OSI model.

SSL VPN

Also known as WebVPN. Allows users to connect to a VPN without requiring a client installation. Users access the VPN using a secure web page.

stacker compression

A flat compression type that uses the same compression algorithm for all traffic types. Is a good compression for links that have many types of traffic. Uses more processor resources than the sister compression type, Predictor.

standard access list

A list of permit and deny statements that can match network traffic based on the source IP address only.

star topology

A network topology that is the most commonly implemented network design. With this topology, there is a central device with separate connections to each end node. Each connection uses a separate cable. You might also hear this called a hub-and-spoke topology.

startup-config

A saved configuration stored in NVRAM that is loaded when the router or switch boots.

static frame relay map

A manual method of mapping a local DLCI number to the remote IP address it is capable of reaching over a Frame Relay cloud.

static NAT

Manually maps a NAT-translated address, typically between a public Internet address and a private internal address.

static route

A manual entry that an administrator enters into the configuration that describe the destination network and the next hop.

sticky secure MAC address

A MAC address dynamically learned using port security that the switch automatically configures to be secure MAC addresses.

store-and-forward

A latency-varying transmission method that buffers the entire frame and calculates the CRC before forwarding the frame.

STP (Spanning Tree Protocol)

A Layer 2 protocol that eliminates loops caused by redundant connections on a switched network.

STP (Shielded Twisted-Pair) cable

A branch of twisted-pair cabling that uses an additional shield that provides an additional reduction of interference and attenuation.

stub network

A network with a single entry and exit point.

stub routing

An EIGRP routing feature that minimizes convergence in hub-and-spoke networks.

subinterface

A logical extension of a physical interface that is treated by the IOS as an actual interface.

subnet (subnetwork)

A smaller network created from a Class A, B, or C network.

subnet mask

A 32-bit address used by a network device to identify which part of an IP address is the subnet portion.

subnetting

The process of breaking a large network of IP addresses into smaller, more manageable address ranges.

successor route

The route in a topology table with the lowest feasible distance to a subnet. This route is also placed in the routing table.

supernet

A summarized route.

SVI (Switched Virtual Interface)

Created in a Layer 3 switch to perform inter-VLAN routing.

switch

A multiport bridge that uses an Application-Specific Integrated Circuit (ASIC) to forward frames at the Data Link layer. Each port of the switch has dedicated bandwidth.

Switched Virtual Circuit (SVC)

An on-demand virtual circuit through a service provider network.

switchport trunk allowed vlan

An interface configuration command that specifies which VLANs or VLAN ranges are permitted over a trunk link.

synchronization

A Rapid Spanning Tree Protocol process of blocking all nonedge point-to-point links before sending a proposal to ensure that a change in a switched topology gets accurately synchronized with all other local ports.

synchronous

A serial interface that synchronizes clocks for the bit stream of both the sending and receiving end of a serial link.

SYSLOG

A management feature that collects log messages from a Cisco device and sends them to a syslog server to keep a record of any network occurrences.

T

TCP (Transmission Control Protocol)

A reliable connection-oriented Transport layer protocol. TCP uses acknowledgments, sequencing, and flow control to ensure reliability.

TCP established

A type of extended access list entry that can be added to allow return traffic, satisfying a client request.

TCP/IP (Transmission Control Protocol/Internet Protocol)

A suite of protocols developed by the Department of Defense to help develop internetworks.

TCP SYN attack

A type of DoS attack in which a SYN request is sent to a device with a spoofed IP address. The attacking system does not acknowledge the resulting SYN-ACK, which causes the session connection queues to fill up and stop taking new connection requests.

telnet

A TCP/IP protocol that provides terminal emulation to a remote host by creating a virtual terminal.

telnet IP_address

A user or privileged EXEC command to initiate a virtual terminal session to a remote device.

terminal editing key

A shortcut key to navigate the cursor in lieu of the arrow keys.

TFTP (Trivial File Transfer Protocol)

An Application layer protocol that is a bare-bones version of FTP that does not provide access to directories. With TFTP, you can simply send and receive files.

token passing

A process in which a 3-byte token (or special bit pattern) is inserted in a frame and passed in a single direction from one node to another until it forms a complete loop. The node that has possession of the token is the only one that can send data at any given time on that LAN. Because only one node can send data at a time, collisions are avoided.

token ring

A LAN protocol that uses a token-passing media access technology in a physical ring or physical star topology, which creates a logical ring topology. Token Ring is defined by the IEEE 802.5 standard.

topology table

A table used by link-state and balanced hybrid routing protocols that maintains every possible route to any given subnet along with its associated metric.

traceroute

A Network layer tool that traces the route or path taken from a client to a remote host. Traceroute also reports the IP addresses of the routers at each next hop on the way to the destination.

transparent bridge

A bridge that goes unnoticed by the other devices on a network.

transparent mode

A VTP mode in which you can create, modify, and delete VLANs only on the local switch. Transparent switches do not participate in VTP but forward VTP advertisements received from servers. Also saves VLAN configuration in a VLAN database.

transport layer

Layer 4 of the OSI model. Responsible for end-to-end connections and data delivery between two hosts. The capability to segment and reassemble data is a key function of this layer.

triggered update

A routing loop mitigation process in which a router immediately shoots out an update as opposed to waiting for the normal update interval.

triple DES (3DES) algorithm

Produced to address the weaknesses of DES. This algorithm did not reinvent the wheel of encryption, so to speak. Instead, it ran the DES algorithm three times with different keys (thus the term 3DES). This significantly improved the strength of the original DES algorithm.

trunk

An interconnection between switches that multiplexes traffic from all VLANs to other switches.

trust exploitation

A type of access attack that occurs when a device or group of devices on a shared segment erroneously trust information that has been provided by an untrustworthy source.

U

UDP (User Datagram Protocol)

An unreliable connectionless Transport layer protocol. UDP headers contain only the source and destination ports, a length field, and a checksum.

unicast

An Ethernet LAN address that identifies the MAC address of an individual LAN or NIC card.

unique/site-local address

An IPv6 address type that can expand to the size of an organization and that is used to describe the boundary of the organizational network. This is the private addressing for IPv6.

uplinkfast

A Cisco STP enhancement that skips the listening and learning port states on redundant trunk links to distribution layer switch.

user EXEC

An initial command mode with limited commands to test connectivity and verify statistics.

UTP (Unshielded Twisted-Pair) cable

A branch of twisted-pair cabling that uses four pairs of colored wire. UTP is vulnerable to EMI and uses an RJ-45 connector. There are five categories of UTP cable, labeled Category 1 to Category 5.

V

V.35

A physical serial interface standard on CSU/DSU devices.

variance

A multiplier used in IGRP and EIGRP that enables these routing protocols to load balance over unequal paths.

virtual circuit

A logical connection through a service provider network that makes the attached routers believe they are directly connected.

VLAN

A Layer 2 method of segmenting broadcast domains. Each VLAN created in a switch represents a logical grouping of devices into their own broadcast domain.

VLSM (Variable-Length Subnet Mask)

A design that allows you to allocate an IP subnet according to the needed number of hosts for that subnet. Requires classless routing.

VMPS (VLAN Membership Policy Server)

A dynamic method of associating MAC addresses with VLANs.

voice VLAN

Sometimes called auxiliary VLANs, voice VLANs create a separate broadcast domain on an access port to logically segment and administer VoIP traffic.

VPN (Virtual Private Network)

A type of network connection that allows secure transmission of network data over the Internet between two or more locations.

VTP (VLAN Trunking Protocol)

A Layer 2 Cisco-proprietary protocol that minimizes the administrative overhead involved in replicating VLAN configurations by having a VTP server advertise the VLAN configurations.

VTP domain

A collection of switches participating in VTP advertisements.

VTP pruning

Reduces unnecessary flooded traffic, such as broadcast, multicast, unknown, and flooded unicast packets to other switches by repressing flooded traffic to switches from inactive VLANs.

W

WAN (Wide-Area Network)

An internetwork that covers more than one geographical area.

WebVPN

Also known as an SSL VPN. Allows users to connect to a VPN without requiring a client installation. Users access the VPN using a secure web page.

Wi-Fi alliance

A group of large companies that own and control the Wi-Fi Certified logo and ensure that 802.11 wireless equipment is cross-compatible.

wildcard mask

Sometimes referred to as an inverse mask. Used to identify to the IOS how much of an IP address should be applied to a criterion in a configuration statement. A 0 means that the corresponding bit must match. A 1 means to ignore the corresponding bit value.

windowing

A process used by TCP in which windows are determined by the receiving system to limit the amount of data segments (bytes) that can be sent by the source device without an acknowledgment from the recipient. Window sizes vary and can change throughout the duration of a connection.

wireless cell

Defines a region of coverage by a wireless access point.

wireless channel

Defines distinct ranges of radio frequencies that are used for 802.11 transmission. Your goal in designing wireless networks is to ensure that wireless coverage from adjacent access points uses different channels so as not to interfere with each other.

Wireless Fidelity (Wi-Fi)

A wireless networking standard defined by IEEE 802.11. The 802.11 standard allows for transmission speeds of up to 1 to 2Mbps and uses a radio frequency of 2.4GHz.

wireless roaming

The ability of a wireless client to move between different wireless access points without losing network connectivity.

WPA (Wi-Fi Protected Access)

Offers a stronger encryption scheme than the original WEP standard without changing wireless hardware requirements. Implements Temporal Key Integrity Protocol (TKIP) and the Message Integrity Code (MIC).

WPA2 (Wi-Fi Protected Access 2)

Also known as 802.11i. Implements a stronger security system for wireless networks using the Advanced Encryption Standard (AES) encryption cipher.

X–Y–Z

X.21

A physical serial interface standard on CSU/DSU devices.

X.25

The predecessor packet-switched technology to Frame Relay. X.25 used excessive error checking, which slowed down the connection.

X window

A Session layer protocol that communicates with remote UNIX machines and allows the user to operate the device as if it is attached locally.

zero subnet rule

The first subnet in a network that has all binary 0s in the subnet field.