GLOSSARY
3G Third-generation wireless data technologies for cell phones and other mobile devices. 3G matured over time until Evolved High-Speed Packet Access (HSPA+) became the final wireless 3G data standard. It transferred at theoretical maximum speeds up to 168 megabits per second (Mbps), although real-world implementations rarely passed 10 Mbps.
4G Fourth-generation wireless data technologies for cell phones and other mobile devices. Most popularly implemented as Long Term Evolution (LTE), a wireless data standard with theoretical download speeds of 300 Mbps and upload speeds of 75 Mbps.
4to6 Internet connectivity technology that encapsulates IPv4 traffic into an IPv6 tunnel to get to an IPv6-capable router.
5G Fifth-generation wireless data technologies for cell phones and other mobile devices. Cellular carriers started rolling out 5G in 2019. Depending on the frequency bands used and the 5G modems in the devices, the speed ranges from 30 Mbps to well over 1 Gbps.
6in4 An IPv6 tunneling standard that can go through IPv4 network address translation (NAT).
6to4 An IPv6 tunneling protocol that doesn’t require a tunnel broker. It is generally used to directly connect two routers because it normally requires a public IPv4 address.
8 position 8 contact (8P8C) Four-pair connector used on the end of network cable. Often erroneously referred to as an RJ-45 connector.
10 Gigabit Ethernet (10 GbE) A very fast Ethernet designation that runs at 10 Gbps, with a number of fiber-optic and copper standards.
10BASE-FL Fiber-optic implementation of Ethernet that runs at 10 Mbps using baseband signaling. Maximum segment length is 2 km.
10BASE-T An Ethernet LAN designed to run on UTP cabling. Runs at 10 Mbps and uses baseband signaling. Maximum length for the cabling between the NIC and the hub (or the switch, the repeater, and so forth) is 100 m.
10GBASE-ER/10GBASE-EW A 10 GbE standard using 1550-nm single-mode fiber. Maximum cable length up to 40 km.
10GBASE-LR/10GBASE-LW A 10 GbE standard using 1310-nm single-mode fiber. Maximum cable length up to 10 km.
10GBASE-SR/10GBASE-SW A 10 GbE standard using 850-nm multimode fiber. Maximum cable length up to 300 m.
10GBASE-T A 10 GbE standard designed to run on Cat 6a UTP cabling. Maximum cable length of 100 m.
40GBASE-T A 40 GbE standard designed to run on Cat 8 UTP cabling. Maximum cable length of 30 m.
40 Gigabit Ethernet (40 GbE) Ethernet designation that runs at 40 Gbps, primarily used in switch-to-switch trunks and data center servers. 40 GbE can use either single-mode fiber or OM3 (or greater) multimode fiber. Transceivers use the quad small form-factor pluggable plus (QSFP+) port.
66 block Patch panel used in telephone networks; displaced by 110 blocks in networking.
100BASE-FX An Ethernet LAN designed to run on fiber-optic cabling. Runs at 100 Mbps and uses baseband signaling. Maximum cable length is 400 m for half-duplex and 2 km for full-duplex.
100BASE-T An Ethernet LAN designed to run on UTP cabling. Runs at 100 Mbps, uses baseband signaling, and uses two pairs of wires on Cat 5 or better cabling.
100BASE-TX The technically accurate but little-used name for 100BASE-T.
100 Gigabit Ethernet (100 GbE) Ethernet designation that runs at 100 Gbps, primarily implemented in backbones and machine-to-machine connections. Employs both MMF and SMF with various connectors. A typical connector, the QSFP28, has four 25 Gb channels.
110 block A connection gridwork used to link UTP and STP cables behind an RJ-45 jack or patch panel. Also known as a 110-punchdown block.
110-punchdown block See 110 block.
110-punchdown tool See punchdown tool.
802 committee The IEEE committee responsible for all Ethernet standards.
802.1Q IEEE trunk standard that enables switches from different manufacturers to transfer VLAN traffic to each other.
802.1X A port-authentication network access control mechanism for networks.
802.3 (Ethernet) See Ethernet.
802.3ab The IEEE standard for 1000BASE-T.
802.3z The umbrella IEEE standard for all versions of Gigabit Ethernet other than 1000BASE-T.
802.11 See IEEE 802.11.
802.11a A wireless standard that operates in the frequency range of 5 GHz and offers throughput of up to 54 Mbps.
802.11ac A wireless standard that operates in the frequency range of 5 GHz and offers throughput of up to 1 Gbps. 802.11ac is marketed as Wi-Fi 5.
802.11a-ht Along with the corresponding 802.11g-ht standard, technical terms for mixed mode 802.11a/802.11g operation. In mixed mode, both technologies are simultaneously supported.
802.11ax Wireless standard that brings improvements in high-density areas such as stadiums and conferences in comparison to previous standards. Marketed as both Wi-Fi 6 and Wi-Fi 6E. Wi-Fi 6 operates at the 2.4-GHz and 5-GHz bands, while Wi-Fi 6E operates at the 6-GHz band. 802.11ax offers a maximum throughput of up to 10 Gbps.
802.11b The first popular wireless standard, operates in the frequency range of 2.4 GHz and offers throughput of up to 11 Mbps.
802.11g Older wireless standard that operates on the 2.4-GHz band with a maximum throughput of 54 Mbps. Superseded by 802.11n.
802.11g-ht Along with the corresponding 802.11a-ht standard, technical terms for mixed mode 802.11a/802.11g operation. In mixed mode, both technologies are simultaneously supported.
802.11i A wireless security standard branded as WPA2. See Wi-Fi Protected Access 2 (WPA2).
802.11n An 802.11 standard (marketed as Wi-Fi 4) that increases transfer speeds and adds support for multiple input/multiple output (MIMO) by using multiple antennas. 802.11n can operate on either the 2.4- or 5-GHz frequency band and has a maximum throughput of 400 Mbps. Superseded by 802.11ac, but used with many IoT devices.
1000BASE-LX A Gigabit Ethernet standard using single-mode fiber cabling, with a 5-km maximum cable distance.
1000BASE-SX A Gigabit Ethernet standard using multimode fiber cabling, with a 220- to 500-m maximum cable distance.
1000BASE-T A Gigabit Ethernet standard using Cat 5e/6 UTP cabling, with a 100-m maximum cable distance.
1000BASE-X An umbrella Gigabit Ethernet standard. Also known as 802.3z. Comprises all Gigabit standards with the exception of 1000BASE-T, which is under the 802.3ab standard.
A record DNS record that maps hostnames to their IPv4 addresses.
AAA (Authentication, Authorization, and Accounting) See Authentication, Authorization, and Accounting (AAA).
AAAA record DNS record that maps hostnames to their IPv6 addresses.
absorption Quality of some building materials (such as brick, sheetrock, and wood) to reduce or eliminate a Wi-Fi signal.
abstraction To remove an aspect of a device or process to treat it as a separate unit. Also, the removed aspect of a device or process.
acceptable use policy (AUP) A document that defines what a person may and may not do on an organization’s computers and networks.
access control All-encompassing term that defines the degree of permission granted to use a particular resource. That resource may be anything from a switch port to a particular file to a physical door within a building.
access control list (ACL) A clearly defined list of permissions that specifies what actions an authenticated user may perform on a shared resource.
Access Control Server (ACS) Cisco program/process/server that makes the decision to admit or deny a node based on posture assessment. From there, the ACS directs the edge access device to allow a connection or to implement a denial or redirect.
access control vestibule An entryway with two successive locked doors and a small space between them providing one-way entry or exit. This is a security measure taken to prevent unauthorized entry. Traditionally called a mantrap.
access layer One tier of a three-tiered architecture commonly used in data centers. The access layer acts as the primary connection between the data center’s connectivity and the servers.
access port Regular port in a switch that has been configured as part of a VLAN. Access ports are ports that hosts connect to. They are the opposite of a trunk port, which is only connected to a trunk port on another switch.
Active Directory A form of directory service used in networks with Windows servers. Creates an organization of related computers that share one or more Windows domains.
activity light An LED on a NIC, hub, or switch that blinks rapidly to show data transfers over the network.
ad hoc mode A wireless networking mode where each node is in direct contact with every other node in a decentralized free-for-all. Ad hoc mode is similar to the mesh topology.
Address Resolution Protocol (ARP) A protocol in the TCP/IP suite used with the command-line utility of the same name to determine the MAC address that corresponds to a particular IP address.
administrative account Specialized user account that has been granted sufficient access rights and authority to manage specified administrative tasks. Some administrative accounts exist as a default of the system and have all authority throughout the system. Others must be explicitly assigned the necessary powers to administer given resources.
administrative distance Feature of multi-protocol routers that enables the router to determine the most reliable route—among its protocols—to the same destination.
ADSL (asymmetric digital subscriber line) See asymmetric digital subscriber line (ADSL).
Advanced Encryption Standard (AES) A block cipher created in the late 1990s that uses a 128-bit block size and a 128-, 192-, or 256-bit key size. AES has never been cracked.
adware A program that monitors the types of Web sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows.
agent In terms of posture assessment, refers to software that runs within a client and reports the client’s security characteristics to an access control server to be approved or denied entry to a system.
agentless In terms of posture assessment, refers to a client that has its posture checked and presented by non-permanent software, such as a Web app program, that executes as part of the connection process. Agentless software does not run directly within the client but is run on behalf of the client.
aggregation A technique used in IPv4 and IPv6 address space planning to combine subnets, thus reducing the number of entries in routing tables and using IP address space more efficiently.
air gap The act of physically separating a network from every other network.
Aircrack-ng An open source tool for penetration testing many aspects of wireless networks.
alert (SNMP) Proactive message sent from an SNMP manager as a result of a trap issued by an agent. Alerts may be sent as e-mail, SMS message, voicemail, or via other avenues.
algorithm A set of rules for solving a problem in a given number of steps.
allow Permission for data or communication to pass through or to access a resource. Specific allowances through a firewall are called exceptions.
American Registry for Internet Numbers (ARIN) A Regional Internet Registry (RIR) that parcels out IP addresses to large ISPs and major corporations in North America.
amplification See amplified DoS attack.
amplified DoS attack The type of DoS attack that sends a small amount of traffic to a server, which produces a much larger response from the server that is sent to a spoofed IP address, overwhelming a victim machine.
angled physical contact (APC) Fiber-optic connector that makes physical contact between two fiber-optic cables. It specifies an 8-degree angle to the curved end, lowering signal loss. APC connectors have less connection degradation from multiple insertions compared to other connectors.
Angry IP Scanner Open-source cross-platform GUI port scanner. Can be used as an alternative to Nmap for less demanding scanning tasks.
ANSI/TIA-568 Technical standards published by the Telecommunications Industry Association (TIA) and accredited by the American National Standards Institute (ANSI) for cabling in commercial buildings. Replaced the TIA/EIA-568 standards. Part of the standards include pin and pair assignments in twisted pair networking cable, such as that used in Ethernet networks. See also T568A and T568B.
ANSI/TIA-606 Labeling standard/guidelines published by the Telecommunications Industry Association (TIA) and accredited by the American National Standards Institute (ANSI) for cabling in commercial buildings. Replaced the TIA/EIA-606 standard/guidelines.
anti-malware program Software that attempts to block several types of threats to a client, including viruses, Trojan horses, worms, and other unapproved software installation and execution.
antivirus Software that attempts to prevent viruses from installing or executing on a client. Some antivirus software may also attempt to remove the virus or eradicate the effects of a virus after an infection.
anycast A method of addressing groups of computers as though they were a single computer. Anycasting starts by giving a number of computers (or clusters of computers) the same IP address. Advanced routers then send incoming packets to the closest of the computers.
Application layer See Open Systems Interconnection (OSI) seven-layer model.
application log Tracks application events, such as when an application opens or closes. Different types of application logs record different events.
Application Programming Interface (API) Shared functions, subroutines, and libraries that allow programs on a machine to communicate with the OS and other programs.
application/context aware Advanced feature of some stateful firewalls where the content of the data is inspected to ensure it comes from, or is destined for, an appropriate application. Context-aware firewalls look both deeply and more broadly to ensure that the data content and other aspects of the packet are appropriate to the data transfer being conducted. Packets that fall outside these awareness criteria are denied by the firewall.
approval process One or more decision makers consider a proposed change and the impact of the change, including funding. If the change, the impact, and the funding are acceptable, the change is permitted.
archive The creation and storage of retrievable copies of electronic data for legal and functional purposes.
archive bit An attribute of a file that shows whether the file has been backed up since the last change. Each time a file is opened, changed, or saved, the archive bit is turned on. Some types of backups turn off the archive bit to indicate that a good backup of the file exists on tape.
Area ID (OSPF) 32-bit numeric identifier assigned to OSPF areas. Can manifest as an integer between 0 and 4,294,967,295, or in a form similar to an IPv4 address (for example, “0.0.0.0”). The Area ID will be 0 in networks with a single area. See also areas (OSPF) and Open Shortest Path First (OSPF).
areas (OSPF) Within the OSPF routing protocol, areas are administrative groupings of interconnected routers used to control how routers reroute traffic if a link drops. See also Area ID (OSPF) and Open Shortest Path First (OSPF).
ARP See Address Resolution Protocol (ARP).
ARP cache poisoning A man-in-the-middle attack (on-path attack) where the attacker associates his MAC address with someone else’s IP address (almost always the router), so all traffic will be sent to him first. The attacker sends out unsolicited ARPs, which can be either requests or replies.
arping A command used to discover hosts on a network, similar to ping, but that relies on ARP rather than ICMP. The arping command won’t cross any routers, so it only works within a broadcast domain. See also Address Resolution Protocol (ARP) and ping.
assessment report After a data center audit, the auditing company produces this report to detail all findings, upgrade recommendations, and compliance fixes.
asset disposal Reusing, repurposing, or recycling computing devices that follows system life cycle policies in many organizations.
asset management Managing each aspect of a network, from documentation to performance to hardware.
asymmetric digital subscriber line (ADSL) A fully digital, dedicated connection to the telephone system that provides download speeds of up to 9 Mbps and upload speeds of up to 1 Mbps.
asymmetric-key algorithm An encryption method in which the key used to encrypt a message and the key used to decrypt it are different, or asymmetrical.
attenuation The degradation of signal over distance for a networking cable.
audit (data center) An assessment of a data center’s compliance with laws, regulations, and standards for information security, such as HIPAA or PCI DSS. An audit should be made by an outside organization that specializes in auditing to avoid any potential conflict of interest or bias.
authentication The process of verifying the credentials of a user attempting to access a system. The most common set of credentials is a username and password.
Authentication, Authorization, and Accounting (AAA) A security philosophy wherein a user trying to connect to a network must first present some form of credential in order to be authenticated and then must have limitable permissions within the network. The authenticating server should also record session information about the client.
Authentication Server In Kerberos, the system that authenticates (but does not authorize) the client. After verifying the submitted credentials, the server gives the client a Ticket-Granting Ticket. See also Ticket-Granting Ticket (TGT).
authoritative DNS server DNS server that holds the primary zone file for a particular domain or domains.
authoritative name servers Another name for authoritative DNS servers. See authoritative DNS server.
authorization A step in the AAA philosophy during which a client’s permissions are decided upon. See also Authentication, Authorization, and Accounting (AAA).
Automatic Private IP Addressing (APIPA) A networking feature in operating systems that enables clients to self-configure an IP address and subnet mask automatically when a DHCP server isn’t available.
Autonomous System (AS) An organizational concept within the Border Gateway protocol (BGP) that defines one or more networks that share a unified “policy” regarding how they exchange traffic with other Autonomous Systems.
back up To save important data in a secondary location as a safety precaution against the loss of the primary data.
backup Archive of important data that the disaster recovery team can retrieve in case of some disaster.
backup designated router (BDR) In OSPF networks, a second router set to take over if the designated router fails. See also designated router (DR).
backup generator An onsite generator that provides electricity if the power utility fails.
badge A card-shaped device used for authentication; something you have, a possession factor.
bandwidth (computing) The amount of digital data that can be transferred over a medium in a fixed amount of time. For networks, most often expressed in bits per second.
bandwidth saturation When the frequency of a band is filled to capacity due to a large number of devices using the same bandwidth.
bandwidth speed tester Web site for measuring an Internet connection throughput, both download and upload speeds.
banner grabbing When a malicious user gains access to an open port and uses it to probe a host to gain information and access, as well as learn details about running services.
baseband Digital signaling that has only one signal (a single signal) on the cable at a time. The signal must be in one of three states: one, zero, or idle.
baseline Static image of a system’s (or network’s) performance when all elements are known to be working properly.
baseline configuration Reference record of all the hardware (including portable computers, servers, switches, routers, etc.) and software currently in use in a data center. The baseline configuration also includes network topology and placement of devices in the organization.
basic NAT A simple form of NAT that translates a computer’s private or internal IP address to a global IP address on a one-to-one basis.
Basic Service Set (BSS) In wireless networking, a single access point servicing a given area.
Basic Service Set Identifier (BSSID) The MAC address of a wireless access point (WAP).
baud One analog cycle on a telephone line.
baud rate The number of bauds per second. In the early days of telephone data transmission, the baud rate was often analogous to bits per second. Due to advanced modulation of baud cycles as well as data compression, this is no longer true.
bidirectional (BiDi) transceiver Full-duplex fiber-optic connector that relies on wave division multiplexing (WDM) to differentiate wave signals on a single fiber, creating single strand fiber transmission.
bidirectional wavelength division multiplexing (BWDM) An older, less popular version of WDM, mostly replaced by dense wavelength division multiplexing (DWDM).
biometric Human physical characteristic that can be measured and saved to be compared as authentication in granting the user access to a network or resource. Common biometrics include fingerprints, facial scans, retinal scans, voice pattern recognition, and others.
biometric device Device that scans fingerprints, retinas, or even the sound of the user’s voice to provide a foolproof replacement for both passwords and smart devices.
block Access that is denied to or from a resource. A block may be implemented in a firewall, access control server, or other secure gateway. See also allow.
block cipher An encryption algorithm that encrypts data in “chunks” of a certain length at a time.
blocks Contiguous ranges of IP addresses that are assigned to organizations and end users by IANA. Also called network blocks.
BNC connector A connector used for 10BASE-2 coaxial cable. All BNC connectors have to be locked into place by turning the locking ring 90 degrees.
BNC coupler Passive connector used to join two segments of coaxial cables that are terminated with BNC connectors.
bonding Two or more NICs in a system working together to act as a single NIC to increase performance.
Bootstrap Protocol (BOOTP) Early protocol that provided dynamic IP addressing (this job has generally been replaced by DHCP) and diskless booting.
Border Gateway Protocol (BGP) An exterior gateway routing protocol that enables groups of routers to share routing information so that efficient, loop-free routes can be established. BGP connects Autonomous Systems on the Internet. The current version is BGP-4.
botnet A group of computers under the control of one operator, used for malicious purposes. See also zombie.
bottleneck A spot on a network where traffic slows precipitously.
bounce A signal sent by one device taking many different paths to get to the receiving systems.
bps (bits per second) A measurement of how fast data is moved across a transmission medium. A Gigabit Ethernet connection moves 1,000,000,000 bps.
branch office (data center) A multilocation organization’s remote office served by centralized data centers. Branch offices themselves store very little data onsite.
bridge A device that connects two networks and passes traffic between them based only on the node address, so that traffic between nodes on one network does not appear on the other network. For example, an Ethernet bridge only looks at the MAC address. Bridges filter and forward frames based on MAC addresses and operate at Layer 2 (Data Link layer) of the OSI seven-layer model. While wired bridges were made obsolete by switches, wireless bridges are still in use today. See also wireless bridge.
bridge loop See switching loop.
bridged connection An early type of DSL connection that made the DSL line function the same as if you snapped an Ethernet cable into your NIC.
bring your own device (BYOD) Mobile deployment model wherein users bring their own network-enabled devices to the work environment. These cell phones, tablets, notebooks, and other mobile devices must be easily and securely integrated and released from corporate network environments using onboarding and offboarding technologies.
broadband Analog signaling that sends multiple signals over the cable at the same time. The best example of broadband signaling is cable television. The zero, one, and idle states exist on multiple channels on the same cable. See also baseband.
broadcast A frame or packet addressed to all machines; always limited to a broadcast domain.
broadcast address The address a NIC attaches to a frame when it wants every other NIC on the network to read it. In TCP/IP, the general broadcast address is 255.255.255.255. In Ethernet, the broadcast MAC address is FF-FF-FF-FF-FF-FF.
broadcast domain A network of computers that hear each other’s broadcasts.
broadcast storm The result of one or more devices sending a nonstop flurry of broadcast frames on the network.
brute force A type of attack wherein every permutation of some form of data is tried in an attempt to discover protected information. Commonly used to crack short passwords.
buffer (fiber-optic cable) A component of a fiber-optic cable that adds strength to the cable.
bus topology A network topology that uses a single bus cable that connects all of the computers in a line. Bus topology networks must be terminated to prevent signal reflection. True bus topologies are no longer used.
business continuity planning (BCP) The process of defining the steps to be taken in the event of a physical corporate crisis to continue operations at another location. Includes the creation of documents to specify facilities, equipment, resources, personnel, and their roles.
byte Eight contiguous bits; a fundamental data unit in contemporary computing. Bytes are counted in powers of two and each byte represents a decimal value between 0 and 255.
cable certifier A very powerful cable testing device used by professional installers to test the electrical characteristics of a cable and then generate a certification report, proving that cable runs pass ANSI/TIA standards.
cable drop Location where the cable comes out of the wall at the workstation location.
cable modem A bridge device that interconnects a cable company’s DOCSIS service to a user’s Ethernet network. In most locations, the cable modem is the demarc.
cable stripper Device that enables the creation of UTP cables.
cable tester A generic name for a device that tests the functionality of cables. Some common tests are for continuity, electrical shorts, crossed wires, or other electrical characteristics.
cable tray A device for organizing cable runs in a drop ceiling.
cached lookup (DNS) A DNS response served from a cache of previous responses. See DNS caching.
cache-only DNS server (caching-only DNS server) DNS server that does not have any forward lookup zones. Resolves names of systems on the Internet for the network, but is not responsible for telling other DNS servers the names of any clients.
caching engine A server dedicated to storing cache information on a network. These servers can reduce overall network traffic dramatically.
Cacti Network graphing program.
campus area network (CAN) A network installed in a medium-sized space spanning multiple buildings.
canonical name (CNAME) record A DNS record that stores a fully qualified domain name. A common use is to provide an alias for another hostname.
captive portal A Wi-Fi network implementation used in some public facilities that directs attempts to connect to the network to an internal Web page for that facility; generally used to force terms of service on users.
capture file A file in which the collected packets from a packet sniffer program are stored.
card Generic term for devices designed to snap into an expansion slot.
carrier-sense multiple access with collision avoidance (CSMA/CA) Access method used only on wireless networks. Before hosts transmit, they first listen for traffic. If the transmitting host does not hear any traffic, it will transmit its frame. It will then listen for an acknowledgment frame from the receiving host. If the transmitting host does not hear the acknowledgment, it will wait for a randomly determined period of time and try again.
carrier-sense multiple access with collision detection (CSMA/CD) Obsolete access method that Ethernet systems used in wired LAN technologies, enabling frames of data to flow through the network and ultimately reach address locations. Hosts on CSMA/CD networks first listened to hear if there was any data on the wire. If there was none, the hosts sent out data. If a collision occurred, then both hosts waited for a randomly determined time period before retransmitting the data. Full-duplex Ethernet made CSMA/CD obsolete.
Cat 3 Category 3 wire, a standard for UTP wiring that can operate at up to 16 Mbps.
Cat 5 Category 5 wire, a standard for UTP wiring that can operate at up to 100 Mbps.
Cat 5e Category 5e wire, a standard for UTP wiring with improved support for 100 Mbps using two pairs and support for 1000 Mbps using four pairs.
Cat 6 Category 6 wire, a standard for UTP wiring with improved support for 1000 Mbps; supports 10 Gbps up to 55 meters.
Cat 6a Category 6a wire, a standard for UTP wiring with support for 10 Gbps up to 100 meters.
Cat 7 Category 7 wire, a standard (unrecognized by ANSI/TIA) for UTP wiring with support for 10+ Gbps at 600 MHz maximum frequency.
category (Cat) rating A grade assigned to twisted pair cable to help network installers get the right cable for the right network technology. Cat ratings are officially rated in megahertz (MHz), indicating the highest-frequency bandwidth the cable can handle.
CCMP-AES A 128-bit block cipher used in the IEEE 802.11i (WPA2) standard. See Advanced Encryption Standard (AES).
central office Building that houses local exchanges and a location where individual voice circuits come together.
certificate A digitally signed electronic document issued by a trusted third party—a certificate authority (CA)—attesting to the identity of the holder of a specific cryptographic public key. See digital signature and public-key infrastructure (PKI).
certifier A device that tests a cable to ensure that it can handle its rated amount of capacity.
chain of custody A document used to track the collection, handling, and transfer of evidence.
Challenge Handshake Authentication Protocol (CHAP) A remote access authentication protocol. It has the serving system challenge the remote client, which must provide an encrypted password.
change management The process of initiating, approving, funding, implementing, and documenting significant changes to the network.
change management documentation A set of documents that defines procedures for changes to the network.
change management team Personnel who collect change requests, evaluate the change, work with decision makers for approval, plan and implement approved changes, and document the changes.
change request A formal or informal document suggesting a modification to some aspect of the network or computing environment.
channel A portion of the wireless spectrum on which a particular wireless network operates. Setting wireless networks to different channels enables separation of the networks.
channel bonding Wireless technology that enables wireless access points (WAPs) to use two channels for transmission.
channel overlap Drawback of 2.4-GHz wireless networks where channels shared some bandwidth with other channels. This is why only three 2.4-GHz channels can be used in the United States (1, 6, and 11).
Channel Service Unit/Data Service Unit (CSU/DSU) A piece of equipment that connects a T-carrier leased line from the telephone company to a customer’s equipment (such as a router). It performs line encoding and conditioning functions, and it often has a loopback function for testing.
checksum A simple error-detection method that adds a numerical value to the end of each packet, enabling the receiver to detect corruption that can occur as a packet moves through the network. See also hash.
choose your own device (CYOD) Mobile deployment model where corporate employees select among a catalog of approved mobile devices. The organization retains complete control and ownership over the mobile devices, although employees can install their own apps.
CIA triad Widely considered to be the foundation of IT security; stands for confidentiality, integrity, and availability. It is put into practice through various security methods and controls. Every security technique, practice, and mechanism put into place to protect systems and data relates in some fashion to ensuring confidentiality, integrity, and availability
cipher A series of complex and hard-to-reverse mathematics run on a string of ones and zeroes to make a new set of seemingly meaningless ones and zeroes.
cipher lock A door unlocking system that uses a door handle, a latch, and a sequence of mechanical push buttons.
ciphertext The output when plaintext is run through a cipher algorithm using a key.
circuit switching The process for connecting two phones together on one circuit.
Cisco IOS Cisco’s proprietary operating system for routers and switches. Originally stood for Internetworking Operating System.
cladding The part of a fiber-optic cable that makes the light reflect down the fiber.
class of service (CoS) A prioritization value used to apply to services, ports, or whatever a quality of service (QoS) device might use.
class license Contiguous chunk of IP addresses passed out by the Internet Assigned Numbers Authority (IANA). Classful addressing was phased out after the introduction of Classless Inter-Domain Routing and is no longer used.
classful Obsolete IPv4 addressing scheme that relied on the original class blocks, such as Class A, Class B, and Class C.
classless IPv4 addressing scheme that does not rely on the original class blocks, such as Class A, Class B, and Class C.
Classless Inter-Domain Routing (CIDR) The basis of allocating and routing classless addresses, not restricting subnet masks to /8, /16, or /24, which classful addressing did. Based on variable-length subnet masking (VLSM), where subnets can be allocated according to the needs of an organization, such as /26 for a network with 254 or fewer node, or /30 for a network with only two nodes. See also subnetting.
classless subnet A subnet that does not fall into the common categories such as Class A, Class B, and Class C.
cleartext Readable data transmitted or stored in unencrypted form.
cleartext credentials Any login process conducted over a network where account names, passwords, or other authentication elements are sent from the client or server in an unencrypted fashion.
client A computer program that uses the services of another computer program; software that extracts information from a server. A Netflix or Hulu application running on a Smart TV is a client for the provider’s streaming services. Also, a machine that accesses shared resources on a server.
client/server A relationship in which a client obtains services from a server on behalf of a user. In classic terms, a network architecture (topology) where one computer shares resources (the server) and other computers on the network access those resources (clients).
client/server application An application located on a client that makes use of services provided by a server. This server can be external or located on the client system.
client/server network A network that has dedicated server machines and client machines.
client-to-site VPN A type of VPN connection where a single computer logs into a remote network and becomes, for all intents and purposes, a member of that network.
clock strata Tiers of NTP time sources layered according to relative accuracy. A number indicates the accuracy of each tier (called a stratum), counting up from the most-accurate Stratum 0.
closed-circuit television (CCTV) A self-contained, closed system in which video cameras feed their signal to specific, dedicated monitors and storage devices.
cloud computing The cloud is like a cafeteria of computing and networking resources that are managed by someone else and enhanced by layers of powerful services and software. Cloud computing is the act of using these resources and services.
cloud/server-based anti-malware Anti-malware software that offloads a significant amount of processing from individual hosts to local or cloud-based servers.
clustering Multiple pieces of interconnected equipment, such as servers, that appear to the network as a single (logical) device. Clustering provides redundancy and fault tolerance.
coarse wavelength division multiplexing (CWDM) An optical multiplexing technology in which a few signals of different optical wavelength could be combined to travel a fairly short distance.
coaxial cable A type of cable that contains a central conductor wire surrounded by an insulating material, which in turn is surrounded by a braided metal shield. It is called coaxial because the center wire and the braided metal shield share a common axis or centerline.
code-division multiple access (CDMA) Early cellular telephone technology that used spread-spectrum transmission. Obsolete.
cold site A location that consists of a building, facilities, desks, and everything that a business needs except computers.
collision The result of two nodes transmitting at the same time on a multiple access network such as a wireless network. Both frames may be lost or partial frames may result.
collision domain A set of connected hosts that all share one medium to transmit and receive. The shared medium can result in a collision if two hosts transmit at the same time. Characteristic of early, half-duplex, non-switched Ethernet.
co-location A process in which an organization places its own server hardware in a public, third-party data center. Also written without the hyphen as colocation.
command A request, typed from a terminal or embedded in a file, to perform an operation or to execute a particular program.
community cloud A private cloud paid for and used by more than one organization with similar goals or needs (such as medical providers who all need to comply with the same patient privacy laws).
compatibility issue When different pieces of hardware or software don’t work together correctly.
compatibility requirements With respect to network installations and upgrades, requirements that deal with how well the new technology integrates with older or existing technologies.
computer forensics The science of gathering, preserving, examining, and presenting evidence stored on a computer or any form of digital media that is presentable in a court of law.
concentrator A device that brings together at a common center connections to a particular kind of network (such as Ethernet) and implements that network internally.
configuration management A set of documents, policies, and procedures designed to help an organization maintain and update its network in a logical, orderly fashion.
configuration management documentation Documents that define the configuration of a network. These would include wiring diagrams, network diagrams, baselines, and policy/procedure/configuration documentation.
configurations The settings stored in devices that define how they are to operate.
connection Generically, a link that enables two computers to communicate.
connectionless A type of communication characterized by sending packets that are not acknowledged by the destination host. Connectionless protocols are generally faster than connection-oriented protocols. UDP is the quintessential connectionless protocol in the TCP/IP suite.
connection-oriented Network communication between two hosts that includes negotiation between the hosts to establish a communication session. Data segments are then transferred between hosts, with each segment being acknowledged before a subsequent segment can be sent. Orderly closure of the communication is conducted at the end of the data transfer or in the event of a communication failure. TCP is the only connection-oriented protocol in the TCP/IP suite.
console port Connection jack in a switch or router used exclusively to connect a computer that will manage the device.
content filter An advanced networking device that implements content filtering, enabling administrators to filter traffic based on specific signatures or keywords (such as profane language).
content switch Advanced networking device that works at least at Layer 7 (Application layer) and hides servers behind a single IP address.
contingency planning The process of creating documents—a contingency plan—that set out how to limit damage and recover quickly from an incident.
continuity The physical connection of wires in a network.
continuity tester Inexpensive network tester that can only test for continuity on a line.
convergence Point at which the routing tables for all routers in a network are updated.
core (fiber-optics) The central glass of the fiber-optic cable that carries the light signal.
core layer One tier of a three-tiered architecture commonly used in data centers. The core layer ties together all the switches at the distribution layer and interconnects with external networks such as the Internet.
corporate-owned business only (COBO) Deployment model where the corporation owns all the mobile devices issued to employees. Employees have a whitelist of preapproved applications they can install.
corporate-owned personally enabled (COPE) Deployment model that is very similar to COBO, in that the organization issues mobile devices. With COPE, however, employees are presented with a whitelist of preapproved applications that they may install.
cost (routing metric) A metric for the desirability of a particular route. Can incorporate factors that affect performance such as bandwidth.
counter A predefined event that is monitored and recorded to a log file. Logs store information about the performance of some particular aspect of a system. Different programs refer to the monitored aspect with different terms. Performance Monitor calls them counters; syslog calls them facilities. See syslog.
CRC (cyclic redundancy check) See cyclic redundancy check (CRC).
crimper Also called a crimping tool, the tool used to secure a crimp (or an RJ-45 connector) onto the end of a cable.
crossover cable A specially terminated UTP cable used to interconnect routers or switches, or to connect network cards without a switch. Crossover cables reverse the sending and receiving wire pairs from one end to the other.
crosstalk Electrical signal interference between two cables that are in close proximity to each other.
crypto-malware Malicious software that uses some form of encryption to lock a user out of a system. See also ransomware.
CSMA/CA (carrier-sense multiple access with collision avoidance) See carrier-sense multiple access with collision avoidance (CSMA/CA).
CSMA/CD (carrier-sense multiple access with collision detection) See carrier-sense multiple access with collision detection (CSMA/CD).
CSU/DSU (Channel Service Unit/Data Service Unit) See Channel Service Unit/Data Service Unit (CSU/DSU).
customer-premises equipment (CPE) The primary distribution box and customer-owned/managed equipment that exists on the customer side of the demarc.
cyclic redundancy check (CRC) A mathematical method used to check for errors in long streams of transmitted data with high accuracy. The CRC is found in the Frame Check Sequence (FCS).
data backup The process of creating extra copies of data to be used in case the primary data source fails.
data center A dedicated space—a building or part of a building—housing a networked group of servers that provides data storage, Web hosting, application hosting, cloud services, and more.
Data Link layer See Open Systems Interconnection (OSI) seven-layer model.
Data Over Cable Service Interface Specification (DOCSIS) The standard protocol used by cable modem networks to facilitate data transfer.
datagram A connectionless transfer unit created with User Datagram Protocol designed for quick transfers over a packet-switched network.
datagram TLS (DTLS) VPN A virtual private network solution that optimizes connections for delay-sensitive applications, such as voice and video. A DTLS VPN uses TLS to provide encryption for enhanced security.
dead spot A place that should be covered by the network signal but where devices get no signal.
deauthentication (deauth) attack A form of DoS attack that targets 802.11 Wi-Fi networks specifically by sending out a frame that kicks a wireless client off its current WAP connection. A rogue WAP nearby presents a stronger signal, which the client will prefer. The rogue WAP connects the client to the Internet and then proceeds to intercept communications to and from that client.
decapsulation The process of stripping all the extra header information from a packet as the data moves up a protocol stack.
decibel (dB) A measurement of the quality of a signal.
dedicated circuit A circuit that runs from a breaker box to specific outlets.
dedicated line A telephone line that is an always open, or connected, circuit. Dedicated telephone lines usually do not have telephone numbers.
dedicated server A machine that does not use any client functions, only server functions.
default A software function or operation that occurs automatically unless the user specifies something else.
default gateway In a TCP/IP network, a router that accepts traffic for all routes unknown to a client or another router. In SOHO networks, this is usually the only router in the network and provides the interface to the ISP’s network.
defense in depth Using multiple layers of security to protect against threats to the network.
demarc A device that marks the dividing line of responsibility for the functioning of a network between internal users and upstream service providers. Also, demarcation point.
demarc extension Any cabling that runs from the network interface to whatever box is used by the customer as a demarc.
demilitarized zone (DMZ) See screened subnet.
demultiplexer Device that can extract and distribute individual streams of data that have been combined to travel along a single shared network cable.
denial of service (DoS) An attack that floods a networked resource with so many requests that it becomes overwhelmed and ceases functioning. DoS prevents users from gaining normal use of a resource.
dense wavelength division multiplexing (DWDM) An optical multiplexing technology in which a large number of optical signals of different optical wavelength could be combined to travel over relatively long fiber cables.
designated router (DR) The main router in an OSPF network that relays information to all other routers in the area.
desktop as a service (DaaS) A cloud computing service that enables a user or organization to virtualize user workstations and manage them as flexibly as other cloud resources.
destination (header field) A field common to many packet-switched network protocols. Contains the address of the intended recipient (in the address format—such as a MAC or IP address—appropriate for the protocol).
destination port A fixed, predetermined number that identifies which process the data in a TCP segment or UDP datagram is intended for. The destination port number is contained in the destination field of segments and datagrams.
device driver A subprogram to control communications between the computer and some peripheral hardware.
device ID The last six digits of a MAC address, identifying the manufacturer’s unique serial number for that NIC.
DHCP four-way handshake (DORA) DHCP process in which a client gets a lease for an IPv4 address—Discover, Offer, Request, and Acknowledgment.
DHCP lease Created by the DHCP server to allow a system requesting DHCP IP information to use that information for a certain amount of time.
DHCP relay A router feature that, when enabled, accepts DHCP broadcasts from clients and then sends them via unicast addresses directly to the DHCP server. In common terms, DHCP communications can cross from one network to another through a router that has DHCP relay configured. Also known as a DHCP relay agent.
DHCP scope The pool of IP addresses that a DHCP server may allocate to clients requesting IP addresses or other IP information like DNS server addresses.
DHCP snooping Switch process that monitors DHCP traffic, filtering out DHCP messages from untrusted sources. Typically used to block attacks that use a rogue DHCP server.
DHCPv6 IPv6 version of DHCP. A stateful DHCPv6 server works similarly to an IPv4 DHCP server, while a stateless DHCPv6 server provides configuration information and lets the host pick its own address via stateless address autoconfiguration (SLAAC). See Dynamic Host Configuration Protocol (DHCP).
differential backup Similar to an incremental backup in that it backs up the files that have been changed since the last backup. This type of backup does not change the state of the archive bit.
differentiated services (DiffServ) The underlying architecture that makes quality of service (QoS) work.
dig (domain information groper) See domain information groper (dig).
digital signature A hash of a message which has been encrypted and attached to the message. The hash is encrypted with the signer’s private key. The recipient can decrypt the hash with the signer’s public key and use the hash to confirm the message was not altered. This both verifies a sender’s identity and the integrity of the message. See also certificate and hash.
digital subscriber line (DSL) A high-speed Internet connection technology that uses a regular telephone line for connectivity. DSL comes in several varieties, including asymmetric (ADSL) and symmetric (SDSL), and many speeds. Typical home-user DSL connections are ADSL with a download speed of up to 9 Mbps and an upload speed of up to 1 Kbps.
dipole antenna The standard straight-wire antenna that provides most omnidirectional function.
direct current (DC) A type of electric circuit where the flow of electrons is in a complete circle.
directional antenna An antenna that focuses its signal more toward a specific direction; as compared to an omnidirectional antenna that radiates its signal in all directions equally.
direct-sequence spread-spectrum (DSSS) A spread-spectrum broadcasting method defined in the 802.11 standard that sends data out on different frequencies at the same time.
disaster recovery The means and methods to recover primary infrastructure from a disaster. Disaster recovery starts with a plan and includes data backups.
discretionary access control (DAC) Authorization method based on the idea that there is an owner of a resource who may at his or her discretion assign access to that resource. DAC is considered much more flexible than mandatory access control (MAC).
disk mirroring Process by which data is written simultaneously to two or more disk drives. Read and write speed is decreased but redundancy, in case of catastrophe, is increased. Also known as RAID level 1.
disk striping Process by which data is spread among multiple (at least two) drives. It increases speed for both reads and writes of data, but provides no fault tolerance. Also known as RAID level 0.
disk striping with parity Process by which data is spread among multiple (at least three) drives, with parity information as well to provide fault tolerance. The most commonly implemented type is RAID 5, where the data and parity information is spread across three or more drives.
dispersion Diffusion over distance of light propagating down fiber cable.
distance vector Set of routing protocols that calculates the total cost to get to a particular network ID and compares that cost to the total cost of all the other routes to get to that same network ID.
distributed control system (DCS) A small controller added directly to a machine used to distribute the computing load.
Distributed Coordination Function (DCF) One of two methods of collision avoidance defined by the 802.11 standard and the only one currently implemented. DCF specifies strict rules for sending data onto the network media. See also Point Coordination Function (PCF).
distributed denial of service (DDoS) Multicomputer assault on a network resource that attempts, with sheer overwhelming quantity of requests, to prevent regular users from receiving services from the resource. Can also be used to crash systems. DDoS attacks are usually executed using botnets consisting of compromised systems referred to as zombies.
distributed switching The centralized installation, configuration, and handling of every switch in a virtualized network.
distribution layer One tier of a three-tiered architecture commonly used in data centers. The distribution layer interconnects racks of servers and other rack-mounted gear through top-of-rack switching. Modern data center design leverages advances in virtualization and software-defined networking (SDN) to replace the distribution layer common in the three-tiered network design with a virtualized mesh network.
DNS cache poisoning Also known as DNS poisoning, an attack that adds or changes information in a DNS server’s cache to point hostnames to incorrect IP addresses, under the attacker’s control. When a client requests an IP address from this DNS server for a Web site, the poisoned server hands out an IP address of an attacker machine, not the legitimate site. When the client subsequently visits the attacker site, they become vulnerable to a number of threats including malware.
DNS caching A feature of DNS servers that temporarily stores information about previous DNS lookups to speed up future requests.
DNS domain A specific branch of the DNS name space. Top-level DNS domains include .com, .gov, and .edu.
DNS forwarding DNS server configuration that sends (forwards) DNS requests to another DNS server.
DNS record A piece of data, such as an IP address, attached to a name in the DNS tree. Each record type helps different aspects of DNS do their job. For example: A records store the IP address of a domain, NS records store the name server for a given DNS entry, and MX records direct e-mail to specific e-mail servers.
DNS resolver cache See resolver cache.
DNS root servers Servers at the top of the hierarchy of DNS servers running the Internet. There are only 13 root servers.
DNS server Software that responds to DNS queries, often running on a system dedicated to this purpose.
DNS tree A hierarchy of DNS domains and individual computer names organized into a tree-like structure, the top of which is the root.
document A medium and the data recorded on it for human use; for example, a report sheet or book. By extension, any record that has permanence and that can be read by a human or a machine.
documentation A collection of organized documents or the information recorded in documents. Also, instructional material specifying the inputs, operations, and outputs of a computer program or system.
domain A term used to describe a grouping of users, computers, and/or networks. In Microsoft networking, a domain is a group of computers and users that shares a common account database and a common security policy. For the Internet, a domain is a group of computers that shares a common element in their DNS hierarchical name.
domain controller A Microsoft Windows Server system specifically configured to store user and server account information for its domain. Often abbreviated as “DC.” Windows domain controllers store all account and security information in the Active Directory domain service.
domain information groper (dig) Command-line tool in non-Windows systems used to diagnose DNS problems.
Domain Name System (DNS) A TCP/IP name resolution system that resolves hostnames to IP addresses, IP addresses to hostnames, and other bindings, like DNS servers and mail servers for a domain.
domain users and groups Users and groups that are defined across an entire network domain.
door access controls Methodology to grant permission or to deny passage through a doorway, whether computer-controlled, human-controlled, token-oriented, or by other means.
dotted decimal notation Shorthand method for discussing and configuring binary IP addresses using a base 10 numbering system.
drive mirroring The process of writing identical data to two hard drives on the same controller at the same time to provide data redundancy.
DSL Access Multiplexer (DSLAM) A device located in a telephone company’s central office that connects multiple customers to the Internet.
DSL modem A device that enables customers to connect to the Internet using a DSL connection. A DSL modem isn’t really a modem—it’s more like an ISDN terminal adapter—but the term stuck, and even the manufacturers of the devices now call them DSL modems.
dual stack Networking device, such as a router or PC, that runs both IPv4 and IPv6.
dynamic addressing A way for a computer to receive IP information automatically from a server program. See also Dynamic Host Configuration Protocol (DHCP).
Dynamic ARP Inspection (DAI) Uses information collected by DHCP snooping to spot and ignore suspicious ARPs to prevent ARP cache poisoning and other malevolent efforts.
Dynamic DNS (DDNS) A protocol that enables DNS servers to get automatic updates of IP addresses of computers in their forward lookup zones, mainly by talking to the local DHCP server.
Dynamic Host Configuration Protocol (DHCP) A protocol that enables a DHCP server to set TCP/IP settings automatically for a DHCP client.
dynamic multipoint VPN (DMVPN) A virtual private network solution optimized for connections between multiple locations directly.
dynamic NAT (DNAT) Type of network address translation (NAT) in which many computers can share a pool of routable IP addresses that number fewer than the computers.
dynamic port numbers Port numbers 49152–65535, recommended by IANA to be used as ephemeral port numbers.
dynamic routing Process by which routers in an internetwork automatically exchange information with other routers. Requires a dynamic routing protocol, such as OSPF or EIGRP.
EAP-TLS (Extensible Authentication Protocol with Transport Layer Security) A protocol that defines the use of a RADIUS server as well as mutual authentication, requiring certificates on both the server and every client.
EAP-TTLS (Extensible Authentication Protocol with Tunneled Transport Layer Security) A protocol similar to EAP-TLS but only uses a single server-side certificate.
east-west traffic Any network activity that moves between systems within the data center. Network devices seen in east-west traffic include internal routers, internal firewalls, and switches.
edge device A hardware device that has been optimized to perform a task in coordination with other edge devices and controllers.
edge router Router that connects one Autonomous System (AS) to another.
effective permissions The permissions of all groups combined in any network operating system.
elasticity A popular way to scale an application by starting up new instances. Cloud providers make it simple to increase the number of instances as demand grows and reduce the number of instances as demand shrinks.
electromagnetic interference (EMI) Interference from one device to another, resulting in poor performance in the device’s capabilities. This is similar to having static on your TV while running a hair dryer, or placing two monitors too close together and getting a “shaky” screen.
e-mail Messages, usually text, sent from one person to another via computer. E-mail can also be sent automatically to a large number of addresses, known as a mailing list.
e-mail alert (SNMP) Notification sent by e-mail as a result of an event. A typical use is a notification sent from an SNMP manager as a result of an out-of-tolerance condition in an SNMP managed device.
e-mail client Program that runs on a computer and enables a user to send, receive, and organize e-mail.
e-mail server Also known as a mail server, a server that accepts incoming e-mail, sorts the e-mail for recipients into mailboxes, and sends e-mail to other servers using SMTP.
emergency alert system An essential component of a data center’s emergency procedures. The emergency alert system informs employees that there is an emergency, enabling them to respond or evacuate.
emergency procedures The policies and procedures a data center implements to enable effective and safe responses to a wide variety of potential emergencies.
emulator Software or hardware that converts the commands to and from the host machine to an entirely different platform; for example, a program that enables you to run Nintendo games on your PC.
encapsulation The process of putting the packets from one protocol inside the packets of another protocol. An example of this is IP encapsulation in Ethernet, which places IP packets inside Ethernet frames.
encryption A process that attempts to make some data unreadable to anyone but the owner or intended recipient. Generally, the data is scrambled and unscrambled with cryptographic keys. Encryption plays a critical role in securing traffic sent across open networks such as the Internet.
endpoint (TCP/IP) See socket.
endpoints (TCP/IP) See socket pairs.
Enhanced Data rates for GSM Evolution (EDGE) Early cellular telephone technology that used a SIM card; obsolete.
Enhanced Interior Gateway Routing Protocol (EIGRP) Cisco’s proprietary hybrid protocol that has elements of both distance vector and link state routing.
enhanced quad small form-factor pluggable (QSFP+) Interface and module specification for hot-pluggable network transceivers up to 40 Gbps. See also transceiver.
enhanced small form-factor pluggable (SFP+) Interface and module specification for hot-pluggable network transceivers up to 10 Gbps. See also transceiver.
environmental monitor Device used in telecommunications rooms that keeps track of humidity, temperature, and more.
ephemeral port In TCP/IP communication, an arbitrary port number chosen by a sending computer for the receiving computer to use as the destination port when it responds. IANA suggests operating systems use 49152-65535 as ephemeral ports, but the actual range varies from OS to OS—anything greater than 1024 may be ephemeral on some platforms.
ephemeral port number See ephemeral port.
equipment rack A metal structure used in equipment rooms to secure network hardware devices and patch panels. Most racks are 19" wide. Devices designed to fit in such a rack use a height measurement called units, or simply U.
Ethernet Open and vendor-neutral Layer 2 network protocol standardized under the IEEE 802.3 umbrella, enabling any company to make interoperable Ethernet equipment. Originally created in the 1970s by Xerox and transferred to the IEEE.
evil twin An attack that lures people into connecting to a rogue access point by broadcasting the same SSID as the target network’s access points.
Evolved High-Speed Packet Access (HSPA+) The final wireless 3G data standard, transferring theoretical maximum speeds up to 168 Mbps, although real-world implementations rarely passed 10 Mbps.
executable viruses Viruses that are literally extensions of executables and that are unable to exist by themselves. Once an infected executable file is run, the virus loads into memory, adding copies of itself to other EXEs that are subsequently run.
Exim E-mail server for every major platform; fast and efficient.
exit plan Documents and diagrams that identify the best way out of a building in the event of an emergency. It may also define other procedures to follow.
Extended Service Set (ESS) A single wireless access point servicing a given area that has been extended by adding more access points.
Extended Service Set Identifier (ESSID) An SSID applied to an Extended Service Set as a network naming convention.
Extended Unique Identifier, 48-bit (EUI-48) The IEEE term for the 48-bit MAC address assigned to a network interface. The first 24 bits of the EUI-48 are assigned by the IEEE as the organizationally unique identifier (OUI).
Extended Unique Identifier, 64-bit (EUI-64) A process that generates the last 64 bits of the IPv6 address using a calculation based on a device’s 48-bit MAC address.
Extensible Authentication Protocol (EAP) Authentication wrapper that EAP-compliant applications can use to accept one of many types of authentication. While EAP is a general-purpose authentication wrapper, its only substantial use is in wireless networks.
external connections A network’s connections to the wider Internet. Also a major concern when setting up a SOHO network.
external firewall The firewall that sits between the perimeter network and the Internet and is responsible for bearing the brunt of the attacks from the Internet. See also firewall.
external threats Any theoretical source of harm to an organization or its IT operations from outside of the organization itself. External threats such as hackers and malware take advantage of vulnerabilities that exist in the network.
fail close Defines the condition of doors and locks in the event of an emergency, indicating that the doors should close and lock.
fail open Defines the condition of doors and locks in the event of an emergency, indicating that the doors should be open and unlocked.
far-end crosstalk (FEXT) Crosstalk on the opposite end of a cable from the signal’s source.
Fast Ethernet Nickname for the 100-Mbps Ethernet standards. Originally applied to 100BASE-TX.
fault tolerance The capability of any system to continue functioning after some part of the system has failed. RAID is an example of a hardware device that provides fault tolerance for hard drives.
F-connector A screw-on connector used to terminate small-diameter coaxial cable such as RG-6 and RG-59 cables.
Federal Communications Commission (FCC) In the United States, regulates public airwaves and rates PCs and other equipment according to the amount of radiation emitted.
fiber light meter Device that measures the intensity of light pulses within or at the terminal ends of fiber-optic cables.
fiber-optic cable A high-speed physical medium for transmitting data that uses light rather than electricity to transmit data and is made of high-purity glass fibers sealed within a flexible opaque tube. Much faster than conventional copper wire.
Fibre Channel (FC) A self-contained, high-speed storage environment with its own storage arrays, cables, protocols, cables, and switches. Fibre Channel is a critical part of storage area networks (SANs).
file hashing When the download provider hashes the contents of a file and publishes the resulting message digest.
file server A computer designated to store software, courseware, administrative tools, and other data on a local area network (LAN) or wide area network (WAN). It “serves” this information to other computers via the network when users enter their personal access codes.
File Transfer Protocol (FTP) Classic protocol for file transfer over TCP/IP networks using ports 20 and 21. Has been mostly displaced by protocols such as HTTP(S) and SSH File Transfer Protocol.
fire ratings Ratings developed by Underwriters Laboratories (UL) and the National Electrical Code (NEC) to define the risk of network cables burning and creating noxious fumes and smoke.
fire suppression system System designed to detect and respond quickly to the presence of fire in a server closet or data center. A good fire suppression system should be able to detect fire, cut power to protect sensitive equipment, displace oxygen with fire-suppressing gases, alert relevant staff, and activate sprinklers (potentially—sprinklers will harm equipment).
firewall A network security device or software that restricts incoming and outgoing network traffic based on pre-defined rules. Individual systems can have their own host-based firewalls, while the broader network can be protected by firewalls running on standalone devices or inside other network devices.
First Hop Redundancy Protocol (FHRP) A method of ensuring high data availability by taking multiple routers and grouping them into a virtual router with a single virtual IP address that clients use as a default gateway. Common FHRP protocols are the open standard Virtual Router Redundancy Protocol (VRRP) and Cisco’s proprietary Hot Standby Router Protocol (HSRP) and Gateway Load Balancing Protocol (GLBP).
first responder The person or robot whose job is to react to the notification of a possible computer crime by determining the severity of the situation, collecting information, documenting findings and actions, and providing the information to the proper authorities.
flat name space A naming convention that gives each device only one name that must be unique. NetBIOS used a flat name space. TCP/IP’s DNS uses a hierarchical name space.
flat-surface connector Early fiber-optic connector that resulted in a small gap between fiber-optic junctions due to the flat grind faces of the fibers. It was replaced by angled physical contact (APC) connectors.
flood guard Technology in modern switches that can detect and block excessive traffic.
flow A stream of packets from one specific place to another.
flow cache Stores sets of flows for interpretation and analysis. See also flow.
forensics report A document that describes the details of gathering, securing, analyzing, transporting, and investigating evidence.
forward lookup zone In Windows Server DNS, the database that stores the DNS records (A, AAAA, CNAME, etc.) for a particular domain. Generically referred to as the zone file outside of Windows Server DNS.
forward proxy server Server that acts as middleman between clients and servers, making requests to network servers on behalf of clients. Results are sent to the proxy server, which then passes them to the original client. The network servers are isolated from the clients by the forward proxy server.
FQDN (fully qualified domain name) See fully qualified domain name (FQDN).
frame A defined series of binary data that is the basic container for a discrete amount of data moving across a network. Generally, the components of a frame can be broken down into the header (MAC addresses and type), the payload (the actual data being transmitted), and the trailer (the frame check sequence [FCS]). Frames are created at Layer 2 of the OSI model.
frame check sequence (FCS) A sequence of bits placed at the very end (trailer) of a frame that is used to check the primary data for errors by implementing a cyclic redundancy check (CRC).
FreeRADIUS Open source RADIUS server software for UNIX/Linux systems.
freeware Software that is distributed for free with no license fee.
frequency mismatch Problem in older wireless networks with manual settings where the WAP transmitted on one channel and a wireless client was set to access on a different channel.
frequency-hopping spread-spectrum (FHSS) A spread-spectrum broadcasting method defined in the 802.11 standard that sends data on one frequency at a time, constantly shifting (or hopping) frequencies.
FUBAR Fouled up beyond all recognition.
full backup Archive created where every file selected is backed up, and the archive bit is turned off for every file backed up.
full-duplex Any communication system that enables a device to send and receive data simultaneously.
fully meshed topology A mesh network where every node is directly connected to every other node.
fully qualified domain name (FQDN) The complete DNS name of a system, from its hostname to the top-level domain name. Textual nomenclature to a domain-organized resource. It is written left to right, with the hostname on the left, followed by any hierarchical subdomains within the top-level domain on the right. Each level is separated from any preceding or following layer by a dot (.).
gain The strengthening and focusing of radio frequency output from a wireless access point (WAP).
Gateway Load Balancing Protocol (GLBP) A Cisco-proprietary version of an FHRP that provides increased data availability through redundancy and load balancing. See First Hop Redundancy Protocol (FHRP).
gateway router A router that acts as both a small network’s default gateway and its interface to the ISP’s network. Most common in a SOHO context, though the term is falling out of use.
general logs Logs that record updates to applications.
geofencing The process of using a mobile device’s built-in GPS capabilities and mobile networking capabilities to set geographical constraints on where the mobile device can be used.
Get (SNMP) A query from an SNMP manager sent to the agent of a managed device for the status of a management information base (MIB) object.
giga The prefix that generally refers to the quantity 1,073,741,824. One gigabyte is 1,073,741,824 bytes. With frequencies, in contrast, giga- often refers to one billion. One gigahertz is 1,000,000,000 hertz.
Gigabit Ethernet See 1000BASE-T.
gigabit interface converter (GBIC) Modular port that supports a standardized, wide variety of gigabit interface modules.
gigabyte 1024 megabytes.
global hierarchy (DNS) Tiered arrangement of DNS name servers that distribute the work of storing and translating domain names to IP addresses.
global routing prefix The first 48 bits of an IPv6 unicast address, used to get a packet to its destination. See also network ID.
Global System for Mobile (GSM) Early cellular telephone networking standard; obsolete.
global unicast address A public IPv6 address that every system needs in order to get on the Internet.
graphing Type of software that creates visual representations and graphs of data collected by SNMP managers.
greenfield mode One of three modes used with 802.11n wireless networks wherein everything is running at higher speed.
Group Policy A feature of Windows Active Directory that enables an administrator to apply policy settings to network users en masse.
groups Collections of network users who share similar tasks and need similar permissions; defined to make administration tasks easier.
guest (virtualization) In terms of virtualization, an operating system running as a virtual machine inside a hypervisor.
guest network A network that can contain or allow access to any resource that management deems acceptable to be used by insecure hosts that attach to the guest network.
H.323 A VoIP standard that handles the initiation, setup, and delivery of VoIP sessions.
hackers In general use, people who break into computer systems. Those with malicious intent are sometimes considered black hat hackers and those who do so with a positive intent and permission from their target (such as vulnerability testing) are regularly referred to as authorized, white hat, or ethical hackers. Of course, there are middle-ground hackers who do so without permission but also without malicious intent: gray hats.
half-duplex A form of communication where a device can either send or receive data at any given moment rather than do both simultaneously.
hardening Applying security hardware, software, and processes to your network to prevent bad things from happening.
hardware appliance Physical network device, typically a “box” that implements and runs software or firmware to perform one or a multitude of tasks. Could be a firewall, a switch, a router, a print server, or one of many other devices.
hardware tools Tools such as cable testers, time-domain reflectometers (TDRs), optical TDRs (OTDRs), certifiers, voltage event recorders, protocol analyzers, cable strippers, multimeters, tone probes/generators, butt sets, and punchdown tools used to configure and troubleshoot a network.
hash The fixed-length value that a hash function computes from its input. Hashes have many important jobs in computing, but in networking they are primarily used for authentication and ensuring data integrity.
hash function A mathematical algorithm that converts a sequence of binary digits of any length into a fixed-length value. Any given input always results in the same output.
header First section of a frame, packet, segment, or datagram; contains key information about the data being transmitted such as destination and source addresses.
heating, ventilation, and air conditioning (HVAC) All of the equipment involved in heating and cooling the environments within a facility. These items include boilers, furnaces, air conditioners and ducts, plenums, and air passages.
hex (hexadecimal) A base 16 numbering system (i.e., one with 16 symbols). It uses 10 digits (0 through 9) and 6 letters (A through F) to represent the 0s and 1s of binary numbers in a more human-friendly format. Hexadecimal 9 is equal to decimal 9, and hexadecimal A is equal to decimal 10.
hierarchical name space A naming scheme where the full name of each object includes its position within the hierarchy. An example of a hierarchical name is www.totalseminars.com, which includes not only the hostname but also the domain name. DNS uses a hierarchical name space scheme for fully qualified domain names (FQDNs).
high availability (HA) A collection of technologies and procedures that work together to keep an application available at all times.
history logs Logs that track the history of how a user or users access network resources, or how network resources are accessed throughout the network.
home automation The process of remotely controlling household devices, such as lights, thermostats, cameras, and washer and dryer.
honeynet A network containing one or more honeypots created to in order to lure in hackers.
honeypot A resource that an administrator sets up for the express purpose of attracting a computer hacker, often using fake data and deliberate vulnerabilities as bait. If a hacker takes the bait, the network’s important resources are unharmed and network personnel can analyze the attack to predict and protect against future attacks, making the network more secure.
hop The passage of a packet through a router.
hop count An older metric used by routers that use RIP. The number of routers that a packet must cross to get from a router to a given network. Hop counts were tracked and entered into the routing table within a router so the router could decide which interface was the best one to forward a packet.
horizontal cabling Cabling that connects the equipment room to the work areas.
host A single device (usually a computer) on a TCP/IP network that has an IP address; any device that can be the source or destination of a data packet. Also, a computer running multiple virtualized operating systems.
host ID The portion of an IP address that defines a specific machine in a subnet.
host-based anti-malware Anti-malware software that is installed on individual systems, as opposed to the network at large.
host-based firewall A software firewall installed on a “host” that provides firewall services for just that machine, such as Windows Firewall.
hostname (command) Command-line tool that returns the hostname of the computer it is run on.
hostname (DNS) An individual computer name in the DNS naming convention.
hosts file The predecessor to DNS, a static text file that resides on a computer and is used to resolve DNS hostnames to IP addresses. Automatically mapped to a host’s DNS resolver cache in modern systems. The hosts file has no extension.
host-to-host Type of VPN connection in which a single host establishes a link with a remote, single host.
host-to-site Type of VPN connection where a host logs into a remote network as if it were any other local resource of that network.
hot site A complete backup facility to continue business operations. It is considered “hot” because it has all resources in place, including computers, network infrastructure, and current backups, so that operations can commence within hours after occupation.
hotspot A wireless access point that is connected to a cellular data network, typically 4G. The device can route Wi-Fi to and from the Internet. Hotspots can be permanent installations or portable. Many cellular telephones have the capability to become a hotspot.
Hot Standby Router Protocol (HSRP) A Cisco-proprietary version of an FHRP that provides increased data availability through redundancy. See First Hop Redundancy Protocol (FHRP).
HTML (HyperText Markup Language) See HyperText Markup Language (HTML).
hub An electronic device that sits at the center of a star topology network, providing a common point for the connection of network devices. In a 10BASE-T Ethernet network, the hub contained the electronic equivalent of a properly terminated bus cable. Hubs have been replaced by switches.
human–machine interface (HMI) In a distributed control system (DCS), a computer or set of controls that exists between a controller and a human operator. The human operates the HMI, which in turn interacts with the controller.
hybrid cloud A conglomeration of public and private cloud resources, connected to achieve some target result. There is no clear line that defines how much of a hybrid cloud infrastructure is private and how much is public.
hybrid topology A mix or blend of two different topologies. A star-bus topology, for example, is a hybrid of the star and bus topologies.
hypertext A document that has been marked up to enable a user to select words or pictures within the document, click them, and connect to further information. The basis of the World Wide Web.
HyperText Markup Language (HTML) An ASCII-based script-like language for creating hypertext documents like those on the World Wide Web.
Hypertext Transfer Protocol (HTTP) Extremely fast protocol used for network file transfers on the World Wide Web.
Hypertext Transfer Protocol over TLS (HTTPS) A secure form of HTTP in which hypertext is encrypted by Transport Layer Security (TLS) before being sent onto the network. It is commonly used for Internet business transactions or any time a secure connection is required. Also referred to as HTTP over SSL, reflecting the precursor technology to TLS called Secure Sockets Layer (SSL). See also Hypertext Transfer Protocol (HTTP) and Secure Sockets Layer (SSL).
hypervisor In virtualization, a layer of programming that creates, supports, and manages a virtual machine. Also known as a virtual machine monitor (VMM).
ICS (industrial control system) See industrial control system (ICS).
ICS (Internet Connection Sharing) See Internet Connection Sharing (ICS).
ICS server Unit in a distributed control system (DCS) that can be used to manage global changes to the controllers.
IEEE (Institute of Electrical and Electronics Engineers) See Institute of Electrical and Electronics Engineers (IEEE).
IEEE 802.3 IEEE working group that defines the standards for wired Ethernet networks.
IEEE 802.11 A family of standards for wireless local area networks marketed as Wi-Fi.
IEEE 1284 The IEEE standard for a now-obsolete parallel communication technology.
IETF (Internet Engineering Task Force) See Internet Engineering Task Force (IETF).
ifconfig A command-line utility for Linux servers and workstations that displays the current TCP/IP configuration of the machine, similar to ipconfig for Windows systems. The newer command-line utility, ip, has replaced ifconfig on most Linux systems, but it is still the default for MacOS.
IMAP (Internet Message Access Protocol) See Internet Message Access Protocol Version 4 (IMAP4).
impedance The amount of resistance to an electrical signal on a wire. It is used as a relative measure of the amount of data a cable can handle.
implicit deny any A rule for access control lists that blocks all access by default (implicitly), unless the access is specifically permitted based on details like IP addresses, e-mail addresses, or type of application. The list of permitted entries is often referred to as a whitelist.
in-band management Technology that enables managed devices such as a switch or router to be managed by any authorized host that is connected to that network.
inbound traffic Describes the direction of a flow of packets relative to some point of reference. Relative to the entire network, packets coming in from outside the network.
incident Any negative situation that takes place within an organization.
incident response Reaction to any negative situations that take place within an organization that can be stopped, contained, and remediated without outside resources.
incremental backup Backs up all files that have their archive bits turned on, meaning they have been changed since the last backup. This type of backup turns the archive bits off after the files have been backed up.
Independent Basic Service Set (IBSS) A basic unit of organization in wireless networks formed by two or more wireless nodes communicating in ad hoc mode.
Independent Computing Architecture (ICA) Remote access protocol developed by Citrix. Once formed the basis of Windows Terminal Services, though Microsoft now uses its own Remote Desktop Protocol (RDP) for the same purpose.
industrial control system (ICS) System that monitors and controls machines such as those in a factory or chemical plant—or even just a large HVAC system in an office building.
infrastructure as a service (IaaS) Cloud service model that provides on-demand access to infrastructure such as servers, switches, and routers at rates based on resource use. Large-scale, global IaaS providers use virtualization to minimize idle hardware, protect against data loss and downtime, and respond to spikes in demand. See also cloud computing.
infrastructure as code (IaC) An automation philosophy that defines the infrastructure (servers and network components) an application or service requires in configuration files or scripts well enough that it is easy to create identical copies of the needed infrastructure.
infrastructure mode Mode in which wireless networks use one or more wireless access points to connect the wireless network nodes centrally. This configuration is similar to the star topology of a wired network.
inheritance A method of assigning user permissions, in which folder permissions flow downward into subfolders.
insider threats Potential for attacks on a system by people who work in the organization.
Institute of Electrical and Electronics Engineers (IEEE) A worldwide professional association for electrical and electronics engineering and related disciplines. Regularly develops networking standards such as the IEEE 802 family of LAN standards.
insulating jacket The external plastic covering of a fiber-optic cable.
integrity Protecting data from being changed or deleted without authorization. In networks, integrity is mainly verified with checks that ensure data sent to a recipient is unchanged when it is received at the destination host.
interface identifier (interface ID) The second half (64 bits) of an IPv6 address.
interface monitor A program that tracks the bandwidth and utilization of one or more interfaces on one or more devices in order to monitor traffic on a network.
interframe gap (IFG) A short, predefined silence originally defined for CSMA/CD; also used in CSMA/CA.
intermediate distribution frame (IDF) The room where all the horizontal runs from all the work areas on a given floor in a building come together.
Intermediate System to Intermediate System (IS-IS) A link-state dynamic routing protocol similar to, but not as popular as, OSPF. IS-IS has had support for IPv6 since its inception and is the de facto standard for Internet service providers (ISPs).
internal connections The connections between computers in a network.
internal firewall The firewall that sits between the perimeter network and the trusted network that houses all the organization’s private servers and workstations. The internal firewall provides strong access control lists to protect internal servers and workstations. See also firewall.
internal network A network under the control of an organization.
internal threats All the things that a network’s own users do to create problems on the network. Examples include accidental deletion of files, accidental damage to hardware devices or cabling, malicious users, and abuse of rights and permissions.
Internet Assigned Numbers Authority (IANA) The organization originally responsible for assigning public IP addresses. IANA no longer directly assigns IP addresses, though it does still oversee Autonomous System Number (ASN) assignment. IANA assigns blocks of IP addresses to the five Regional Internet Registries (RIRs) and delegates the work of assigning individual addresses to the RIRs. See also Autonomous System (AS) and Regional Internet Registries (RIRs).
Internet Authentication Service (IAS) Popular RADIUS server for Microsoft environments.
Internet Connection Sharing (ICS) Technique enabling more than one computer to access the Internet simultaneously using a single Internet connection. When you use Internet connection sharing, you connect an entire LAN to the Internet using a single public IP address. Also known simply as Internet sharing,
Internet Control Message Protocol (ICMP) A TCP/IP protocol used to handle many low-level functions such as error or informational reporting. ICMP messages are usually request and response pairs such as echo requests and responses or router solicitations and responses. There are also unsolicited “responses” (advertisements) that consist of single packets. ICMP messages are connectionless.
Internet Corporation for Assigned Names and Numbers (ICANN) Standards organization that sits at the very top of the Internet hierarchy, with the authority to create new top-level domains (TLDs) for use on the Internet.
Internet Engineering Task Force (IETF) A standards organization that develops Internet standards, including those for TCP/IP.
Internet Group Management Protocol (IGMP) Protocol that routers use to communicate with hosts to determine a “group” membership in order to determine which computers want to receive a multicast. Once a multicast has started, IGMP is responsible for maintaining the multicast as well as terminating at completion.
Internet Information Services (IIS) A Web server developed by Microsoft.
Internet Message Access Protocol Version 4 (IMAP4) Protocol for retrieving e-mail from an SMTP server. An alternative to POP3. Currently in its fourth revision, IMAP4 retrieves e-mail from an e-mail server like POP3, but has several features that make it a superior e-mail tool. IMAP4 enables users to create folders on the e-mail server and multiple clients to access a single mailbox. IMAP uses TCP port 143.
Internet of Things (IoT) The billions of everyday objects that can communicate with each other, specifically over the Internet. These include smart home appliances, automobiles, video surveillance systems, and more.
Internet Protocol (IP) Layer 3 protocol responsible for logical addressing and routing packets across networks, including the Internet. It does not guarantee reliable delivery of packets across the network, leaving that task to higher-level protocols. IP has two versions, IPv4, and IPv6.
Internet Protocol Security (IPsec) Network layer encryption protocol.
Internet Protocol version 4 (IPv4) First version of the Internet Protocol introduced in 1980. IPv4 consists of a protocol, header, and address specification. Its 32-bit addresses are written as four sets of numbers between 0 and 255 separated by a period (often called dotted decimal format). No IPv4 address may be all 0s or all 255s. Examples of IPv4 addresses include 192.168.0.1 and 64.176.19.164.
Internet Protocol version 6 (IPv6) Second version of the Internet Protocol developed as the address-space limitations of IPv4 became clear. While standardization started in the 1990s, the transition from IPv4 to IPv6 is still ongoing. Its 128-bit addresses consist of eight sets of four hexadecimal numbers, each number being a value between 0000 and ffff, using a colon to separate the numbers. No IP address may be all 0s or all ffffs. An example is: fe80:ba98:7654:3210:0800:200c:00cf:1234.
Internet Small Computer System Interface (iSCSI) A protocol that enables the SCSI command set to be transported over a TCP/IP network from a client to an iSCSI-based storage system. iSCSI is popular with storage area network (SAN) systems.
interVLAN routing A feature on managed switches to provide routing between VLANs.
intranet A private TCP/IP network inside a company or organization.
intrusion detection system (IDS)/intrusion prevention system (IPS) An application (often running on a dedicated IDS box) that inspects incoming packets, looking for active intrusions. The difference between an IDS and an IPS is that an IPS can react to an attack by blocking traffic, while an IDS can only notify a person or device of the attack.
ip Linux terminal command that displays the current TCP/IP configuration of the machine; similar to Windows’ ipconfig and macOS’s ifconfig.
IP See Internet Protocol (IP).
IP address The numeric address of a computer connected to a TCP/IP network, such as the Internet. IPv4 addresses are 32 bits long, written as four octets of 8-bit binary. IPv6 addresses are 128 bits long, written as eight sets of four hexadecimal characters. IP addresses must be matched with a valid subnet mask, which identifies the part of the IP address that is the network ID and the part that is the host ID.
IP addressing The processes of assigning IP addresses to networks and hosts.
IP camera Still-frame or video camera with a network interface and TCP/IP transport protocols to send output to a network resource or destination.
IP exclusion range Range of IP addresses deliberately excluded from the pool of addresses a DHCP server may issue to clients.
IP filtering A method of blocking packets based on IP addresses.
IP helper Refers variously to an IP helper address (also known as the UDP helper address) or a command for configuring IP helper addresses. An IP helper address specifies an IP address on another subnet to which a router will forward all UDP broadcasts. Most often used to enable one DHCP server to serve many subnets, but also makes it possible to pass along broadcasts for protocols such as TFTP, Time Service, TACACS, DNS, NetBIOS, and others. See also DHCP relay.
ipconfig A command-line utility for Windows that displays the current TCP/IP configuration of the machine; similar to macOS’s ifconfig and UNIX/Linux’s ip.
IPsec VPN A virtual private networking technology that uses IPsec tunneling for security.
ISP (Internet service provider) An organization that provides access to the Internet in some form, usually for a fee.
IT (information technology) The business of computers, electronic communications, and electronic commerce. IT uses computers to create, exchange, and process various types of data.
Java A network-oriented programming language invented by Sun Microsystems (acquired by Oracle) and commonly used for writing programs that can be downloaded to your computer through the Internet and immediately run. Using small Java programs (called applets), Web pages can include functions such as animations, calculators, and other fancy tricks.
jitter A delay in completing a transmission of all the frames in a message; caused by excessive machines on a network.
jumbo frames Frames (usually 9000 bytes long—though technically anything over 1500 bytes qualifies) that make large data transfer easier and more efficient than using the standard frame size.
K- Most commonly used as the suffix for the binary quantity 1024. For instance, 640K means 640 × 1024 or 655,360. Just to add some extra confusion to the IT industry, K is often misspoken as “kilo,” the metric value for 1000. For example, 10 KB, spoken as “10 kilobytes,” means 10,240 bytes rather than 10,000 bytes. Finally, when discussing frequencies, K means 1000. So, 1 KHz = 1000 kilohertz.
kbps (kilobits per second) Data transfer rate. 1 kilobit per second is equal to 1000 bits or 125 bytes per second.
Kerberos An open authentication standard best known for serving as the authentication protocol in Windows Domains.
Key Distribution Center (KDC) System for granting authentication in Kerberos. The KDC stores secret keys for users and services.
key fob Small device that can be easily carried in a pocket or purse or attached to a key ring. This device is used to identify the person possessing it for the purpose of granting or denying access to resources such as electronic doors.
key pair Name for the two keys—one public and one private—that are generated in asymmetric-key encryption systems.
keypad The device in which an alphanumeric code or password that is assigned to a specific individual for a particular asset can be entered.
kilohertz (KHz) A unit of measure that equals a frequency of 1000 cycles per second.
Krone LSA-PLUS (Krone) A proprietary connector developed in the 1970s by The Krone Group (a German telecommunications company) that is an alternative to the 110 punchdown block. Krone connectors enable networking as well as audio interconnections.
LAN (local area network) See local area network (LAN).
last mile The connection between a central office and individual users in a telephone system.
latency A measure of a signal’s delay.
layer A grouping of related tasks involving the transfer of information. Also, a particular level of the OSI seven-layer model, for example, Physical layer, Data Link layer, and so forth.
Layer 2 switch Any device that filters and forwards frames based on the MAC addresses of the sending and receiving machines. What is normally called a “switch” is actually a “Layer 2 switch.”
Layer 2 Tunneling Protocol (L2TP) A VPN protocol developed using Cisco’s L2F and Microsoft’s PPTP tunneling protocols that can be run on almost any connection imaginable. LT2P has no authentication or encryption but is often used with IPsec to provide security.
Layer 3 switch A switch that can also route packets (it filters and forwards data packets based on the IP addresses of the sending and receiving machines). See also multilayer switch.
LC connector A duplex type of small form factor (SFF) fiber connector, designed to accept two fiber cables. Also known as local connector or Lucent connector.
LED (light emitting diode) Solid-state device that emits photons at luminous frequencies when current is applied.
legacy mode One of three modes used with 802.11n wireless networks where the wireless access point (WAP) sends out separate packets just for legacy devices.
legal hold The process of an organization preserving and organizing data in anticipation of or in reaction to a pending legal issue.
light leakage The type of interference caused by bending a piece of fiber-optic cable past its maximum bend radius. Light bleeds through the cladding, causing signal distortion and loss.
light meter An optical power meter used by technicians to measure the amount of light lost through light leakage in a fiber cable.
lights-out management (LOM) Special “computer within a computer” features built into better servers, designed to give you access to a server even when the server itself is shut off.
Lightweight Access Point Protocol (LWAPP) Protocol used in wireless networks that enables interoperability between thin and thick clients and WAPs.
Lightweight Directory Access Protocol (LDAP) A protocol used to query and change a database used by the network. LDAP uses TCP port 389 by default.
Lightweight Extensible Authentication Protocol (LEAP) A proprietary EAP authentication used almost exclusively by Cisco wireless products. LEAP is an interesting combination of MS-CHAP authentication between a wireless client and a RADIUS server.
link aggregation Connecting multiple NICs in tandem to increase bandwidth in smaller increments. See also NIC teaming.
Link Aggregation Control Protocol (LACP) IEEE specification of certain features and options to automate the negotiation, management, load balancing, and failure modes of aggregated ports.
link light An LED on NICs, routers, and switches that lights up to show good connection between the devices. Link lights are called light-emitting diode (LED) status indicators on the CompTIA Network+ exam.
link state Type of dynamic routing protocol that announces only changes to routing tables, as opposed to entire routing tables. Compare to distance vector routing protocols. Examples of link-state routing protocols include OSPF and IS-IS. See also distance vector.
link status A network analyzer report on how good the connection is between two systems.
link-local address The address that a computer running IPv6 gives itself after first booting. The first 64 bits of a link-local address are always fe80::/64. Link-local addresses are used for communicating on a local network.
Linux Family of open source operating systems inspired by UNIX. Very popular for cloud infrastructure, embedded systems, enterprise servers, and mobile devices.
listening port A port that is currently accepting incoming IP packets and passing them to the application that opened the port.
load balancing The process of taking several servers and making them look like a single server, spreading processing and supporting bandwidth needs.
local Refers to the computer(s), server(s), and/or LAN that a user is physically using or that is in the same room, building, or subnet which can span multiple buildings.
local area network (LAN) Network that generally (but not always) belongs to one household or organization and covers a limited place (anything from two devices in an apartment up to thousands of devices on a multi-building school or business campus).
local authentication Authenticating a user account against a password database stored on the system itself (as opposed to on a remote authentication server).
local connector (LC) See LC (connector).
local user accounts The accounts unique to a single Windows system. Stored in the local system’s registry.
localhost The hosts file alias for the loopback address of 127.0.0.1, referring to the current machine.
lock A physical device that prevents access to essential assets of an organization, such as servers, without a key.
log Stores information about the performance of some particular aspect of a system. Different programs refer to the monitored aspect with different terms. Performance Monitor calls them counters; syslog calls them facilities.
log management The process of providing proper security and maintenance for log files to ensure the files are organized and safe.
logic bomb Code written with malicious intent designed to execute when certain conditions are met.
logical address A programmable network address (an IP address, for example), unlike a physical address that is burned into ROM.
logical addressing As opposed to physical addressing, the process of assigning organized blocks of logically associated network addresses to create smaller manageable networks called subnets. IP addresses are one example of logical addressing.
Logical Link Control (LLC) The aspect of the NIC that talks to the operating system, places outbound data coming “down” from the upper layers of software into frames, and creates the FCS on each frame. The LLC also deals with incoming frames by processing those addressed to the NIC and erasing ones addressed to other machines on the network.
logical network diagram A document that shows the broadcast domains and individual IP addresses for all devices on the network. Only critical switches and routers are shown.
logical topology A network topology defined by signal paths as opposed to the physical layout of the cables. See also physical topology.
Long Term Evolution (LTE) A wireless data standard with theoretical download speeds of 300 Mbps and upload speeds of 75 Mbps. LTE is marketed as a 4G (fourth generation) wireless technology.
looking glass site A server or Web site that enables technicians outside of a network to inspect information on or run diagnostic tools within that network. A technician might use their ISP’s looking glass to troubleshoot a routing issue.
loopback adapter See loopback plug.
loopback address Sometimes called the localhost, a reserved IP address used for internal testing: 127.0.0.1.
loopback plug Network connector that connects back into itself for physical loopback testing.
loopback test A test that sends data out of a NIC and checks to see if it comes back. Software versions that don’t test the actual port are commonly included in the device’s own diagnostics. Hardware or physical loopback tests that include the port require a loopback plug.
MAC (media access control) address Unique 48-bit address assigned to each network card. IEEE assigns blocks of possible addresses to various NIC manufacturers to help ensure that each address is unique. The Data Link layer of the OSI seven-layer model uses MAC addresses to locate machines.
MAC address filtering A method of limiting access to a wireless network based on the physical addresses of wireless NICs.
MAC filtering See MAC address filtering.
MAC reservation IP address assigned to a specific MAC address in a DHCP server.
MAC-48 The unique 48-bit address assigned to a network interface card. This is also known as the MAC address or the EUI-48.
macro Programming within an application that enables users to control aspects of it (generally to handle repetitive tasks). Also, any type of malware that exploits application macros to replicate and activate.
mailbox Special holding area on an e-mail server that separates out e-mail for each user.
main distribution frame (MDF) The room in a building that stores the demarc, telephone cross-connects, and LAN cross-connects.
maintenance window The time it takes to implement and thoroughly test a network change.
malicious user A user who consciously attempts to access, steal, or damage resources.
malware Any program or code (macro, script, and so on) that’s designed to do something on a system or network that you don’t want to have happen. Some examples of malware include spyware, rootkits, worms, and ransomware.
man-in-the-middle attack See on-path attack.
managed devices Networking devices, such as routers and advanced switches, that are extensively configurable.
managed device (SNMP) A component of a managed network. Managed devices send information to an SNMP manager to be processed.
managed network Network that is monitored by the SNMP protocol consisting of SNMP managed devices, management information base (MIB) items, and SNMP manager(s).
managed switch See managed devices.
management information base (MIB) SNMP’s management database. See Simple Network Management Protocol (SNMP).
mandatory access control (MAC) A security model in which every resource is assigned a label that defines its security level. If the user lacks that security level, they do not get access.
mantrap See access control vestibule.
manual tunnel A simple point-to-point connection between two IPv6 networks.
maximum transmission unit (MTU) Specifies the largest size of a data unit in a communications protocol, such as Ethernet.
MB (megabyte) 1,048,576 bytes.
MD5 (Message-Digest Algorithm Version 5) An older hashing function that has been cracked and should have been replaced by now—especially in any security context.
mean time between failures (MTBF) A factor typically applied to a hardware component that represents the manufacturer’s best guess (based on historical data) regarding how much time will pass between major failures of that component.
mean time to failure (MTTF) Indicates the length of time a device is expected to last in operation. In MTTF, only a single, definitive failure will occur and will require that the device be replaced rather than repaired.
mean time to repair (MTTR) The estimated amount of time it takes to replace or fix a failed system.
Mechanical Transfer Registered Jack (MT-RJ) A type of small form factor (SFF) fiber connector.
Media Access Control (MAC) The part of a NIC that prepares outgoing frames, processes incoming frames, and controls the physical layer interface. The MAC is responsible for tasks such as addressing outgoing frames and validating the length and FCS of incoming frames.
Media Access Control (MAC) address table A database every switch maintains, listing the MAC address and port of each connected device.
media converter A device that lets you interconnect different types of Ethernet cable.
Media Gateway Control Protocol (MGCP) A protocol that is designed to be a complete VoIP or video presentation connection and session controller. MGCP uses TCP ports 2427 and 2727.
medianet A network of far-flung routers and servers that provides sufficient bandwidth for video teleconferencing (VTC) via quality of service (QoS) and other tools.
mega- A prefix that usually stands for the binary quantity 1,048,576. One megabyte is 1,048,576 bytes. One megahertz, however, is 1,000,000 hertz.
memorandum of understanding (MOU) A document that defines an agreement between two parties in situations where a legal contract is not appropriate.
mesh topology Topology in which each computer has a direct or indirect connection to every other computer in a network. Any node on the network can forward traffic to other nodes. Popular in cellular and many wireless networks.
Metasploit A tool that enables a penetration tester to use a massive library of exploits and payloads as well as tweak them for specific penetrations.
Metaverse Iteration of the Internet that relies on virtual reality (VR) environments to create a 3-D experience for user interaction. Early attempts at creating this space include Second Life (video game) and many science fiction stories, such as Neuromancer, The Matrix, and Snow Crash. Facebook uses the term Metaverse. NVIDIA refers to the space as the Omniverse.
metric Relative value that defines the “cost” of using a particular route (to determine the best one).
metro Ethernet A metropolitan area network (MAN) based on the Ethernet standard.
metropolitan area network (MAN) Multiple computers connected via cabling, radio, leased phone lines, or infrared that are within the same city. A perfect example of a MAN is the Tennessee city Chattanooga’s gigabit network available to all citizens, the Chattanooga Gig.
MHz (megahertz) A unit of measure that equals a frequency of 1 million cycles per second.
mirroring Also called drive mirroring, reading and writing data at the same time to two drives for fault-tolerance purposes. Considered RAID level 1.
mixed mode Also called high-throughput, or 802.11a-ht/802.11g-ht, one of three modes used with 802.11n wireless networks wherein the wireless access point (WAP) sends special packets that support older standards yet can also improve the speed of those standards via 802.
modal distortion A light distortion problem unique to multimode fiber-optic cable.
model A simplified representation of a real object or process. In the case of networking, models represent logical tasks and subtasks that are required to perform network communication.
modem (modulator-demodulator) A device that converts both digital bit streams into analog signals (modulation) and incoming analog signals back into digital signals (demodulation). Most commonly used to interconnect telephone lines and computers.
modulation techniques The various multiplexing and demultiplexing technologies and protocols, both analog and digital.
modulator-demodulator (modem) See modem (modulator-demodulator).
module (data center) A group of computers connected to the same access switch.
monlist A query that asks an NTP server about the traffic between itself and peers.
motion detection system A feature of some video surveillance systems that starts and stops recordings based on actions caught by the camera(s).
mounting bracket Bracket that acts as a holder for a faceplate in cable installations.
MS-CHAP Microsoft’s dominant variation of the CHAP protocol, uses a slightly more advanced encryption protocol.
MTU (maximum transmission unit) See maximum transmission unit (MTU).
multicast Method of sending a packet in which the sending computer sends it to a group of interested computers.
multicast addresses A set of IP addresses reserved for one-to-many communication, such as in streaming video conferencing.
multifactor authentication (MFA) A form of authentication where a user must use two or more factors to prove his or her identity. Methods of multifactor authentication involve knowledge factors (like passwords or pin numbers), possession factors (like a badge or smart card), and inherence factors (like fingerprints or voice).
multilayer switch A switch that has functions that operate at multiple layers of the OSI seven-layer model.
multimeter A tool for testing voltage (AC and DC), resistance, and continuity.
multimode Type of fiber-optic cable with a large-diameter core that supports multiple modes of propagation. The large diameter simplifies connections, but has drawbacks related to distance.
multimode fiber (MMF) Type of fiber-optic cable that uses LEDs.
multipathing An availability solution in which more than one connection or path between a server and SAN is maintained in order to ensure continued availability in the event that one connection goes down.
multiple input/multiple output (MIMO) Feature in 802.11n and later WAPs that enables them to make multiple simultaneous connections. See also multiuser MIMO (MU-MIMO).
multiplexer Device that merges information from multiple input channels to a single output channel.
Multiprotocol Label Switching (MPLS) Router feature that labels certain data to use a desired connection. It works with any type of packet switching (even Ethernet) to force certain types of data to use a certain path.
multisource agreement (MSA) A document that details the interoperability of network hardware from a variety of manufacturers.
multitenancy The ability to support multiple customers on the same infrastructure at the same time. Multitenancy enables customers with small computing needs to only pay for what they actually need in exchange for sharing the same infrastructure with other customers. Comes with the risk those customers will hog shared resources or compromise the infrastructure (by accident or on purpose).
multiuser MIMO (MU-MIMO) Feature of 802.11ac and later networking that enables a WAP to broadcast to multiple users simultaneously. See also multiple input/multiple output (MIMO).
MX record DNS record that SMTP servers use to determine where to send mail for a given domain.
My Traceroute (mtr) Terminal command in Linux that dynamically displays the route a packet is taking. Similar to traceroute.
name resolution A method that enables one computer on the network to locate another to establish a session. All network protocols perform name resolution by providing some form of name server.
name server DNS servers that hold the actual name and IP DNS records in a kind of database called a zone.
NAT (network address translation) See network address translation (NAT).
NAT translation table Special database in a NAT router that stores destination IP addresses and ephemeral source ports from outgoing packets and compares them against returning packets. A NAT translation table also maps internal sockets to their external counterparts.
NAT64 A transition mechanism that attaches the bytes of an IPv4 address onto the end of an IPv6 address for network traversal.
native VLAN The VLAN designation assigned to all frames without 802.1Q tags entering a trunk port on a switch. In addition, any frames that are part of the native VLAN will not receive an 802.1Q tag when they leave the trunk port.
near-end crosstalk (NEXT) Crosstalk at the same end of a cable from which the signal is being generated.
neighbor advertisement IPv6 packet sent in response to a multicast neighbor solicitation packet, telling the requesting system the MAC address of the system it solicited.
neighbor discovery See Neighbor Discovery Protocol (NDP).
Neighbor Discovery Protocol (NDP) IPv6 protocol that performs the same functions as ARP in IPv4 and plays a role in features such as SLAAC. It consists of five ICMP control message types: neighbor solicitation, neighbor advertisement, router solicitation, router advertisement, and redirect.
neighbor solicitation IPv6 process of finding a MAC address of a local host, given its IPv6 address.
Nessus Popular and extremely comprehensive vulnerability testing tool.
NetBEUI (NetBIOS Extended User Interface) Microsoft’s first networking protocol, designed to work with NetBIOS. NetBEUI is long obsolesced by TCP/IP. NetBEUI did not support routing.
NetBIOS (Network Basic Input/Output System) A protocol that operates at the Session layer of the OSI seven-layer model. This protocol creates and manages connections based on the names of the computers involved.
NetBIOS over TCP/IP (NetBT) A Microsoft-created protocol that enables NetBIOS naming information to be transported over TCP/IP networks. The result is that Microsoft naming services can operate on a TCP/IP network without the need for DNS services.
NetBIOS/NetBEUI See NetBEUI; see also NetBIOS.
NetFlow The primary tool used to monitor packet flow on a network.
NetFlow collector Component process of NetFlow that captures and saves data from a NetFlow-enabled device’s cache for future NetFlow analysis.
netstat A command-line utility used to examine the TCP/IP connections open on a given host. Once universal, though it is being replaced by ss in Linux.
network A collection of two or more devices interconnected by telephone lines, coaxial cables, satellite links, radio, and/or some other communication technique. A computer network is a group of computers that are connected together and communicate with one another for a common purpose. Computer networks support “people and organization” networks, users who also share a common purpose for communicating.
network access control (NAC) Control over information, people, access, machines, and everything in between.
network access policy Rules that define who can access the network, how it can be accessed, and what resources of the network can be used.
network access server (NAS) System that controls the modems in a RADIUS network.
network address translation (NAT) A means of translating a system’s IP address into another IP address before sending it out to a larger network. NAT manifests itself by a NAT program that runs on a system or a router. A network using NAT provides the systems on the network with private IP addresses. The system running the NAT software has two interfaces: one connected to the network and the other connected to the larger network.
The NAT program takes packets from the client systems bound for the larger network and translates their internal private IP addresses to its own public IP address, enabling many systems to share a single IP address.
network appliance Feature-packed network box that incorporates numerous processes such as routing, network address translation (NAT), switching, intrusion detection and prevention systems, firewall, and more.
network attached storage (NAS) A dedicated file server that has its own file system and typically uses hardware and software designed for serving and storing files.
network blocks Also called blocks, contiguous ranges of IP addresses that are assigned to organizations and end users by IANA.
network closet An equipment room that holds servers, switches, routers, and other network gear.
network design The process of gathering together and planning the layout for the equipment needed to create a network.
network diagram An illustration that shows devices on a network and how they connect.
network function virtualization (NFV) A network architecture that applies infrastructure-as-code (IaC)-style automation and orchestration to network management.
network function virtualization infrastructure (NFVI) The foundation of hardware (such as generic servers and switches) and software (like hypervisors and controllers) that power network function virtualization (NFV).
network ID A number used in IP networks to identify the network on which a device or machine exists.
network interface A device by which a system accesses a network. In most cases, this is a NIC or a modem.
network interface card (NIC) Traditionally, an expansion card that enables a PC to link physically to a network. Modern computers now use built-in NICs, no longer requiring physical cards, but the term “NIC” is still very common.
network interface unit (NIU) Another name for a demarc. See demarc.
Network layer Layer 3 of the OSI seven-layer model. See also Open Systems Interconnection (OSI) seven-layer model.
Network Management Software (NMS) Tools that enable you to describe, visualize, and configure an entire network.
network management system (NMS) See SNMP manager.
network map A highly detailed illustration of a network, down to the individual computers. A network map shows IP addresses, ports, protocols, and more.
network name Another name for the Service Set Identifier (SSID).
network operations center (NOC) A centralized location for techs and administrators to manage all aspects of a network.
network performance baseline Network performance and access patterns under normal conditions. A network performance baseline can be acquired through continuous performance monitoring or periodic benchmarks and is used to aid in network troubleshooting.
network prefix The first 64 bits of an IPv6 address that identifies the network.
network protocol Special software that exists in every network-capable operating system that acts to create unique identifiers for each system. It also creates a set of communication rules for issues like how to handle data chopped up into multiple packets and how to deal with routers. TCP/IP is the dominant network protocol suite today.
network segmentation Separating network assets through various means, such as with VLANs or with a DMZ, to protect against access by malicious actors.
network share A shared resource on a network.
network technology The techniques, components, and practices involved in creating and operating computer-to-computer links.
network threat Any number of things that share one essential feature: the potential to damage network data, machines, or users.
Network Time Protocol (NTP) Protocol that gives the current time.
network topology Refers to the way that cables and other pieces of hardware connect to one another.
network-based anti-malware A single source server that holds current anti-malware software. Multiple systems can access and run the software from that server. The single site makes the software easier to update and administer than anti-malware installed on individual systems.
network-based firewall Firewall, perhaps implemented in a gateway router or as a proxy server, through which all network traffic must pass inspection to be allowed or blocked.
next hop The next router a packet should go to at any given point.
next-generation firewall (NGFW) Network protection device that functions at multiple layers of the OSI model to tackle traffic no traditional firewall can filter alone.
NIC teaming Connecting multiple NICs in tandem to increase bandwidth in smaller increments. See also link aggregation.
Nmap A popular open-source network scanner designed to scan a network and create a map of hosts and services by sending out packets and examining the responses. Frequently used as a vulnerability scanner.
node A member of a network or a point where one or more functional units interconnect transmission lines.
noise Undesirable signals bearing no desired information and frequently capable of introducing errors into the communication process.
non-persistent agent Software used in posture assessment that does not stay resident in client station memory. It is executed prior to login and may stay resident during the login session but is removed from client RAM when the login or session is complete. The agent presents the security characteristics to the access control server, which then decides to allow, deny, or redirect the connection.
nonrepudiation Not being able to deny having sent a message.
normal backup A full backup of every selected file on a system. This type of backup turns off the archive bit after the backup.
north-south traffic Data traffic entering and leaving a data center. Network devices seen in north-south traffic include edge routers, edge firewalls, and load balancers.
ns (nanosecond) A billionth of a second. Light travels a little over 11 inches in 1 ns.
NS records Records that list the authoritative DNS servers for a domain.
nslookup A command-line tool used to query DNS servers manually for specific records. Used when a tech needs to see if a DNS record exists and confirm its value.
NTFS (NT File System) A file system for hard drives that enables object-level security, long filename support, compression, and encryption. NTFS 4.0 debuted with Windows NT 4.0. Later Windows versions continue to update NTFS.
NTFS permissions Groupings of what Microsoft calls special permissions that have names like Execute, Read, and Write, and that allow or disallow users certain access to files.
ntpdc Command that puts the NTP server into interactive mode in order to submit queries.
OEM (Original Equipment Manufacturer) Contrary to the name, does not create original hardware, but rather purchases components from manufacturers and puts them together in systems under its own brand name. Dell, Inc. and Gateway, Inc., for example, are for the most part OEMs. Apple, Inc., which manufactures most of the components for its own Mac-branded machines, is not an OEM. Also known as value-added resellers (VARs).
offboarding The process of confirming that mobile devices leaving the control of the organization do not store any proprietary applications or data.
offsite A term used to describe resources that are stored and maintained at a location other than the primary office or facility. Examples of resources that can be offsite include servers and data backups.
Ohm rating Electronic measurement of a cable’s or an electronic component’s impedance.
omnidirectional antenna Technology used in most WAPs that send wireless signals in all directions equally.
onboarding The process of verifying that new mobile devices appearing in the organization’s infrastructure are secure and safe to use within the organization.
on-path attack Traditionally known as a man-in-the-middle attack. An attacker taps into communications between two systems, covertly intercepting traffic thought to be only between those systems, reading or in some cases even changing the data and then sending the data on.
on-site A term used to describe resources that are stored and maintained at the primary office or facility rather than an external location.
open port See listening port.
Open Shortest Path First (OSPF) An interior gateway routing protocol developed for IP networks based on the shortest path first or link state algorithm.
open source Applications and operating systems that offer access to their source code; this enables developers to modify applications and operating systems easily to meet their specific needs.
Open Systems Interconnection (OSI) An international standard suite of protocols defined by the International Organization for Standardization (ISO) that implements the OSI seven-layer model for network communications between computers.
Open Systems Interconnection (OSI) seven-layer model An architecture model based on the OSI protocol suite, which defines and standardizes the flow of data between computers. The following lists the seven layers:
• Layer 1 The Physical layer defines hardware connections and turns binary into physical pulses (electrical or light). Cables operate at the Physical layer.
• Layer 2 The Data Link layer identifies devices on the Physical layer. MAC addresses are part of the Data Link layer. Switches operate at the Data Link layer.
• Layer 3 The Network layer moves packets between computers on different networks. Routers operate at the Network layer. IP operates at the Network layer.
• Layer 4 The Transport layer breaks data down into manageable chunks with TCP. UDP also operates at the Transport layer.
• Layer 5 The Session layer manages connections between machines. Sockets operate at the Session layer.
• Layer 6 The Presentation layer, which can also manage data encryption, hides the differences among various types of computer systems.
• Layer 7 The Application layer provides tools for programs to use to access the network (and the lower layers). HTTP, SSL/TLS, FTP, SMTP, DNS, DHCP, and IMAP are all examples of protocols that operate at the Application layer.
OpenSSH A series of secure programs developed by the OpenBSD organization to fix the limitation of Secure Shell (SSH) of only being able to handle one session per tunnel.
operating system (OS) The set of system software that manages a computer’s hardware and software resources and provides an interface between the PC and the user. Examples are Microsoft Windows, Apple macOS, and Manjaro Linux.
operator In a distributed control system, a human who runs the computer-controlled resources through a human–machine interface. See also human–machine interface (HMI).
optic A removable module that enables connectivity between a device and a cable.
Optical Carrier (OC) Specification used to denote the optical data carrying capacity (in Mbps) of fiber-optic cables in networks conforming to the SONET standard. The OC standard is an escalating series of speeds, designed to meet the needs of medium-to-large corporations. SONET establishes OCs from 51.8 Mbps (OC-1) to 39.8 Gbps (OC-768).
optical power meter See fiber light meter.
optical time-domain reflectometer (OTDR) Tester for fiber-optic cable that determines continuity and reports the location of cable breaks.
orchestration A higher level of automation in which smaller automated tasks are composed into longer sequences. These sequences (sometimes called pipelines, processes, or workflows) better represent whatever the organization or its employees are trying to accomplish. Also, arrangement of music for multiple instruments.
organizationally unique identifier (OUI) The first 24 bits of a MAC address, assigned to the NIC manufacturer by the IEEE.
orthogonal frequency-division multiplexing (OFDM) A spread-spectrum broadcasting method that combines the multiple frequencies of DSSS with FHSS’s hopping capability.
OS (operating system) See operating system (OS).
oscilloscope A device that gives a graphical/visual representation of signal levels over a period of time.
OSPF (Open Shortest Path First) See Open Shortest Path First (OSPF).
outbound traffic Describes the direction of a flow of packets relative to some point of reference. Relative to the entire network, packets leaving the network from within it.
out-of-band management Method to connect to and administer a managed device such as a switch or router that does not use a standard network-connected host as the administrative console. A computer connected to the console port of a switch is an example of out-of-band management.
overlay tunnel Enables two IPv6 networks to connect over an IPv4 network by encapsulating the IPv6 packets within IPv4 headers, transporting them across the IPv4 network, then decapsulating the IPv6 data.
packet Basic component of communication over a network. A group of bits of fixed maximum size and well-defined format that is switched and transmitted as a complete whole through a network. It contains source and destination address, data, and control information. See also frame.
packet analyzer A program that reads the capture files from packet sniffers and analyzes them based on monitoring needs.
packet filtering A mechanism that blocks any incoming or outgoing packet from a particular IP address or range of IP addresses. Also known as IP filtering.
packet sniffer A tool that intercepts and logs network packets.
pad Extra data added to an Ethernet frame to bring the data up to the minimum required size of 64 bytes.
partially meshed topology A mesh topology in which not all of the nodes are directly connected.
passive optical network (PON) A fiber architecture that uses a single fiber to the neighborhood switch and then individual fiber runs to each final destination.
Password Authentication Protocol (PAP) The oldest and most basic form of authentication and also the least safe because it sends all passwords in cleartext.
patch antenna Flat, plate-shaped antenna that generates a half-sphere beam; used for broadcasting to a select area.
patch bay A dedicated block with A/V connections (instead of twisted pair and fiber network connections).
patch cables Short (2 to 5 foot) UTP cables that connect patch panels to switches.
patch management The process of regularly updating operating systems and applications to avoid security threats.
patch panel A panel containing a row of female connectors (ports) that terminate the horizontal cabling in the equipment room. Patch panels facilitate cabling organization and provide protection to horizontal cabling. See also vertical cross-connect.
path diversity Increases availability by ensuring lines out of your network follow diverse paths to other networks. A common method for path diversity in smaller centers, for example, uses a fiber connection for the primary and a very fast cellular connection as a failover. Use of both a fiber ISP and a different cable ISP can also lead to path diversity.
Path MTU Discovery A method for determining the highest MTU that can pass through all hops in a route without fragmentation.
path vector Routing protocol in which routers maintain path information. This information gets updated dynamically. See Border Gateway Protocol (BGP).
pathping Command-line tool that combines the features of the ping command and the tracert/traceroute commands.
payload The primary data that is encapsulated in a frame or other protocol data unit (PDU) and sent from a source network device to a destination network device.
PBX (private branch exchange) A private phone system used within an organization.
peer-to-peer (P2P) A network in which each machine can act as either a client or a server.
peer-to-peer mode See ad hoc mode.
penetration testing (pentesting) An authorized, network hacking process that identifies and exploits real-world weaknesses in network security and documents the findings.
Performance Monitor (perfmon.exe) The Windows logging utility.
permissions Sets of attributes that network administrators assign to users and groups that define what they can do to resources.
persistent agent In network access control systems, a small scanning program that, once installed on the computer, stays installed and runs every time the computer boots up. Composed of modules that perform a thorough inventory of each security-oriented element in the computer.
persistent connection A connection to a shared folder or drive that the computer immediately reconnects to at logon.
personal area network (PAN) The network created among Bluetooth devices such as smartphones, tablets, printers, keyboards, mice, and so on.
phishing A social engineering technique where the attacker poses as a trusted source and tries to inspire the victim to act based on a false premise (usually communicated via e-mail, phone, or SMS). A successful attack typically obtains confidential information or introduces malware into the network.
physical address An address burned into a ROM chip on a NIC. A MAC address is an example of a physical address.
physical contact (PC) connector Family of fiber-optic connectors that enforces direct physical contact between two optical fibers being connected.
Physical layer See Open Systems Interconnection (OSI) seven-layer model.
physical network diagram A document that shows all of the physical connections on a network. Cabling type, protocol, and speed are also listed for each connection.
physical topology The manner in which the physical components of a network are arranged.
piggybacking An authorized person helping an unauthorized person follow them into a secure area.
ping A small ICMP message sent to check for the presence and response of another system. Also, a command-line utility that uses these messages to check the “up/down” status of an IP addressed host. See also Internet Control Message Protocol (ICMP).
ping –6 A command-line utility to check the “up/down” status of an IP addressed host. The –6 switch included on the command line, using the Windows version of ping, specifies that the host under test has an IPv6 address.
ping6 Linux command-line utility specifically designed to ping hosts with an IPv6 address.
plain old telephone service (POTS) See public switched telephone network (PSTN).
plaintext Describes the data passed through a cipher (even if it is already encrypted). Running plaintext through a cipher algorithm using a key generates the encrypted ciphertext.
platform Hardware environment that supports the running of a computer system.
platform as a service (PaaS) Cloud service model that provides a complete deployment and management system with all the tools needed to administer and maintain a Web application. See also cloud computing.
plenum Usually a space between a building’s false ceiling and the floor above it. Most of the wiring for networks is located in this space. Plenum is also a fire rating for network cabling.
plenum-rated cable Network cable type that resists burning and does not give off excessive smoke or noxious fumes when burned.
pod (data center) A group of modules that share the same connection to their distribution switches in a data center.
Point Coordination Function (PCF) A method of collision avoidance defined by the 802.11 standard but has yet to be implemented. See also Distributed Coordination Function (DCF).
point-to-multipoint topology Topology in which one device communicates with more than one other device on a network.
Point-to-Point Protocol (PPP) A protocol that enables two devices to connect, authenticate with a username and password, and negotiate the network protocol the two devices will use.
Point-to-Point Protocol over Ethernet (PPPoE) A protocol that was originally designed to encapsulate PPP frames into Ethernet frames. Used by DSL providers to force customers to log into their DSL connections instead of simply connecting automatically.
point-to-point topology Network topology in which two computers are directly connected to each other without any other intervening connection components such as hubs or switches.
Point-to-Point Tunneling Protocol (PPTP) A legacy protocol intended to provide a secure data link between computers (a VPN). It has long been included in Windows but has fallen out of favor because it has multiple security vulnerabilities.
pointer record (PTR) A type of DNS record that points IP addresses to hostnames. See also reverse lookup zone.
polyvinyl chloride (PVC) A material used for the outside insulation and jacketing of most cables. Also a fire rating for a type of cable that has no significant fire protection.
port (logical connection) In TCP/IP, 16-bit numbers between 0 and 65535 assigned to a particular TCP/IP process or application. For example, Web servers use port 443 (HTTPS) to transfer Web pages to clients. The first 1024 ports are called well-known ports. They have been preassigned and generally refer to TCP/IP processes and applications that have been around for a long time.
port (physical connector) In general, the portion of a computer through which a peripheral device may communicate, such as video, USB, serial, and network ports. In the context of networking, the jacks found in computers, switches, routers, and network-enabled peripherals into which network cables are plugged.
port address translation (PAT) The most commonly used form of network address translation, where the NAT uses the outgoing IP addresses and port numbers (collectively known as a socket) to map traffic from specific machines in the network. See also network address translation (NAT).
port aggregation A method for joining two or more switch ports logically to increase bandwidth.
port authentication Function of many advanced networking devices that authenticates a connecting device at the point of connection.
port blocking Preventing the passage of any TCP segments or UDP datagrams through any ports other than the ones prescribed by the system administrator.
port bonding The logical joining of multiple redundant ports and links between two network devices such as a switch and storage array.
port filtering See port blocking.
port forwarding Preventing the passage of any IP packets through any ports other than the ones prescribed by the system administrator.
port mirroring The capability of many advanced switches to mirror data from any or all physical ports on a switch to a single physical port. Useful for any type of situation where an administrator needs to inspect packets coming to or from certain computers.
port number Number used to identify the requested service (such as SMTP or FTP) when connecting to a TCP/IP host. Some example server port numbers include 80 (HTTP), 21 (FTP), 25 (SMTP), 53 (DNS), and 67 (DHCP).
port scanner A program that probes ports on another system, logging the state of the scanned ports.
port scanning The process of querying individual nodes, looking for open or vulnerable ports and creating a report.
Post Office Protocol Version 3 (POP3) One of the two protocols that receive e-mail from SMTP servers. POP3 uses TCP port 110.
Post Office Protocol Version 3 over SSL (POP3S) Secure version of the POP3 protocol. Uses TLS on port 995.
PostScript A language defined by Adobe Systems, Inc., for describing how to create an image on a page. The description is independent of the resolution of the device that will create the image. It includes a technology for defining the shape of a font and creating a raster image at many different resolutions and sizes.
posture assessment Process by which a client presents its security characteristics via an agent or agent-less interface to an access control server. The server checks the characteristics and decides whether to grant a connection, deny a connection, or redirect the connection depending on the security compliance invoked.
power converter Device that changes AC power to DC power.
power distribution unit (PDU) A rack-mounted set of outlets for devices installed in the rack. Connected to the rack’s uninterruptible power supply (UPS).
power generator Backup generator that provides power redundancy by burning petroleum fuel to provide electricity if the main power goes out in a data center or equipment room.
Power over Ethernet (PoE) A standard that enables wireless access points (WAPs) to receive their power from the same Ethernet cables that transfer their data.
power redundancy Secondary source of power in the event that primary power fails. The most common redundant power source is an uninterruptible power supply (UPS).
PPP (Point-to-Point Protocol) See Point-to-Point Protocol (PPP).
PPPoE (PPP over Ethernet) See Point-to-Point Protocol over Ethernet (PPPoE).
preamble A 7-byte series of alternating ones and zeroes, followed by a 1-byte start frame delimiter, always precedes a frame. The preamble gives a receiving NIC time to realize a frame is coming and to know exactly where the frame starts.
prefix delegation An IPv6 router configuration that enables it to request an IPv6 address block from an upstream source, then to disseminate it to local clients.
prefix length The IPv6 term for subnet mask. In all cases, the prefix length is /64.
Presentation layer See Open Systems Interconnection (OSI) seven-layer model.
primary name server The name server where records are added, deleted, and modified. The primary name server sends copies of this zone file to secondary name servers in a process known as a zone transfer.
private cloud Software, platforms, and infrastructure that an organization owns and operates for internal use.
private direct connections Links between an organization’s network and the cloud provider. The traffic for a private direct connection never goes over the public Internet, but rather over a private line between an organization’s data center and a cloud provider.
private IP addresses Groups of IP addresses set aside for internal networks; Internet routers block these addresses, such as 10.x.x.x /8, 172.(16–31).x.x /16, and 192.168.(0–255).x /24.
private port numbers See dynamic port numbers.
program A set of actions or instructions that a machine is capable of interpreting and executing. Used as a verb, it means to design, write, and test such instructions.
programmable logic controller (PLC) A computer that controls a machine according to a set of ordered steps.
promiscuous mode A mode of operation for a NIC in which the NIC processes all frames that it sees on the cable regardless of the frame’s destination address.
prompt A character or message provided by an operating system or program to indicate that it is ready to accept input.
proprietary Term used to describe technology that is unique to, and owned by, a particular vendor.
Protected Extensible Authentication Protocol (PEAP) An authentication protocol that uses a password function based on MS-CHAPv2 with the addition of an encrypted TLS tunnel similar to EAP-TLS.
protocol An agreement that governs the procedures used to exchange information between cooperating entities; usually includes how much information is to be sent, how often it is sent, how to recover from transmission errors, and who is to receive the information.
protocol analyzer A tool that monitors the different protocols running at different layers on the network and that can give Application, Session, Network, and Data Link layer information on every frame going through a network.
protocol data unit (PDU) A single unit of information consisting of protocol control information and some form of data. Different layers of the OSI model use different PDUs. For example, a layer 2 PDU would be called a frame, while a layer 3 PDU is known as a packet.
protocol stack The actual software that implements the protocol suite on a particular operating system.
protocol suite A set of protocols that are commonly used together and operate at different levels of the OSI seven-layer model.
proximity reader Sensor that detects and reads a token that comes within range. The polled information is used to determine the access level of the person carrying the token.
proxy ARP The process of making remotely connected computers act as though they are on the same LAN as local computers.
proxy server A device that fetches Internet resources for a client without exposing that client directly to the Internet. Most proxy servers accept requests for HTTP, FTP, IMAP, and SMTP resources. The proxy server often caches, or stores, a copy of the requested resource for later use.
PSTN (public switched telephone network) See public switched telephone network (PSTN).
public cloud Software, platforms, and infrastructure delivered through networks that the general public can use.
public switched telephone network (PSTN) Also known as plain old telephone service (POTS), the most common type of phone connection, which takes your sounds, translated into an analog waveform by the microphone, and transmits them to another phone.
public-key cryptography A method of encryption and decryption that uses two different keys: a public key for encryption and a private key for decryption.
public-key infrastructure (PKI) The system for creating and distributing digital certificates issued by trusted third parties such as DigiCert, GoDaddy, or Sectigo.
punchdown tool A specialized tool for connecting UTP wires to a 110-block. Also called a 110-punchdown tool.
PVC-rated cable Type of network cable that offers no special fire protection; burning produces excessive smoke and noxious fumes.
quad small form-factor pluggable (QSFP) Bidirectional (BiDi) fiber-optic connector used in 40GbE networks.
quality of service (QoS) Policies that control how much bandwidth a protocol, PC, user, VLAN, or IP address may use.
quarantine network Safe network to which are directed stations that either do not require or should not have access to protected resources.
raceway Cable organizing device that adheres to walls, making for a much simpler, though less neat, installation than running cables in the walls.
rack diagram A diagram with information about the make and model of every component on a rack including details such as firmware versions, date of purchase, upgrade history, and service history.
rack monitoring system Set of sensors in an equipment closet or rack-mounted gear that can monitor and alert when an out-of-tolerance condition occurs in power, temperature, and/or other environmental aspects.
radio frequency interference (RFI) The phenomenon where a Wi-Fi signal is disrupted by a radio signal from another device.
Radio Guide (RG) rating Ratings developed by the U.S. military to provide a quick reference for the different types of coaxial cables.
RADIUS server A system that enables remote users to connect to a network service.
ransomware Crypto-malware that uses some form of encryption to lock a user out of a system. Once the crypto-malware encrypts the computer, usually encrypting the boot drive, it informs the user that they must pay to get the system decrypted. Whether or not the data is actually decrypted upon payment depends primarily on the motive of the threat actor.
real-time processing The processing of transactions as they occur, rather than batching them. Pertaining to an application, processing in which response to input is fast enough to affect subsequent inputs and guide the process, and in which records are updated immediately. The time lag from input to output must be sufficiently brief for acceptable timeliness. Timeliness is a function of the total system: missile guidance requires output within a few milliseconds of input, whereas scheduling of steamships requires a response time in days. Real-time systems are those with a response time of milliseconds; interactive systems respond in seconds; and batch systems may respond in hours or days.
Real-time Transport Protocol (RTP) Protocol that defines the type of packets used on the Internet to move voice or data from a server to clients. The vast majority of VoIP solutions available today use RTP.
real-time video Communication that offers both audio and video via unicast messages.
reassembly The process where a receiving system verifies and puts together packets into coherent data.
recovery point objective (RPO) An upper limit to how much lost data an organization can tolerate if it must restore from a backup. Effectively dictates how frequently backups must be taken.
recovery time objective (RTO) The amount of time needed to restore full functionality from when the organization ceases to function.
recursive lookup (DNS) When a client requests a type of record belonging to an FQDN, and its DNS server does any legwork needed in order to return the record. This is in contrast to an iterative lookup, where the client itself asks each server down the DNS hierarchy (starting at the root) until it locates the authoritative DNS server that returns the record.
Reddit hug of death The massive influx of traffic on a small or lesser-known Web site when it is suddenly made popular by a reference from the media. See also slashdotting.
redundant array of independent [or inexpensive] disks [or devices] (RAID) A way to create a fault-tolerant storage system. RAID has six levels. Level 0 uses byte-level striping and provides no fault tolerance. Level 1 uses mirroring or duplexing. Level 2 uses bit-level striping. Level 3 stores error-correcting information (such as parity) on a separate disk and data striping on the remaining drives. Level 4 is level 3 with block-level striping. Level 5 uses block-level and parity data striping.
reflection Used in DDoS attacks. The attacker sends requests to normal servers with the target’s IP address spoofed as the source. The normal servers respond to the spoofed IP address (the target system), overwhelming it with reflected traffic without identifying the true initiator.
reflective DDoS See reflection.
refraction Bending of radio waves when transmitted through glass.
Regional Internet Registries (RIRs) Entities under the oversight of the Internet Assigned Numbers Authority (IANA). RIRs parcel out IP addresses from blocks delegated to them by IANA.
registered jack (RJ) Type of connector used on the end of telephone and networking cables. See RJ-11 and RJ-45, respectively.
registered ports Port numbers from 1024 to 49151. IANA assigns these ports for anyone to use for their applications.
regulations Rules of law or policy that govern behavior in the workplace, such as what to do when a particular event occurs.
remote Refers to computers, servers, and/or networks that are located in some other physical location.
remote access The capability to access a computer from outside a building in which it is housed. Remote access requires communications hardware, software, and actual physical links.
remote access server (RAS) Refers to both the hardware component (servers built to handle the unique stresses of a large number of clients calling in) and the software component (programs that work with the operating system to allow remote access to the network) of a remote access solution.
Remote Authentication Dial-In User Service (RADIUS) An AAA standard created to support ISPs with hundreds if not thousands of modems in hundreds of computers to connect to a single central database. RADIUS consists of three devices: the RADIUS server that has access to a database of user names and passwords, a number of network access servers (NASs) that control the modems, and a group of systems that dial into the network.
Remote Desktop Protocol (RDP) A Microsoft-created remote access protocol.
Remote Installation Services (RIS) A tool introduced with Windows 2000 that can be used to initiate either a scripted installation or an installation of an image of an operating system onto a PC.
remote terminal A connection on a faraway computer that enables you to control that computer as if you were sitting in front of it and logged in. Remote terminal programs all require a server and a client. The server is the computer to be controlled. The client is the computer from which you do the controlling.
remote terminal unit (RTU) In a SCADA environment, has the same functions as a controller plus additional autonomy to deal with connection loss. It is also designed to take advantage of some form of long-distance communication.
repeater A device that takes all of the frames it receives on one Ethernet segment and re-creates them on another Ethernet segment. Repeaters operate at Layer 1 (Physical) of the OSI seven-layer model. They do not check the integrity of the Layer 2 (Data Link) frame so they may repeat incorrectly formed frames. They were replaced in the early 1980s by bridges that perform frame integrity checking before repeating a frame.
resistance The tendency for a physical medium to impede electron flow. It is classically measured in a unit called ohms. See also impedance.
resolver A DNS component that queries name servers and translates DNS names to IP addresses.
resolver cache A cache used by Windows DNS clients to keep track of DNS information.
resource (networking) Some device, software, or data accessible via a network connection. Examples include files on a fileserver, a shared printer directly connected to another workstation, an inventory tracking application hosted on local servers, and a remotely hosted e-mail server.
Response (SNMP) Answer from an agent upon receiving a Get protocol data unit (PDU) from an SNMP manager.
reverse lookup zone A DNS setting that resolves IP addresses to FQDNs. In other words, it does exactly the reverse of what DNS normally accomplishes using forward lookup zones.
reverse proxy server A connectivity solution that gathers information from its associated servers and shares that information to clients. The clients don’t know about the servers behind the scenes. The reverse proxy server is the only machine with which they interact.
RF emanation The transmission, intended or unintended, of radio frequencies. These transmissions may come from components that are intended to transmit RF, such as a Wi-Fi network card, or something less expected, such as a motherboard or keyboard. These emanations may be detected and intercepted, posing a potential threat to security.
RG-6 A grade of coaxial cable used for cable television and modern cable modem Internet connections. RG-6 has a characteristic impedance of 75 ohms.
RG-59 A grade of coaxial cable used for cable television and early cable modem Internet connections. RG-59 has a characteristic impedance of 75 ohms.
ring topology A network topology in which all the computers on the network attach to a central ring of cable.
RIP (Routing Information Protocol) A routing protocol with several shortcomings, such as a maximum hop count of 15 and a routing table update interval of 30 seconds (causing every router on a network to send out its table at once). Also known as RIPv1.
RIPv2 Second version of RIP. Adds support for CIDR and fixes some problems in RIPv1, but the maximum hop count of 15 still applies.
riser Fire rating that designates the proper cabling to use for vertical runs between floors of a building.
risk management The process of how organizations evaluate, protect, and recover from threats and attacks that take place on their networks.
Rivest Cipher 4 (RC4) A streaming symmetric-key algorithm. No longer secure due to the many vulnerabilities that have been discovered since its initial implementation.
Rivest, Shamir, Adleman (RSA) See RSA (Rivest, Shamir, Adleman).
RJ (registered jack) Connectors used for UTP cable on both telephone and network connections.
RJ-11 Type of connector with four-wire UTP connections; usually found in telephone connections.
RJ-45 Type of connector with eight-wire UTP connections; usually found in network connections and used for 10/100/1000BASE-T networking.
roaming A process where clients seamlessly change wireless access point (WAP) connections, depending on whichever WAP has the strongest signal covered by the broadcast area.
rogue access point (rogue AP) An unauthorized wireless access point (WAP) installed in a computer network. A rogue access point may be part of an attack, or the result of a well-meaning user bringing in hardware from home. See also evil twin.
rogue DHCP server An unauthorized DHCP server installed in a computer network. The rogue DHCP server might be in an unauthorized device installed by a well-meaning user, or it could be malicious as in an on-path attack.
role-based access control (RBAC) The most popular authentication model used in file sharing, defines a user’s access to a resource based on the roles the user plays in the network environment. This leads to the idea of creation of groups. A group in most networks is nothing more than a name that has clearly defined accesses to different resources. User accounts are placed into various groups.
rollback The process of downgrading—undoing—a recently applied patch or update.
ROM (read-only memory) The generic term for nonvolatile memory that can be read from but not written to. This means that code and data stored in ROM cannot be corrupted by accidental erasure. Additionally, ROM retains its data when power is removed, which makes it the perfect medium for storing BIOS data or information such as scientific constants.
root directory The directory that contains all other directories.
rootkit A type of malware that takes advantage of very low-level operating system functions to hide itself from all but the most aggressive of anti-malware tools.
route (command) A command to display and edit the local system’s routing table.
route redistribution Occurs in a multiprotocol router, which learns route information using one routing protocol and disseminates that information using another routing protocol.
router A device that connects separate networks and forwards packets from one network to another based only on the network address for the protocol being used. For example, an IP router looks only at the IP network ID. Routers operate at Layer 3 (Network) of the OSI seven-layer model.
router advertisement (IPv6) Router’s response to a client’s router solicitation, also sent at regular intervals, that gives the client information to configure itself (prefix, prefix length, and more).
router solicitation (IPv6) Query from a host to find routers and get information to configure itself.
Routing and Remote Access Service (RRAS) Windows’ remote access server that provides VPN and dial-up services. Supports the PPTP, L2TP, or L2TP/IPsec protocols.
Routing Information Protocol (RIP) See RIP (Routing Information Protocol).
routing loop A situation where one or more routes through interconnected routers create a closed loop, causing the routers to respond slowly and the packets to go undelivered.
routing table A list of various networks and the next hop to reach them. Routers direct traffic for each network to the next hop. This table can be built either manually or automatically.
RSA (Rivest, Shamir, Adleman) An asymmetric cryptography algorithm used to encrypt/decrypt messages and generate digital signatures.
run A single piece of installed horizontal cabling.
SC connector Fiber-optic connector used to terminate single-mode and multimode fiber. It is characterized by its push-pull, snap mechanical coupling, known as “stick and click.” Commonly referred to as subscriber connector, standard connector, and sometimes, Siemon connector.
scalability The capability to support network growth.
scanner A device that senses alterations of light and dark. It enables the user to import photographs, other physical images, and text into the computer in digital form.
screened subnet A lightly protected or unprotected subnet positioned between an outer firewall and an organization’s highly protected internal network. Screened subnets are used mainly to host public servers (such as Web servers). Traditionally known as a demilitarized zone (DMZ).
SDSL (symmetric digital subscriber line) See symmetric DSL (SDSL).
secondary name server Authoritative DNS server for a domain. Unlike a primary name server, no additions, deletions, or modifications can be made to the zones on a secondary name server, which always gets all information from the primary name server in a process known as a zone transfer.
Secure Copy Protocol (SCP) One of the first SSH-enabled programs to appear after the introduction of SSH. SCP was one of the first protocols used to transfer data securely between two hosts and thus might have replaced FTP. SCP works well but lacks features such as a directory listing.
Secure Hash Algorithm (SHA) A popular family of cryptographic hashing algorithms including SHA-1, SHA-2, SHA-3. SHA-1 is no longer secure and should be replaced—especially in any security context.
Secure Shell (SSH) A terminal emulation program that looks exactly like Telnet but encrypts the data. SSH has replaced Telnet on the Internet.
Secure Sockets Layer (SSL) A protocol developed by Netscape for securing Web sites. Final version was 3.0 before the name was changed to TLS in 1999. See also Transport Layer Security (TLS).
security The practice of enhancing a network’s resilience against unwanted access or attack.
security considerations In network design and construction, planning how to keep data protected from unapproved access. Security of physical computers and network resources is also considered.
security guard Person responsible for controlling access to physical resources such as buildings, secure rooms, and other physical assets.
security information and event management (SIEM) A two-part process consisting of security event management (SEM), which performs real-time monitoring of security events, and security information management (SIM), where the monitoring log files are reviewed and analyzed by automated and human interpreters.
security log A log that tracks anything that affects security, such as successful and failed logons and logoffs.
security policy A set of procedures defining actions employees should perform to protect the network’s security.
segment (network) In early Ethernet, the bus cable to which the computers on an Ethernet network connect. In modern networks, a generic way of referring to any subset of a network—including a subnet or VLAN. Not to be confused with a TCP segment.
segmentation In a TCP/IP network, the process of chopping requested data into chunks that will fit into a packet (and eventually into the NIC’s frame), organizing the packets for the benefit of the receiving system, and handing them to the NIC for sending.
separation of duties A method of defense in depth in which a single user can’t perform a particular task without direct involvement or observation by another party. One example is a server room that requires at least two employees to be badged in at any given time.
server Software that serves requests from client programs—and, by proxy, the hardware devices that host this software.
server farm Section of a data center dedicated to storing and operating racks of servers and equipment.
Server Message Block (SMB) See SMB (Server Message Block).
server-based network A network in which one or more systems function as dedicated file, print, or application servers, but do not function as clients.
service level agreement (SLA) A document between a customer and a service provider that defines the scope, quality, and terms of the service to be provided.
Service Set Identifier (SSID) A 32-bit identification string, sometimes called a network name, that’s inserted into the header of each data packet processed by a wireless access point.
services Background programs in an operating system that do the behind-the-scenes grunt work that users don’t need to interact with on a regular basis.
session A networking term used to refer to the logical stream of data flowing between two programs and being communicated over a network. Many different sessions may be emanating from any one node on a network.
session hijacking The interception of a valid computer session to get authentication information.
Session Initiation Protocol (SIP) A signaling protocol for controlling voice and video calls over IP. SIP competes with H.323 for VoIP dominance.
Session layer See Open Systems Interconnection (OSI) seven-layer model.
session software Handles the process of differentiating among various types of connections on a PC.
Set (SNMP) The PDU with which a network management station commands an agent to make a change to a management information base (MIB) object.
shell Generally refers to the user interface of an operating system. A shell is the command processor that is the actual interface between the kernel and the user.
shielded twisted pair (STP) A cabling for networks composed of pairs of wires twisted around each other at specific intervals. The twists serve to reduce interference (also called crosstalk). The more twists, the less interference. The cable has metallic shielding to protect the wires from external interference. See also unshielded twisted pair (UTP) for the more commonly used cable type in modern networks.
short circuit Allows electricity to pass between two conductive elements that weren’t designed to interact together. Also called a short.
Short Message Service (SMS) alert A proactive message regarding an out-of-tolerance condition of an SNMP managed device sent as an SMS text.
shoulder surfing The process of surreptitiously monitoring people when they are accessing any kind of system in order to pilfer passwords, PIN codes, or sensitive information. A tried-and-true method of social engineering.
signal strength A measurement of how well your wireless device is connecting to other devices.
signal-to-noise ratio (SNR) A measurement that expresses how much of a received transmission is discernable signal and how much is noise. Helps understand the amount of interference (such as RFI) when designing and troubleshooting Wi-Fi networks.
signaling topology Another name for logical topology. See logical topology.
signature (malware) Specific pattern of bits or bytes that is unique to a particular virus. Virus scanning software maintains a library of signatures and compares the contents of scanned files against this library to detect infected files.
Simple Mail Transfer Protocol (SMTP) The main protocol used to send electronic mail on the Internet. SMTP uses TCP port 25.
Simple Mail Transfer Protocol Secure (SMTPS) Uses TCP port 587 to secure SMTP communication with TLS. SMTPS is not an extension of SMTP or a propriety protocol.
Simple Network Management Protocol (SNMP) A set of standards for communication with network devices (switches, routers, WAPs) connected to a TCP/IP network. Used for network management.
single point of failure One component or system that, if it fails, will bring down an entire process, workflow, or organization.
single sign-on (SSO) A process whereby a client performs a one-time login to a gateway system. That system, in turn, takes care of the client’s authentication to any other connected systems for which the client is authorized to access.
single-mode fiber (SMF) Fiber-optic cables that use lasers.
site survey A process that informs wireless network design by mapping out the physical space to identify requirements, obstacles, and sources of interference.
site-to-site VPN A type of VPN connection using two VPN concentrators to connect two separate LANs permanently.
slashdotting The massive influx of traffic on a small or lesser-known Web site when it is suddenly made popular by a reference from the media. See also Reddit hug of death.
small form factor (SFF) A description of later-generation, fiber-optic connectors designed to be much smaller than the first iterations of connectors. See also LC connector and Mechanical Transfer Registered Jack (MT-RJ).
small form-factor pluggable (SFP) A Cisco module that enables you to add additional features to its routers.
small office/home office (SOHO) See SOHO (small office/home office).
smart card Device (such as a credit card) that you insert into your PC or use on a door pad for authentication.
smart device Device (such as a credit card, USB key, etc.) that you insert into your PC in lieu of entering a password.
smart jack Type of network interface unit (NIU) that enables ISPs or telephone companies to test for faults in a network, such as disconnections and loopbacks.
smart locker A locker that an organization can control wirelessly to grant specific users temporary access. The lockers provide a secure way to deliver equipment to a specific user, keep items safe while users are away, or drop off items for someone else to retrieve later.
SMB (Server Message Block) Protocol used by Microsoft clients and servers to share file and print resources.
SMTP (Simple Mail Transfer Protocol) See Simple Mail Transfer Protocol (SMTP).
sneakernet Saving a file on a portable medium and walking it over to another computer.
sniffer Diagnostic program that can order a NIC to run in promiscuous mode. See also promiscuous mode.
snip See cable stripper.
SNMP (Simple Network Management Protocol) See Simple Network Management Protocol (SNMP).
SNMP manager Software and station that communicates with SNMP agents to monitor and manage management information base (MIB) objects.
snmpwalk SNMP manager PDU that collects management information base (MIB) information in a tree-oriented hierarchy of a MIB object and any of its subordinate objects. The snmpwalk command queries the object and then automatically queries all the objects that are subordinated to the root object being queried.
social engineering The process of using or manipulating people inside an organization to gain unauthorized access. Common social-engineering techniques include phishing and impersonation.
socket A combination of a port number, Layer 4 protocol, and an IP address that uniquely identifies a connection.
socket pairs Each pair consists of two linked sockets, one at each end of a TCP/IP session between two hosts.
software Programming instructions or data stored on some type of binary storage device.
software as a service (SaaS) Cloud service model that provides centralized applications accessed over a network. See also cloud computing.
software-defined networking (SDN) Programming that allows a master controller to determine how network components will move traffic through the network. Used in virtualization.
SOHO (small office/home office) A classification of networking equipment, usually marketed to consumers or small businesses, which focuses on low price and ease of configuration. SOHO networks differ from enterprise networks, which focus on flexibility and maximum performance.
SOHO firewall Firewall, typically simple, that is built into the firmware of a SOHO router.
solid core A cable that uses a single solid wire to transmit signals.
SONET (Synchronous Optical Network) An American fiber carrier standard for connecting fiber-optic transmission systems. SONET was proposed in the mid-1980s and is now an ANSI standard. SONET defines interface standards at the Physical layer of the OSI seven-layer model.
Spanning Tree Protocol (STP) A protocol that enables switches to detect and prevent switching loops automatically. See also switching loop.
spectrum analyzer A tool used to scan for radio frequency (RF) sources in order to identify interference.
speed-test site A Web site used to check an Internet connection’s throughput, such as www.speakeasy.net/speedtest.
spine-and-leaf architecture Data center architecture in which every spine switch connects to every leaf switch in a two-tiered mesh network. The mesh network removes the need for dedicated connections between the spine backbone switches, because traffic moves seamlessly from spine to leaf to spine, regardless of how many spine or leaf switches are on the network.
split pair A condition that occurs when signals on a pair of wires within a UTP cable interfere with the signals on another wire pair within that same cable.
spoofing A security threat where an attacker makes some data seem as though it came from somewhere else, such as sending an e-mail with someone else’s e-mail address in the sender field.
spyware Any program that sends information about your system or your actions over the Internet.
SQL (Structured Query Language) A language created by IBM that relies on simple English-like statements to perform database queries. SQL enables databases from different manufacturers to be queried using a standard syntax.
SRV record DNS record that associates servers for individual protocols with a domain. SRV records specify a host, port, protocol, and other details for a specific service. For example, VoIP clients can readily discover a domain’s associated SIP server.
SSH File Transfer Protocol (SFTP) A replacement for FTP released after many of the inadequacies of Secure Copy Protocol (SCP)—such as the inability to see the files on the other computer—were discovered. Not to be confused with Simple File Transfer Protocol, FTP over SSH, or FTPS.
SSID broadcast A wireless access point feature that announces the WAP’s SSID to make it easy for wireless clients to locate and connect to it. By default, most WAPs regularly announce their SSID.
SSL (Secure Sockets Layer) See Secure Sockets Layer (SSL).
SSL VPN A type of VPN that formerly used SSL encryption but now uses TLS. The two most common types of SSL VPNs are SSL portal VPNs and SSL tunnel VPNs. In portal VPNs, clients connect to the VPN server using a standard Web browser; in tunnel VPNs they use a dedicated VPN client. Despite the fact that SSL is no longer in use, the SSL VPN moniker stuck.
ST connector Fiber-optic connector used primarily with 2.5-mm, single-mode fiber. It uses a push-on, then twist-to-lock mechanical connection commonly called stick-and-twist although ST actually stands for straight tip.
star topology A network topology in which all computers in the network connect to a central wiring point.
star-bus topology A hybrid of the star and bus topologies that uses a physical star, where all nodes connect to a single wiring point (such as a hub) and a logical bus that maintains the Ethernet standards. One benefit of a star-bus topology is fault tolerance.
star-ring topology A hybrid topology which uses a physical star and logical ring. Star-ring ultimately lost market-share in favor of the more popular star-bus topology.
start frame delimiter (SFD) One-byte section of an Ethernet packet that follows the preamble and precedes the Ethernet frame.
start of authority (SOA) record DNS record that defines the primary name server in charge of a domain. Also includes parameters that control how secondary name servers check for updates to the zone file, such as the serial number which indicates whether the zone file has updates to fetch.
stateful (DHCP) Describes a DHCPv6 server that works very similarly to an IPv4 DHCP server, passing out IPv6 addresses, subnet masks, and default gateways as well as optional items like DNS server addresses.
stateful filtering/stateful inspection A method of filtering in which all packets are examined as a stream. Stateful devices can do more than allow or block; they can track when a stream is disrupted or packets get corrupted and act accordingly.
stateless (IPv6) Describes a DHCPv6 server that only passes out information like DNS servers’ IP addresses, but doesn’t give clients IPv6 addresses.
stateless address autoconfiguration (SLAAC) A process that enables network clients to determine their own IPv6 addresses without the need for DHCP.
stateless filtering/stateless inspection A method of filtering where the device that does the filtering looks at each IP packet individually, checking the packet for IP addresses and port numbers and blocking or allowing accordingly.
statement of work (SOW) A contract that defines the services, products, and time frames for the vendor to achieve.
static addressing The process of assigning IP addresses by manually typing them into client computers.
static NAT (SNAT) A type of network address translation (NAT) that maps a single routable IP address to a single machine, allowing you to access that machine from outside the network and vice versa.
static routes Entries in a router’s routing table that are not updated by any routing protocols. Static routes must be added, deleted, or changed by a router administrator. Static routes are the opposite of dynamic routes.
static routing A process by which a router uses manually entered static routes to forward traffic to other networks.
storage A device or medium that can retain data for subsequent retrieval.
storage area network (SAN) A server that can take a pool of hard disks and present them over the network as any number of logical disks.
STP (Spanning Tree Protocol) See Spanning Tree Protocol (STP).
straight-through cable UTP or STP cable segment that has the wire and pin assignments at one end of the cable match the wire and same pin assignments at the other end. Straight-through cables are used to connect hosts to switches or to connect switches to routers and are the connective opposite of crossover cables.
straight tip connector See ST connector.
stranded core A cable that uses a bundle of tiny wire strands to transmit signals. Stranded core is not quite as good a conductor as solid core, but it will stand up to substantial handling without breaking.
stream cipher An encryption method that encrypts a single bit at a time. Popular when data comes in long streams (such as with older wireless networks or cell phones).
stripe set Two or more drives in a group that are used for a striped volume.
structured cabling Standards defined by the American National Standards Institute/Telecommunications Industry Association (ANSI/TIA) that define methods of organizing the cables in a network for ease of repair and replacement.
subnet Each independent network in a TCP/IP internetwork.
subnet ID Portion of an IP address that identifies bits shared by all hosts on that network.
subnet mask The value used in TCP/IP settings to divide the IP address of a host into its component parts: network ID and host ID.
subnetting Taking a block of IP addresses and chopping it into multiple smaller groups. See also Classless Inter-Domain Routing (CIDR).
subscriber connector (SC) See SC connector.
subscriber identity module (SIM) card Small storage device used in cellular phones to identify the phone, enable access to the cellular network, and store information such as contacts.
succession planning The process of identifying people who can take over certain positions (usually on a temporary basis) in case the people holding those critical positions are incapacitated or lost in an incident.
supervisory control and data acquisition (SCADA) A system that has the basic components of a distributed control system (DCS), yet is designed for large-scale, distributed processes and functions with the idea that remote devices may or may not have ongoing communication with the central control.
supplicant A client computer in a RADIUS network.
switch A Layer 2 (Data Link) multiport device that filters and forwards frames based on MAC addresses.
switch port protection Various methods to help modern switches deal with malicious software and other threats. Includes technologies such as flood guards.
switching loop A circular path caused by connecting multiple switches together in a circuit. Switches use Spanning Tree Protocol (STP) to detect loops and disable the associated port. Also known as a bridge loop or bridging loop.
symmetric DSL (SDSL) Type of DSL connection that provides equal upload and download speed and, in theory, provides speeds up to 15 Mbps, although the vast majority of ISPs provide packages ranging from 192 Kbps to 9 Mbps.
symmetric-key algorithm Any encryption method that uses the same key for both encryption and decryption.
Synchronous Digital Hierarchy (SDH) European fiber carrier standard equivalent to SONET.
Synchronous Optical Network (SONET) See SONET (Synchronous Optical Network).
syslog System log collector in macOS and Linux. Useful for auditing, performance monitoring, and troubleshooting.
system life cycle Description of typical beginning and end of computing components. Handling such devices at the end includes system life cycle policies and asset disposal.
system log A log file that records issues dealing with the overall system, such as system services, device drivers, or configuration changes.
T568A One of two four-pair UTP crimping standards for 10/100/1000BASE-T networks. See also ANSI/TIA-568.
T568B One of two four-pair UTP crimping standards for 10/100/1000BASE-T networks. See also ANSI/TIA-568.
tailgating An unauthorized person attempting to follow an authorized person into a secure area.
tamper detection A feature of modern server chassis that will log in the motherboard’s nonvolatile RAM (NVRAM) if the chassis has been opened. The log will show chassis intrusion with a date and time. Alternatively, the special stickers or zip ties that break when a device has been opened.
TCP segment The connection-oriented payload of an IP packet. A TCP segment works at the Transport layer.
TCP three-way handshake A three-packet conversation between TCP hosts to establish and start a data transfer session. The conversation begins with a SYN request by the initiator. The target responds with a SYN response and an ACK to the SYN request. The initiator confirms receipt of the SYN-ACK with an ACK. Once this handshake is complete, data transfer can begin.
tcpdump A command-line packet sniffing tool.
TCP/IP suite The collection of all the protocols and processes that make TCP over IP communication over a network possible.
telecommunications room A central location for computer or telephone equipment and, most importantly, centralized cabling. All cables usually run to the telecommunications room from the rest of the installation.
Telecommunications Industry Association (TIA) The standards body that defines most of the standards for computer network cabling. Many of these standards are defined under the ANSI/TIA-568 standard. Since the Electronics Industry Association (EIA) was accredited by the American National Standards Institute (ANSI) to develop the standards, the name changed from TIA/EIA to ANSI/TIA after the EIA closed up shop in 2011.
telephony The science of converting sound into electrical signals, moving those signals from one location to another, and then converting those signals back into sounds. This includes modems, telephone lines, the telephone system, and any products used to create a remote access link between a remote access client and server.
Telnet A program that enables users on the Internet to log onto remote systems from their own host systems. Telnet is no longer used due to its lack of encryption.
temperature monitor Device for keeping a telecommunications room at an optimal temperature.
TEMPEST The NSA’s security standard that is used to combat radio frequency (RF) emanation by using enclosures, shielding, and even paint.
Temporal Key Integrity Protocol (TKIP) See TKIP-RC4.
Terminal Access Controller Access Control System Plus (TACACS+) A proprietary protocol developed by Cisco to support Authorization, Authentication, and Accounting (AAA) in a network with many routers and switches. It is similar to RADIUS in function, but uses TCP port 49 by default and separates AAA into different parts.
terminal emulation Software that enables a PC to communicate with another computer or network as if it were a specific type of hardware terminal.
termination Endpoint in a network segment. See demarc.
TFTP (Trivial File Transfer Protocol) See Trivial File Transfer Protocol (TFTP).
threat Any form of potential attack against a network.
three-tiered architecture A traditional type of data center architecture consisting of the access layer that provides connectivity between the data center and users, the distribution layer that interconnects racks of servers, and the core layer that ties together all the switches at the distribution layer and acts as the point of connection to the external connections, including the Internet.
TIA/EIA (Telecommunications Industry Association/Electronics Industry Association) See Telecommunications Industry Association (TIA).
TIA/EIA 568A See T568A.
TIA/EIA 568B See T568B.
TIA/EIA 606 See ANSI/TIA-606.
Ticket-Granting Ticket (TGT) Sent by an Authentication Server in a Kerberos setup if the credentials sent by the client match those in its database. The client uses the TGT to request authorization for network resources from the Ticket-Granting Server.
time-domain reflectometer (TDR) Advanced cable tester that tests the length of cables and their continuity or discontinuity, and identifies the location of any discontinuity due to a bend, break, unwanted crimp, and so on.
time to live (TTL) A field in the IP header that indicates the number of hops a packet can make before it hits its demise and gets discarded by a router.
TKIP-RC4 The extra layer of security that Wi-Fi Protected Access (WPA) adds on top of Wired Equivalent Privacy (WEP); uses RC4 for cipher initialization. TKIP-RC4 has been replaced by CCMP-AES, which is much more difficult to crack.
TLS (Transport Layer Security) See Transport Layer Security (TLS).
tone generator See toner.
tone probe See toner.
toner Generic term for two devices used together—a tone generator and a tone locator (probe)—to trace cables by sending an electrical signal along a wire at a particular frequency. The tone locator then emits a sound when it distinguishes that frequency. Also referred to as Fox and Hound.
top listener Host that receives the most data on a network.
top talker Host that sends the most data on a network.
top-level domain (TLD) names Peak of the hierarchy for naming on the Internet; these include the .com, .org, .net, .edu, .gov, .mil, and .int names, as well as international country codes such as .us, .eu, etc.
top-level domain servers A set of DNS servers—just below the root servers—that handle the top-level domain names, such as .com, .org, .net, and so on.
top-of-rack switching An implementation of access switches in which every equipment rack uses one (or two for redundancy) Layer 2 switches sitting at the top of the rack, connecting to all the systems on the rack. Top-of-rack switches are co-resident in the rack with servers, as compared to switches that reside in a separate rack.
topology The pattern of interconnections in a communications system among devices, nodes, and associated input and output stations. Also describes how computers connect to each other without regard to how they actually communicate.
tracert (also traceroute) A command-line utility used to follow the path a packet takes between two hosts.
tracert –6 (also traceroute6) A command-line utility that checks a path from the station running the command to a destination host. Adding the –6 switch to the command line specifies that the target host uses an IPv6 address. traceroute6 is a Linux command that performs a traceroute to an IPv6 addressed host.
traffic analysis The process of extracting knowledge from traffic flows on a network. See also protocol analyzer.
traffic shaping Controlling the flow of packets into or out of the network according to the type of packet or other rules.
traffic spike Unusual and usually dramatic increase in the amount of network traffic. Traffic spikes may be the result of normal operations within the organization or may be an indication of something more sinister.
trailer The portion of an Ethernet frame that is the frame check sequence (FCS).
transceiver Interchangeable network modules that make it easy to change the media (and associated Ethernet standards) a network device uses. Most often used to provide fiber-optic interfaces for switches, routers, and NICs.
Transmission Control Protocol (TCP) A Layer 4 connection-oriented protocol within the TCP/IP suite. TCP provides a reliable communications channel over an unreliable network by ensuring all packets are accounted for and retransmitted if any are lost.
Transmission Control Protocol/Internet Protocol (TCP/IP) A set of communication protocols developed by the U.S. Department of Defense that enables dissimilar computers to share information over a network. IP provides an address scheme and delivers packets between hosts, while TCP ensures the data is transferred reliably and accurately.
transmit beamforming A multiple-antenna technology in 802.11n WAPs that helps get rid of dead spots.
Transport layer See Open Systems Interconnection (OSI) seven-layer model.
Transport Layer Security (TLS) In TLS, hosts use public-key cryptography to securely negotiate a cipher and symmetric key over an unsecured network, and the symmetric key to encrypt the rest of the session. Current name for the historical SSL protocol.
trap (SNMP) Out-of-tolerance condition in an SNMP managed device.
Trivial File Transfer Protocol (TFTP) A protocol that transfers files between servers and clients. Unlike FTP, TFTP requires no user login. Devices that need an operating system, but have no local hard disk (for example, diskless workstations and routers), often use TFTP to download their operating systems.
Trojan horse A virus that masquerades as a file with a legitimate purpose, so that a user will run it intentionally. A common example would be a fake antivirus program that introduces some kind of malicious program under the guise of protecting the computer.
trunk port A port on a switch configured to carry all data, regardless of VLAN number, between all switches in a LAN.
trunking The process of transferring VLAN data between two or more switches.
trusted user An account that has been granted specific authority to perform certain or all administrative tasks.
tunnel An encrypted link between two programs on two separate computers.
tunnel broker In IPv6, a service that creates the actual tunnel and (usually) offers a custom-made endpoint client for you to use, although more advanced users can often make a manual connection.
Tunnel Information and Control (TIC) protocol One of the protocols that sets up IPv6 tunnels and handles configuration as well as login.
Tunnel Setup Protocol (TSP) One of the protocols that sets up IPv6 tunnels and handles configuration as well as login.
twisted pair Twisted pairs of cables, the most overwhelmingly common type of cabling used in networks. The two types of twisted pair cabling are UTP (unshielded twisted pair) and STP (shielded twisted pair). The twists serve to reduce interference, called crosstalk; the more twists, the less crosstalk.
two-factor authentication A method of security authentication that requires two separate means of authentication; for example, some sort of physical token that, when inserted, prompts for a password. Also called multifactor authentication (MFA).
TXT record Freeform type of DNS record that holds a text value. Most commonly used for SPF, DKIM, and DMARC.
type (Ethernet field) Part of an Ethernet frame that describes/labels the frame contents.
U (unit) See unit (U).
UC device One of three components of a unified communication (UC) network, it is used to handle voice, video, and more.
UC gateway One of three components of a unified communication (UC) network, it is an edge device used to add extra services to an edge router.
UC server One of three components of a unified communication (UC) network, it is typically a dedicated box that supports any UC-provided service.
UDP (User Datagram Protocol) See User Datagram Protocol (UDP).
UDP datagram A connectionless networking container used in UDP communication.
ultra-physical contact (UPC) connector Fiber-optic connector that makes physical contact between two fiber-optic cables. The fibers within a UPC are polished extensively for a superior finish and better junction integrity.
unencrypted channel Unsecure communication between two hosts that pass data using cleartext. A Telnet connection is a common unencrypted channel.
unicast A message sent from one computer to one other computer.
unicast address A unique IP address that identifies a specific host on a network.
unidirectional antenna An antenna that focuses all of its transmission energy in a single, relatively narrow direction. Similarly, its design limits its ability to receive signals that are not aligned with the focused direction.
unified communication (UC) A system that rolls many different network services into one. Instant messaging (IM), telephone service, and video conferencing are a few examples.
unified threat management (UTM) A firewall that is also packaged with a collection of other processes and utilities to detect and prevent a wide variety of threats. These protections include intrusion detection systems, intrusion prevention systems, VPN portals, load balancers, and other threat mitigation apparatus.
unified voice services Complete self-contained Internet services that rely on nothing more than software installed on computers and the computers’ microphone/speakers to provide voice telecommunication over the Internet. All of the interconnections to the public switched telephone network (PSTN) are handled in the cloud.
uniform resource locator (URL) An address that defines the type and the location of a resource on the Internet. URLs are used in almost every TCP/IP application. An example of HTTPS URL is https://www.totalsem.com.
uninterruptible power supply (UPS) A device that supplies continuous clean power to a computer system the whole time the computer is on. Protects against power outages and sags. The term UPS is often used mistakenly when people mean standby power supply or system (SPS).
unit (U) The unique height measurement used with equipment racks; 1 U equals 1.75 inches.
UNIX A family of computer software operating systems (including macOS and Linux) descended from or heavily influenced by AT&T’s UNIX.
unsecure protocol Also known as an insecure protocol, transfers data between hosts in an unencrypted (cleartext) format. If these packets are intercepted between the communicating hosts, their data is completely exposed and readable.
unshielded twisted pair (UTP) A popular cabling for telephone and networks composed of pairs of wires twisted around each other at specific intervals. The twists serve to reduce interference (also called crosstalk). The more twists, the less interference. The cable has no metallic shielding to protect the wires from external interference, unlike its cousin, STP. Gigabit Ethernet (1000BASE-T) uses UTP, as an example. UTP is available in a variety of grades, called categories, as defined in the following:
• Category 1 UTP Regular analog phone lines, not used for data communications
• Category 2 UTP Supports speeds up to 4 Mbps
• Category 3 UTP Supports speeds up to 16 Mbps
• Category 4 UTP Supports speeds up to 20 Mbps
• Category 5 UTP Supports speeds up to 100 Mbps
• Category 5e UTP Supports speeds up to 100 Mbps with two pairs and up to 1000 Mbps with four pairs
• Category 6 UTP Improved support for speeds up to 10 Gbps
• Category 6a UTP Extends the length of 10-Gbps communication to the full 100 meters commonly associated with UTP cabling
• Category 7 UTP A standard (unrecognized by TIA) for UTP wiring with support for 10+ Gbps.
untrusted user An account that has been granted no administrative powers.
uplink port Port on a switch that enables you to connect two switches together using a straight-through cable.
upload The transfer of information from a user’s system to a remote computer system. Opposite of download.
UPS See uninterruptible power supply (UPS).
URL See uniform resource locator (URL).
user Anyone who uses a computer. You.
user account A record on a network server used to save information that identifies a user to the application, operating system, or network, including name, password, username, groups to which the user belongs, and other information based on the user and the OS or NOS being used. Usually defines the rights and roles a user has on a system.
User Datagram Protocol (UDP) Connectionless protocol in the TCP/IP suite. Has less overhead and better performance than TCP, but also a higher risk of errors. Fire-and-forget UDP datagrams do a lot of important behind-the-scenes work in a TCP/IP network.
user profile A collection of settings that corresponds to a specific user account and may follow the user, regardless of the computer at which he or she logs on. These settings enable the user to have customized environment and security settings.
user-level security A security system in which each user has an account, and access to resources is based on user identity.
UTP coupler A simple, passive, double-ended connector with female connectors on both ends. UTP couplers are used to connect two UTP cable segments together to achieve longer length when it is deemed unnecessary or inappropriate to use a single, long cable.
variable (SNMP) Value of an SNMP management information base (MIB) object. That value can be read with a Get PDU or changed with a Set PDU.
variable-length subnet masking (VLSM) See Classless Inter-Domain Routing (CIDR).
vertical cross-connect Main patch panel in a telecommunications room. See also patch panel.
very-high-bit-rate DSL (VDSL) The latest form of DSL with download and upload speeds of up to 100 Mbps. VDSL was designed to run on copper phone lines, but many VDSL suppliers use fiber-optic cabling to increase effective distances.
video surveillance Security measures that use remotely monitored visual systems that include IP cameras and closed-circuit televisions (CCTVs).
video teleconferencing (VTC) The classic, multicast-based presentation where one presenter pushes out a stream of video to any number of properly configured and properly authorized multicast clients.
virtual desktop infrastructure (VDI) Technologies that use virtual machines to provide and manage virtual desktops. VDI can provide benefits like flexible management when the desktop VMs are centralized on a smaller number of servers.
virtual disk Block-level storage provided via a storage area network (SAN) that functions for the client computer as a physical, directly attached hard drive.
virtual firewall A firewall that is implemented in software within a virtual machine in cases where it would be difficult, costly, or impossible to install a traditional physical firewall.
virtual IP (VIP) address A single IP address shared by multiple systems. This is commonly the single IP address assigned to a home or organization that uses NAT to have multiple IP stations on the private side of the NAT router. Virtual IP addresses are also used by First Hop Redundancy Protocol (FHRP).
virtual local area network (VLAN) A common feature among managed switches that enables a single switch to support multiple Layer 2 broadcast domains and provide isolation between hosts on different VLANs. Critical for modern network performance and security.
virtual machine (VM) A virtual computer accessed through a class of programs called a hypervisor or virtual machine monitor. A virtual machine runs inside your actual operating system, essentially enabling you to run two or more operating systems at once.
virtual machine monitor (VMM) See hypervisor.
Virtual Network Computing (VNC) A remote access program and protocol.
virtual network interface card (vNIC) Software-based NIC that functions identically to a physical NIC and uses a software connection to pass traffic from the real NIC to the virtual one.
virtual PBX Software that functionally replaces a physical PBX telephone system.
virtual private network (VPN) A network configuration that enables a remote user to access a private network via the Internet. VPNs employ an encryption methodology called tunneling, which protects the data from interception.
virtual router A router that is implemented in software within a virtual machine. The scalability of a virtual machine makes it easy to add capacity to the router when it is needed. Virtual routers are easily managed and are highly scalable without requiring the purchase of additional network hardware.
Virtual Router Redundancy Protocol (VRRP) Open standard FHRP that provides high availability by taking multiple routers and grouping them together into a single virtual router with a single virtual IP address that clients use as a default gateway. See First Hop Redundancy Protocol (FHRP).
virtual switch Software that performs Layer 2 switching within a hypervisor and enables virtual machines (VMs) to communicate with each other without going outside of the host system.
virtualization Generally, the process of running software (called a hypervisor) on a host computer to create a virtual machine (VM) that models (virtualizes) the hardware you’d find on a physical computer. Also, a pattern that involves replacing existing components with software (virtual) versions that are roughly indistinguishable to any programs, devices, or users that interact with them.
virtualized network functions (VNFs) Network functions such as firewalls, load balancers, and routers that are run using network function virtualization infrastructure (NFVI).
virtualized network function components (VNFCs) Virtual machines (or containers) that can be interconnected to work collectively as a VNF, such as a VPN concentrator or firewall.
virus A program that can make a copy of itself on a system without the user being aware of it. All viruses carry some payload that may or may not do something malicious. Computer viruses generally require a host file or program to run.
virus definition or data files Enables the virus protection software to recognize the viruses on your system and clean them. These files should be updated often. Also called signature files, depending on the virus protection software in use.
virus shield Anti-malware program that passively monitors a computer’s activity, checking for viruses only when certain events occur, such as a program executing or a file being downloaded.
VLAN hopping A Layer 2 attack that enables an attacker to access hosts on a VLAN the attacker is not a part of. Traditionally this attack used switch spoofing or double tagging.
VLAN pooling A method to load-balance wireless network clients associated with a single SSID. Distributes clients across many VLANs to avoid excessive levels of broadcast traffic.
VLAN Trunking Protocol (VTP) Cisco proprietary protocol to automate the process of syncing VLANs across switches.
Voice over IP (VoIP) Using an IP network to conduct voice calls.
VoIP gateway Interface between a traditional switched telephone network and a VoIP service provider.
VoIP PBX A private branch exchange that uses VoIP instead of the traditional switched telephone circuits.
volt (V) Unit of measurement for voltage.
voltage The pressure of the electrons passing through a wire.
voltage event recorder Tracks voltage over time by plugging into a power outlet. Also known as a voltage quality recorder.
VPN concentrator A server program that supports many VPN connections (L2TP, SSL VPN, etc.). Typically part of a VPN-capable router.
VPN tunnel A connection over the Internet between a client and a server; the VPN tunnel enables the client to access remote resources as if they were local, securely.
vulnerability A potential weakness in an infrastructure that a threat actor might exploit.
vulnerability management The ongoing process of identifying vulnerabilities and dealing with them.
vulnerability scanner A tool that scans a network for potential attack vectors.
WAN (wide area network) A geographically dispersed network created by linking various computers and LANs over long distances, generally using leased phone lines. There is no firm dividing line between a WAN and a LAN.
warm site Facility with all of the physical resources, computers, and network infrastructure to recover from a primary site disaster. A warm site does not have current backup data and it may take a day or more to recover and install backups before business operations can recommence.
wattage (watts or W) The amount of amps and volts needed by a particular device to function.
wavelength In the context of laser pulses, the distance the signal has to travel before it completes its cyclical oscillation and starts to repeat. Measured in nanometers, wavelength can be loosely associated with colors.
Web server A server that speaks the HTTP protocol, often secured with TLS. Historically used to deliver only HTML Web sites, has since became the backbone for almost all network-based apps.
Web services Applications and processes that can be accessed over a network, rather than being accessed locally on the client machine. Web services include things such as Web-based e-mail, network-shareable documents, spreadsheets and databases, and many other types of cloud-based applications.
well-known port numbers Port numbers from 0 to 1023 that are used primarily by client applications to talk to server applications in TCP/IP networks.
wide area network (WAN) See WAN (wide area network).
Wi-Fi 4 See 802.11n.
Wi-Fi 5 See 802.11ac.
Wi-Fi 6 See 802.11ax.
Wi-Fi The most widely adopted wireless networking type in use today. Technically, only wireless devices that conform to the extended versions of the 802.11 standard—802.11a, b, g, n, ac, and ax—are Wi-Fi certified.
Wi-Fi analyzer See wireless analyzer.
Wi-Fi Protected Access (WPA) A wireless security protocol that addresses weaknesses and acts as an upgrade to WEP. WPA offers security enhancements such as dynamic encryption key generation (keys are issued on a per-user and per-session basis), an encryption key integrity-checking feature, user authentication through the industry-standard Extensible Authentication Protocol (EAP), and other advanced features that WEP lacks. WPA has been replaced by the more secure WPA2.
Wi-Fi Protected Access 2 (WPA2) Consumer name for the IEEE 802.11i standard and the replacement for the WPA protocol. It uses the Advanced Encryption Standard algorithm, making it much harder to crack than its predecessor.
Wi-Fi Protected Access 3 (WPA3) Wireless encryption standard that is replacing WPA2. Uses Simultaneous Authentication of Equals (SAE), a key exchange based on Diffie-Hellman that generates unique encryption keys between each client and WAP.
Wi-Fi Protected Setup (WPS) Automated and semi-automated process to connect a wireless device to a WAP. The process can be as simple as pressing a button on the device or pressing the button and then entering a PIN code. WPS is particularly vulnerable to brute force attacks.
Windows Defender Firewall The firewall that has been included in Windows operating systems since Windows XP SP2; originally named Internet Connection Firewall (ICF) but renamed in subsequent versions of Windows.
Windows domain A group of computers controlled by a computer running a Windows Server operating system with the Active Directory Domain Controller role installed.
wire map A test for copper cables that checks not only for continuity but also that all the wires on both ends of the cable connect to the right spot. A wire map will also pick up shorts and crossed wires.
wire scheme See wiring diagram.
Wired Equivalent Privacy (WEP) An early wireless security protocol for Wi-Fi that uses the RC4 encryption algorithm. No longer used due to major security vulnerabilities.
wired/wireless considerations The planning of structured cabling, determining any wireless requirements, and planning access to the Internet when building or upgrading networks.
wireless access point (WAP) Connects wireless network nodes to wireless or wired networks. Many WAPs are combination devices that act as high-speed hubs, switches, bridges, and routers, all rolled into one.
wireless analyzer Any device that finds and documents all wireless networks in the area. Also known as a Wi-Fi analyzer.
wireless bridge Device used to connect two wireless network segments together, or to join wireless and wired networks together in the same way that wired bridge devices do.
wireless controller Central controlling device for thin client WAPs.
wireless LAN (WLAN) A complete wireless network infrastructure serving a single physical locale under a single administration.
wireless network See Wi-Fi.
wireless survey tool A tool used to discover wireless networks in an area; it also notes signal interferences.
Wireshark A popular packet sniffer.
wiring diagram A document, also known as a wiring schematic, that usually consists of multiple pages and that shows the following: how the wires in a network connect to switches and other nodes, what types of cables are used, and how patch panels are configured. It usually includes details about each cable run.
wiring schematic See wiring diagram.
work area In a basic structured cabling network, often simply an office or cubicle that potentially contains a PC attached to the network.
Workgroup A convenient method of organizing computers under Network/My Network Places in Windows operating systems.
workstation Computer that a person physically uses to accomplish their work. Often a general computer, but workstations for some occupations need specialized hardware. Traditionally, workstations were stationary computers that were small and cheap enough for it to be practical to set one up at an employee’s physical workstation (in contrast to shared mini/mainframe computers that took up one or more server racks).
worm A form of malware. Unlike a classic virus, a worm does not infect other files on the computer. Instead, it autonomously replicates by infecting systems over a network by taking advantage of security weaknesses in networking protocols.
WPA See Wi-Fi Protected Access (WPA).
WPA2 See Wi-Fi Protected Access 2 (WPA2).
WPA2-Enterprise A version of WPA2 that uses a RADIUS server for authentication.
WPA3 See Wi-Fi Protected Access 3 (WPA3).
WPS See Wi-Fi Protected Setup (WPS).
WWW (World Wide Web) A vast network of servers and clients communicating through the Hypertext Transfer Protocol (HTTP). Commonly accessed using graphical Web-browsing software such as Mozilla Firefox and Google Chrome.
XOR (eXclusive OR) An operation commonly used in cryptography. XOR takes two input bits and outputs one bit. If the input bits are the same, the output is 0, while if they are different, the output is 1.
Yost cable Cable used to interface with a Cisco device.
zero-configuration networking (zeroconf) Automatically generated IP addresses in the 168.254.0.0/16 subnet when a DHCP server is unreachable.
zero-day attack New attack that exploits a vulnerability that has yet to be identified.
zero trust A cybersecurity paradigm focused on resource protection and the premise that trust is never granted implicitly but must be continually evaluated.
Zigbee Wireless home automation control standard.
zombie A single computer under the control of an operator that is used in a botnet attack. See also botnet.
Z-Wave Wireless home automation control standard.