Comprehensive N008 Network+ Acronyms

DNS

(Domain Name System) The Internet's system for converting alphabetic names into numeric IP addresses.

MT-RJ

- Mechanical Transfer Register Jack. - A fiber optic cable connector that is very popular for small form factor devices due to its small size. - Smallest connector

MIMO

- Multiple-input multiple-output - Multiple transmit and receive antennas 802.11n uses

NAT

- Network Address Translation (NAT), dynamic routing. conserves IP addresses by enabling private IP networks using unregistered IP addresses to go online.

NGFW

A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software. It is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.

PDU

A protocol data unit (PDU) is an open-system interconnection (OSI) term used in telecommunications that refers to a group of information added or removed by a layer of the OSI model

AUP

Acceptable Use Policy What is acceptable use of company assets? - Detailed documentation - May be documented in the Rules of Behavior • Covers many topics - Internet use, telephones, computers, mobile devices, etc. • Used by an organization to limit legal liability - If someone is dismissed, these are the well-documented reasons why

ACL

Access Control List Allow or disallow traffic based on - Groupings of categories - Source IP, Destination IP, port number, time of day, application, etc

AP

Access Point Not a wireless router - A wireless router is a router and an access point in a single device • An access point is a bridge - Extends the wired network onto the wireless network - OSI layer 2 device

ARP

Address Resolution Protocol the protocol used to associate the IP address to a MAC address. When a host wants to send a packet to another host, say IP address 10.5. 5.1, on its local area network (LAN), it first sends out (broadcasts) an ARP packet

AES

Advanced Encryption Standard - Symmetric block cipher chosen by the U.S. government to protect classified information

OTDR

An Optical Time Domain Reflectometer (OTDR) is a device that tests the integrity of a fiber cable and is used for the building, certifying, maintaining, and troubleshooting fiber optic systems.

APC

Angled Physical Contact (Angle-Polished Connectors) Ferrule end-face radius polished at an eight degree angle - Lower return loss, generally higher insertion loss than UPC (Fiber)

AH

Authentication Header Data integrity • Origin authentication • Replay attack protection • Keyed-hash mechanism • No confidentiality/encryption

AAAA

Authentication, Authorization, Accounting and Address - is another type of DNS Record that points a domain or subdomain to an IPv6 address, so that when someone types that domain or subdomain in the address bar, the browser knows where to go.

APIPA

Automatic Private Internet Protocol Addressing • A link-local address - No forwarding by routers • IETF has reserved 169.254.0.1 - through 169.254.255.254 - First and last 256 addresses are reserved - Functional block of 169.254.1.0 through 169.254.254.255

BGP

Border Gateway Protocol Determines route based on paths, network policies, or configured rule-sets

BYOD

Bring Your Own Device • Bring Your Own Device or Bring Your Own Technology • Employee owns the device - Need to meet the company's requirements • Difficult to secure - It's both a home device and a work device - How is data protected? - What happens to the data when a device is sold or traded in?

BNC

British Naval Connector/Bayonet Neill-Concelman

CAN

Campus Area Network Corporate Area Network • Limited geographical area - A group of buildings • LAN technologies - Fiber connected, high speed Ethernet • Your fiber in the ground - No third-party provider

CNAME

Canonical Name A name is an alias of another, canonical name - One physical server, multiple services

CSMA/CA

Carrier-Sense Multiple Access with Collision Avoidance

CSMA/CD

Carrier-Sense Multiple Access with Collision Detection Listen for an opening - Don't transmit if the network is already busy • Send a frame of data - You send data whenever you can - There's no queue or prioritization • If a collision occurs - Transmit a jam signal to let everyone know a collision has occurred - Wait a random amount of time, then retry

CSU

Channel Service Unit is a hardware device about the size of an external modem that converts a digital data frame from the communications technology used on a local area network (LAN) into a frame appropriate to a wide-area network (WAN) and vice versa. For example, if you have a Web business from your own home and have leased a digital line (perhaps a T-1 or fractional T-1 line) to a phone company or a gateway at an Internet service provider, you have a CSU/DSU at your end and the phone company or gateway host has a CSU/DSU at its end.

CIDR

Classless Inter-Domain Routing a method of assigning Internet Protocol (IP) addresses that improves the efficiency of address distribution and replaces the previous system based on Class A, Class B and Class C networks.

CWDM

Coarse Wavelength Division Multiplexing 10GBASE-LX4 uses four 3.125 Gbit/sec carriers at four different wavelengths

CDMA

Code Division Multiple Access - Everyone communicates at the same time - Each call uses a different code - The codes are used to filter each call on the receiving side • Used by Verizon and Sprint - Handsets are controlled by the network provider - Not much adoption elsewhere. CDMA (Code-Division Multiple Access) refers to any of several protocols used in second-generation (2G) and third-generation (3G) wireless communications. As the term implies, CDMA is a form of multiplexing, which allows numerous signals to occupy a single transmission channel, optimizing the use of available bandwidth.

CLI

Command-Line Interface Study command line tools

CVE

Common Vulnerabilities and Exposures A community managed list of vulnerabilities - Sponsored by the U.S. Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA)

CIA

Confidentiality, Integrity, and Availability Combination of principles - The fundamentals of security • Confidentiality - Prevent disclosure of information to unauthorized individuals or systems • Integrity - Messages can't be modified without detection • Availability - Systems and networks must be up and running

CAM

Content Addressable Memory (table) a system memory construct used by Ethernet switch logic which stores information such as MAC addresses available on physical ports with their associated VLAN Parameters. Switch table

CRC

Cyclic Redundancy Check Error indicates when data is corrupted. Calculating from all data, CRC validates packets of information sent by devices and verifies it against the data extracted, ensuring its accuracy.

DLP

Data Loss Prevention • Where's your data? - Social Security numbers, credit card numbers, medical records • Detailed policies needed to define what is allowed - How is sensitive data transferred? - Is the data encrypted? How? • DLP solutions can watch and alert on policy violations - Often requires multiple solutions in different places

DSU

Data Service Unit is a hardware device about the size of an external modem that converts digital data frames from the communications technology used on a local area network (LAN) into frames appropriate to a wide-area network (WAN) and vice versa.

DoS

Denial-of-Service Attack meant to shut down a machine or a network

DWDM

Dense Wavelength Division Multiplexing Multiplex multiple OC carriers into a single fiber - Add 160 signals, increase to 1.6 Tbit/s

DaaS

Desktop as a Service Basic application usage - Applications actually run on a remote server - Virtual Desktop Infrastructure (VDI), Desktop as a Service (DaaS) - Local device is a keyboard, mouse, and screen. • Minimal operating system on the client - No huge memory or CPU needs • Network connectivity - Big network requirement - Everything happens across the wire

DSL

Digital Subscriber Line ADSL (Asymmetric Digital Subscriber Line) - Uses telephone lines • Download speed is faster than the upload speed (asymmetric) - ~10,000 foot limitation from the central office (CO) - 200 Mbit/s downstream / 20 Mbit/s upstream are common - Faster speeds may be possible if closer to the CO

DDoS

Distributed Denial-of-Service Botnet attack

DHCP

Dynamic Host Configuration Protocol IPv4 address configuration used to be manual - IP address, subnet mask, gateway, DNS servers, NTP servers, etc. • Dynamic Host Configuration Protocol - Provides automatic addresses and IP configuration for almost all devices

EIRP

Effective Isotropic Radiated Power the total radiated power from a transmitter antenna times the numerical directivity of the antenna in the direction of the receiver, or the power delivered to the antenna times the antenna numerical gain.

EIA

Electronic Industries Association • ANSI/TIA/EIA 606 - Administration Standard for the Telecommunications - Infrastructure of Commercial Buildings • Presentation of information - Reports, drawings, work orders • Pathway, space, grounding - Identifiers, Labeling • Cables - Identifiers, labels, color coding, bar coding

ESP

Encapsulating Security Payload Data confidentiality (encryption) • Limited traffic flow confidentiality • Data integrity • Anti-replay protection

EIGRP

Enhanced Interior Gateway Routing Protocol is a network protocol that enables routers to exchange information more efficiently than earlier network protocols, such as Interior Gateway Routing Protocol (IGRP) or Border Gateway Protocol (BGP).

EUI

Extended Unique Identifier allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the world of IPv4.

FCoE

Fibre Channel over Ethernet a method of supporting converged Fibre Channel (FC) and Ethernet traffic on a data center bridging (DCB) network. FCoE encapsulates unmodified FC frames in Ethernet to transport the FC frames over a physical Ethernet network.

FTP

File Transfer Protocol tcp/20 (active mode data), tcp/21 (control) - Transfers files between systems - Authenticates with a username and password - Full-featured functionality (list, add, delete, etc.)

FHRP

First Hop Redundancy Protocol - Your computer is configured with a single default gateway - We need a way to provide availability if the default gateway fails

GRE

Generic Routing Encapsulation - The "tunnel" between two endpoints • Encapsulate traffic inside of IP - Two endpoints appear to be directly connected to each other - No built-in encryption

GBIC

Gigabit Interface Converter a transceiver that converts electric currents (digital highs and lows) to optical signals, and optical signals to digital electric currents.

GSM

Global System for Mobile Communications

HA

High Availability

ICS

Industrial Control System command and control networks and systems designed to support industrial processes. The largest subgroup of ICS is SCADA

IaaS

Infrastructure as a Service Sometimes called Hardware as a Service (HaaS) - Outsource your equipment • You're still responsible for the management - And for the security • Your data is out there, but more within your control • Web server providers

IDF

Intermediate Distribution Frame Extension of the MDF - A strategic distribution point • Connects the users to the network - Uplinks from the MDF - Workgroup switches - Other local resources • Common in medium to large organizations - Users are geographically diverse

ICMP

Internet Control Message Protocol - "Text messaging" for your network devices • Another protocol carried by IP - Not used for data transfer • Devices can request and reply to administrative requests - Hey, are you there? / Yes, I'm right here. • Devices can send messages when things don't go well - That network you're trying to reach is not reachable from here - Your time-to-live expired, just letting you know

IGMP

Internet Group Management Protocol - Hosts and routers use IGMP to direct multicast transmissions

IMAP

Internet Message Access Protocol v4 - tcp/143 - Manage email inbox from multiple clients

IPSec

Internet Protocol Security Security for OSI Layer 3 - Authentication and encryption for every packet • Confidentiality and integrity/anti-replay - Encryption and packet signing • Very standardized - Common to use multi-vendor implementations • Two core IPSec protocols - Authentication Header (AH) - Encapsulation Security Payload (ESP)

IPv4

Internet Protocol version 4

IPv6

Internet Protocol version 6

ISP

Internet Service Provider

iSCSI

Internet Small Computer Systems Interface Internet Small Computer Systems Interface - Send SCSI commands over an IP network - Created by IBM and Cisco, now an RFC standard • Makes a remote disk look and operate like a local disk - Like Fibre Channel • Can be managed quite well in software - Drivers available for many operating systems - No proprietary topologies or hardware needed

IDS

Intrusion Detection System • Intrusions - Exploits against operating systems, applications, etc. - Buffer overflows, cross-site scripting, other vulnerabilities • Detection vs. Prevention - Detection - Alarm or alert - Prevention - Stop it before it gets into the network

IPS

Intrusion Prevention System • Intrusions - Exploits against operating systems, applications, etc. - Buffer overflows, cross-site scripting, other vulnerabilities • Detection vs. Prevention - Detection - Alarm or alert - Prevention - Stop it before it gets into the network

MPLS

Learning from ATM and Frame Relay • Packets through the WAN have a label - Routing decisions are easy • Any transport medium, any protocol inside - IP packets, ATM cells, Ethernet frames - OSI layer 2.5 (!) • Increasingly common WAN technology - Ready-to-network

LED

Light-Emitting Diode

LDAP

Lightweight Directory Access Protocol Protocol for reading and writing directories over an IP network - An organized set of records, like a phone directory • X.500 specification was written by the International Telecommunications Union (ITU) - They know directories! • DAP ran on the OSI protocol stack - LDAP is lightweight, and uses TCP/IP (tcp/389 and udp/389) • LDAP is the protocol used to query and update an X.500 directory - Used in Windows Active Directory, Apple OpenDirectory, OpenLDAP, etc. • Hierarchical structure - Builds a tree • Container objects - Country, organization, organizational units • Leaf objects - Users, computers, printers, files

LDAPS

Lightweight Directory Access Protocol (over SSL) - A non-standard implementation of LDAP over SSL - Still in use today

LACP

Link Aggregation Control Protocol is a standards-based method to control the bundling of several physical network links together to form a logical channel for increased bandwidth and redundancy purposes.

LAN

Local Area Network

LC

Local Connector a small form factor (SFF) connector, which is designed to join LC fibers where a connection or disconnection is required.

LTE

Long-Term Evolution 4G

MX

Mail exchanger record (MX) • Determines the host name for the mail server - this isn't an IP address; it's a name

MDF

Main Distribution Frame Central point of the network - Usually in a data center • Termination point for WAN links - Connects the inside to the outside • Good test point - Test in both directions • This is often the data center - The central point for data

MIB

Management Information Base is a Simple Network Management Protocol (SNMP) flat-file, nonrelational database that describes devices being monitored. Network management platforms monitor nodes by reading the value of the managed resources in the MIB.

MAC

Media Access Control/Medium Access Control a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment.

MDIX

Medium Dependent Interface Crossover is a type of Ethernet port connection that uses twisted-pair cabling to link two networked devices.

MOU

Memorandum of Understanding (MOU) - Both sides agree on the contents of the memorandum - Usually includes statements of confidentiality - Informal letter of intent; not a signed contract

MAN

Metropolitan Area Network

MU-MIMO

Multi-User MIMO used by 802.11ac and 802.11ax

mGRE

Multipoint Generic Routing Encapsulation Multipoint Generic Router Encapsulation - Used extensively for Dynamic Multipoint VPN (DMVPN) - Common on Cisco routers • Your VPN builds itself - Remote sites communicate to each other • Tunnels are built dynamically, on-demand - A dynamic mesh

NAC

Network Access Control (NAC) • IEEE 802.1X - Port-based Network Access Control (NAC) - You don't get access until you authenticate • We're talking about physical interfaces - Not TCP or UDP ports • Makes extensive use of EAP and RADIUS - Extensible Authentication Protocol / Remote Authentication Dial In User Service • Administrative enable/disable - Disable your unused ports • Duplicate MAC address checking - Stop the spoofers

NS

Network Simulator (NS) is simply a discrete event-driven network simulation tool for studying the dynamic nature of communication networks. Network Simulator 2 (NS2) provides substantial support for simulation of different protocols over wired and wireless networks.

NFV

Network function virtualization (NFV) • Replace physical network devices with virtual versions - Manage from the hypervisor • Same functionality as a physical device - Routing, switching, load balancing, firewalls, etc. • Quickly and easily deploy network functions - Click and deploy from the hypervisor • Many different deployment options - Virtual machine, container, fault tolerance, etc.

NDA

Non-disclosure agreement (NDA) • Confidentiality agreement between parties - Information in the agreement should not be disclosed • Protects confidential information - Trade secrets, business activities - Anything else listed in the NDA • Unilateral or bilateral (or multilateral) - One-way NDA or mutual NDA • Formal contract - Signatures are usually required

OID

OIDs stands for Object Identifiers. OIDs uniquely identify managed objects in a MIB hierarchy. This can be depicted as a tree, the levels of which are assigned by different organizations.

OSPF

Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol

PAN

Personal Area Network

PAT

Port Address Translation (PAT) is an extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses.

PoE

Power over Ethernet (PoE) is technology that passes electric power over twisted-pair Ethernet cable to powered devices (PD), such as wireless access points, IP cameras, and VoIP phones in addition to the data that cable usually carries.

NTD

The Network Termination Device (NTD) or NBN Connection Box has several ports on the bottom to deliver telephone (if included in your plan) and internet services.

NIC

The network interface card (NIC) or network card is the hardware device most essential to establishing communication between computers.

PaaS

is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.

MTU

maximum transmission unit - The largest data unit a network (for example, Ethernet or token ring) will accept for transmission.

EAP

• Extensible Authentication Protocol (EAP) - An authentication framework • Many different ways to authenticate based on RFC standards - Manufacturers can build their own EAP methods • EAP integrates with 802.1X - Prevents access to the network until the authentication succeeds

MTBF

• Mean time between failures (MTBF) - Predict the time between outages

MTTR

• Mean time to repair (MTTR) - Time required to fix the issue

NAS

• Network Attached Storage (NAS) - Connect to a shared storage device across the network - File-level access