Networking
1 kilobit per second (Kbps)
1000 bits per second.
1 megabit per second (Mbps)
1000000 bits per second.
1 gigabit per second (Gbps)
1000000000 bits per second.
1 terabit per second (Tbps)
1000000000000 bits per second.
local collision
A collision that occurs when two or more stations are transmitting simultaneously. Excessively high collision rates within the network can usually be traced to cable or routing problems.
security token
A device or piece of software used for authentication that stores or generates information-such as a series of numbers or letters-known only to its authorized user.
multiplexer
A device that separates a medium into multiple channels and issues signals to each of those subchannels.
demultiplexer (demux)
A device that separates multiplexed signals once they are received and regenerates them in their original form.
link aggregation
A fault-tolerance technique in which multiple ports or interfaces are bonded and work in tandem to create one logical interface. Link aggregation can also improve performance and allow for load balancing.
mirroring
A fault-tolerance technique in which one component or device duplicates the activity of another.
network
A group of computers and other devices (such as printers) that are connected by and can exchange data via some type of transmission media-such as a cable-a wire-or the atmosphere.
domain
A group of computers that belong to the same organization and have part of their IP addresses in common.
daisy chain
A group of connectivity devices linked together in a serial fashion.
array
A group of hard disks.
zipcord cable
A relatively short fiber-optic cable in which two strands are arranged side by side in conjoined jackets-enabling full-duplex communication.
patch cable
A relatively short section (usually between 3 and 25 feet) of cabling with connectors on both ends.
API (application programming interface)
A set of routines that make up part of a software application.
authentication protocol
A set of rules that governs how servers authenticate clients. Several types of authentication protocols exist.
SS7 (Signaling System 7)
A set of standards established by the ITU for handling call signaling on the PSTN (Public Switched Telephone Network).
ANDing
A logical process of combining bits. In ANDing-a bit with a value of 1 plus another bit with a value of 1 results in a 1. A bit with a value of 0 plus any other bit results in a 0.
modal bandwidth
A measure of the highest frequency of signal a multimode fiber-optic cable can support over a specific distance. Modal bandwidth is measured in MHz-km.
store-and-forward mode
A method of switching in which a switch reads the entire data frame into its memory and checks it for accuracy before transmitting it. Although this method is more time consuming than the cut-through method-it allows store-and-forward switches to transmit data more accurately.
tone locator
A small electronic device that emits a tone when it detects electrical activity on a wire pair. When used in conjunction with a tone generator-it can help locate the termination of a wire pair.
tone generator
A small electronic device that issues a signal on a wire pair. When used in conjunction with a tone locator-it can help locate the termination of a wire pair.
proxy service
A software application on a network host that acts as an intermediary between the external and internal networks-screening all incoming and outgoing traffic and providing one address to the outside world-instead of revealing the addresses of internal LAN devices.
serial
A style of data transmission in which the pulses that represent bits follow one another along a single transmission line. In other words-they are issued sequentially-not simultaneously.
spectrum analyzer
A tool that assesses the characteristics (for example-frequency-amplitude-and the effects of interference) of wireless signals.
country code TLD
A top-level domain that corresponds to a country. For example-the country code TLD for Canada is .ca-and the country code TLD for Japan is .jp.
bus topology
A topology in which a single cable connects all nodes on a network without intervening connectivity devices.
active topology
A topology in which each workstation participates in transmitting data over the network. A ring topology is considered an active topology.
straight-through cable
A twisted pair patch cable in which the wire terminations in both connectors follow the same scheme.
active scanning
A method used by wireless stations to detect the presence of an access point. In active scanning-the station issues a probe to each channel in its frequency range and waits for the access point to respond.
video over IP
Any type of video service-including IPTV-videoconferencing-and streaming video-that delivers video signals over packet-switched networks using the TCP/IP protocol suite.
Bonjour
Apple's implementation of the Zeroconf group of protocols.
VTP (VLAN trunking protocol)
Cisco's protocol for exchanging VLAN information over trunks. VTP allows one switch on a network to centrally manage all VLANs.
dial-up
A type of connection in which a user connects to a distant network from a computer and stays connected for a finite period of time. Most of the time-the term dial-up refers to a connection that uses a PSTN line.
DB-25 connector
A type of connector with 25 pins that's commonly used in serial communication that conforms to the RS-232 standard.
DB-9 connector
A type of connector with nine pins that's commonly used in serial communication that conforms to the RS-232 standard.
asymmetric encryption
A type of encryption (such as public key encryption) that uses a different key for encoding data than is used for decoding the ciphertext.
MMF (multimode fiber)
A type of fiber-optic cable that contains a core with a diameter between 50 and 100 microns-through which many pulses of light generated by a lightemitting diode (LED) travel at different angles.
SMF (single-mode fiber)
A type of fiber-optic cable with a narrow core that carries light pulses along a single path data from one end of the cable to the other end. Data can be transmitted faster and for longer distances on single-mode fiber than on multimode fiber. However-single-mode fiber is more expensive.
cross talk
A type of interference caused by signals traveling on nearby wire pairs infringing on another pair's signal.
EMI (electromagnetic interference)
A type of interference that may be caused by motors-power lines-televisions-copiers-fluorescent lights-or other sources of electrical activity.
NIDS (network-based intrusion detection)
A type of intrusion detection that occurs on devices that are situated at the edge of the network or that handle aggregated traffic.
HIDS (host-based intrusion detection)
A type of intrusion detection that runs on a single computer-such as a client or server-that has access to and allows access from the Internet.
NIPS (network-based intrusion prevention)
A type of intrusion prevention that occurs on devices that are situated at the edge of the network or that handle aggregated traffic.
HIPS (host-based intrusion prevention)
A type of intrusion prevention that runs on a single computer-such as a client or server-that has access to and allows access from the Internet.
private key encryption
A type of key encryption in which the sender and receiver use a key to which only they have access. DES (Data Encryption Standard)-which was developed by IBM in the 1970s-is a popular example of a private key encryption technique. Private key encryption is also known as symmetric encryption.
NIC teaming
A type of link aggregation in which two or more NICs work in tandem to handle traffic to and from a single node.
optical media
A type of media capable of storing digitized data-which uses a laser to write data to it and read data from it.
FDM (frequency division multiplexing)
A type of multiplexing that assigns a unique frequency band to each communications subchannel. Signals are modulated with different carrier frequencies-then multiplexed to simultaneously travel over a single channel.
dual-stack
A type of network that supports both IPv4 and IPv6 traffic.
video phone
A type of phone that includes a screen and can decode compressed video and interpret transport and signaling protocols necessary for conducting videoconference sessions.
link-state
A type of routing protocol that enables routers across a network to share information-after which each router can independently map the network and determine the best path between itself and a packet's destination node.
wireless
A type of signal made of electromagnetic energy that travels through the air.
circuit switching
A type of switching in which a connection is established between two network nodes before they begin transmitting data. Bandwidth is dedicated to this connection and remains available until users terminate the communication between the two nodes.
packet switching
A type of switching in which data are broken into packets before being transported. In packet switching-packets can travel any path on the network to their destination because each packet contains a destination address and sequencing information.
MPLS (multiprotocol label switching)
A type of switching that enables any one of several Layer 2 protocols to carry multiple types of Layer 3 protocols. One of its benefits is the ability to use packet-switched technologies over traditionally circuit-switched networks. MPLS can also create end-to-end paths that act like circuit-switched connections.
full-duplex
A type of transmission in which signals may travel in both directions over a medium simultaneously. May also be called-simply-"duplex."
half-duplex
A type of transmission in which signals may travel in both directions over a medium-but in only one direction at a time.
simplex
A type of transmission in which signals may travel in only one direction over a medium.
heuristic scanning
A type of virus scanning that attempts to identify viruses by discovering viruslike behavior.
polymorphic virus
A type of virus that changes its characteristics (such as the arrangement of its bytes-size-and internal instructions) every time it is transferred to a new system-making it harder to identify.
stealth virus
A type of virus that hides itself to prevent detection. Typically-stealth viruses disguise themselves as legitimate programs or replace part of a legitimate program's code with their destructive code.
ad hoc
A type of wireless LAN in which stations communicate directly with each other (rather than using an access point).
fixed
A type of wireless system in which the locations of the transmitter and receiver are static. In a fixed connection-the transmitting antenna focuses its energy directly toward the receiving antenna. This results in a point-to-point link.
mobile
A type of wireless system in which the receiver can be located anywhere within the transmitter's range. This allows the receiver to roam from one place to another while continuing to pick up its signal.
spread spectrum
A type of wireless transmission in which lower-level signals are distributed over several frequencies simultaneously. Spread-spectrum transmission is more secure than narrowband.
narrowband
A type of wireless transmission in which signals travel over a single frequency or within a specified frequency range.
SSID (service set identifier)
A unique character string used to identify an access point on an 802.11 network.
network address
A unique identifying number for a network node that follows a hierarchical addressing scheme and can be assigned through operating system software. Network addresses are added to data packets and interpreted by protocols at the Network layer of the OSI model.
extension identifier
A unique set of characters assigned to each NIC by its manufacturer. In the traditional-48-bit physical addressing scheme-the extension identifier is 24 bits long. In EUI-64-the extension identifier is 40 bits long.
PDU (protocol data unit)
A unit of data at any layer of the OSI model.
segment
A unit of data that results from subdividing a larger protocol data unit.
credentials
A user's unique identifying characteristics that enable him to authenticate with a server and gain access to network resources. The most common credentials are a username and a password.
route
A utility for viewing or modifying a host's routing table.
Format Prefix
A variable-length field at the beginning of an IPv6 address that indicates what type of address it is (for example-unicast-anycast-or multicast).
fading
A variation in a wireless signal's strength as a result of some of the electromagnetic energy being scattered-reflected-or diffracted after being issued by the transmitter.
ADSL (Asymmetric DSL)
A variation of DSL that offers more throughput when data ravel downstream-downloading from a local carrier's switching facility to the customer-than when data travel upstream-uploading from the customer to the local carrier's switching facility.
symmetrical DSL
A variation of DSL that provides equal throughput both upstream and downstream between the customer and the carrier.
10GBase-EW
A variation of the 10GBase-ER standard that is specially encoded to operate over SONET links.
10GBase-LW
A variation of the 10GBase-LR standard that is specially encoded to operate over SONET links.
10GBase-SW
A variation of the 10GBase-SR standard that is specially encoded to operate over SONET links.
BRI (Basic Rate Interface)
A variety of ISDN that uses two 64-Kbps bearer channels and one 16-Kbps data channel-as summarized by the notation 2B+D. BRI is the most common form of ISDN employed by home users.
Vmware
A vendor that supplies the most popular types of workstation and server virtualization software. Used casually-the term VMware may also refer to the virtualization software distributed by the company.
802.1x
A vendor-independent IEEE standard for securing transmission between nodes according to the transmission's port-whether physical or logical. 802.1x-also known as EAPoL-is the authentication standard followed by wireless networks using 802.11i.
SNMPv3 (Simple Network Management Protocol version 3)
A version of SNMP similar to SNMPv2-but with authentication-validation-and encryption for packets exchanged between managed devices and the network management console. SNMPv3 is the most secure version of the protocol.
TLS (Transport Layer Security)
A version of SSL being standardized by the IETF (Internet Engineering Task Force). With TLS-the IETF aims to create a version of SSL that encrypts UDP as well as TCP transmissions. TLS-which is supported by new Web browsers-uses slightly different encryption algorithms than SSL-but otherwise is very similar to the most recent version of SSL.
Avahi
A version of Zeroconf available for use with the Linux operating system.
partial-mesh WAN
A version of a mesh topology WAN in which only critical sites are directly interconnected and secondary sites are connected through star or ring topologies. Partial-mesh WANs are less expensive to implement than full-mesh WANs.
full-mesh WAN
A version of the mesh topology WAN in which every site is directly connected to every other site. Full-mesh WANs are the most fault-tolerant type of WAN.
tracepath
A version of the traceroute utility found on some Linux distributions.
VirtualBox
A virtualization software platform from Oracle.
file-infector virus
A virus that attaches itself to executable files. When the infected executable file runs-the virus copies itself to memory. Later-the virus attaches itself to other executable files.
encrypted virus
A virus that is encrypted to prevent detection.
boot sector virus
A virus that resides on the boot sector of an external storage device and is transferred to the partition sector or the DOS boot sector on a hard disk when the machine starts.
network virus
A virus that takes advantage of network protocols-commands-messaging programs-and data links to propagate itself. Although all viruses could theoretically travel across network connections-network viruses are specially designed to attack network vulnerabilities.
macro virus
A virus that takes the form of an application (for example-a word-processing or spreadsheet) program macro-which may execute when the program is in use.
patch panel
A wall-mounted panel of data receptors into which cross-connect patch cables from the punch-down block are inserted.
sneakernet
A way of exchanging data between computers that are not connected on a network. The term "sneakernet" was coined before the widespread use of networks-when data was copied from a computer to a removable storage device such as a floppy disk-carried (presumably by someone wearing sneakers) to another computer-then copied from the storage device onto the second computer.
vulnerability
A weakness of a system-process-or architecture that could lead to compromised information or unauthorized access to a network.
Cat
Abbreviation for the word category when describing a type of twisted pair cable. For example-Category 5 unshielded twisted pair cable may also be called Cat 5.
wireless gateway
An access point that provides routing functions and is used as a gateway.
wireless router
An access point that provides routing functions.
three-way handshake
An authentication process that involves three steps.
loopback test
An attempt to contact one's own machine for troubleshooting purposes. In TCP/IP-based networking-a loopback test can be performed by communicating with an IPv4 address that begins with an octet of 127. Usually-this means pinging the address 127.0.0.1.
brute force attack
An attempt to discover an encryption key or password by trying numerous possible character combinations. Usually-a brute force attack is performed rapidly by a program designed for that purpose.
multifactor authentication
An authentication process that requires the client to provide two or more pieces of information-such as a password-fingerprint scan-and security token.
resolver
Any host on the Internet that needs to look up domain name information.
4G
Fourth-generation mobile phone service that is characterized by an all-IP-packetswitched network for both data and voice transmission. 4G standards-released in 2008-also specify throughputs of 100 Mbps for fast-moving mobile clients-such as those in cars-and 1 Gbps for slow-moving mobile clients-such as pedestrians.
availability
How consistently and reliably a file-device-or connection can be accessed by authorized personnel.
IPv4
IP version 4-the Internet Protocol standard released in the 1980s and still commonly used on modern networks. It specifies 32-bit addresses composed of four octets. It lacks the security-automatic addressing-and prioritization benefits of IPv6. It also suffers from a limited number of addresses-a problem that can be resolved by using IPv6 instead.
TGS (Ticket-Granting Service)
In Kerberos terminology-an application that runs on the KDC that issues Ticket-Granting Tickets to clients so that they need not request a new ticket for each new service they want to access.
zone transfer
In DNS-the act of copying a primary name server's zone file to the secondary name server to ensure that both contain the same information.
collision
In Ethernet networks-the interference of one node's data transmission with the data transmission of another node sharing the same segment.
BSS (basic service set)
In IEEE terminology-a group of stations that share an access point.
BSSID (basic service set identifier)
In IEEE terminology-the identifier for a BSS (basic service set).
subnet mask
In IPv4 addressing-a 32-bit number that-when combined with a device's IP address-indicates what kind of subnet the device belongs to.
supernet
In IPv4-a type of subnet that is created by moving the subnet boundary to the left and using bits that normally would be reserved for network class information.
B channel
In ISDN-the "bearer" channel-so named because it bears traffic from point to point.
D channel
In ISDN-the "data" channel is used to carry information about the call-such as session initiation and termination signals-caller identity-call forwarding-and conference calling signals.
authenticator
In Kerberos authentication-the user's time stamp encrypted with the session key. The authenticator is used to help the service verify that a user's ticket is valid.
ticket
In Kerberos terminology-a temporary set of credentials that a client uses to prove that its identity has been validated by the authentication service.
TGT (Ticket-Granting Ticket)
In Kerberos terminology-a ticket that enables a user to be accepted as a validated principal by multiple services.
principal
In Kerberos terminology-a user or client.
port scanner
Software that searches a server-switch-router-or other device for open ports-which can be vulnerable to attack.
traffic
The data transmission and processing activity taking place on a computer network at any given time.
namespace
The database of Internet IP addresses and their associated names distributed over DNS name servers worldwide.
optical loss
The degradation of a light signal on a fiber-optic network.
latency
The delay between the transmission of a signal and its receipt.
fault management
The detection and signaling of device-link-or component faults.
NIC (network interface card)
The device that enables a workstation to connect to the network and communicate with other computers. NICs are manufactured by several different companies and come with a variety of specifications that are tailored to the workstation's and the network's requirements. NICs are also called network adapt
resources
The devices-data-and data storage space provided by a computer-whether stand-alone or shared
RAS (Remote Access Service)
The dial-up networking software provided with Microsoft Windows 95-98-NT-and 2000 client operating systems. RAS requires software installed on both the client and server-a server configured to accept incoming clients-and a client with sufficient privileges (including username and password) on the server to access its resources. In more recent versions of Windows-RAS has been incorporated into the RRAS (Routing and Remote Access Service).
scattering
The diffusion of a wireless signal that results from hitting an object that has smaller dimensions compared with the signal's wavelength. Scattering is also related to the roughness of the surface a wireless signal encounters. The rougher the surface-the more likely a signal is to scatter when it hits that surface.
wavelength
The distance between corresponding points on a wave's cycle. Wavelength is inversely proportional to frequency.
load balancing
The distribution of traffic over multiple links-hard disks-or processors intended to optimize responses.
uptime
The duration or percentage of time a system or network functions normally between failures.
resource record
The element of a DNS database stored on a name server that contains information about TCP/IP host names and their addresses.
hypervisor
The element of virtualization software that manages multiple guest machines and their connections to the host (and by association-to a physical network). A hypervisor is also known as a virtual machine manager.
virtualization
The emulation of a computer-operating system environment-or application on a physical system.
TE (terminal equipment)
The end nodes (such as computers and printers) served by the same connection (such as an ISDN-DSL-or T1 link).
transponder
The equipment on a satellite that receives an uplinked signal from Earth-amplifies the signal-modifies its frequency-then retransmits it (in a downlink) to an antenna on Earth.
DS0 (digital signal-level 0)
The equivalent of one data or voice channel in T-carrier technology-as defined by ANSI Physical layer standards. All other signal levels are multiples of DS0.
CIR (committed information rate)
The guaranteed minimum amount of bandwidth selected when leasing a frame relay circuit. Frame relay costs are partially based on CIR.
cable plant
The hardware that constitutes the enterprise-wide cabling system.
routing protocols
The means by which routers communicate with each other about network status. Routing protocols determine the best path for data to take between nodes.
transmission media
The means through which data are transmitted and received. Transmission media may be physical-such as wire or cable-or wireless-such as radio waves.
volt
The measurement used to describe the degree of pressure an electrical current exerts on a conductor.
topology
The physical layout of computers on a network.
physical topology
The physical layout of the media-nodes-and devices on a network. A physical topology does not specify device types-connectivity methods-or addressing schemes. Physical topologies are categorized into three fundamental shapes: bus-ring-and star. These shapes can be mixed to create hybrid topologies.
connectors
The pieces of hardware that connect the wire to the network device-be it a file server-workstation-switch-or printer.
conduit
The pipeline used to contain and protect cabling. Conduit is usually made from metal.
NIU (network interface unit)
The point at which PSTN-owned lines terminate at a customer's premises. The NIU is usually located at the demarc.
demarcation point (demarc)
The point of division between a telecommunications service carrier's network and a building's internal network.
backing up
The process of copying critical data files to a secure storage area. Often-backups are performed according to a formulaic schedule.
segmentation
The process of decreasing the size of data units when moving data from a network that can handle larger data units to a network that can handle only smaller data units.
QoS (quality of service)
The result of specifications for guaranteeing data delivery within a certain period of time after their transmission.
Network layer
The third layer in the OSI model. Protocols in the Network layer translate network addresses into their physical counterparts and decide how to route data from the sender to the receiver.
convergence time
The time it takes for a router to recognize a best path in the event of a change or network outage.
handoff
The transition that occurs when a cellular network client moves from one antenna's coverage area to another.
bus
The type of circuit used by a computer's motherboard to transmit data to components. Most new Pentium computers use buses capable of exchanging 32 or 64 bits of data. As the number of bits of data a bus handles increases-so too does the speed of the device attached to the bus.
ciphertext
The unique data block that results when an original piece of data (such as text) is encrypted (for example-by using a key).
Cisco Certified Internetwork Expert
See CCIE.
Cisco Certified Network Associate
See CCNA.
Challenge Handshake Authentication Protocol
See CHAP.
slash notation
See CIDR notation.
Classless Interdomain Routing
See CIDR.
classless routing
See CIDR.
supernetting
See CIDR.
committed information rate
See CIR.
central office
See CO.
cyclic redundancy check
See CRC.
cold spare
A duplicate component that is not installed-but can be installed in case of a failure.
volt-amp (VA)
A measure of electrical power. A volt-amp is the product of the voltage and current (measured in amps) of the electricity on a line.
Webcast
A streaming video-either on demand or live-that is delivered via the Web.
enterprise
An entire organization-including local and remote offices-a mixture of computer systems-and a number of departments. Enterprise-wide computing takes into account the breadth and diversity of a large organization's computer needs.
runt
An erroneously shortened packet.
RTS/CTS (Request to Send/Clear to Send)
An exchange in which a wireless station requests the exclusive right to communicate with an access point and the access point confirms that it has granted that request.
evil twin
An exploit in which a rogue access point masquerades as a legitimate access point-using the same SSID and potentially other identical settings.
encryption devices
Computers or specialized adapters inserted into other devices-such as routers or servers-that perform encryption.
alien cross talk
EMI interference induced on one cable by signals traveling over a nearby cable.
Carrier Sense Multiple Access with Collision Avoidance
See CSMA/CA.
Carrier Sense Multiple Access with Collision Detection
See CSMA/CD.
channel service unit
See CSU.
Category 3
See Cat 3.
Category 5
See Cat 5.
Enhanced Category 5
See Cat 5e.
Category 6
See Cat 6.
augmented Category 6
See Cat 6a.
Category 7
See Cat 7.
Dynamic DNS
See DDNS.
Data Encryption Standard
See DES.
Dynamic Host Configuration Protocol
See DHCP
Dynamic Host Configuration Protocol version 4
See DHCPv4.
Dynamic Host Configuration Protocol version 6
See DHCPv6.
demilitarized zone
See DMZ.
Dynamic Network Address Translation
See DNAT.
IP masquerading
See DNAT.
Domain Name Service
See DNS.
Domain Name System
See DNS.
digital subscriber line
See DSL.
DSL access multiplexer
See DSLAM.
direct-sequence spread spectrum
See DSSS.
data service unit
See DSU.
dense wavelength division multiplexing
See DWDM.
Differentiated Service
See DiffServ.
Private Port
See Dynamic Ports.
Extensible Authentication Protocol
See EAP.
EAP over LAN
See EAPoL.
Expedited Forwarding
See EF.
Exterior Gateway Protocol
See EGP.
Electronic Industries Alliance
See EIA.
Enhanced Interior Gateway Routing Protocol
See EIGRP.
electromagnetic interference
See EMI.
Encapsulating Security Payload
See ESP.
extended service set
See ESS.
extended service set identifier
See ESSID.
Extended Unique Identifier-64
See EUI-64.
frame check sequence
See FCS.
frequency division multiplexing
See FDM.
frequency hopping spread spectrum
See FHSS.
frequency modulation
See FM.
fully qualified domain name
See FQDN.
fully qualified host name
See FQDN.
File Transfer Protocol
See FTP.
fiber to the home
See FTTH.
fiber to the premises
See FTTP.
Gigabit interface converter
See GBIC
geosynchronous earth orbit
See GEO.
hybrid fiber-coax
See HFC.
host-based intrusion detection
See HIDS.
Health Insurance Portability and Accountability Act
See HIPAA.
host-based intrusion prevention
See HIPS.
High Speed Packet Access Plus
See HSPA+.
HTTP Secure
See HTTPS.
HTTP over Secure Sockets Layer
See HTTPS.
Internet Architecture Board
See IAB.
Internet Assigned Numbers Authority
See IANA.
Internet Corporation for Assigned Names and Numbers
See ICANN.
Internet Control Message Protocol
See ICMP
Internet Control Message Protocol version 6
See ICMPv6
Internet Connection Sharing
See ICS.
intermediate distribution frame
See IDF.
intrusion-detection system
See IDS.
Institute of Electrical and Electronics Engineers
See IEEE.
Internet Engineering Task Force
See IETF.
Internet Group Management Protocol
See IGMP.
Internet Group Multicast Protocol
See IGMP.
Interior Gateway Protocol
See IGP.
Internet Key Exchange
See IKE.
Internet Message Access Protocol
See IMAP.
Internet Message Access Protocol-version 4
See IMAP4.
Internet Protocol address
See IP address.
IP datagram
See IP packet.
IP phone
See IP telephone.
digital PBX
See IP-PBX.
Internet Protocol
See IP.
intrusion-prevention system
See IPS.
Internet Protocol Security
See IPSec.
IP television
See IPTV.
IP version 4 Link Local
See IPv4LL.
IP next generation
See IPv6.
Ipng
See IPv6.
Internet Relay Chat
See IRC.
Intermediate System to Intermediate System
See IS-IS.
Internet Security Association and Key Management Protocol
See ISAKMP.
Integrated Services Digital Network
See ISDN.
International Organization for Standardization
See ISO.
Internet Society
See ISOC.
Internet service provider
See ISP.
International Telecommunication Union
See ITU.
Key Distribution Center
See KDC.
Kernel-based Virtual Machine
See KVM.
Layer 2 Tunneling Protocol
See L2TP.
local area network
See LAN.
LAN Emulation
See LANE.
local connector
See LC.
Logical Link Control sublayer
See LLC (Logical Link Control) sublayer
Long Term Evolution
See LTE.
routing switch
See Layer 3 switch.
Media Access Control sublayer
See MAC (Media Access Control) sublayer
Data Link layer address
See MAC address.
hardware address
See MAC address.
metropolitan area network
See MAN
Microsoft Certified IT Professional
See MCITP.
multipoint control unit
See MCU.
video bridge
See MCU.
main cross-connect
See MDF.
main distribution frame
See MDF.
H.248
See MEGACO.
Softswitch
See MGC.
media gateway controller
See MGC.
Media Gateway Control Protocol
See MGCP.
Management Information Base
See MIB.
Multipurpose Internet Mail Extensions
See MIME.
multiple input-multiple output
See MIMO.
multimode fiber
See MMF.
multiprotocol label switching
See MPLS.
Microsoft Challenge Handshake Authentication Protocol
See MS-CHAP.
Microsoft Challenge Handshake Authentication Protocol-version 2
See MS-CHAPv2.
MTSO (mobile telecommunications switching office)
See MSC.
mobile switching center
See MSC.
mobile telecommunications switching office
See MSC.
mechanical transfer registered jack
See MT-RJ.
maximum transmission unit
See MTU
network attached storage
See NAS.
Network Address Translation
See NAT.
near end cross talk
See NEXT.
network adapter
See NIC
network interface card
See NIC.
network-based intrusion detection
See NIDS.
network-based intrusion prevention
See NIPS.
network interface unit
See NIU.
Network Mapper
See NMAP.
network operating system
See NOS
network service provider
See NSP.
Network Termination 1
See NT1.
Network Termination 2
See NT2.
Network Time Protocol
See NTP
Network as a Service
See NaaS.
Optical Carrier
See OC.
optical line terminal
See OLT.
optical network unit
See ONU.
Open Systems Interconnection model
See OSI (Open Systems Interconnection) model.
Open Shortest Path First
See OSPF.
optical time domain reflectometer
See OTDR.
Organizationally Unique Identifier
See OUI.
block ID
See OUI.
company_id
See OUI.
Password Authentication Protocol
See PAP.
Port Address Translation
See PAT.
private branch exchange
See PBX.
PCI Component Interconnect Express
See PCIe.
powered device
See PD.
protocol data unit
See PDU.
Pretty Good Privacy
See PGP.
Packet Internet Groper
See PING.
Public-key Infrastructure
See PKI.
passive optical network
See PON.
Post Office Protocol
See POP.
Post Office Protocol-version 3
See POP3.
Point-to-Point Protocol
See PPP.
Point-to-Point Protocol over Ethernet
See PPPoE.
Point-to-Point Tunneling Protocol
See PPTP.
Primary Rate Interface
See PRI.
power sourcing equipment
See PSE.
POTS
See PSTN.
Public Switched Telephone Network
See PSTN.
plain old telephone service (POTS)
See PSTN.
permanent virtual circuit
See PVC.
Power over Ethernet
See PoE.
quality of service
See QoS.
Remote Authentication Dial-In User Service
See RADIUS.
Redundant Array of Independent (or Inexpensive) Disks
See RAID.
Remote Access Service
See RAS.
Remote Desktop Protocol
See RDP.
radio frequency interference
See RFI.
Routing Information Protocol
See RIP.
Routing Information Protocol version 2
See RIPv2.
Regional Internet Registry
See RIR
registered jack 11
See RJ-11.
registered jack 45
See RJ-45.
registered jack 48
See RJ-48.
Recommended Standard 232
See RS-232.
Rapid Spanning Tree Protocol
See RSTP.
Resource Reservation Protocol
See RSVP.
RTP Control Protocol
See RTCP.
Real-time Transport Control Protocol
See RTCP.
Real-time Transport Protocol
See RTP.
Request to Send/Clear to Send
See RTS/CTS.
round-trip time
See RTT.
RRAS
See Routing and Remote Access Service.
storage area network
See SAN.
standard connector
See SC.
subscriber connector
See SC.
Secure CoPy
See SCP.
Synchronous Digital Hierarchy
See SDH.
start-of-frame delimiter
See SFD.
SFP GBIC
See SFP.
mini GBIC
See SFP.
Secure File Transfer Protocol
See SFTP.
Session Initiation Protocol
See SIP.
Serial Line Internet Protocol
See SLIP.
single-mode fiber
See SMF.
Simple Mail Transfer Protocol
See SMTP.
Static Network Address Translation
See SNAT.
Simple Network Management Protocol
See SNMP.
Simple Network Management Protocol version 1
See SNMPv1.
Simple Network Management Protocol version 2
See SNMPv2.
Simple Network Management Protocol version 3
See SNMPv3.
Synchronous Optical Network
See SONET.
Signaling System 7
See SS7.
Secure Shell
See SSH.
service set identifier
See SSID.
Secure Sockets Layer
See SSL.
straight tip
See ST.
Spanning Tree Protocol
See STP.
shielded twisted pair
See STP.
switched virtual circuit
See SVC.
synchronization-acknowledgment
See SYN-ACK.
synchronization
See SYN.
terminal adapter
See TA.
Terminal Access Controller Access Control System Plus
See TACACS+.
Transmission Control Protocol
See TCP.
Transmission Control Protocol/Internet Protocol
See TCP/IP.
time division multiplexing
See TDM.
time domain reflectometer
See TDR.
terminal equipment
See TE.
Trivial File Transfer Protocol
See TFTP.
Ticket-Granting Service
See TGS.
Ticket-Granting Ticket
See TGT.
Telecommunications Industry Association
See TIA.
Temporal Key Integrity Protocol
See TKIP.
top-level domain
See TLD.
Transport Layer Security
See TLS.
hop limit
See TTL
Time to Live
See TTL.
3DES
See Triple DES.
Trojan
See Trojan horse.
User Datagram Protocol
See UDP.
uninterruptible power supply
See UPS.
unshielded twisted pair
See UTP.
virtual local area network
See VLAN.
virtual machine
See VM.
Virtual Network Computing
See VNC.
virtual private network
See VPN.
VLAN trunking protocol
See VTP.
Voice over IP
See VoIP.
IP telephony
See Voice over IP.
wide area network
See WAN
wavelength division multiplexing
See WDM.
Wired Equivalent Privacy
See WEP.
wireless LAN
See WLAN.
Wi-Fi Protected Access
See WPA.
Anything as a Service
See XaaS.
Everything as a Service
See XaaS.
Zero configuration
See Zeroconf.
AP
See access point.
WAP (wireless access point)
See access point.
base station
See access point.
wireless access point
See access point.
gateway router
See border router.
shield
See braiding.
cable modem access
See broadband cable.
sag
See brownout.
main bus
See bus.
system bus
See bus.
lineman's handset
See butt set.
telephone test set
See butt set.
cable checker
See continuity tester.
datagram
See data packet.
default router
See default gateway.
demarc
See demarcation point.
demux
See demultiplexer
driver
See device driver.
domain information groper
See dig.
expansion card
See expansion board.
device ID
See extension identifier.
removable disk drive
See external disk drive.
forwarding table
See filtering database.
duplex
See full-duplex
virtual PBX
See hosted PBX.
virtual machine manager
See hypervisor.
bonding
See link aggregation.
last mile
See local loop.
loopback adapter
See loopback plug.
primary name server
See master name server.
my traceroute
See mtr.
DNS server
See name server.
network number
See network ID.
network prefix
See network ID.
Network layer address
See network address
logical address
See network address
virtual address
See network address.
cloud backup
See online backup.
P2P network
See peer-to-peer network.
MAC address
See physical address
port-based authentication
See port authentication.
network analyzer
See protocol analyzer.
packet sniffer
See protocol analyzer.
sniffer
See protocol analyzer.
Application layer gateway
See proxy server.
application gateway
See proxy server.
proxy
See proxy server.
bounce
See reflection.
access server
See remote access server.
secondary name server
See slave name server.
offline UPS
See standby UPS.
mask
See subnet mask.
net mask
See subnet mask.
capacity
See throughput.
toner
See tone generator.
probe
See tone locator.
link segment
See unpopulated segment
virtual adapter
See vNIC.
virtual network interface card
See vNIC.
VA
See volt-amp.
PSTN (Public Switched Telephone Network)
The network of lines and carrier equipment that provides telephone service to most homes and businesses. Now-except for the local loop-nearly all of the PSTN uses digital transmission. Its traffic is carried by fiber-optic or copper twisted pair cable-microwave-and satellite connections.
print services
The network service that allows printers to be shared by several users on a network.
management services
The network services that centrally administer and simplify complicated management tasks on the network. Examples of management services include license tracking-security auditing-asset management-address management-software distribution-traffic monitoring-load balancing-and hardware diagnosis.
maill services
The network services that manage the storage and transfer or e-mail between users on a network. In addition to sending-receiving-and storing mail-mail services can include filtering-routing-notification-scheduling-and data exchange with other mail servers
overhead
The nondata information that must accompany data for a signal to be properly routed and interpreted by the network.
ICANN (Internet Corporation for Assigned Names and Numbers)
The nonprofit corporation currently designated by the United States government to maintain and assign IP addresses.
frequency
The number of times that a signal's amplitude changes over a fixed period of time-expressed in cycles per second-or hertz (Hz).
twist ratio
The number of twists per meter or foot in a twisted pair cable.
PGP (Pretty Good Privacy)
A key-based encryption system for e-mail that uses a two-step verification process.
hertz (Hz)
A measure of frequency equivalent to the number of amplitude cycles per second.
bandwidth
A measure of the difference between the highest and lowest frequencies that a medium can transmit.
RFI (radio frequency interference)
A kind of interference that may be generated by broadcast signals from radio or TV antennas.
DES (Data Encryption Standard)
A popular private key encryption technique that was developed by IBM in the 1970s.
socket
A logical address assigned to a specific process running on a computer. Some sockets are reserved for operating system functions.
amplitude
A measure of a signal's strength.
SFD (start-of-frame delimiter)
A 1-byte field that indicates where the data field begins in an Ethernet frame.
OUI (Organizationally Unique Identifier)
A 24-bit character sequence assigned by IEEE that appears at the beginning of a network interface's physical address and identifies the NIC's manufacturer.
PCIe (PCI Component Interconnect Express)
A 32-bit bus standard capable of transferring data at up to 1 Gbps per data path-or lane-in full-duplex transmission. PCIe is commonly used for expansion board NICs.
supernet mask
A 32-bit number that-when combined with a device's IPv4 address-indicates the kind of supernet to which the device belongs.
HSPA+ (High Speed Packet Access Plus)
A 3G mobile wireless technology released in 2008 that uses MIMO and sophisticated encoding techniques to achieve a maximum 84-Mbps downlink throughput and 11-Mbps uplink throughput in its current release. Advances in more efficiently using limited channels and incorporating more antennas inMIMO promise to push the maximum downlink data rate to 336 Mbps.
physical address
A 48- or 64-bit network interface identifier that includes two parts: the OUI-assigned by IEEE to the manufacturer-and the extension identifier-a unique number assigned to each NIC by the manufacturer.
LTE (Long Term Evolution)
A 4G cellular network technology that achieves downlink data rates of up to 1 Gbps and uplink rates up to 500 Mbps. AT&T and Verizon have adopted LTE for their high-speed wireless data networks.
TACACS+ (Terminal Access Controller Access Control System Plus)
A Cisco proprietary protocol for AAA (authentication-authorization-and accounting). Like RADIUS-TACACS+ may use one of many authentication protocols. Unlike RADIUS-TACACS+ relies on TCP at the Network layer and allows for separation of the AAA services.
root server
A DNS server maintained by ICANN and IANA that is an authority on how to contact the top-level domains-such as those ending with .com-.edu-.net-.us-and so on. ICANN oversees the operation of 13 root servers around the world.
EAP (Extensible Authentication Protocol)
A Data Link layer protocol defined by the IETF that specifies the dynamic distribution of encryption keys and a preauthentication process in which a client and server exchange data via an intermediate node (for example-an access point on a wireless LAN). Only after they have mutually authenticated can the client and server exchange encrypted data. EAP can be used with multiple authentication and encryption schemes.
ATM (Asynchronous Transfer Mode)
A Data Link layer technology originally conceived in the early 1980s at Bell Labs and standardized by the ITU in the mid-1990s. ATM relies on fixed packets-called cells-that each consist of 48 bytes of data plus a 5-byte header. ATM relies on virtual circuits and establishes a connection before sending data. The reliable connection ensured by ATM allows network managers to specify QoS levels for certain types of traffic.
Event Viewer
A GUI application that allows users to easily view and sort events recorded in the event log on a computer running a Windows-based operating system.
WLAN (wireless LAN)
A LAN that uses wireless connections for some or all of its transmissions.
PPTP (Point-to-Point Tunneling Protocol)
A Layer 2 protocol developed by Microsoft that encapsulates PPP data for transmission over VPN connections. PPTP operates with Windows RRAS access services and can accept connections from multiple different clients. It is simple-but less secure than other modern tunneling protocols.
IPSec (Internet Protocol Security)
A Layer 3 protocol that defines encryption-authentication-and key management for TCP/IP transmissions. IPSec is an enhancement to IPv4 and is native to IPv6. IPSec is unique among authentication methods in that it adds security information to the header of all IP packets.
on-board NIC
A NIC that is integrated into a computer's motherboard-rather than connected via an expansion slot or peripheral bus.
fragmentation
A Network layer service that subdivides segments it receives from the Transport layer into smaller packets.
1000Base-T
A Physical layer standard for achieving 1 Gbps over UTP. 1000Base-T achieves its higher throughput by using all four pairs of wires in a Cat 5 or better twisted pair cable to both transmit and receive signals. 1000Base-T also uses a different data encoding scheme than that used by other UTP Physical layer specifications.
10GBase-SR
A Physical layer standard for achieving 10-Gbps data transmission over multimode fiber using wavelengths of 850 nanometers. The maximum segment length for 10GBase-SR can reach up to 300 meters-depending on the fiber core diameter and modal bandwidth used.
10GBase-LR
A Physical layer standard for achieving 10-Gbps data transmission over singlemode-fiber-optic cable using wavelengths of 1310 nanometers. In 10GBase-LR-the LR stands for long reach. This standard specifies a star topology and segment lengths up to 10000 meters.
10GBase-ER
A Physical layer standard for achieving 10-Gbps data transmission over singlemode-fiber-optic cable. In 10GBase-ER-the ER stands for extended reach. This standard specifies a star topology and segment lengths up to 40000 meters.
10GBase-T
A Physical layer standard for achieving 10-Gbps data transmission over twisted pair cable. Described in its 2006 standard 802.3an-IEEE specifies Cat 6 or Cat 7 cable as the appropriate medium for 10GBase-T. The maximum segment length for 10GBase-T is 100 meters.
1000Base-LX
A Physical layer standard for networks that specifies 1-Gbps transmission over fiber-optic cable using baseband transmission. 1000Base-LX can run on either single-mode or multimode fiber. The LX represents its reliance on long wavelengths of 1300 nanometers. 1000Base-LX can extend to 5000-meter segment lengths using single-mode-fiber-optic cable. 1000Base-LX networks can use one repeater between segments.
1000Base-SX
A Physical layer standard for networks that specifies 1-Gbps transmission over fiber-optic cable using baseband transmission. 1000Base-SX runs on multimode fiber. Its maximum segment length is 550 meters. The SX represents its reliance on short wavelengths of 850 nanometers. 1000Base-SX can use one repeater.
100Base-FX
A Physical layer standard for networks that specifies baseband transmission-multimode fiber cabling-and 100-Mbps throughput. 100Base-FX networks have a maximum segment length of 2000 meters. 100Base-FX may also be called Fast Ethernet.
100Base-T
A Physical layer standard for networks that specifies baseband transmission-twisted pair cabling-and 100-Mbps throughput. 100Base-T networks have a maximum segment length of 100 meters and use the star topology. 100Base-T is also known as Fast Ethernet.
10Base-T
A Physical layer standard for networks that specifies baseband transmission-twisted pair media-and 10-Mbps throughput. 10Base-T networks have a maximum segment length of 100 meters and rely on a star topology.
RS-232 (Recommended Standard 232)
A Physical layer standard for serial communications-as defined by EIA/TIA.
H.225
A Session layer call signaling protocol defined as part of ITU's H.323 multiservice network architecture. H.225 is responsible for call or videoconference setup between nodes on a VoIP or video-over-IP network-indicating node status-and requesting additional bandwidth and call termination.
H.245
A Session layer control protocol defined as part of ITU's H.323 multiservice network architecture. H.245 is responsible for controlling a session between two nodes. For example-it ensures that the two nodes are communicating in the same format.
TFTP (Trivial File Transfer Protocol)
A TCP/IP Application layer protocol that enables file transfers between computers. Unlike FTP-TFTP relies on UDP at the Transport layer and does not require a user to log on to the remote host.
ifconfig
A TCP/IP configuration and management utility used with UNIX and Linux systems.
IGMP (Internet Group Management Protocol or Internet Group Multicast Protocol)
A TCP/IP protocol used on IPv4 networks to manage multicast transmissions. Routers use IGMP to determine which nodes belong to a multicast group-and nodes use IGMP to join or leave a multicast group.
PING (Packet Internet Groper)
A TCP/IP troubleshooting utility that can verify that TCP/IP is installed-bound to the NIC-configured correctly-and communicating with the network. PING uses ICMP to send echo request and echo reply messages that determine the validity of an IP address.
netstat
A TCP/IP troubleshooting utility that displays statistics and the state of current TCP/IP connections. It also displays ports-which can signal whether services are using the correct ports.
nbtstat
A TCP/IP troubleshooting utility that provides information about NetBIOS names and their addresses. If you know the NetBIOS name of a workstation-you can use nbtstat to determine its IP address.
traceroute (tracert)
A TCP/IP troubleshooting utility that uses ICMP to trace the path from one networked node to another-identifying all intermediate hops between the two nodes. Traceroute is useful for determining router or subnet connectivity problems. On Windows-based systems-the utility is known as tracert.
nslookup
A TCP/IP utility that allows you to look up the DNS host name of a network node by specifying its IP address-or vice versa. This ability is useful for verifying that a host is configured correctly and for troubleshooting DNS resolution problems.
host
A TCP/IP utility that at its simplest returns either the IP address of a host if its host name is specified or its host name if its IP address is specified.
dig (domain information groper)
A TCP/IP utility that queries the DNS database and provides information about a host given its IP address or vice versa. Dig is similar to the nslookup utility-but provides more information-even in its simplest form-than nslookup can.
hostname
A TCP/IP utility used to show or modify a client's host name.
ITU (International Telecommunication Union)
A United Nations agency that regulates international telecommunications and provides developing countries with technical expertise and equipment to advance their technological bases.
CALEA (Communications Assistance for Law Enforcement Act)
A United States federal regulation that requires telecommunications carriers and equipment manufacturers to provide for surveillance capabilities. CALEA was passed by Congress in 1994 after pressure from the FBI-which worried that networks relying solely on digital communications would circumvent traditional wiretapping strategies.
bus topology WAN
A WAN in which each location is connected to no more than two other locations in a serial fashion.
full backup
A backup in which all data on all servers is copied to a storage medium-regardless of whether the data is new or changed. A full backup unchecks the archive bit on files it has backed up.
incremental backup
A backup in which only data that has changed since the last full or incremental backup is copied to a storage medium. After backing up files-an incremental backup unchecks the archive bit for every file it has saved.
differential backup
A backup method in which only data that has changed since the last full or incremental backup is copied to a storage medium-and in which that same information is marked for subsequent backup-regardless of whether it has changed. In other words-a differential backup does not uncheck the archive bits for files it backs up.
Grandfather-Father-Son
A backup rotation scheme that uses daily (son)-weekly (father)-and monthly (grandfather) backup sets.
UPS (uninterruptible power supply)
A battery-operated power source directly attached to one or more devices and to a power supply (such as a wall outlet) that prevents undesired features of the power source from harming the device or interrupting its services.
bit (binary digit)
A bit equals a single pulse in the digital encoding system. It may have only one of two values: 0 or 1.
braiding
A braided metal shielding used to insulate some types of coaxial cable.
ISP (Internet service provider)
A business that provides organizations and individuals with Internet access and often-other services-such as e-mail and Web hosting.
head-end
A cable company's central office-which connects cable wiring to many nodes before it reaches customers' sites.
serial cable
A cable-such as an RS-232 type-that permits serial data transmission.
NSP (network service provider)
A carrier that provides long-distance (and often global) connectivity between major data-switching centers across the Internet. AT&T-Verizon-and Sprint are all examples of network service providers in the United States. Customers-including ISPs-can lease dedicated private or public Internet connections from an NSP.
MSC (mobile switching center)
A carrier's facility to which multiple cellular base stations connect. An MSC might be located inside a telephone company's central office or it might stand alone and connect to the central office via fiber-optic cabling or a microwave link. Equipment at an MSC manages mobile clients-monitoring their location and usage patterns-and switches cellular calls. It also assigns each mobile client an IP address.
label
A character string that represents a domain (either top-level-second-level-or third-level).
elastic
A characteristic of cloud computing that means services can be quickly and dynamically-sometimes even automatically-scaled up or down.
self-healing
A characteristic of dual-ring topologies that allows them to automatically reroute traffic along the backup ring if the primary ring becomes severed.
logical topology
A characteristic of network transmission that reflects the way in which data are transmitted between nodes. A network's logical topology may differ from its physical topology. The most common logical topologies are bus and ring.
symmetrical
A characteristic of transmission technology that provides equal throughput for data traveling both upstream and downstream and is suited to users who both upload and download significant amounts of data.
expansion board
A circuit board used to connect a device to a computer's motherboard.
network class
A classification for TCP/IP-based networks that pertains to the network's potential size and is indicated by an IP address's network ID and subnet mask. Network Classes A-B-and C are commonly used by clients on LANs; network Classes D and E are reserved for special purposes.
thin client
A client that relies on another host for the majority of processing and hard disk resources necessary to run applications and share files over the network.
BNC connector
A coaxial cable connector type that uses a twist-and-lock (or bayonet) style of coupling. It may be used with several coaxial cable types-including RG-6 and RG-59.
H.323 zone
A collection of H.323 terminals-gateways-and MCUs that are managed by a single H.323 gatekeeper.
filtering database
A collection of data created and used by a bridge that correlates the MAC addresses of connected workstations with their locations. A filtering database is also known as a forwarding table.
Zeroconf (Zero configuration)
A collection of protocols that assigns link-local addresses-performs DNS functions-and discovers services-such as print services-available to the node.
ISO (International Organization for Standardization)
A collection of standards organizations representing 162 countries with headquarters located in Geneva-Switzerland. Its goal is to establish international technological standards to facilitate the global exchange of information and barrier-free trade.
late collision
A collision that takes place outside the normal window in which collisions are detected and redressed. Late collisions are usually caused by a defective station (such as a card or transceiver) that is transmitting without first verifying line status or by failure to observe the configuration guidelines for cable length-which results in collisions being recognized too late.
BID (Bridge ID)
A combination of a 2-byte priority field and a bridge's MAC address-used in STP (Spanning Tree Protocol) to select a root bridge.
CSU/DSU
A combination of a CSU (channel service unit) and a DSU (data service unit) that serves as the connection point for a T1 line at the customer's site. Most modern CSU/DSUs also contain a multiplexer. A CSU/DSU may be a separate device or an expansion card in another device-such as a router.
gateway
A combination of networking hardware and software that connects two dissimilar kinds of networks. Gateways perform connectivity-session management-and data translation-so they must operate at multiple layers of the OSI model.
iwconfig
A command-line utility for viewing and setting wireless interface parameters on Linux and UNIX workstations.
pathping
A command-line utility that combines the functionality of the tracert and ping commands (similar to UNIX's mtr command) and comes with Windows operating systems.
nonbroadcast point-to-multipoint transmission
A communications arrangement in which a single transmitter issues signals to multiple-defined recipients.
point-to-multipoint
A communications arrangement in which one transmitter issues signals to multiple receivers. The receivers may be undefined-as in a broadcast transmission-or defined-as in a nonbroadcast transmission.
PPP (Point-to-Point Protocol)
A communications protocol that enables a workstation to connect to a server using a serial connection. PPP can support multiple Network layer protocols and can use both asynchronous and synchronous communications. It performs compression and error correction and requires little configuration on the client workstation.
SLIP (Serial Line Internet Protocol)
A communications protocol that enables a workstation to connect to a server using a serial connection. SLIP can support only asynchronous communications and IP traffic and requires some configuration on the client workstation. SLIP has been made obsolete by PPP.
RTCP (Real-time Transport Control Protocol)
A companion protocol to RTP-RTCP provides feedback on the quality of a call or videoconference to its participants.
blackout
A complete power loss.
Internet
A complex WAN that connects LANs and clients around the globe.
switching
A component of a network's logical topology that manages how packets are filtered and forwarded between nodes on the network.
softphone
A computer configured to act like an IP telephone. Softphones present the caller with a graphical representation of a telephone dial pad and can connect to a network via any wired or wireless method.
server
A computer on the network that manages shared resources. Servers usually have more processing power-memory-and hard disk space than clients. They run network operating software that can manage not only data-but also users-groups-security-and applications on the network.
client
A computer on the network that requests resources or services from another computer on a network. In some cases-a client could also act as a server. The term client may also refer to the user of a client workstation or a client software application installed on the workstation.
node
A computer or other device connected to a network-which has a unique address and is capable of sending or receiving.
host
A computer that enables resource sharing by other computers on the same network.
VM (virtual machine)
A computer that exists in emulation on a physical computer-or host machine. Multiple VMs may exist on one host where they share the physical computer's CPU-hard disk-memory-and network interfaces.
Web server
A computer that manages Web site services-such as supplying a Web page to multiple users on demand.
MGC (media gateway controller)
A computer that manages multiple media gateways and facilitates the exchange of call control information between these gateways.
MCU (multipoint control unit)
A computer that provides support for multiple H.323 terminals (for example-several workstations participating in a videoconference) and manages communication between them. An MCU is also known as a video bridge.
workstation
A computer that runs a desktop operating system and connects to a network.
stand-alone computer
A computer that uses applications and data only from its local disks and that is not connected to a network.
virtual circuit
A connection between network nodes that-although based on potentially disparate physical links-logically appears to be a direct-dedicated link between those nodes.
session
A connection for data exchange between two parties. The term session may be used in the context of Web-remote access-or terminal and mainframe communications-for example.
SSH (Secure Shell)
A connection utility that provides authentication and encryption. With SSH-you can securely log on to a host-execute commands on that host-and copy files to or from that host. SSH encrypts data exchanged throughout the session.
DSLAM (DSL access multiplexer)
A connectivity device located at a telecommunications carrier's office that aggregates multiple DSL subscriber lines and connects them to a larger carrier or to the Internet backbone.
switch
A connectivity device that logically subdivides a network into smaller-individual collision domains. A switch operates at the Data Link layer of the OSI model and can interpret MAC address information to determine whether to filter (discard) or forward packets it receives.
bridge
A connectivity device that operates at the Data Link layer (Layer 2) of the OSI model and reads header information to forward packets according to their MAC addresses. Bridges use a filtering database to determine which packets to discard and which to forward. Bridges contain one input and one output port and separate network segments.
hub
A connectivity device that retransmits incoming data signals to its multiple ports. Typically-hubs contain one uplink port-which is used to connect to a network's backbone.
loopback plug
A connector used for troubleshooting that plugs into a port (for example-a serial-parallel-or RJ-45 port) and crosses over the transmit line to the receive line-allowing outgoing signals to be redirected back into the computer for testing.
F-Type connector
A connector used to terminate coaxial cable used for transmitting television and broadband cable signals.
LC (local connector)
A connector used with single-mode or multimode fiber-optic cable.
MT-RJ (mechanical transfer registered jack)
A connector used with single-mode or multimode fiber-optic cable.
SC (subscriber connector or standard connector)
A connector used with single-mode or multimode fiber-optic cable.
ST (straight tip)
A connector used with single-mode or multimode fiber-optic cable.
dedicated
A continuously available link or service that is leased through another carrier. Examples of dedicated lines include ADSL-T1-and T3.
wireless spectrum
A continuum of electromagnetic waves used for data and voice communication. The wireless spectrum (as defined by the FCC-which controls its use) spans frequencies between 9 KHz and 300 GHz. Each type of wireless service can be associated with one area of the wireless spectrum.
backup
A copy of data or program files created for archiving or safekeeping.
ARP (Address Resolution Protocol)
A core protocol in the TCP/IP suite that belongs in the Network layer of the OSI model. ARP obtains the MAC (physical) address of a host-or node-and then creates a local database that maps the MAC address to the host's IP (logical) address.
ICMP (Internet Control Message Protocol)
A core protocol in the TCP/IP suite that notifies the sender that something has gone wrong in the transmission process and that packets were not delivered.
IP (Internet Protocol)
A core protocol in the TCP/IP suite that operates in the Network layer of the OSI model and provides information about how and where data should be delivered. IP is the subprotocol that enables TCP/IP to internetwork.
UDP (User Datagram Protocol)
A core protocol in the TCP/IP suite that sits in the Transport layer of the OSI model. UDP is a connectionless transport service.
TCP (Transmission Control Protocol)
A core protocol of the TCP/IP suite. TCP belongs to the Transport layer and provides reliable data delivery services.
patch
A correction-improvement-or enhancement to part of a software application-often distributed at no charge by software vendors to fix a bug in their code or to add slightly more functionality
toll bypass
A cost-savings benefit that results from organizations completing long-distance telephone calls over their packet-switched networks-thus bypassing tolls charged by common carriers on comparable PSTN calls.
Kerberos
A cross-platform authentication protocol that uses key encryption to verify the identity of clients and to securely exchange information after a client logs on to a system. It is an example of a private key encryption service.
point-to-point
A data transmission that involves one transmitter and one receiver.
ARP table
A database of records that maps MAC addresses to IP addresses. The ARP table is stored on a computer's hard disk where it is used by the ARP utility to supply the MAC addresses of network nodes-given their IP addresses.
DNS cache
A database on a computer that stores information about IP addresses and their associated host names. DNS caches can exist on clients as well as on name servers.
routing table
A database stored in a router's memory that maintains information about the location of hosts and best paths for forwarding packets to them.
MIB (Management Information Base)
A database used in network management that contains a device's definitions of managed objects and their data.
honeypot
A decoy system isolated from legitimate systems and designed to be vulnerable to security exploits for the purposes of learning more about hacking techniques or nabbing a hacker in the act.
DSL (digital subscriber line)
A dedicated WAN technology that uses advanced data modulation techniques at the Physical layer to achieve extraordinary throughput over regular phone lines. DSL comes in several different varieties-the most common of which is Asymmetric DSL (ADSL).
IPS (intrusion-prevention system)
A dedicated device or software running on a host that automatically reacts to any unauthorized attempt to access an organization's secured resources on a network or host. IPS is often combined with IDS.
IDS (intrusion-detection system)
A dedicated device or software running on a host that monitors-flags-and logs any unauthorized attempt to access an organization's secured resources on a network or host.
virtual desktop
A desktop operating environment that is hosted virtually-on a different physical computer from the one the user interacts with.
failure
A deviation from a specified level of system performance for a given period of time. A failure occurs when something doesn't work as promised or as planned.
firewall
A device (either a router or a computer running special software) that selectively filters or blocks traffic between networks. Firewalls are commonly used to improve data security.
OLT (optical line terminal
A device located at the carrier's endpoint of a passive optical network. An OLT contains multiple optical ports-or PON interfaces and a splitter that subdivides the capacity of each port into up to 32 logical channels-one per subscriber.
NAS (network attached storage)
A device or set of devices attached to a client/server network-dedicated to providing highly fault-tolerant access to large quantities of data. NAS depends on traditional network transmission methods such as Ethernet.
amplifier
A device that boosts-or strengthens-an analog signal.
router
A device that connects network segments and directs data based on information contained in the data packet.
DSL modem
A device that demodulates an incoming DSL signal-extracting the information and passing it to the data equipment (such as telephones and computers) and modulates an outgoing DSL signal.
surge protector
A device that directs excess voltage away from equipment plugged into it and redirects it to a ground-thereby protecting the equipment from harm.
load balancer
A device that distributes traffic intelligently between multiple computers.
media converter
A device that enables networks or segments using different media to interconnect and exchange signals.
jabber
A device that handles electrical signals improperly-usually affecting the rest of the network. A network analyzer will detect a jabber as a device that is always retransmitting-effectively bringing the network to a halt. A jabber usually results from a bad NIC. Occasionally-it can be caused by outside electrical interference.
modem
A device that modulates analog signals into digital signals at the transmitting end for transmission over telephone lines-and demodulates digital signals into analog signals at the receiving end.
cable modem
A device that modulates and demodulates signals for transmission and reception via cable wiring.
cable tester
A device that tests cables for one or more of the following conditions: continuity-segment length-distance to a fault-attenuation along a cable-near-end cross talk-and termination resistance and impedance. Cable testers may also issue pass/fail ratings for wiring standards or store and print cable testing results.
transceiver
A device that transmits and receives signals.
voltage event recorder
A device that-when plugged into the same outlet that will be used by a network node-gathers data about the power that outlet will provide the node.
DSU (data service unit)
A device used in T-carrier technology that converts the digital signal used by bridges-routers-and multiplexers into the digital signal used on cabling. Typically-a DSU is combined with a CSU in a single device-a CSU/DSU.
NT1 (Network Termination 1)
A device used on ISDN networks that connects the incoming twisted pair wiring with the customer's ISDN terminal equipment.
access point
A device used on wireless LANs that transmits and receives wireless signals to and from multiple nodes and retransmits them to the rest of the network segment. Access points can connect a group of nodes with a network or two networks with each other. They may use directional or omnidirectional antennas.
TA (terminal adapter)
A device used to convert digital signals into analog signals for use with ISDN phones and other analog devices. TAs are sometimes called ISDN modems
ohmmeter
A device used to measure resistance in an electrical circuit.
voltmeter
A device used to measure voltage (or electrical pressure) on an electrical circuit.
repeater
A device used to regenerate a signal.
CSU (channel service unit)
A device used with T-carrier technology that provides termination for the digital signal and ensures connection integrity through error correction and line monitoring. Typically-a CSU is combined with a DSU in a single device-a CSU/DSU.
terminal
A device with little (if any) of its own processing or disk capacity that depends on a host to supply it with applications and data-processing services.
hosted PBX
A digital PBX service provided over the Internet.
E1
A digital carrier standard used in Europe that offers 30 channels and a maximum of 2.048-Mbps throughput.
E3
A digital carrier standard used in Europe that offers 480 channels and a maximum of 34.368-Mbps throughput.
T3
A digital carrier standard used in North America and most of Asia that can carry the equivalent of 672 channels for voice-data-video-or audio-with a maximum data throughput of 44.736 Mbps (typically rounded up to 45 Mbps for purposes of discussion). T3s rely on time division multiplexing and require either fiber-optic or microwave transmission media.
T1
A digital carrier standard used in North America and most of Asia that provides 1.544-Mbps throughput and 24 channels for voice-data-video-or audio signals. T1s rely on time division multiplexing and may use shielded or unshielded twisted pair-coaxial cable-fiber optics-or microwave links.
frame relay
A digital-packet-switched WAN technology whose protocols operate at the Data Link layer. The name is derived from the fact that data is separated into frames-which are then relayed from one node to another without any verification or processing. Frame relay offers throughputs between 64 Kbps and 45 Mbps. A frame relay customer chooses the amount of bandwidth he requires and pays for only that amount.
packet
A discrete unit of information sent from one node on a network to another.
BGP (Border Gateway Protocol)
A distance-vector routing protocol capable of considering many factors in its routing metrics. BGP-an Exterior Gateway Protocol-is the routing protocol used on Internet backbones.
channel
A distinct communication path between two or more nodes-much like a lane is a distinct transportation path on a freeway. Channels may be separated either logically (as in multiplexing) or physically (as when they are carried by separate wires).
SAN (storage area network)
A distinct network of multiple storage devices and servers that provides fast-highly available-and highly fault-tolerant access to large quantities of data for a client/server network. A SAN uses a proprietary network transmission method (such as Fibre Channel) rather than a traditional network transmission method such as Ethernet.
Fibre Channel
A distinct network transmission method that relies on fiber-optic media and its own proprietary protocol. Fibre Channel is capable of over 5 Gbps throughput.
security policy
A document or plan that identifies an organization's security goals-risks-levels of authority-designated security coordinator and team members-responsibilities for each team member-and responsibilities for each employee. In addition-it specifies how to address security breaches.
supported services list
A document that lists every service and software package supported within an organization-plus the names of first- and second-level support contacts for those services or software packages.
standard
A documented agreement containing technical specifications or other precise criteria that are used as guidelines to ensure that materials-products-processes-and services suit their intended purpose.
server mirroring
A fault-tolerance technique in which one server duplicates the transactions and data storage of another-identical server. Server mirroring requires a link between the servers and software running on both servers so that the servers can continually synchronize their actions and one can take over in case the other fails.
replication
A fault-tolerance technique that involves dynamic copying of data (for example-an NOS directory or an entire server's hard disk) from one location to another
clustering
A fault-tolerance technique that links multiple servers to act as a single server. In this configuration-clustered servers share processing duties and appear as a single server to users. If one server in the cluster fails-the other servers in the cluster automatically take over its data transaction and storage responsibilities.
Remote Desktop
A feature of Windows operating systems that allows a computer to act as a remote host and be controlled from a client running another Windows operating system.
multitenant
A feature of cloud computing in which multiple customers share storage locations or services without knowing it.
HIPAA (Health Insurance Portability and Accountability Act)
A federal regulation in the United States-enacted in 1996. One aspect of this regulation addresses the security and privacy of medical records-including those stored or transmitted electronically.
archive bit
A file attribute that can be checked (or set to "on") or unchecked (or set to "off") to indicate whether the file needs to be archived. An operating system checks a file's archive bit when it is created or changed.
stateful firewall
A firewall capable of monitoring a data stream from end to end.
stateless firewall
A firewall capable only of examining packets individually. Stateless firewalls perform more quickly than stateful firewalls-but are not as sophisticated.
network-based firewall
A firewall configured and positioned to protect an entire network.
content-filtering firewall
A firewall that can block designated types of traffic from entering a protected network.
host-based firewall
A firewall that only protects the computer on which it's installed.
Cat 3 (Category 3)
A form of UTP that contains four wire pairs and can carry up to 10 Mbps-with a possible bandwidth of 16 MHz. Cat 3 was used for 10-Mbps Ethernet or 4-Mbps token ring networks.
Cat 5 (Category 5)
A form of UTP that contains four wire pairs and supports up to 100-Mbps throughput and a 100-MHz signal rate.
PAT (Port Address Translation)
A form of address translation that uses TCP port numbers to distinguish each client's transmission-thus allowing multiple clients to share a limited number of Internet-recognized IP addresses.
single sign-on
A form of authentication in which a client signs on once to access multiple systems or resources.
fiber-optic cable
A form of cable that contains one or several glass or plastic fibers in its core. Data is transmitted via pulsing light sent from a laser or light-emitting diode (LED) through the central fiber (or fibers). Fiber-optic cables offer significantly higher throughput than copper-based cables. They may be single-mode or multimode and typically use wavedivision multiplexing to carry multiple signals.
public key encryption
A form of key encryption in which data is encrypted using two keys: One is a key known only to a user-and the other is a key associated with the user and that can be obtained from a public source-such as a public key server. Some examples of public key algorithms include RSA and Diffie-Hellman. Public key encryption is also known as asymmetric encryption.
baseband
A form of transmission in which digital signals are sent through direct current pulses applied to a wire. This direct current requires exclusive use of the wire's capacity-so baseband systems can transmit only one signal-or one channel-at a time. Every device on a baseband system shares a single channel.
broadband
A form of transmission in which signals are modulated as radio frequency analog pulses with different frequency ranges. Unlike baseband-broadband technology does not involve binary encoding. The use of multiple frequencies enables a broadband system to operate over several channels and-therefore-carry much more data than a baseband system.
multiplexing
A form of transmission that allows multiple signals to travel simultaneously over one medium.
ghost
A frame that is not actually a data frame-but rather an aberration caused by a device misinterpreting stray voltage on the wire. Unlike true data frames-ghosts have no starting delimiter.
media gateway
A gateway capable of accepting connections from multiple devices (for example-IP telephones-traditional telephones-IP fax machines-traditional fax machines-and so on) and translating analog signals into packetized-digital signals-and vice versa.
core gateway
A gateway that operates on the Internet backbone.
network diagram
A graphical representation of a network's devices and connections.
wiring schematic
A graphical representation of a network's wired infrastructure.
ESS (extended service set)
A group of access points and associated stations (or basic service sets) connected to the same LAN.
5-4-3 rule
A guideline for 10-Mbps Ethernet networks stating that between two communicating nodes-the network cannot contain more than five network segments connected by four repeating devices-and no more than three of the segments may be populated.
DNS (Domain Name System or Domain Name Service)
A hierarchical way of tracking domain names and their addresses-devised in the mid-1980s. The DNS database does not rely on one file or even one server-but rather is distributed over several key computers across the Internet to prevent catastrophic failure if one or a few computers go down. DNS is a TCP/IP service that belongs to the Application layer of the OSI model.
SONET (Synchronous Optical Network)
A high-bandwidth WAN signaling technique that specifies framing and multiplexing techniques at the Physical layer of the OSI model. It can integrate many other WAN technologies (for example-T-carriers-ISDN-and ATM technology) and allows for simple link additions and removals. SONET's topology includes a double ring of fiber-optic cable-which results in very high fault tolerance.
TDR (time domain reflectometer)
A high-end instrument for testing the qualities of a cable. It works by issuing a signal on a cable and measuring the way in which the signal bounces back (or reflects) to the TDR. Many performance testers rely on TDRs.
Cat 5e (Enhanced Category 5)
A higher-grade version of Cat 5 wiring that contains highquality copper-offers a high twist ratio-and uses advanced methods for reducing cross talk. Enhanced Cat 5 can support a signaling rate of up to 350 MHz-more than triple the capability of regular Cat 5.
Cat 6a (Augmented Category 6)
A higher-grade version of Cat 6 wiring that further reduces attenuation and cross talk and allows for potentially exceeding traditional network segment length limits. Cat 6a is capable of a 500-MHz signaling rate and can reliably transmit data at multi-gigabit per second rates.
FQDN (fully qualified domain name)
A host name plus domain name that uniquely identifies a computer or location on a network.
star-wired bus topology
A hybrid topology in which groups of workstations are connected in a star fashion to connectivity devices that are networked via a single bus.
star-wired ring topology
A hybrid topology that uses the physical layout of a star and the token-passing data transmission method.
IDF (intermediate distribution frame)
A junction point between the MDF and concentrations of fewer connections-for example-those that terminate in a telecommunications closet.
network key
A key (or character string) required for a wireless station to associate with an access point using WEP.
WEP (Wired Equivalent Privacy)
A key encryption technique for wireless networks that uses keys both to authenticate network clients and to encrypt data in transit.
Carrier Ethernet
A level of Ethernet service that is characterized by very high throughput and reliability and is used between carriers-such as NSPs.
HFC (hybrid fiber-coax)
A link that consists of fiber cable connecting the cable company's offices to a node location near the customer and coaxial cable connecting the node to the customer's house. HFC upgrades to existing cable wiring are required before current TV cable systems can provide Internet access.
IS-IS (Intermediate System to Intermediate System)
A link-state routing protocol that uses a best-path algorithm similar to OSPF's. IS-IS was originally codified by ISO-which referred to routers as intermediate systems thus the protocol's name. Unlike OSPF-IS-IS is designed for use on interior routers only.
ACL (access control list)
A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.
SVC (switched virtual circuit)
A logical-point-to-point connection that relies on switches to determine the optimal path between sender and receiver. ATM technology uses SVCs.
VPN (virtual private network)
A logically constructed WAN that uses existing public transmission systems. VPNs can be created through the use of software or combined software and hardware solutions. This type of network allows an organization to carve out a private WAN through the Internet-serving only its offices-while keeping the data secure and isolated from other (public) traffic.
virtual switch
A logically defined device that is created and managed by virtualization software and that operates at the Data Link layer. Ports on a virtual switch connect virtual machines with a network-whether virtual or physical-through the host's physical NIC.
vNIC (virtual network interface card)
A logically defined network interface associated with a virtual machine.
IMAP (Internet Message Access Protocol)
A mail retrieval protocol that improves on the shortcomings of POP. The single biggest advantage IMAP4 has relative to POP is that it allows users to store messages on the mail server-rather than always having to download them to the local machine. The most current version of IMAP is version 4 (IMAP4).
multicasting
A means of transmission in which one device sends data to a specific group of devices (not necessarily the entire network segment) in a point-to-multipoint fashion.
remote access
A method for connecting and logging on to a LAN from a workstation that is remote-or not physically connected-to the LAN.
SCP (Secure CoPy)
A method for copying files securely between hosts. SCP is part of the OpenSSH package-which comes with modern UNIX and Linux operating systems. Thirdparty SCP applications are available for Windows-based computers.
LANE (LAN Emulation)
A method for transporting token ring or Ethernet frames over ATM networks. LANE encapsulates incoming Ethernet or token ring frames-then converts them into ATM cells for transmission over an ATM network.
structured cabling
A method for uniform-enterprise-wide-multivendor cabling systems specified by the TIA/EIA 568 Commercial Building Wiring Standard. Structured cabling is based on a hierarchical design using a high-speed backbone.
biorecognition access
A method of authentication in which a device scans an individual's unique physical characteristics (such as the color patterns in her iris or the geometry of her hand) to verify the user's identity.
integrity checking
A method of comparing the current characteristics of files and disks against an archived version of these characteristics to discover any changes. The most common example of integrity checking involves a checksum.
broadband cable
A method of connecting to the Internet over a cable network. In broadband cable-computers are connected to a cable modem that modulates and demodulates signals to and from the cable company's head-end.
FM (frequency modulation)
A method of data modulation in which the frequency of the carrier signal is modified by the application of the data signal.
PoE (Power over Ethernet)
A method of delivering current to devices using Ethernet connection cables.
DDNS (Dynamic DNS)
A method of dynamically updating DNS records for a host. DDNS client computers are configured to notify a service provider when their IP addresses change-then the service provider propagates the DNS record change across the Internet automatically.
SSL (Secure Sockets Layer)
A method of encrypting TCP/IP transmissions-including Web pages and data entered into Web forms-en route between the client and server using public key encryption technology.
symmetric encryption
A method of encryption that requires the same key to encode the data as is used to decode the ciphertext.
checksum
A method of error checking that determines if the contents of an arriving data unit match the contents of the data unit sent by the source.
flow control
A method of gauging the appropriate rate of data transmission based on how fast the recipient can accept data.
hardware RAID
A method of implementing RAID that relies on an externally attached set of disks and a RAID disk controller-which manages the RAID array.
software RAID
A method of implementing RAID that uses software to implement and control RAID techniques over virtually any type of hard disk(s). RAID software may be a third-party package or utilities that come with an operating system NOS.
round-robin DNS
A method of increasing name resolution availability by pointing a host name to multiple IP addresses in a DNS zone file.
statistical multiplexing
A method of multiplexing in which each node on a network is assigned a separate time slot for transmission-based on the node's priority and need.
TDM (time division multiplexing)
A method of multiplexing that assigns a time slot in the flow of communications to every node on the network and-in that time slot-carries data from that node.
dynamic routing
A method of routing that automatically calculates the best path between two nodes and accumulates this information in a routing table. If congestion or failures affect the network-a router using dynamic routing can detect the problems and reroute data through a different path. Modern networks primarily use dynamic routing.
OSI (Open Systems Interconnection) model
A model for understanding and developing computer-to-computer communication developed in the 1980s by ISO. It divides networking functions among seven layers: Physical-Data Link-Network-Transport-Session-Presentation-and Application.
AM (amplitude modulation)
A modulation technique in which the amplitude of the carrier signal is modified by the application of a data signal.
brownout
A momentary decrease in voltage-also known as a sag. An overtaxed electrical system may cause brownouts-recognizable as a dimming of the lights.
port mirroring
A monitoring technique in which one port on a switch is configured to send a copy of all its traffic to a second port.
WDM (wavelength division multiplexing)
A multiplexing technique in which each signal on a fiber-optic cable is assigned a different wavelength-which equates to its own subchannel. Each wavelength is modulated with a data signal. In this manner-multiple signals can be simultaneously transmitted in the same direction over a length of fiber.
DWDM (dense wavelength division multiplexing)
A multiplexing technique used over single-mode or multimode fiber-optic cable in which each signal is assigned a different wavelength for its carrier wave. In DWDM-little space exists between carrier waves in order to achieve extraordinary high capacity.
router
A multiport device that operates at Layer 3 of the OSI model and uses logical addressing information to direct data between networks or segments. Routers can connect dissimilar LANs and WANs running at different transmission speeds and using a variety of Network layer protocols. They determine the best path between nodes based on traffic congestion-available versus unavailable routes-load balancing targets-and other factors.
slave name server
A name server that can take the place of a master name server to resolve names and addresses on a network. Slave name servers poll master name servers to ensure that their zone information is identical. Slave name servers are also called secondary name servers.
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
A network access method specified for use by IEEE 802.3 (Ethernet) networks. In CSMA/CD-each node waits its turn before transmitting data to avoid interfering with other nodes' transmissions. If a node's NIC determines that its data have been involved in a collision-it immediately stops transmitting. Next-in a process called jamming-the NIC issues a special 32-bit sequence that indicates to the rest of the network nodes that its previous transmission was faulty and that those data frames are invalid. After waiting-the NIC determines if the line is again available; if it is available-the NIC retransmits its data.
CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)
A network access method used on 802.11 wireless networks. In CSMA/CA-before a node begins to send data it checks the medium. If it detects no transmission activity-it waits a brief-random amount of time-and then sends its transmission. If the node does detect activity-it waits a brief period of time before checking the channel again. CSMA/CA does not eliminate-but minimizes-the potential for collisions.
client/server architecture
A network design in which client computers use a centrally administered server to share data-data storage space-and devices
cache engine
A network device devoted to storage and delivery of frequently requested files.
proxy server
A network host that runs a proxy service. Proxy serversmay also be called gateways.
PON (passive optical network)
A network in which a carrier uses fiber-optic cabling to connect with multiple endpoints-for example-many businesses on a city block. The word passive applies because in a PON no repeaters or other connectivity devices intervene between a carrier and its customer.
peer-to-peer network
A network in which every computer can communicate directly with every other computer. By default-no computer on a peer-to-peer network has more authority than another. However-each computer can be configured to share only some of its resources and keep other resources inaccessible to other nodes on the network.
ring topology
A network layout in which each node is connected to the two nearest nodes so that the entire network forms a circle. Data are transmitted in one direction around the ring. Each workstation accepts and responds to packets addressed to it-then forwards the other packets to the next workstation in the ring.
polling
A network management application's regular collection of data from managed devices.
LAN (local area network)
A network of computers and other devices that is confined to a relatively small space-such as one building or even one office.
honeynet
A network of honeypots.
populated segment
A network segment that contains end nodes-such as workstations.
unpopulated segment
A network segment that does not contain end nodes-such as workstations. Unpopulated segments are also called link segments.
public network
A network that any user can access with no restrictions. The most familiar example of a public network is the Internet.
MAN (metropolitan area network)
A network that is larger than a LAN-typically connecting clients and servers from multiple buildings-but within a limited geographic area. For example-a MAN could connect multiple city government buildings around a city's center.
WAN (wide area network)
A network that spans a long distance and connects two or more LANs.
client/server network
A network that uses centrally administered computers-known as servers-to enable resource sharing for and to facilitate communication between the other computers on the network.
passive topology
A network topology in which each node passively listens for-then accepts-data directed to it. A bus topology is considered a passive topology.
private network
A network whose access is restricted to only clients or machines with proper credentials.
VLAN (virtual local area network)
A network within a network that is logically defined by grouping its devices' switch ports in the same broadcast domain. A VLAN can consist of any type of network node in any geographic location and can incorporate nodes connected to different switches.
access method
A network's method of controlling how nodes access the communications channel. For example-CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is the access method specified in the IEEE 802.3 (Ethernet) standard.
token ring
A networking technology developed by IBM in the 1980s. It relies upon direct links between nodes and a ring topology-using tokens to allow nodes to transmit data.
Ethernet
A networking technology originally developed at Xerox in the 1970s and improved by Digital Equipment Corporation-Intel-and Xerox. Ethernet-which is the most common form of network transmission technology-follows the IEEE 802.3 standard.
IPv6 (IP version 6)
A newer standard for IP addressing that is gradually replacing the current IPv4 (IP version 4). Most notably-IPv6 uses a newer-more efficient header in its packets and allows for 128-bit source and destination IP addresses. The use of longer Key Terms 183 addresses will allow for many more IP addresses to be in circulation. IPv6 also provides automatic addressing-better security-and prioritization features.
alias
A nickname for a node's host name. Aliases can be specified in a local host file.
IANA (Internet Assigned Numbers Authority)
A nonprofit-United States governmentfunded group that was established at the University of Southern California and charged with managing IP address allocation and the Domain Name System. The oversight for many of IANA's functions was given to ICANN in 1998; however-IANA continues to perform Internet addressing and Domain Name System administration.
RIR (Regional Internet Registry)
A not-for-profit agency that manages the distribution of IP addresses to private and public entities. ARIN is the RIR for North-Central-and South America and sub-Saharan Africa. APNIC is the RIR for Asia and the Pacific region. RIPE is the RIR for Europe and North Africa.
TTL (Time to Live)
A number that indicates the maximum duration that a packet can remain on the network before it is discarded. Although this field was originally meant to represent units of time-on modern networks it represents the number of router hops a datagram has endured. The TTL for datagrams is variable and configurable-but is usually set at 32 or 64. Each time a datagram passes through a router-its TTL is reduced by 1.When a router receives a datagram with a TTL equal to 1-the router discards that datagram.
address
A number that uniquely identifies each workstation and device on a network. Without unique addresses-computers on the network could not reliably communicate.
frame
A package for data that includes not only the raw data-or "payload" but also the sender's and recipient's addressing and control information. Frames are generated at the Data Link layer of the OSI model and are issued to the network at the Physical layer.
cell
A packet of a fixed size. In ATM technology-a cell consists of 48 bytes of data plus a 5-byte header.
giant
A packet that exceeds the medium's maximum packet size. For example-any Ethernet packet that is larger than 1518 bytes is considered a giant.
punch-down block
A panel of data receptors into which twisted pair wire is inserted-or punched down-to complete a circuit.
jamming
A part of CSMA/CD in which-upon detecting a collision-a station issues a special 32-bit sequence to indicate to all nodes on an Ethernet segment that its previously transmitted frame has suffered a collision and should be considered faulty.
subnet
A part of a network in which all nodes shares a network addressing component and a fixed amount of bandwidth.
segment
A part of a network. Usually-a segment is composed of a group of nodes that share the same communications channel for all their traffic.
digital certificate
A password-protected and encrypted file that holds an individual's identification information-including a public key and a private key. The individual's public key is used to verify the sender's digital signature-and the private key allows the individual to log on to a third-party authority who administers digital certificates.
Nessus
A penetration-testing tool from Tenable Security that performs sophisticated scans to discover information about hosts-ports-services-and software.
metasploit
A penetration-testing tool that combines known scanning techniques and exploits to result in potentially new types of exploits.
OTDR (optical time domain reflectometer)
A performance testing device for use with fiber-optic networks. An OTDR works by issuing a light-based signal on a fiber-optic cable and measuring the way in which the signal bounces back (or reflects) to the OTDR. By measuring the length of time it takes the signal to return-an OTDR can determine the location of a fault.
help desk coordinator
A person who ensures that help desk analysts are divided into the correct teams-schedules shifts at the help desk-and maintains the infrastructure to enable analysts to better perform their jobs. They might also serve as third-level support personnel-taking responsibility for troubleshooting a problem when the second-level support analyst is unable to solve it.
user
A person who uses a computer.
help desk analyst
A person who's proficient in basic (but not usually advanced) workstation and network troubleshooting. Help desk analysts are part of first-level support.
remote user
A person working on a computer on a different network or in a different geographical location from the LAN's serv
signal bounce
A phenomenon-caused by improper termination on a bus-topology network-in which signals travel endlessly between the two ends of the network-preventing new signals from getting through.
star topology
A physical topology in which every node on the network is connected through a central connectivity device. Any single physical wire on a star network connects only two devices-so a cabling problem will affect only two nodes. Nodes transmit data to the device-which then retransmits the data to the rest of the network segment where the destination node can pick it up.
hybrid topology
A physical topology that combines characteristics of more than one simple physical topology.
hot site
A place where the computers-devices-and connectivity necessary to rebuild a network exist-and all are appropriately configured-updated-and connected to match your network's current state.
cold site
A place where the computers-devices-and connectivity necessary to rebuild a network exist-but they are not appropriately configured-updated-or connected to match the network's current state.
warm site
A place where the computers-devices-and connectivity necessary to rebuild a network exist-though only some are appropriately configured-updated-or connected to match the network's current state.
backup rotation scheme
A plan for when and how often backups occur-and which backups are full-incremental-or differential.
phase
A point or stage in a wave's progress over time.
WAN link
A point-to-point connection between two nodes on a WAN.
PVC (permanent virtual circuit)
A point-to-point connection over which data may follow any number of different paths-as opposed to a dedicated line that follows a predefined path. X.25-frame relay-and some forms of ATM use PVCs.
RADIUS (Remote Authentication Dial-In User Service)
A popular protocol for providing centralized AAA (authentication-authorization-and accounting) for multiple users. RADIUS runs over UDP and can use one of several authentication protocols.
ethtool
A popular tool for viewing and modifying network interface properties on Linux computers.
uplink port
A port on a connectivity device-such as a hub or switch-used to connect it to another connectivity device.
on-board port
A port that is integrated into a computer's motherboard.
DNS zone
A portion of the DNS namespace for which one organization is assigned authority to manage.
standby UPS
A power supply that provides continuous voltage to a device by switching virtually instantaneously to the battery when it detects a loss of power from the wall outlet. Upon restoration of the power-the standby UPS switches the device to use A/C power again.
online UPS
A power supply that uses the A/C power from the wall outlet to continuously charge its battery-while providing power to a network device through its battery.
phishing
A practice in which a person attempts to glean access or authentication information by posing as someone who needs that information.
AES (Advanced Encryption Standard)
A private key encryption algorithm that weaves keys of 128-160-192-or 256 bits through data multiple times. The algorithm used in the most popular form of AES is known as Rijndael. AES has replaced DES in situations such as military communications-which require the highest level of security.
IP-PBX
A private switch that accepts and interprets both analog and digital voice signals (although some IP-PBXs do not accept analog lines). It can connect with both traditional PSTN lines and data networks. An IP-PBX transmits and receives IP-based voice signals to and from other network connectivity devices-such as a router or gateway.
two-factor authentication
A process in which clients must supply two pieces of information to verify their identity and gain access to a system.
change management system
A process or program that provides support personnel with a centralized means of documenting changes made to the network.
MCITP (Microsoft Certified IT Professional)
A professional certification established by Microsoft that demonstrates in-dept
CCNA (Cisco Certified Network Associate)
A professional certification that attests to one's skills in installing-configuring-maintaining-and troubleshooting medium-sized networks that use Cisco Systems' switches and routers.
ISOC (Internet Society)
A professional organization with members from 90 chapters around the world that helps to establish technical standards for the Internet.
logic bomb
A program designed to start when certain conditions are met.
malware
A program or piece of code designed to harm a system or its resources.
Trojan horse
A program that disguises itself as something useful-but actually harms your system.
virus
A program that replicates itself to infect more computers-either through network connections or through external storage devices-such as USB drives-passed among users. Viruses might damage files or systems or simply annoy users by flashing messages or pictures on the screen or by causing the keyboard to beep.
bot
A program that runs automatically. Bots can spread viruses or other malicious code between users in a chat room by exploiting the IRC protocol.
SFTP (Secure File Transfer Protocol)
A protocol available with the proprietary version of SSH that copies files between hosts securely. Like FTP-SFTP first establishes a connection with a host and then allows a remote user to browse directories-list files-and copy files. Unlike FTP-SFTP encrypts data before transmitting it.
CARP (Common Address Redundancy Protocol)
A protocol that allows a pool of computers or interfaces to share one or more IP addresses. CARP improves availability and can contribute to load balancing among several devices-including servers-firewalls-or routers.
IRC (Internet Relay Chat)
A protocol that enables users running special IRC client software to communicate instantly with other participants in a chat room on the Internet.
L2TP (Layer 2 Tunneling Protocol)
A protocol that encapsulates PPP data-for use on VPNs. L2TP is based on Cisco technology and is standardized by the IETF. It is distinguished by its compatibility among different manufacturers' equipment; its ability to connect between clients-routers-and servers alike; and also by the fact that it can connect nodes belonging to different Layer 3 networks.
IPv4LL (IP version 4 Link Local)
A protocol that manages automatic address assignment among locally connected nodes. IPv4LL is part of the Zeroconf group of protocols.
NetBIOS
A protocol that runs in the Session and Transport layers of the OSI model and associates NetBIOS names with workstations. NetBIOS alone is not routable because it does not contain Network layer information. However-when encapsulated in another protocol such as TCP/IP-it can be routed.
MEGACO
A protocol used between media gateway controllers and media gateways. MEGACO is poised to replace MGCP on modern converged networks-as it supports a broader range of network technologies-including ATM. Also known as H.248.
MGCP (Media Gateway Control Protocol)
A protocol used for communication between media gateway controllers and media gateways. MGCP is currently the most popular media gateway control protocol used on converged networks.
public key server
A publicly available host (such as an Internet host) that provides free access to a list of users' public keys (for use in public key encryption).
challenge
A random string of text issued from one computer to another in some forms of authentication. It is used-along with the password (or other credential)-in a response to verify the computer's credentials.
5-GHz band
A range of frequencies that comprises four frequency bands: 5.1 GHz-5.3 GHz-5.4 GHz-and 5.8 GHz. It consists of 24 unlicensed bands-each 20-MHz wide. The 5-GHz band is used by WLANs that follow the 802.11a and 802.11n standards.
expansion slot
A receptacle on a computer's motherboard that contains multiple electrical contacts into which an expansion board can be inserted.
dynamic ARP table entry
A record in an ARP table that is created when a client makes an ARP request that cannot be satisfied by data already in the ARP table.
static ARP table entry
A record in an ARP table that someone has manually entered using the ARP utility. Static ARP table entries remain the same until someone manually modifies them with the ARP utility.
baseline
A record of how a network operates under normal onditions (including its performance-collision rate-utilization rate-and so on). Baselines are used for comparison when conditions change.
tape backup
A relatively simple and economical backup method in which data is copied to magnetic tapes. In many environments-tape backups have been replaced with faster backup methods-such as copying to network or online storage.
terminator
A resistor that is attached to each end of a bus-topology network and that causes the signal to stop rather than reflect back toward its source.
ACK (acknowledgment)
A response generated at the Transport layer of the OSI model that confirms to a sender that its frame was received. The ACK packet is the third of three in the three-step process of establishing a connection.
mtr (my traceroute)
A route discovery and analysis utility that comes with UNIX and Linux operating systems. Mtr combines the functions of the ping and traceroute commands and delivers an easily readable chart as its output.
border router
A router that connects an autonomous LAN with an exterior network-for example-the router that connects a business to its ISP.
interior router
A router that directs data between nodes on an autonomous LAN.
exterior router
A router that directs data between nodes outside a given autonomous LAN-for example-routers used on the Internet's backbone.
packet-filtering firewall
A router that examines the header of every packet of data that it receives to determine whether that type of packet is authorized to continue to its destination. Packet-filtering firewalls are also called screening firewalls.
EIGRP (Enhanced Interior Gateway Routing Protocol)
A routing protocol developed in the mid-1980s by Cisco Systems that has a fast convergence time and a low network overhead-but is easier to configure and less CPU-intensive than OSPF. EIGRP also offers the benefits of supporting multiple protocols and limiting unnecessary network traffic between routers.
EGP (Exterior Gateway Protocol)
A routing protocol that can span multiple-autonomous networks. BGP and EIGRP are examples of Exterior Gateway Protocols.
OSPF (Open Shortest Path First)
A routing protocol that makes up for some of the limitations of RIP and can coexist with RIP on a network.
IGP (Interior Gateway Protocol)
A routing protocol-such as RIP-that can only route data within an autonomous (internal) network.
NMAP (Network Mapper)
A scanning tool designed to assess large networks quickly and provide comprehensive-customized information about a network and its hosts. NMAP-which runs on virtually any modern operating system-is available for download at no cost at www.nmap.org.
tunnel
A secured-virtual connection between two nodes on a VPN.
denial-of-service attack
A security attack in which a system becomes unable to function because it has been inundated with requests for services and can't respond to any of them. As a result-all data transmissions are disrupted.
flashing
A security attack in which an Internet user sends commands to another Internet user's machine that cause the screen to fill with garbage characters. A flashing attack causes the user to terminate her session.
DNS spoofing
A security attack in which an outsider forges name server records to falsify his host's identity.
IP spoofing
A security attack in which an outsider obtains internal IP addresses and then uses those addresses to pretend that he has authority to access a private network from the Internet.
WEP cracking
A security exploit in which a hacker uses a program to discover a WEP key.
WPA cracking
A security exploit in which a hacker uses a program to discover a WPA key.
FTP bounce
A security exploit in which an FTP client specifies a different host's IP address and port number for the requested data's destination. By commanding the FTP server to connect to a different computer-a hacker can scan the ports on other hosts and transmit malicious code. To thwart FTP bounce attacks-most modern FTP servers will not issue data to hosts other than the client that originated the request.
man-in-the-middle attack
A security threat that relies on intercepted transmissions. It can take one of several forms-but in all cases a person redirects or captures secure data traffic while in transit.
flow
A sequence of packets issued from one source to one or many destinations. Routers interpret flow information to ensure that packets belonging to the same transmission arrive together. Flow information may also help with traffic prioritization.
key
A series of characters that is combined with a block of data during that data's encryption. To decrypt the resulting data-the recipient must also possess the key.
RAID (Redundant Array of Independent [or Inexpensive] Disks)
A server redundancy measure that uses shared-multiple physical or logical hard disks to ensure data integrity and availability. Some RAID designs also increase storage capacity and improve performance.
name server
A server that contains a database of TCP/IP host names and their associated IP addresses. A name server supplies a resolver with the requested information. If it cannot resolve the IP address-the query passes to a higher-level name server.
virtual server
A server that exists as a virtual machine-created and managed by virtualization software on a host-or physical-computer.
DHCP server
A server that manages IP address assignment-maintaining information about which addresses are allowable-which are available-and which have already been associated with a host.
mail server
A server that manages the storage and transfer of e-mail message
RADIUS server
A server that offers centralized authentication services to a network's access server-VPN server-or wireless access point via the RADIUS protocol.
remote access server
A server that runs communications services that enable remote users to log on to a network. Also known as an access server.
APIPA (Automatic Private IP Addressing)
A service available on computers running one of the Windows operating systems that automatically assigns the computer's network interface a link-local IP address.
ISAKMP (Internet Security Association and Key Management Protocol)
A service for setting policies to verify the identity and the encryption methods nodes will use in IPSec transmission.
FTTH (fiber to the home)
A service in which a residential customer is connected to his carrier's network with fiber-optic cable.
FTTP (fiber to the premises)
A service in which a residential or business customer is connected to his carrier's network using fiber-optic cable.
video-on-demand
A service in which a video stored as an encoded file is delivered to a viewer upon his request.
IPTV (IP television)
A service in which television signals from broadcast or cable networks travel over packet-switched networks.
streaming video
A service in which video signals are compressed and delivered over the Internet in a continuous stream so that a user can watch and listen even before all the data have been transmitted.
ICS (Internet Connection Sharing)
A service provided with Windows operating systems that allows one computer-the ICS host-to share its Internet connection with other computers on the same network.
ferrule
A short tube within a fiber-optic cable connector that encircles the fiber strand and keeps it properly aligned.
analog
A signal that uses variable voltage to create continuous waves-resulting in an inexact transmission.
upgrade
A significant change to an application's existing code-typically designed to improve functionality or add new features.
NTP (Network Time Protocol)
A simple Application layer protocol in the TCP/IP suite used to synchronize the clocks of computers on a network. NTP depends on UDP for Transport layer services.
PAP (Password Authentication Protocol)
A simple authentication protocol that operates over PPP. Using PAP-a client issues its credentials in a request to authenticate-and the server responds with a confirmation or denial of authentication after comparing the credentials with those in its database. PAP is not very secure and is-therefore-rarely used on modern networks.
multimeter
A simple instrument that can measure multiple characteristics of an electric circuit-including its resistance and voltage.
protocol analyzer
A software package or hardware-based tool that can capture and analyze data on a network. Protocol analyzers are more sophisticated than network monitoring tools-as they can typically interpret data up to Layer 7 of the OSI model.
call tracking system
A software program used to document technical problems and how they were resolved (also known as help desk software).
agent
A software routine that collects data about a managed device's operation and provides it to a network management application.
network monitor
A software-based tool that monitors traffic on the network from a server or workstation attached to the network. Network monitors typically can interpret up to Layer 3 of the OSI model.
token
A special control frame that indicates to the rest of the network that a particular node has the right to transmit data.
ESSID (extended service set identifier)
A special identifier shared by BSSs that belong to the same ESS.
VPN concentrator
A specialized device that authenticates VPN clients and establishes tunnels for VPN connections.
file server
A specialized server that enables clients to share applications and data across the network.
external disk drive
A storage device that can be attached temporarily to a computer.
BNC (Bayonet Neill-Concelman-or British Naval Connector)
A standard for coaxial cable connectors named after its coupling method and its inventors.
MIME (Multipurpose Internet Mail Extensions)
A standard for encoding and interpreting binary files-images-video-and non-ASCII character sets within an e-mail message.
syslog
A standard for generating-storing-and processing messages about events on a system. Syslog describes methods for detecting and reporting events and specifies the format and contents of messages.
RJ-48 (registered jack 48)
A standard for terminating wires in an eight-pin connector. RJ-48 is the preferred connector type for T1 connections that rely on twisted pair wiring.
SFP (small form-factor pluggable) transceiver
A standard hot-swappable network interface used to link a connectivity device's backplane with fiber-optic or copper cabling. SFPs are known as mini GBICs because they perform a similar function as GBICs-but have a smaller profile. Current SFP standards enable them to send and receive data at up to 10 Gbps.
protocol
A standard method or format for communication between network devices. For example-some protocols ensure that data are transferred in sequence and without error from one node on the network to another. Other protocols ensure that data belonging to a Web page are formatted to appear correctly in a Web browser window. Still others encode passwords and keep data transmissions secure.
AWG (American Wire Gauge)
A standard rating that indicates the diameter of a wire-such as the conducting core of a coaxial cable.
GBIC (Gigabit interface converter)
A standard type of modular interface designed in the 1990s for Gigabit Ethernet connections. GBICs may contain RJ-45 or fiber-optic cable ports (such as LC-SC-or ST). They are inserted into a socket on a connectivity device's backplane.
TIA (Telecommunications Industry Association)
A subgroup of the EIA that focuses on standards for information technology-wireless-satellite-fiber optics-and telephone equipment. Probably the best known standards to come from the TIA/EIA alliance are its guidelines for how network cable should be installed in commercial buildings-known as the "TIA/EIA 568-B Series."
TCP/IP (Transmission Control Protocol/Internet Protocol)
A suite of networking protocols that includes TCP-IP-UDP-and many others. TCP/IP provides the foundation for data exchange across the Internet.
Layer 3 switch
A switch capable of interpreting data at Layer 3 (Network layer) of the OSI model.
Layer 4 switch
A switch capable of interpreting data at Layer 4 (Transport layer) of the OSI model.
application switch
A switch that provides functions between Layer 4 and Layer 7 of the OSI model.
content switch
A switch that provides functions between Layer 4 and Layer 7 of the OSI model.
cut-through mode
A switching mode in which a switch reads a frame's header and decides where to forward the data before it receives the entire packet. Cut-through mode is faster-but less accurate-than the other switching method-store-and-forward mode.
STP (Spanning Tree Protocol)
A switching protocol defined in IEEE 802.1D. STP operates in the Data Link layer to prevent traffic loops by calculating paths that avoid potential loops and by artificially blocking links that would complete a loop. Given changes to a network's links or devices-STP recalculates its paths.
host name
A symbolic name that describes a TCP/IP device.
backplane
A synonym for motherboard-often used in the context of switches and routers.
binary
A system founded on using 1s and 0s to encode information.
IAB (Internet Architecture Board)
A technical advisory group of researchers and technical professionals responsible for Internet growth and management strategy-resolution of technical disputes-and standards oversight.
DiffServ (Differentiated Service)
A technique for ensuring QoS by prioritizing traffic. DiffServ places information in the DiffServ field in an IPv4 datagram. In IPv6 datagrams-DiffServ uses a similar field known as the Traffic Class field. This information indicates to the network routers how the data stream should be forwarded.
modulation
A technique for formatting signals in which one property of a simple carrier wave is modified by the addition of a data signal during transmission.
NAT (Network Address Translation)
A technique in which IP addresses used on a private network are assigned a public IP address by a gateway when accessing a public network.
Web caching
A technique in which Web pages are stored locally-either on a host or network-and then delivered to requesters more quickly than if they had been obtained from the original source.
port authentication
A technique in which a client's identity is verified by an authentication server before a port-whether physical or logical-is opened for the client's Layer 3 traffic. See also 802.1x.
static routing
A technique in which a network administrator programs a router to use specific paths between nodes. Because it does not account for occasional network congestion-failed connections-or device moves and requires manual configuration-static routing is not optimal.
dictionary attack
A technique in which attackers run a program that tries a combination of a known user ID and-for a password-every word in a dictionary to attempt to gain access to a network.
online backup
A technique in which data is backed up to a central location over the Internet.
PBX (private branch exchange)
A telephone switch used to connect and manage an organization's voice calls.
IP telephone
A telephone used for VoIP on a TCP/IP-based network. IP telephones are designed to transmit and receive only digital signals.
downstream
A term used to describe data traffic that flows from a carrier's facility to the customer. In asymmetrical communications-downstream throughput is usually much higher than upstream throughput. In symmetrical communications-downstream and upstream throughputs are equal.
upstream
A term used to describe data traffic that flows from a customer's site to a carrier's facility. In asymmetrical communications-upstream throughput is usually much lower than downstream throughput. In symmetrical communications-upstream and downstream throughputs are equal.
hop
A term used to describe each trip a unit of data takes from one connectivity device to another. Typically-hop is used in the context of router-to-router communications.
Telnet
A terminal emulation protocol used to log on to remote hosts using the TCP/IP protocol. Telnet resides in the Application layer of the OSI model.
smart jack
A termination for T-carrier wire pairs that is located at the customer demark and which functions as a connection protection and monitoring point.
zone file
A text file associated with a DNS zone that contains resource records identifying domains and their IP addresses.
host file
A text file that associates TCP/IP host names with IP addresses.
smurf attack
A threat to networked hosts in which the host is flooded with broadcast ping messages. A smurf attack is a type of denial-of-service attack.
three-way handshake
A three-step process in which Transport layer protocols establish a connection between nodes. The three steps are: Node A issues a SYN packet to node B-node B responds with SYN-ACK-and node A responds with ACK.
butt set
A tool for accessing and testing a telephone company's local loop. The butt set-also known as a telephone test set or lineman's handset-is essentially a telephone handset with attached wires that can be connected to local loop terminations at a demarc or switching facility.
EIA (Electronic Industries Alliance)
A trade organization composed of representatives from electronics manufacturing firms across the United States that sets standards for electronic equipment and lobbies for legislation favorable to the growth of the computer and electronics industries.
traffic policing
A traffic-shaping technique in which the volume or rate of traffic traversing an interface is limited to a predefined maximum.
asynchronous
A transmission method in which data being transmitted and received by nodes do not have to conform to any timing scheme. In asynchronous communications-a node can transmit at any time and the destination node must accept the transmission as it comes
synchronous
A transmission method in which data being transmitted and received by nodes must conform to a timing scheme.
DSSS (direct-sequence spread spectrum)
A transmission technique in which a signal's bits are distributed over an entire frequency band at once. Each bit is coded so that the receiver can reassemble the original signal upon receiving the bits.
broadcast
A transmission that involves one transmitter and multiple-undefined receivers.
cable performance tester
A troubleshooting tool that tests cables for continuity-but can also measure cross talk-attenuation-and impedance; identify the location of faults; and store or print cable testing results.
Cat 6 (Category 6)
A twisted pair cable that contains four wire pairs-each wrapped in foil insulation. Additional foil insulation covers the bundle of wire pairs-and a fire-resistant plastic sheath covers the second foil layer. The foil insulation provides excellent resistance to cross talk and enables Cat 6 to support a signaling rate of 250 MHz and at least six times the throughput supported by regular Cat 5.
Cat 7 (Category 7)
A twisted pair cable that contains multiple wire pairs-each separately shielded then surrounded by another layer of shielding within the jacket. Cat 7 can support up to a 1-GHz signal rate. But because of its extra layers-it is less flexible than other forms of twisted pair wiring.
crossover cable
A twisted pair patch cable in which the termination locations of the transmit and receive wires on one end of the cable are reversed.
100Base-TX
A type of 100Base-T network that uses two wire pairs in a twisted pair cable-but uses faster signaling to achieve 100-Mbps throughput. It is capable of full-duplex transmission and requires Cat 5 or better twisted pair media.
address resource record
A type of DNS data record that maps the IP address of an Internet-connected device to its domain name.
Fast Ethernet
A type of Ethernet network that is capable of 100-Mbps throughput. 100Base-T and 100Base-FX are both examples of Fast Ethernet.
Gigabit Ethernet
A type of Ethernet network that is capable of 1000-Mbps-or 1-Gbps-throughput.
unicast address
A type of IPv6 address that represents a single interface on a device.
PRI (Primary Rate Interface)
A type of ISDN that uses 23 bearer channels and one 64-Kbps data channel-represented by the notation 23B+D. PRI is less commonly used by individual subscribers than BRI-but it may be used by businesses and other organizations needing more throughput.
connection oriented
A type of Transport layer protocol that requires the establishment of a connection between communicating nodes before it will transmit data.
connectionless
A type of Transport layer protocol that services a request without requiring a verified session and without guaranteeing delivery of data.
site-to-site VPN
A type of VPN in which VPN gateways at multiple sites encrypt and encapsulate data to exchange over a tunnel with other VPN gateways. Meanwhile-clients-servers-and other hosts on a site-to-site VPN communicate with the VPN gateway.
client-to-site VPN
A type of VPN in which clients-servers-and other hosts establish tunnels with a private network using a remote access server or VPN gateway. Each client on a client-to-site VPN must run VPN software to create the tunnel for-and encrypt and encapsulate data.
star topology WAN
A type of WAN in which a single site acts as the central connection point for several other points. This arrangement provides separate routes for data between any two sites; however-if the central connection point fails-the entire WAN fails.
ring topology WAN
A type of WAN in which each site is connected to two other sites so that the entire WAN forms a ring pattern.
mesh topology WAN
A type of WAN in which several sites are directly interconnected. Mesh WANs are highly fault tolerant because they provide multiple routes for data to follow between any two points.
tiered topology WAN
A type of WAN in which sites that are connected in star or ring formations are interconnected at different levels-with the interconnection points being organized into layers to form hierarchical groupings.
infrastructure WLAN
A type of WLAN in which stations communicate with an access point and not directly with each other.
multicast address
A type of address in the IPv6 that represents multiple interfaces-often on multiple nodes. An IPv6 multicast address begins with the following hexadecimal field: FF0x-where x is a character that identifies the address's group scope.
anycast address
A type of address specified in IPv6 that represents a group of interfaces-any one of which (and usually the first available of which) can accept a transmission. At this time-anycast addresses are not designed to be assigned to hosts-such as servers or workstations-but rather to routers.
DNAT (Dynamic Network Address Translation)
A type of address translation in which a limited pool of Internet-valid IP addresses is shared by multiple private network hosts.
SNAT (Static Network Address Translation)
A type of address translation in which each private IP address is correlated with its own Internet-recognized IP address.
omnidirectional antenna
A type of antenna that issues and receives wireless signals with equal strength and clarity in all directions. This type of antenna is used when many different receivers must be able to pick up the signal-or when the receiver's location is highly mobile.
directional antenna
A type of antenna that issues wireless signals along a single direction-or path.
distributed backbone
A type of backbone in which a number of intermediate connectivity devices are connected to one or more central connectivity devices-such switches or routers-in a hierarchy.
parallel backbone
A type of backbone that consists of more than one connection from the central router or switch to each network segment.
serial backbone
A type of backbone that consists of two or more internetworking devices connected to each other by a single cable in a daisy chain.
collapsed backbone
A type of backbone that uses a router or switch as the single central connection point for multiple subnetworks.
STP (shielded twisted pair)
A type of cable containing twisted-wire pairs that are not only individually insulated-but also surrounded by a shielding made of a metallic substance such as foil.
twisted pair
A type of cable similar to telephone wiring that consists of color-coded pairs of insulated copper wires-each with a diameter of 0.4 to 0.8 mm-twisted around each other and encased in plastic coating.
coaxial cable
A type of cable that consists of a central metal conducting core-which might be solid or stranded and is often made of copper-surrounded by an insulator-a braided metal shielding-called braiding-and an outer cover-called the sheath or jacket. Coaxial cable-called "coax" for short-was the foundation for Ethernet networks in the 1980s. Today it's used to connect cable Internet and cable TV systems.
UTP (unshielded twisted pair)
A type of cabling that consists of one or more insulated wire pairs encased in a plastic sheath. As its name implies-UTP does not contain additional shielding for the twisted pairs. As a result-UTP is both less expensive and less resistant to noise than STP.
XaaS (Anything as a Service-or Everything as a Service)
A type of cloud computing in which the cloud assumes functions beyond networking-including-for example-monitoring-storage-applications-and virtual desktops.
NaaS (Network as a Service)
A type of cloud computing that offers clients a complete set of networking services-for example-mail-Web-DNS-DHCP-and remote access services-plus LAN and WAN connectivity.
RG-8
A type of coaxial cable characterized by a 50-ohm impedance and a 10 AWG core. RG-8 provided the medium for the first Ethernet networks-which followed the now obsolete 10BASE-5 standard.
RG-58
A type of coaxial cable characterized by a 50-ohm impedance and a 24 AWG core. RG-58 was a popular medium for Ethernet LANs in the 1980s-used for the now-obsolete 10BASE-2 standard.
RG-59
A type of coaxial cable characterized by a 75-ohm impedance and a 20 or 22 AWG core-usually made of braided copper. Less expensive but suffering greater attenuation than the more common RG-6 coax-RG-59 is used for relatively short connections.
RG-6
A type of coaxial cable with an impedance of 75 ohms and that contains an 18 AWG core conductor. RG-6 is used for television-satellite-and broadband cable connections.
WPA (Wi-Fi Protected Access)
A wireless security method endorsed by the Wi-Fi Alliance that is considered a subset of the 802.11i standard. In WPA-authentication follows the same mechanism specified in 802.11i. The main difference between WPA and 802.11i is that WPA specifies RC4 encryption rather than AES.
LOS (line-of-sight)
A wireless signal or path that travels directly in a straight line from its transmitter to its intended receiver. This type of propagation uses the least amount of energy and results in the reception of the clearest possible signal.
FHSS (frequency hopping spread spectrum)
A wireless signaling technique in which a signal jumps between several different frequencies within a band in a synchronization pattern known to the channel's receiver and transmitter.
diskless workstation
A workstation that doesn't contain a hard disk-but instead relies on a small amount of read-only memory to connect to a network and to pick up its system files.
virtual workstation
A workstation that exists as a virtual machine-created and managed by virtualization software on a host-or physical-computer.
802.16m
Also known as WiMAX 2-the IEEE standard for a version of 802.16 that achieves theoretical throughputs of 330 Mbps with lower latency and better quality for VoIP applications than previous WiMAX versions. 802.16m has been approved as a true 4G technology. Manufacturers expect it to reach throughputs of 1 Gbps in the near future.
telecommunications closet
Also known as a "telco room" the space that contains connectivity for groups of workstations in a defined area-plus cross-connections to IDFs or-in smaller organizations-an MDF. Large organizations may have several telecommunications closets per floor-but the TIA/EIA standard specifies at least one per floor.
MDF (main distribution frame)
Also known as the main cross-connect-the first point of interconnection between an organization's LAN or WAN and a service provider's facility.
surge
Amomentary increase in voltage caused by distant lightning strikes or electrical problems.
signal level
An ANSI standard for T-carrier technology that refers to its Physical layer electrical signaling characteristics. DS0 is the equivalent of one data or voice channel. All other signal levels are multiples of DS0.
DHCP (Dynamic Host Configuration Protocol)
An Application layer protocol in the TCP/IP suite that manages the dynamic distribution of IP addresses on a network. Using DHCP to assign IP addresses can nearly eliminate duplicate-addressing problems.
SNMP (Simple Network Management Protocol)
An Application layer protocol in the TCP/IP suite used to convey data regarding the status of managed devices on a network.
HTTP (Hypertext Transfer Protocol)
An Application layer protocol that formulates and interprets requests between Web clients and servers.
RDP (Remote Desktop Protocol)
An Application layer protocol that uses TCP/IP to transmit graphics and text quickly over a remote client-host connection. RDP also carries session-licensing-and encryption information.
POP (Post Office Protocol)
An Application layer protocol used to retrieve messages from a mail server. When a client retrieves mail via POP-messages previously stored on the mail server are downloaded to the client's workstation-and then deleted from the mail server.
FTP (File Transfer Protocol)
An Application layer protocol used to send and receive files via TCP/IP.
RTP (Real-time Transport Protocol)
An Application layer protocol used with voice and video transmission. RTP operates on top of UDP and provides information about packet sequence to help receiving nodes detect delay and packet loss. It also assigns packets a time stamp that 12 Key Terms 585 corresponds to when the data in the packet were sampled from the voice or video stream. This time stamp helps the receiving node synchronize incoming data.
SIP (Session Initiation Protocol)
An Application layer signaling and control protocol for multiservice-packet-based networks. With few exceptions-SIP performs much the same functions as the H.323 signaling protocols perform.
Thinnet
An IEEE Physical layer standard for achieving 10-Mbps throughput over coaxial copper cable. Thinnet is also known as 10Base-2. Its maximum segment length is 185 meters-and it relies on a bus topology.
Thicknet
An IEEE Physical layer standard for achieving a maximum of 10-Mbps throughput over coaxial copper cable. Thicknet is also known as 10Base-5. Its maximum segment length is 500 meters-and it relies on a bus topology.
802.16
An IEEE standard for wireless MANs. 802.16 networks may use frequencies between 2 and 66 GHz. Their antennas may operate in a line-of-sight or non-line-of-sight manner and cover 50 kilometers (or approximately 30 miles). 802.16 connections can achieve a maximum throughput of 70 Mbps-though actual throughput diminishes as the distance between transceivers increases. Several 802.16 standards exist. Collectively-they are known as WiMAX.
loopback address
An IP address reserved for communicating from a node to itself (used mostly for troubleshooting purposes). The IPv4 loopback address is always cited as 127.0.0.1-although in fact-transmitting to any IP address whose first octet is 127 will contact the originating device. In IPv6-the loopback address is represented as ::1.
dynamic IP address
An IP address that is assigned to a device upon request and may change when the DHCP lease expires or is terminated. BOOTP and DHCP are two ways of assigning dynamic IP addresses.
link-local address
An IP address that is automatically assigned by an operating system to allow a node to communicate over its local subnet if a routable IP address is not available. ICANN has established the range of 169.254.0.0 through 169.254.254.255 as potential link-local IPv4 addresses. IPv6 link-local addresses begin with FE80.
static IP address
An IP address that is manually assigned to a device and remains constant until it is manually changed.
public address
An IP address that is valid for use on public networks-such as the Internet. An organization assigns its hosts public addresses from the range of addresses assigned to it by Internet numbering authorities.
private address
An IP address used only on an organization's internal network. Certain IP address ranges are reserved for private addresses. Private addresses cannot be used to communicate over the Internet.
CIDR (Classless Interdomain Routing)
An IP addressing and subnetting method in which network and host information is manipulated without adhering to the limitations imposed by traditional network class distinctions. CIDR is also known as classless routing or supernetting. Older routing protocols-such as RIP-are not capable of interpreting CIDR addressing schemes.
classful addressing
An IP addressing convention that adheres to network class distinctions-in which the first 8 bits of a Class A address-the first 16 bits of a Class B address-and the first 24 bits of a Class C address are used for network information.
H.323
An ITU standard that describes an architecture and a suite of protocols for establishing and managing multimedia services sessions on a packet-switched network.
NT2 (Network Termination 2)
An additional connection device required on PRI to handle the multiple ISDN lines between the customer's network termination connection and the local phone company's wires.
CRC (cyclic redundancy check)
An algorithm (or mathematical routine) used to verify the accuracy of data contained in a data frame.
X.25
An analog-packet-switched WAN technology optimized for reliable-long-distance data transmission and standardized by the ITU in the mid-1970s. The X.25 standard specifies protocols at the Physical-Data Link-and Network layers of the OSI model. It provides excellent flow control and ensures data reliability over long distances by verifying the transmission at every node. X.25 can support a maximum of only 2-Mbps throughput.
public cloud
An arrangement in which shared and flexible data storage-applications-or services are managed centrally by service providers and delivered over public transmission lines-such as the Internet. Rackspace and Amazon (with its EC2 offering) are leading public cloud service providers.
private cloud
An arrangement in which shared and flexible data storage-applications-or services are managed on and delivered via an organization's internal network.
fractional T1
An arrangement that allows a customer to lease only some of the channels on a T1 line.
security audit
An assessment of an organization's security vulnerabilities performed by an accredited network security firm.
posture assessment
An assessment of an organization's security vulnerabilities. Posture assessments should be performed at least annually and preferably quarterly-or sooner if the network has undergone significant changes. For each risk found-it should rate the severity of a potential breach-as well as its likelihood.
CompTIA (Computing Technology Industry Association)
An association of computer resellers-manufacturers-and training companies that sets industry-wide standards for computer professionals. CompTIA established and sponsors the A+ and Network+ (Net+) certification
RC4
An asymmetric key encryption technique that weaves a key with data multiple times as a computer issues the stream of data. RC4 keys can be as long as 2048 bits. In addition to being highly secure-RC4 is fast.
MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol-version 2)
An authentication protocol provided with Windows operating systems that follows the CHAP model-but uses stronger encryption-uses different encryption keys for transmission and reception-and requires mutual authentication between two computers.
MS-CHAP (Microsoft Challenge Handshake Authentication Protocol)
An authentication protocol provided with Windows operating systems that uses a three-way handshake to verify a client's credentials and encrypts passwords with a challenge text.
CHAP (Challenge Handshake Authentication Protocol)
An authentication protocol that operates over PPP and that requires the authenticator to take the first step by offering the other computer a challenge. The requestor responds by combining the challenge with its password-encrypting the new string of characters and sending it to the authenticator. The authenticator matches to see if the requestor's encrypted string of text matches its own encrypted string of characters. If so-the requester is authenticated and granted access to secured resources.
WPA-Enterprise
An authentication scheme for Wi-Fi networks that combines WPA with RADIUS.
WPA2-Enterprise
An authentication scheme for Wi-Fi networks that combines WPA2 with RADIUS.
mutual authentication
An authentication scheme in which both computers verify the credentials of each other.
master name server
An authoritative name server that is queried first on a network when resolution of a name that is not already cached is requested. Master name severs can also be called primary name servers.
CCIE (Cisco Certified Internetwork Expert)
An elite certification that recognizes expert-level installation-configuration-management-and troubleshooting skills on networks that use a range of Cisco Systems' devices.
RSA
An encryption algorithm that creates a key by randomly choosing two large prime numbers and multiplying them together. RSA is named after its creators-Ronald Rivest-Adi Shamir-and Leonard Adleman. RSA was released in 1977-but remains popular today for e-commerce transactions.
TKIP (Temporal Key Integrity Protocol)
An encryption key generation and management scheme used by 802.11i.
station
An end node on a network; used most often in the context of wireless networks.
zero-day exploit
An exploit that takes advantage of a software vulnerability that hasn't yet become public-and is known only to the hacker who discovered it. Zero-day exploits are particularly dangerous-because the vulnerability is exploited before the software developer has the opportunity to provide a solution for it.
virtual appliance
An image that includes the appropriate operating system-software-hardware specifications-and application configuration necessary for a prepackaged solution to run properly on a virtual machine.
continuity tester
An instrument that tests whether voltage (or light-in the case of fiberoptic cable) issued at one end of a cable can be detected at the opposite end of the cable. A continuity tester can indicate whether the cable will successfully transmit a signal.
virtual bridge
An interface connecting a vNIC with a virtual or physical network-or a port on a virtual switch.
backhaul
An intermediate connection between subscriber networks and a telecommunications carrier's network.
ATA (analog telephone adapter)
An internal or externally attached adapter that converts analog telephone signals into packet-switched voice signals and vice versa.
IEEE (Institute of Electrical and Electronics Engineers)
An international society composed of engineering professionals. Its goals are to promote development and education in the electrical engineering and computer science fields.
ISDN (Integrated Services Digital Network)
An international standard that uses PSTN lines to carry digital signals. It specifies protocols at the Physical-Data Link-and Transport layers of the OSI model. ISDN lines may carry voice and data signals simultaneously. Two types of ISDN connections are used in North America: BRI (Basic Rate Interface) and PRI (Primary Rate Interface). Both use a combination of bearer channels (B channels) and data channels (D channels).
Wi-Fi Alliance
An international-nonprofit organization dedicated to ensuring the interoperability of 802.11-capable devices.
OC (Optical Carrier)
An internationally recognized rating that indicates throughput rates for SONET connections.
VNC (Virtual Network Computing)
An open source system that enables a remote client (or viewer) workstation to manipulate and receive screen updates from a host. Examples of VNC software include RealVNC-TightVNC-and UltraVNC.
OpenSSH
An open source version of the SSH suite of protocols.
KVM (Kernel-based Virtual Machine)
An open source virtualization package designed for use with Linux systems.
Xen
An open source virtualization software platform from Citrix Systems.
Blu-ray
An optical storage format released in 2006 by a consortium of electronics and computer vendors. Blu-ray discs are the same size as recordable DVDs-but can store significantly more data-up to 128 GB on a quadruple-layer disc.
recordable DVD
An optical storage medium that can hold up to 4.7 GB on one singlelayered side. Both sides of the disc can be used-and each side can have up to two layers. Thus-in total-a double-layered-two-sided DVD can store up to 17 GB of data. Recordable DVDs come in several different formats.
ANSI (American National Standards Institute)
An organization composed of more than 1000 representatives from industry and government who together determine standards for the electronics industry in addition to other fields-such as chemical and nuclear engineering-health and safety-and construction.
CA (certificate authority)
An organization that issues and maintains digital certificates as part of the Public-key Infrastructure.
IETF (Internet Engineering Task Force)
An organization that sets standards for how systems communicate over the Internet (for example-how protocols operate and interact).
worm
An unwanted program that travels between computers and across networks. Although worms do not alter other programs as viruses do-they can carry viruses.
RIPv2 (Routing Information Protocol version 2)
An updated version of the original RIP routing protocol-which makes up for some of its predecessor's overhead and security flaws. However-RIPv2's packet forwarding is still imited to a maximum 15 hops.
voltage event
Any condition in which voltage exceeds or drops below predefined levels.
RSTP (Rapid Spanning Tree Protocol)
As described in IEEE's 802.1w standard-a version of the Spanning Tree Protocol that can detect and correct for network changes much more quickly
digital
As opposed to analog signals-digital signals are composed of pulses that can have a value of only 1 or 0.
RSVP (Resource Reservation Protocol)
As specified in RFC 2205-a QoS technique that attempts to reserve a specific amount of network resources for a transmission before the transmission occurs.
NEXT (near end cross talk)
Cross talk-or the impingement of the signal carried by one wire onto a nearby wire-that occurs between wire pairs near the source of a signal.
802.16e
Currently-the most widely implemented version ofWiMAX.With 802.16e-IEEE improved the mobility and QoS characteristics of the technology-making it better suited to VoIP and mobile phone users. 802.16e is capable of 70-Mbps throughput-but because bandwidth is shared and service providers cap data rates-most users actually experience 14Mbps throughput.
byte
Eight bits of information. In a digital signaling system-broadly speaking-1 byte carries one piece of information.
BPL (broadband over powerline)
High-speed Internet access delivered over the electrical grid.
probe
In 802.11 wireless networking-a type of frame issued by a station during active scanning to find nearby access points.
CIDR block
In CIDR notation-the number of bits used for an extended network prefix. For example-the CIDR block for 199.34.89.0/22 is /22.
CIDR notation
In CIDR-a method of denoting network IDs and their subnet boundaries. Slash notation takes the form of the network ID followed by a slash (/)-followed by the number of bits that are used for the extended network prefix.
AS (authentication service)
In Kerberos terminology-the process that runs on a KDC (Key Distribution Center) to initially validate a client who's logging on. The authentication service issues a session key to the client and to the service the client wants to access.
KDC (Key Distribution Center)
In Kerberos terminology-the server that runs the authentication service and the Ticket-Granting Service to issue keys and tickets to clients.
user agent server
In SIP terminology-a server that responds to user agent clients' requests for session initiation and termination.
user agent
In SIP terminology-a user agent client or user agent server.
endpoint
In SIP terminology-any client-server-or gateway communicating on the network.
user agent client
In SIP terminology-end-user devices such as workstations-tablet computers-smartphones-or IP telephones. A user agent client initiates a SIP connection.
cell
In a cellular network-an area of coverage serviced by an antenna and base station.
ONU (optical network unit)
In a passive optical network-the device near the customer premises that terminates a carrier's fiber-optic cable connection and distributes signals to multiple endpoints via fiber-optic cable-in the case of FTTP-or via copper or coax cable.
third-level support
In network troubleshooting-a person or group with deep knowledge about specific networking topics to whom second-level support personnel escalate challenging problems.
second-level support
In network troubleshooting-a person or group with deeper knowledge about a subject and to whom first-level support personnel escalate problems.
first-level support
In network troubleshooting-the person or group who initially fields requests for help from users.
escalate
In network troubleshooting-to refer a problem to someone with deeper knowledge about the subject. For example-a first-level support person might escalate a router configuration issue to a second- or third-level support person.
transmission
In networking-the application of data signals to a medium or the progress of data signals over a medium from one point to another.
AF (Assured Forwarding)
In the DiffServ QoS technique-a forwarding specification that allows routers to assign data streams one of several prioritization levels. AF is specified in the DiffServ field in an IPv4 datagram.
EF (Expedited Forwarding)
In the DiffServ QoS technique-a forwarding specification that assigns each data stream a minimum departure rate from a given node. This technique 12 Key Terms 583 circumvents delays that slow normal data from reaching its destination on time and in sequence. EF information is inserted in the DiffServ field of an IPv4 datagram.
MIMO (multiple input-multiple output)
In the context of 802.11n wireless networking-the ability for access points to issue multiple signals to stations-thereby multiplying the signal's strength and increasing their range and data-carrying capacity. Because the signals follow multipath propagation-they must be phase-adjusted when they reach their destination.
channel bonding
In the context of 802.11n wireless technology-the combination of two 20-MHz frequency bands to create one 40-MHz frequency band that can carry more than twice the amount of data that a single 20-MHz band could. It's recommended for use only in the 5-GHz range because this band has more available channels and suffers less interference than the 2.4-GHz band.
AH (authentication header)
In the context of IPSec-a type of encryption that provides authentication of the IP packet's data payload through public key techniques.
ESP (Encapsulation Security Payload)
In the context of IPSec-a type of encryption that provides authentication of the IP packet's data payload through public key techniques. In addition-ESP also encrypts the entire IP packet for added security.
set-top box
In the context of IPTV-a device that decodes digital video signals and issues them to the television. Set-top boxes also communicate with content servers to manage video delivery.
session key
In the context of Kerberos authentication-a key issued to both the client and the server by the authentication service that uniquely identifies their session.
hot spare
In the context of RAID-a disk or partition that is part of the array-but used only in case one of the RAID disks fails. More generally-hot spare is used as a synonym for a hot swappable component.
client_hello
In the context of SSL encryption-a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for example-RSA or Diffie-Hellman). The client_hello message also establishes a randomly generated number that uniquely identifies the client-plus another number that identifies the SSL session.
server_hello
In the context of SSL encryption-a message issued from the server to the client that confirms the information the server received in the client_hello message. It also agrees to certain terms of encryption based on the options the client supplied. Depending on the Web server's preferred encryption method-the server may choose to issue your browser a public key or a digital certificate at this time.
SSL session
In the context of SSL encryption-an association between the client and server that is defined by an agreement on a specific set of encryption techniques. An SSL session allows the client and server to continue to exchange data securely as long as the client is still connected to the server. SSL sessions are established by the SSL handshake protocol.
exploit
In the context of network security-the means by which a hacker takes advantage of a vulnerability.
cost
In the context of routing metrics-the value assigned to a particular route as judged by the network administrator. The more desirable the path-the lower its cost.
guest
In the context of virtualization-a virtual machine operated and managed by a virtualization program.
host
In the context of virtualization-the physical computer on which virtualization software operates and manages guests.
beacon frame
In the context of wireless networking-a frame issued by an access point to alert other nodes of its existence.
site survey
In the context of wireless networking-an assessment of client requirements-facility characteristics-and coverage areas to determine an access point arrangement that will ensure reliable wireless connectivity within a given area.
association
In the context of wireless networking-the communication that occurs between a station and an access point to enable the station to connect to the network via that access point.
passive scanning
In the context of wireless networking-the process in which a station listens to several channels within a frequency range for a beacon issued by an access point.
reassociation
In the context of wireless networking-the process of a station establishing a connection (or associating) with a different access point.
diffraction
In the context of wireless signal propagation-the phenomenon that occurs when an electromagnetic wave encounters an obstruction and splits into secondary waves. The secondary waves continue to propagate in the direction in which they were split. If you could see wireless signals being diffracted-they would appear to be bending around the obstacle. Objects with sharp edges-including the corners of walls and desks-cause diffraction.
downlink
In the context of wireless transmission-the connection between a carrier's antenna and a client's transceiver-for example-a smartphone.
uplink
In the context of wireless transmission-the connection between a client's transceiver and a carrier's antenna.
reflection
In the context of wireless-the phenomenon that occurs when an electromagnetic wave encounters an obstacle and bounces back toward its source. A wireless signal will bounce off objects whose dimensions are large compared with the signal's average wavelength.
roaming
In wireless networking-the process that describes a station moving between BSSs without losing connectivity.
broadcast domain
Logically grouped network nodes that can communicate directly via broadcast transmissions. By default-switches and repeating devices such as hubs extend broadcast domains. Routers and other Layer 3 devices separate broadcast domains.
traffic shaping
Manipulating certain characteristics of packets-data streams-or connections to manage the type and amount of traffic traversing a network or interface at any moment.
Hyper-V
Microsoft's virtualization software package. Hyper-V operates with Windows Server 2008 and Windows Server 2008 R2.
redirect server
On a SIP network-a server that accepts and responds to requests from user agents and SIP proxy servers for location information on recipients that belong to external domains.
proxy server
On a SIP network-a server that accepts requests for location information from user agents-then queries the nearest registrar server on behalf of those user agents. If the recipient user agent is in the SIP proxy server's domain-then that server will also act as a go-between for calls established and terminated between the requesting user agent and the recipient user agent.
registrar server
On a SIP network-a server that maintains a database containing information about the locations (network addresses) of each user agent in its domain. When a user agent joins a SIP network-it transmits its location information to the SIP registrar server.
system log
On a computer running a UNIX or Linux operating system-the record of monitored events-which can range in priority from 0 to 7 (where "0" indicates an emergency situation and "7" simply points to information that might help in debugging a problem). You can view and modify system log locations and configurations in the file /etc/syslog.conf on most systems (on some systems-this is the /etc/rsyslog.conf file).
H.323 gateway
On a network following the H.323 standard-a gateway that provides translation between network devices running H.323 signaling protocols and devices running other types of signaling protocols (for example-SS7 on the PSTN).
H.323 terminal
On a network following the H.323 standard-any node that provides audio-visual-or data information to another node.
PD (powered device)
On a network using Power over Ethernet-a node that receives power from power sourcing equipment.
PSE (power sourcing equipment)
On a network using Power over Ethernet-the device that supplies power to end nodes.
ICS host
On a network using the Microsoft Internet Connection Sharing service-the computer whose Internet connection other computers share. The ICS host must contain two network interfaces: one that connects to the Internet and one that connects to the LAN.
subchannel
One of many distinct communication paths established when a channel is multiplexed or modulated.
handshake protocol
One of several protocols within SSL-and perhaps the most significant. As its name implies-the handshake protocol allows the client and server to authenticate (or introduce) each other and establishes terms for how they securely exchange data during an SSL session.
connectivity device
One of several types of specialized devices that allows two or more networks or multiple parts of one network to connect and exchange data.
octet
One of the 4 bytes that are separated by periods and together make up an IPv4 address.
PPPoE (Point-to-Point Protocol over Ethernet)
PPP running over an Ethernet network.
vertical cross-connect
Part of a network's backbone that supplies connectivity between a building's floors. For example-vertical cross-connects might connect an MDF and an IDF or IDFs and telecommunications closets within a building.
110 block
Part of an organization's cross-connect facilities-a type of punch-down block designed to terminate Cat 5 or better twisted pair wires.
Basic Rate Interface
See BRI.
basic service set
See BSS.
basic service set identifier
See BSSID.
certificate authority
See CA.
2G
Second-generation mobile phone service-popular in the 1990s. 2G was the first standard to use digital transmission-and as such-it paved the way for texting and media downloads on mobile devices.
Communications Assistance for Law Enforcement Act
See CALEA
Common Address Redundancy Protocol
See CARP.
Wi-Fi
See 802.11.
WiMAX
See 802.16.
Worldwide Interoperability for Microwave Access (WiMAX)
See 802.16a.
WiMAX 2
See 802.16m.
EAPoL (EAP over LAN)
See 802.1x.
authentication-authorization-and accounting
See AAA.
access control list
See ACL.
access list
See ACL.
asymmetrical DSL
See ADSL
Advanced Encryption Standard
See AES.
Assured Forwarding
See AF.
authentication header
See AH.
amplitude modulation
See AM.
application programming interface
See API.
Automatic Private IP Addressing
See APIPA.
ARP cache
See ARP table.
Address Resolution Protocol
See ARP.
authentication service
See AS.
analog telephone adapter
See ATA.
Asynchronous Transfer Mode
See ATM.
American Wire Gauge
See AWG
Border Gateway Protocol
See BGP.
Bridge ID
See BID.
broadband over powerline
See BPL.
Dynamic Ports
TCP/IP ports in the range of 49152 through 65535-which are open for use without requiring administrative privileges on a host or approval from IANA.
subnet prefix
The 64-bit prefix in an IPv6 address that identifies a subnet. A single IPv6 subnet is capable of supplying 18446744073709551616 IPv6 addresses.
SMTP (Simple Mail Transfer Protocol)
The Application layer TCP/IP subprotocol responsible for moving messages from one e-mail server to another.
EUI-64 (Extended Unique Identifier-64)
The IEEE standard defining 64-bit physical addresses. In the EUI-64 scheme-the OUI portion of an address is 24 bits in length. A 40-bit extension identifier makes up the rest of the physical address to total 64 bits.
802.3
The IEEE standard for Ethernet networking devices and data handling (using the CSMA/CD access method).
802.11g
The IEEE standard for a wireless networking technique designed to be compatible with 802.11b while using different encoding techniques that allow it to reach a theoretical maximum capacity of 54 Mbps. 802.11g-like 802.11b-uses the 2.4-GHz frequency band.
802.11n
The IEEE standard for a wireless networking technique that may issue signals in the 2.4- or 5-GHz band and can achieve actual data throughput between 65 and 600 Mbps. It accomplishes this through several means-including MIMO-channel bonding-and frame aggregation. 802.11n is backward compatible with 802.11a-b-and g.
802.11b
The IEEE standard for a wireless networking technique that uses DSSS (direct-sequence spread spectrum) signaling in the 2.42.4835-GHz frequency range (also called the 2.4-GHz band). 802.11b separates the 2.4-GHz band into 14 overlapping 22-MHz channels and provides a theoretical maximum of 11-Mbps throughput.
802.11a
The IEEE standard for a wireless networking technique that uses multiple frequency bands in the 5-GHz frequency range and provides a theoretical maximum throughput of 54 Mbps. 802.11a's high throughput-compared with 802.11b-is attributable to its use of higher frequencies-its unique method of encoding data-and more available bandwidth.
802.2
The IEEE standard for error and flow control in data frames.
802.5
The IEEE standard for token ring networking devices and data handling.
802.11i
The IEEE standard for wireless network encryption and authentication that uses the EAP authentication method-strong encryption-and dynamically assigned keys-which are different for every transmission. 802.11i specifies AES encryption and weaves a key into each packet.
802.11
The IEEE standard for wireless networking.
802.3ae
The IEEE standard that describes 10-gigabit Ethernet technologies-including 10GBase-SR-10GBase-SW-10GBase-LR-10GBase-LW-10GBase-ER-and 10GBase-EW.
802.3z
The IEEE standard that describes 1000Base (or 1-gigabit) Ethernet technologies-including 1000Base-LX and 1000Base-SX.
802.3ab
The IEEE standard that describes 1000Base-T-a 1-gigabit Ethernet technology that runs over four pairs of Cat 5 or better cable.
802.3an
The IEEE standard that describes 10GBase-T-a 10-Gbps Ethernet technology that runs on Cat 6 or Cat 7 twisted pair cable
802.3u
The IEEE standard that describes Fast Ethernet technologies-including 100Base-TX.
802.1w
The IEEE standard that describes RSTP (Rapid Spanning Tree Protocol)-which evolved from STP (Spanning Tree Protocol).
802.3af
The IEEE standard that specifies a way of supplying electrical Power over Ethernet (PoE). 802.3af requires Cat 5 or better UTP or STP cabling and uses power sourcing equipment to supply current over a wire pair to powered devices. PoE is compatible with existing 10Base-T-100Base-TX-1000Base-T-and 10GBase-T implementations.
802.1q
The IEEE standard that specifies how VLAN and trunking information appear in frames and how switches and bridges interpret that information.
IP packet
The IP portion of a TCP/IP frame that acts as an envelope for data-holding information necessary for routers to transfer data between subnets.
IP address (Internet Protocol address)
The Network layer address assigned to nodes to uniquely identify them on a TCP/IP network. IPv4 addresses consist of 32 bits divided into four octets-or bytes. IPv6 addresses are composed of eight 16-bit fields-for a total of 128 bits.
Well Known Ports
The TCP/IP port numbers 0 to 1023-so named because they were long ago assigned by Internet authorities to popular services (for example-FTP and Telnet)-and are-therefore-well known and frequently used.
Registered Ports
The TCP/IP ports in the range of 1024 to 49151. These ports are accessible to network users and processes that do not have special administrative privileges. Default assignments of these ports must be registered with IANA.
HTTPS (HTTP over Secure Sockets Layer)
The URL prefix that indicates that a Web page requires its data to be exchanged between client and server using SSL encryption. HTTPS uses the TCP port number 443.
plenum
The area above the ceiling tile or below the subfloor in a building.
war driving
The act of driving while running a laptop configured to detect and capture wireless data transmissions.
social engineering
The act of manipulating personal relationships to circumvent network security measures and gain access to a system.
port number
The address on a host where an application makes itself available to incoming data.
trunking
The aggregation of multiple logical connections in one physical connection between connectivity devices. In the case of VLANs-a trunk allows two switches to manage and exchange data between multiple VLANs.
lease
The agreement between a DHCP server and client on how long the client can use a DHCP-assigned IP address. DHCP services can be configured to provide lease terms equal to any amount of time.
throughput
The amount of data that a medium can transmit during a given period of time. Throughput is usually measured in megabits (1000000 bits) per second-or Mbps. The physical nature of every transmission media determines its potential throughput.
network management
The assessment-monitoring-and maintenance of the devices and connections on a network.
padding
The bytes added to the data (or information) portion of an Ethernet frame to ensure this field is at least 46 bytes in size. Padding has no effect on the data carried by the frame.
fault tolerance
The capability for a component or system to continue functioning despite damage or malfunction.
failover
The capability for one component (such as a NIC or server) to assume another component's responsibilities without manual intervention.
fault tolerance
The capacity for a system to continue performing despite an unexpected hardware or software malfunction.
core
The central component of a cable designed to carry a signal. The core of a fiber-optic cable-for example-consists of one or several glass or plastic fibers. The core of a coaxial copper cable consists of one large or several small strands of copper.
unified communications
The centralized management of multiple types of network-based communications-such as voice-video-fax-and messaging service.
unified messaging
The centralized management of multiple types of network-based communications-such as voice-video-fax-and messaging services.
asymmetrical
The characteristic of a transmission technology that affords greater bandwidth in one direction (either from the customer to the carrier-or vice versa) than in the other direction.
multipath
The characteristic of wireless signals that follow a number of different paths to their destination (for example-because of reflection-diffraction-and scattering).
configuration management
The collection-storage-and assessment of information related to the versions of software installed on every network device and every device's hardware configuration.
key pair
The combination of a public and private key used to decipher data that was encrypted using public key encryption.
extended network prefix
The combination of an IP address's network ID and subnet information. By interpreting the address's extended network prefix-a device can determine the subnet to which an address belongs.
signature scanning
The comparison of a file's content with known virus signatures (unique identifying characteristics in the code) in a signature database to determine whether the file is a virus.
signaling
The exchange of information between the components of a network or system for the purposes of establishing-monitoring-or releasing connections as well as controlling system operations.
attenuation
The extent to which a signal has weakened after traveling a given distance.
entrance facilities
The facilities necessary for a service provider (whether it is a local phone company-Internet service provider-or long-distance carrier) to connect with another organization's LAN or WAN.
hot-swappable
The feature of a component that allows it to be installed or removed without disrupting operations.
promiscuous mode
The feature of a network adapter that allows it to pick up all frames that pass over the network-not just those destined for the node served by the card.
cable drop
The fiber-optic or coaxial cable that connects a neighborhood cable node to a customer's house.
FCS (frame check sequence)
The field in a frame responsible for ensuring that data carried by the frame arrives intact. It uses an algorithm-such as CRC-to accomplish this verification.
preamble
The field in an Ethernet frame that signals to the receiving node that data are incoming and indicates when the data flow is about to begin.
Session layer
The fifth layer in the OSI model. The Session layer establishes and maintains communication between two nodes on the network. It can be considered the "traffic cop" for communications-such as videoconferencing-that require precisely coordinated data exchange.
Diffie-Hellman
The first commonly used public-or asymmetric-key algorithm. Diffie-Hellman was released in 1975 by its creators-Whitfield Diffie and Martin Hellman.
1G
The first generation of mobile phone services-popular in the 1970s and 1980s-which were entirely analog.
IKE (Internet Key Exchange)
The first phase of IPSec authentication-which accomplishes key management. IKE is a service that runs on UDP port 500. After IKE has established the rules for the type of keys two nodes use-IPSec invokes its second phase-encryption.
cloud computing
The flexible provision of data storage-applications-or services to multiple clients over a network. Cloud computing consolidates resources and is elastic-metered-self-service-multiplatform-and available on demand.
Transport layer
The fourth layer of the OSI model. In the Transport layer-protocols ensure that data are transferred from point A to point B reliably and without errors. Transport layer services include flow control-acknowledgment-error correction-segmentation-reassembly-and sequencing.
file services
The functions of a file server that allow users to share data files-applications-and storage areas.
network services
The functions provided by a network.
default gateway
The gateway that first interprets a device's outbound requests-and then interprets its inbound requests to and from other subnets. In a Postal Service analogy-the default gateway is similar to a local post office.
range
The geographical area in which signals issued from an antenna or wireless system can be consistently and accurately received.
cladding
The glass or plastic shield around the core of a fiber-optic cable. Cladding reflects light back to the core in patterns that vary depending on the transmission mode. This reflection allows fiber to bend around corners without impairing the light-based signal.
TLD (top-level domain)
The highest-level category used to distinguish domain names-for example-.org-.com-and .net. A TLD is also known as the domain suffix.
trunk port
The interface on a switch capable of managing traffic from multiple VLANs.
access port
The interface on a switch used for an end node. Devices connected to access ports are unaware of VLAN information.
SDH (Synchronous Digital Hierarchy)
The international equivalent of SONET.
MTU (maximum transmission unit)
The largest data unit a network (for example-Ethernet or token ring) will accept for transmission.
data propagation delay
The length of time data take to travel from one point on the segment to another point. On Ethernet networks-CSMA/CD's collision detection routine cannot operate accurately if the data propagation delay is too long.
RTT (round-trip time)
The length of time it takes for a packet to go from sender to receiver-then back from receiver to sender. RTT is usually measured in milliseconds.
switch
The letters or words added to a command that allow you to customize a utility's output. Switches are usually preceded by a hyphen or forward slash character.
caching
The local storage of frequently needed files that would otherwise be obtained from an external source.
CO (central office)
The location where a local or long-distance telephone service provider terminates and interconnects customer lines.
MAC (Media Access Control) sublayer
The lower sublayer of the Data Link layer. The MAC appends the physical address of the destination computer onto the frame.
Physical layer
The lowest-or first-layer of the OSI model. Protocols in the Physical layer generate and detect signals so as to transmit and receive data over a network medium. These protocols also set the data transmission rate and monitor data error rates-but do not provide error correction.
motherboard
The main circuit board that controls a computer.
TCP/IP core protocols
The major subprotocols of the TCP/IP suite-including IP-TCP-and UDP.
fault
The malfunction of one component of a system. A fault can result in a failure.
routing metric
The method used by routing protocols to determine the best path for data to follow over a network. Routing metrics may be calculated using any of several variables-including number of hops-bandwidth-delay-MTU-cost-and load.
key management
The method whereby two nodes using key encryption agree on common parameters for the keys they will use to encrypt data.
Triple DES (3DES)
The modern implementation of DES-which weaves a 56-bit key through data three times-each time using a different key.
IMAP4 (Internet Message Access Protocol-version 4)
The most commonly used form of the Internet Message Access Protocol (IMAP).
POP3 (Post Office Protocol-version 3)
The most commonly used form of the Post Office Protocol.
best path
The most efficient route from one node on a network to another. Under optimal network conditions-the best path is the most direct path between two points. However-when traffic congestion-segment failures-and other factors create obstacles-the most direct path might not be the best path.
WPA2
The name given to the 802.11i security standard by the Wi-Fi Alliance. The only difference between WPA2 and 802.11i is that WPA2 includes support for the older WPA security method.
AAA (authentication-authorization-and accounting)
The name of a category of protocols that establish a client's identity; check the client's credentials and-based on those-allow or deny access to a system or network; and-finally-track the client's system or network usage.
hosts
The name of the host file used on UNIX-Linux-and Windows systems. On a UNIXor Linux-based computer-hosts is found in the /etc directory. On a Windows-based computer-it is found in the %systemroot%\system32\drivers\etc folder.
H.323 gatekeeper
The nerve center for networks that adhere to H.323. Gatekeepers authorize and authenticate terminals and gateways-manage bandwidth-and oversee call routing-accounting-and billing. Gatekeepers are optional on H.323 networks.
RIP (Routing Information Protocol)
The oldest routing protocol that is still widely used-RIP is a distance-vector protocol that uses hop count as its routing metric and allows up to only 15 hops. It is considered an IGP. Compared with other-more modern-routing protocols-RIP is slower and less secure.
performance management
The ongoing assessment of how well network links-devices-and components keep up with demands on them.
Ethernet II
The original Ethernet frame type developed by Digital Equipment Corporation-Intel-and Xerox-before the IEEE began to standardize Ethernet. Ethernet II is distinguished from other Ethernet frame types in that it contains a 2-byte type field to identify the upperlayer protocol contained in the frame. It supports TCP/IP and other higher-layer protocols.
SNMPv1 (Simple Network Management Protocol version 1)
The original version of SNMP-released in 1988. Because of its limited features-it is rarely used on modern networks.
sheath
The outer cover-or jacket-of a cable.
SYN-ACK (synchronization-acknowledgment)
The packet a node sends to acknowledge to another node that it has received a SYN request for connection. The SYN-ACK packet is the second of three in the three-step process of establishing a connection.
SYN (synchronization)
The packet one node sends to request a connection with another node on the network. The SYN packet is the first of three in the three-step process of establishing a connection.
backbone
The part of a network to which segments and significant shared devices (such as routers-switches-and servers) connect. A backbone is sometimes referred to as "a network of networks" because of its role in interconnecting smaller parts of a LAN or WAN.
local loop
The part of a phone system that connects a customer site with a telecommunications carrier's switching facility.
DMZ (demilitarized zone)
The perimeter of a protected-internal network where users-both authorized and unauthorized-from external networks can attempt to access it. Firewalls and IDS/IPS systems are typically placed in the DMZ.
collision domain
The portion of an Ethernet network in which collisions could occur if two nodes transmit data at the same time. Switches and routers separate collision domains.
network ID
The portion of an IP address common to all nodes on the same network or subnet.
DHCP scope
The predefined range of addresses that can be leased to any network device on a particular segment.
route prefix
The prefix in an IPv6 address that identifies a route. Because route prefixes vary in length-slash notation is used to define them. For example-the route prefix indicated by 2608:FE10::/32 includes all subnets whose prefixes begin with 2608:FE10 and-consequently-all interfaces whose IP addresses begin with 2608:FE10.
voltage
The pressure (sometimes informally referred to as the strength) of an electrical current.
scanning
The process a wireless station undergoes to find an access point. See also active scanning and passive scanning.
sequencing
The process of assigning a placeholder to each piece of a data block to allow the receiving node's Transport layer to reassemble the data in the correct order.
software distribution
The process of automatically transferring a data file or installing a software application from the server to a client on the network.
address management
The process of centrally administering a finite number of network addresses for an entire LAN. Usually this task can be accomplished without touching the client workstations.
asset management
The process of collecting and storing data on the number and types of software and hardware assets in an organization's network. The data collection is automated by electronically examining each network client from a server.
bonding
The process of combining more than one bearer channel of an ISDN line to increase throughput. For example-BRI's two 64-Kbps B channels are bonded to create an effective throughput of 128 Kbps.
authentication
The process of comparing and matching a client's credentials with the credentials in the NOS user database to enable the client to log on to the network.
traffic monitoring
The process of determining how much data transfer activity is taking place on a network or network segment and notifying administrators when a segment becomes overloaded.
license tracking
The process of determining the number of copies of a single application that are currently in use on the network and whether the number in use exceeds the authorized number of licenses.
dial-up networking
The process of dialing into a remote access server to connect with a network-be it private or public.
load balancing
The process of distributing data transfer activity evenly so that no single device is overwhelmed.
tunneling
The process of encapsulating one type of protocol in another. Tunneling is the way in which higher-layer data is transported over VPNs by Layer 2 protocols.
security auditing
The process of evaluating security measures currently in place on a network and notifying the network administrator if a security breach occurs.
certification
The process of mastering material pertaining to a particular hardware system-operating system-programming language-or other software program-then proving your mastery by passing a series of exams.
reassembly
The process of reconstructing data units that have been segmented.
port forwarding
The process of redirecting traffic from its normally assigned port to a different port-either on the client or server. In the case of using SSH-port forwarding can send data exchanges that are normally insecure through encrypted tunnels.
disaster recovery
The process of restoring critical functionality and data to a network after an enterprise-wide outage that affects more than a single system or a limited group of users.
regeneration
The process of retransmitting a digital signal. Regeneration-unlike amplification-repeats the pure signal-with none of the noise it has accumulated.
restoring
The process of retrieving files from a backup. It is necessary to restore files if the original files are lost or deleted.
subnetting
The process of subdividing a single class of network into multiple-smaller networks.
encapsulate
The process of wrapping one layer's PDU with protocol information so that it can be interpreted by a lower layer. For example-Data Link layer protocols encapsulate Network layer packets in frames.
Network+ (Net+)
The professional certification established by CompTIA that verifies broad-vendor-independent networking technology skills-such as an understanding of protocols-topologies-networking hardware-and network troubleshooting.
A+
The professional certification established by CompTIA that verifies knowledge about PC operation-repair-and management
scalable
The property of a network that allows you to add nodes or increase its size easily.
routable
The protocols that can span more than one LAN because they carry Network layer and addressing information that can be interpreted by a router.
VoIP (Voice over IP)
The provision of telephone service over a packet-switched network running the TCP/IP protocol suite.
Internet telephony
The provision of telephone service over the Internet.
bend radius
The radius of the maximum arc into which you can loop a cable before you will cause data transmission errors. Generally-a twisted pair cable's bend radius is equal to or greater than four times the diameter of the cable.
2.4-GHz band
The range of radio frequencies from 2.4 to 2.4835 GHz. The 2.4-GHz band-which allows for 11 unlicensed channels-is used by WLANs that follow the popular 802.11b and 802.11g standards. However-it is also used for cordless telephone and other transmissions-making the 2.4-GHz band more susceptible to interference than the 5-GHz band.
videoconferencing
The real-time reception and transmission of images and audio among two or more locations.
radiation pattern
The relative strength over a three-dimensional area of all the electromagnetic energy an antenna sends or receives.
echo request
The request for a response generated when one device pings another device.
impedance
The resistance that contributes to controlling an electrical signal. Impedance is measured in ohms.
echo reply
The response signal sent by a device after another device pings it.
negative frame sequence check
The result of the CRC (cyclic redundancy check) generated by the originating node not matching the checksum calculated from the data received. It usually indicates noise or transmission problems on the LAN interface or cabling. A high number of (nonmatching) CRCs usually results from excessive collisions or a station transmitting bad data.
addressing
The scheme for assigning a unique identifying number to every workstation and device on the network. The type of addressing used on a network depends on its protocols and network operating system.
Data Link layer
The second layer in the OSI model. The Data Link layer bridges the networking media with the Network layer. Its primary function is to divide the data it receives from the Network layer into frames that can then be transmitted by the Physical layer.
SNMPv2 (Simple Network Management Protocol version 2)
The second version of SNMP-which improved on SNMPv1 with faster performance and slightly better security-among other features.
event log
The service on Windows-based operating systems that records events-or the ongoing record of such events.
Internet services
The services that enable a network to communicate with the Internet-including Web servers and browsers-file transfer capabilities-Internet addressing schemes-security filters-and a means for directly logging on to other computers.
Application layer
The seventh layer of the OSI model. Application layer protocols enable software programs to negotiate formatting-procedural-security-synchronization-and other requirements with the network.
dotted decimal notation
The shorthand convention used to represent IPv4 addresses and make them more easily readable by humans. In dotted decimal notation-a decimal number between 0 and 255 represents each binary octet. A period-or dot-separates each decimal.
distance-vector
The simplest type of routing protocols-these determine the best route for data based on the distance to a destination. Some distance-vector routing protocols-like RIP-only factor in the number of hops to the destination-while others take into account latency and other network traffic characteristics.
root bridge
The single bridge on a network selected by the Spanning Tree Protocol to provide the basis for all subsequent path calculations.
bus
The single cable connecting all devices in a bus topology.
Presentation layer
The sixth layer of the OSI model. Protocols in the Presentation layer translate between the application and the network. Here-data are formatted in a schema that the network can understand-with the format varying according to the type of network used. The Presentation layer also manages data encryption and decryption-such as the scrambling of system passwords.
soft skills
The skills such as customer relations-oral and written communications-dependability-teamwork-and leadership abilities-which are not easily measured-but are nevertheless important in a networking care
ICA (Independent Computing Architecture)
The software from Citrix Systems-Inc.-that-when installed on a client-enables the client to connect with a host computer and exchange keystrokes-mouse clicks-and screen updates. Citrix's ICA client can work with virtually any operating system or application.
Routing and Remote Access Service (RRAS)
The software included with Windows operating systems that enables a server to act as a router-firewall-and remote access server. Using RRAS-a server can provide network access to multiple remote clients.
device driver
The software that enables an attached device to communicate with the computer's operating system.
NOS (network operating system)
The software that runs on a server and enables the server to manage data-users-groups-security-applications-and other networking functions. The most popular network operating systems are UNIX-Linux-and Microsoft Windows Server 2008 R2
integrity
The soundness of a network's files-systems-and connections. To ensure integrity-you must protect your network from anything that might render it unusable-such as corruption-tampering-natural disasters-and viruses.
subprotocols
The specialized protocols that work together and belong to a protocol suite.
RJ-45 (registered jack 45)
The standard connector used with shielded twisted pair and unshielded twisted pair cabling.
RJ-11 (registered jack 11)
The standard connector used with unshielded twisted pair cabling (usually Cat 3 or Level 1) to connect analog telephones.
domain name
The symbolic name that identifies a domain. Usually-a domain name is associated with a company or other type of organization-such as a university or military unit.
T-carrier
The term for any kind of leased line that follows the standards for T1s-fractional T1s-T1Cs-T2s-T3s-or T4s.
open source
The term that describes software whose code is publicly available for use and modification.
GEO (geosynchronous earth orbit)
The term used to refer to a satellite that maintains a constant distance from a point on the equator at every point in its orbit. Geosynchronous orbit satellites are the type used to provide satellite Internet access.
xDSL
The term used to refer to all varieties of DSL.
noise
The unwanted signals-or interference-from sources near network cabling-such as electrical motors-power lines-and radar.
LLC (Logical Link Control) sublayer
The upper sublayer in the Data Link layer. The LLC provides a common interface and supplies reliability and flow control services.
encryption
The use of an algorithm to scramble data into a format that can be read only by reversing the algorithm-decrypting the data-to keep the information private. The most popular kind of encryption algorithm weaves a key into the original data's bits-sometimes several times in different sequences-to generate a unique data block.
PKI (Public-key Infrastructure)
The use of certificate authorities to associate public keys with certain users.
war chalking
The use of chalk to draw symbols on a sidewalk or wall within range of an access point. The symbols-patterned after marks that hobos devised to indicate hospitable places for food or rest-indicate the access point's SSID and whether it's secured.
convergence
The use of data networks to carry voice (or telephone)-video-and other communications services in addition to data.
redundancy
The use of more than one identical component-device-or connection for storing-processing-or transporting data. Redundancy is the most common method of achieving fault tolerance.
ipconfig
The utility used to display TCP/IP addressing and domain name information in the Windows client operating systems.
DHCPv4
The version of DHCP used with IPv4. DHCPv4 uses port number 67 for clientto- server communications and port number 68 for server-to-client communications.
DHCPv6
The version of DHCP used with IPv6. DHCPv6 uses port number 546 for clientto- server communications and port number 547 for server-to-client communications.
ICMPv6
The version of ICMP used with IPv6 networks. ICMPv6 performs the functions that ICMP-IGMP-and ARP perform in IPv4. It detects and reports data transmission errors-discovers other nodes on a network-and manages multicasting.
ping6
The version of the PING utility used on Linux computers that run IPv6.
3G
Third-generation mobile phone service-released in the early 2000s-that specifies throughputs of 384 Kbps and packet switching for data (but not voice) communications.
route
To intelligently direct data between networks based on addressing-patterns of usage-and availability of network segments.
transmit
To issue signals to the network medium.
backleveling
To revert to a previous version of a software application after attempting to upgrade it.
ping
To send an echo request signal from one node on a TCP/IP-based network to another-using the PING utility. See also PING.
internetwork
To traverse more than one LAN segment and more than one type of network through a router.
hacker
Traditionally-a person who masters the inner workings of operating systems and utilities in an effort to better understand them. More generally-an individual who gains unauthorized access to systems or networks with or without malicious intent.
100-pair wire
UTP supplied by a telecommunications carrier that contains 100 wire pairs.
25-pair wire
UTP supplied by a telecommunications carrier that contains 25 wire pairs.
spam
Unsolicited-unwanted e-mail.