Network collection
Network Layer
3. Converts the segments from the transport layer into packets and is responsible for path determination, routing delivering of these packets, and logical addressing
Sub-layers of Data Link (Layer 2)
"LLC Sublayer" and "MAC Sublayer"
wiring schematic
A combination of a floor plan and a physical network topology. Similar to physical network diagrams, you can see the nodes on the network and how they are physically connected.
CSU/DSU (Channel Service Unit/Data Service Unit)
A combination of two WAN connectivity devices on a Frame Relay network that work together to connect a digital WAN line with a customer's LAN.
tracert
A command that determines the route data takes to get to a particular destination.
arp utility
A command that enables an administrator to view and manipulate the ARP cache, including deleting it or adding an entry to it.
arping
A command used to discover hosts on a network, similar to ping, but that relies on ARP rather than ICMP. The arping command won't cross any routers, so it will only work within a broadcast domain.
coax
A common abbreviation for coaxial cable.
Protocols
A common language all network devices can use. Usually comes in a a suite of several protocols with different purposes
Challemge-Response Authentication Mechanism Message Digest 5 (CRAM-MD5)
A common variant of HMAC frequently used in email systems. Like CHAP, CRAM-MD5 only preforms one way authentication. (The server authenticates the client)
dial-up modem
A communication device that converts a computer's digital signals into analog signals before transmission over telephone lines.
synchronous communications
A communication method in which a byte is sent in a standardized time interval, enabling the receiver to use the predetermined time interval as the means to distinguish between bytes in the data stream.
asynchronous communications
A communication method in which special start and stop bit patterns are inserted between each byte of data allowing the receiver to distinguish between the bytes in the data stream.
LDAP (Lightweight Directory Access Protocol)
A communications protocol that defines how a client can access information, perform operations, and share directory data on a server.
SMTP (Simple Mail Transfer Protocol)
A communications protocol that enables sending email from a client to a server or between servers.
Host based IPS (HIPS)
A HIPS system is a computer running intrusion prevention software for the purpose of protecting the computer from attacks.
Logical Addressing
A IP address that is assigned to it for the purpose of routing between networks.It operates at the network layer
PDH (Plesiochronous Digital Hierarchy)
A communications standard that can carry data over fibre optic or microwave radio systems.
bottleneck
A component of a system that performs poorly when compared to other components and reduces the overall system performance.
JPEG (Joint Photographic Experts Group)
A compressed graphical file format that reduces the file size.
network scanner
A computer program used for scanning networks to obtain user names, host names, groups, shares, and services. Also known as network enumerators.
switched Ethernet
A LAN technology that connects computers using switches, enabling the devices on each switched connection to utilize the full bandwidth of the medium.
STP (Spanning-Tree Protocol)
A Layer 2 protocol that is used for routing and prevents network loops by adopting a dynamic routing method.
PPTP (Point-to-Point Tunneling Protocol)
A Microsoft VPN layer 2 protocol that increases the security of PPP by providing tunneling and data encryption for PPP packets and uses the same authentication methods as PPP.
routing table
A database created manually or by a route-discovery protocol that contains network addresses as perceived by a specific router. A router uses its route table to forward packets to another network or router.
tracert command
A Microsoft Windows based command that displays every router hop along the path from a source host to a destination host on an IP network. Information about a router hop can include such information as the IP address of the router hop and the round trip delay of that router hop.
ipconfig command
A Microsoft Windows command that can be used to display IP address configuration parameters on a PC. In addition, if DHCP is used by the PC, the ipconfig command can be used to release and renew a DHCP lease, which is often useful during troubleshooting.
Network based IDS (NIDS)
A NIDS device is a network appliance dedicated to the purpose of acting as an IDS sensor.
Network based IPS (NIPS)
A NIPS device is a network appliance dedicated to the purpose of acting as an IPS sensor.
DMZ (Demilitarized Zone)
A "catch-all" host for requests on non-configured ports. Used so that port forwarding doesn't have to be configured for each service, and as a security feature so that all non-port-forwarded traffic can be directed to a single host.
All People Seem To Need Data Processing
A acronym to help you remember the 7 layers of the OSI Model. Application, Presentation, Session, Transport, Network, Data Link, Physical
RARP (Reverse Address Resolution Protocol)
A allows a node on a local area network to discover its IP address from a router's ARP table or cache.
demarc
A demarcation point where a building's wiring ends and the telephone company's wiring begins.
demarc extension
A demarcation point where a network connectivity line terminates within or just outside of a building and may need to be extended further to accommodate the extended connectivity segment.
Class D addresses
A block of IP addresses from 224.0.0.0 to 239.255.255.255 used to support multicast sessions.
Class E addresses
A block of IP addresses from 240.0.0.0 to 255.255.255.255 used for research and experimentation purposes.
Class A addresses
A block of iP addresses from 1.0.0.0 to 127.255.255.255 that provides the largest number of nodes (16,777,214) for the smallest number of networks (126), thus increasing the number of nodes per network.
Class B addresses
A block ofiP addresses from 128.0.0.0 to 191.255.255.255 that provides a good balance between the number of networks and the number of nodes per network-16,382 networks of 65,534 nodes each.
Open
A broken strand of copper that prevents current from flowing through a circuit.
cache
A buffer that is used when reading information from a disk or RAM.
1Pv6 address
A 128-bit hexadecimal number assigned to a computer on a TCP/IP network.
AUI connector (Attachment Unit Interface connector)
A 15-pin D-shaped connector. Also known as a DIX connector, named for the three companies that invented it Digital Equipment Corporation (DEC), Intel, and Xerox.
warm site
A business site that performs noncritical functions under normal conditions, but which can be rapidly converted to a key operations site if needed .
IDF (Intermediate Distribution Frame)
A cable rack that interconnects the telecommunications wiring between an MDF and any workstation devices.
MDF (Main Distribution Frame)
A cable rack that interconnects the telecommunications wiring between itself and any number of IDFs.
packet sniffer
A device or program that monitors network communications and captures data.
AP (Access Point)
A device or software that facilitates communication and provides enhanced security to wireless devices.
Hub
A device that allows multiple computers to communicate with each other over a network. It has several Ethernet ports that are used to connect two or more network devices together
STA (Station)
A device that contains an IEEE 802.11 conformant MAC interface to a wireless medium with an Ethernet-like driver interface.
wireless antenna
A device that converts high frequency signals on a cable into wireless electromagnetic waves and vice versa.
Analog Modem
A device that converts the computer's digital pulses to tones that can be carried over analog telephone lines, and vice versa.
T -carrier system
A digital and packet switched system that makes communication more scalable than the analog, circuit-switched systems.
ISDN (Integrated Services Digital Network)
A digital circuit switching technology that carries both voice and data.
on-off keying
A digital data transmission encoding scheme in which a change in voltage from one state to another within a predetermined interval is symbolized by a 1.
SSID (Service Set Identifier)
A 32-bit alphanumeric string that identifies a WAP and all devices attached to it.
1Pv4 address
A 32-bit binary number assigned to a computer on a TCP /IP network.
subnet mask
A 32-bit number assigned to each host for dividing the 32-bit binary IP address into network and node portions.
top
A CPU usage monitoring tool that provides a static snapshot, or a realtime display of the processes currently running on a CPU.
TACACS+ (TACACS Plus)
A Cisco proprietary product that uses TCP port 49, supports multifactor authentication and is considered more secure and scalable than RADIUS.
Cable tester
A cable tester can test the conductors in an Ethernet cable. It contains two parts. By connecting these parts of the cable tester to each end of a cable under test, you can check the wires in the cable for continuity. In addition, you can verify that an RJ-45 connector has the correct pinout.
disaster
A catastrophic loss of system functioning due to a cause that cannot reasonably be foreseen or avoided.
ATM (Asynchronous Transfer Mode)
A cell-switching network technology designed for the high-speed transfer of voice, video, and data in LANs, WANs, and telephone networks.
group policy
A centralized configuration management feature available for Active Directory on Windows Server systems.
DSH (Digital Signal Hierarchy)
A channelized data transmission standard used to multiplex several single data or voice channels for a greater total bandwidth.
vampire tap
A clamshell-like device that clamps over an RG8 cable, making contact with its conductors, and permitting a networking device to connect to the ThickNet segment.
custom TCP/IP subnet
A class of leased addresses that are divided into smaller groups to serve a network's needs.
flow control
A class of technique for optimizing the exchange of data between systems.
TIFF (Tagged Image File Format)
A digital format used to handle images used in publishing and photography.
Manchester encoding
A digital transmission encoding scheme that represents the transition from positive to ground with a 0 and a negative to positive voltage transition in the middle of the bit period designates a binary 1.
point-to-point connection
A direct connection between two nodes on a network.
PBX parachute
A disaster recovery service provided by virtual PBX that keeps the phone service running in case of power failure.
IGRP (Interior Gateway Routing Protocol)
A distance-vector routing protocol developed by Cisco as an improvement over RIP and RIP v2.
FDDI (Fiber Distributed Data Interface)
A dual-ring, token-passing fiber network that operates at 100 Mbps.
cold spare
A duplicate piece of backup equipment that can be configured to use as an alternate if needed.
Dynamic IP addressing
A dynamic IP address is an IP address that's automatically assigned to each connection, or node, of a network. This automatic assignment of IP addresses is done by what's called a DHCP server.
802.x
A family of networking standards developed by IEEE.
full duplex
A feature of NIC that allows multiple devices to send and receive data simultaneously without data collision.
Remote Access
A feature that allows an administrator to access client systems from any location on the network.
zone
A file that physically divides the DNS database and contains the actual IP-to-host name mappings for one or more domains.
EFS (Encrypting File System)
A file-encryption tool available on Windows systems that have partitions formatted with NTFS.
Firewall
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
microwave transmission
A form of point-to-point wireless transmission over unbounded media in which signals are sent via pulses of electromagnetic energy in the microwave region of the spectrum.
spread spectrum
A form of radio transmission in which the signal is sent over more than one frequency to discourage eavesdropping.
VLSM (Variable Length Subnet Mask)
A classless subnet mask that can be customized to a different length for each subnet based on the number of nodes on that subnet.
Kerberos
A client server authentication protocol that supports mutual authentication between a client and a server. Kerberos uses the concept of a trusted third party that hands out tickets to be used instead of a username and password combination.
NFS (Network File System)
A client/ server application that enables users to access shared files stored on different types of computers and work with those files as if they were stored locally on their own computers.
standard
A measure of adherence to the network policy.
hertz
A measure of the number of cycles per second in an analog signal. One cycle per second equals one hertz.
TDR (Time-Domain Reflectometer)
A measuring tool that transmits an electrical pulse on a cable and measures the way the signal reflects back on the TDR to determine network issues.
controlled media access
A media access method in which a central device or system controls when and for how long each node can transmit Also called deterministic media access.
contention-based media access
A media access method in which nodes compete or cooperate among themselves for media access time. Also called competitive media access.
Baseline
A collection of data portraying the characteristics of a network under normal operating conditions. Data collected while troubleshooting can then be contrasted against baseline data.
rollup
A collection of previously issued patches and hotflxes, usually meant to be applied to one component of a system, such as the web browser or a particular service.
Software firewall
A computer running firewall software. For example, the software firewall could protect the computer itself. Alternatively, a software firewall could be a computer with more than one network interface card that runs firewall software to filter traffic flowing through the computer.
DNS records
A DNS record is a database record used to map a URL to an IP address. DNS records are stored in DNS servers and work to help users connect their websites to the outside world.
NS (Name Server)
A DNS record that delegates a DNS zone to use the given authoritative name servers.
MX (Mail Exchange)
A DNS record that maps a domain name to a mail exchange server list.
CNAME (Canonical name record)
A DNS record that maps multiple canonical names (aliases) to one A record.
PTR (Pointer)
A DNS record that maps the IP address to a host name for reverse lookup functionality.
DNS Servers
A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases, serves to resolve, or translate, those common names to IP addresses as requested.
Ethernet frame
A data packet that has been encoded on the Data Link layer for transmission from one node to another on an Ethernet network.
store and forward
A data transmission method used to send data to a server or router where the data is stored until the next hop becomes available.
tunneling
A data transport technique in which a data packet is transferred inside the frame or packet of another protocol, enabling the infrastructure of one network to be used to travel to another network.
certificate repository
A database containing digital certificates.
FDM (Frequency-Division Multiplexing)
A multiplexing method in which data from multiple nodes is sent over multiple frequencies or channels, over a network medium.
Hardware firewall
A network appliance dedicated to the purpose of acting as a firewall. This appliance can have multiple interfaces for connecting to areas of a network requiring varying levels of security.
DoS attack (Denial of Service attack)
A network attack in which an attacker disables systems that provide network services by consuming a network link's available bandwidth, consuming a single system's available resources, or exploiting programming flaws in an application or operating system.
peer-to-peer network
A network in which resource sharing, processing, and communications control are completely decentralized.
client/server network
A network in which servers provide resources to clients.
OSI reference model (Open Systems Interconnection)
A network model developed by ISO for communication through open system networks.
endpoint
A network node that is the source or destination for data transfer.
redistribution point
A network node that is used to transfer data.
Denial of service (DoS)
A DoS attack floods a system with an excessive amount of traffic or requests, which consumes the systems processing resources and prevents the system from responding to many legitimate requests.
botnet
A collection of software robots run by a command and control program that is controlled by a person.
service pack
A collection of system updates that can include functionality enhancements, new features, and typically all patches, updates, and hotfixes issued up to the point of the release of the service pack.
Collision
A collision occurs when two devices on an Ethernet network simultaneously transmit a frame. Because an Ethernet segment cannot handle more than one frame at a time, both frames become corrupted.
Crimping Tool/Crimper
Connects media to a connector. Most crimping tools used for twisted pair cabling. **connects cable to connector/clip (male)
WAN (Wide Area Network)
A network that spans multiple geographic locations, connecting multiple LANs using long-range transmission media.
open system network
A network that supports multiple communication protocol suites that different vendors develop.
logical star topology
A network topology in which a central device controls network access for nodes that are wired as a physical bus.
physical ring topology
A network topology in which all network nodes are connected in a circle.
logical bus topology
A network topology in which all nodes receive the data transmission at the same time, regardless of the physical wiring layout of the network.
logical ring topology
A network topology in which each node receives data only from its upstream neighbor and retransmits it only to its downstream neighbor, regardless of the physical layout of the network.
physical mesh topology
A network topology in which each node has a direct, point-to-point connection to every other node.
physical star topology
A network topology that uses a central connectivity device with separate point-to-point connections to each node.
flooding
A network transmission state in which data arrives at a receiving node too quickly to be processed.
Nessus
A network vulnerability scanner available from Tenable Network Security.
Nmap
A network vulnerability scanner.
Private Networks
A network within a corporation can only be accessed only by users working for with that corporation
unbounded media
A networking medium that does not use a physical connection between devices and can transmit electromagnetic signals through the air using radio waves, microwaves, or infrared radiation.
bounded media
A networking medium that uses a physical conductor, typically made of metal or glass.
HTTP
Hypertext Transfer Protocol
HTTPS
Hypertext Transfer Protocol Secure
access control
In security terms, the process of determining and assigning privileges to various resources, objects, and data.
Full Duplex
A node can transmit and receive at the same time.
Half Duplex
A node can transmit or receive, but not both at the same time.
differential signaling
A noise reduction technique in which the signals from two inputs are compared; signals that are identical on the two inputs are ignored, while those that are different on the inputs are accepted
BGP (Border Gateway Protocol)
A path-vector protocol used by ISPs to establish routing between one another.
IBSS (Independent Basic Service Set)
A peer-to-peer network where each wireless station acts as both a client and a wireless AP.
ad-hoc mode
A peer-to-peer wireless configuration where each wireless workstation talks directly to other workstations.
intranet
A private network that uses Internet protocols and services to share a company's information with its employees.
Reverse Proxy
A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server.
HTTPS (HTTP Secure)
A secure version of HTTP that provides a secure connection between web browser and a server.
authorization
In security terms, the process of determining what rights and privileges a particular entity has.
serial cable
A serial cable is a type of bounded network media that transfers information between two devices using serial transmission.
accountability
In security terms, the process of determining who to hold responsible for a particular activity or event.
CARP (Common Address Redundancy Protocol)
A redundancy protocol that allows a number of computers to be grouped together to use a single virtual network interface between them.
auditing
In security terms, the process of tracking and recording system activities and resource access. Also known as accounting.
virtual server
A remote software tool that can run its own operating systems or applications, similar to a physical server.
ICA (Independent Computing Architecture)
A remote terminal protocol used by Citrix MetaFrame and MetaFrame XP software as add-ons to Microsoft Terminal Services.
PAP (Password Authentication Protocol)
A remote-access authentication method that sends client IDs and passwords as cleartext
logical state
A representation of digital data in the binary form of 1 's and 0's corresponding to the different voltage levels for mathematical reasons and to describe the working of digital devices.
VPN (Virtual Private Network)
Like LANs that are spread across the Internet so that multiple remote clients can connect to one logical network.
LACP
Link Aggregation Control Protocol
LC
Local Connector
LEC
Local Exchange Carrier
nm
Nanometer
CA (Certificate Authority)
A server that can issue digital certificates and the associated public/private key pairs.
10Base standards
A set of standards that describes the media type and the speeds at which each type of media operates
RAID (Redundant Array of Independent or Inexpensive Disks)
A set of vendor-independent specifications for fault-tolerant configurations on multiple-disk systems.
NNTP
Network News Transport Protocol
NTP
Network Time Protocol
POP
Post Office Protocol
POP3
Post Office Protocol version 3
butt set
A special type of telephone used by telecom technicians when installing and testing local lines. Also known as a lineman's test set.
security incident
A specific instance of a risk event occurring, whether or not it causes damage.
key
A specific piece of information that is used in conjunction with an algorithm to perform encryption and decryption in cryptography.
IEEE 802.1 x
A standard for securing networks by implementing EAP as the authentication protocol over either a wired or wireless Ethernet LAN, rather than the more traditional implementation of EAP over PPP.
ES (Edge System)
A system on a Frame Relay network that efficiently manages traffic between a user and the backbone network.
proxy server
A system that isolates internal networks from the servers by downloading and storing files on behalf of clients.
certificate management system
A system that provides the software tools to perform the day-to-day functions of a PKI.
change management
A systematic way of approving and executing change in order to assure maximum security, stability, and availability of information technology services.
FAT (File Allocation Table)
A table on a hard disk maintained by the operating system that provides a map of clusters that files have been stored in.
ARP cache
A table used to maintain a correlation between each MAC address and its corresponding IP address.
EIA (Electronic Industries Alliance)
A trade association accredited by ANSI to develop and jointly issue standards for telecommunications and electronics.
IP Security (IPsec)
A type of VPN that provides confidentiality, integrity, and authentication.
fixed length window
A type of data window in which each block of packets is of the same size. Typically, fixed length windows are small to avoid flooding the buffers of less-powerful receivers.
protocol analyzer
A type of diagnostic software that can examine and display data packets that are being transmitted over a network. Also called a network analyzer.
DC (Direct Current)
A type of electric current that flows unidirectionally.
phishing
A type of email-based social engineering attack, in which the attacker sends email from a spoofed source, such as a bank, to try to elicit private information from the victim.
singlemode fiber
A type of fiber optic cable that carries a single optical signal.
IP spoofing attack
A type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system.
malicious code attack
A type of software attack where an attacker inserts malicious software into a user's system.
port scanner
A type of software that searches a network host for open ports.
impersonation
A type of spoofing in which an attacker pretends to be someone they are not, typically an average user in distress, or a help desk representative.
Token ring
A type of technology used on ring networks in which computers pass a special sequence of bits called a token between them.
UTP (Unshielded Twisted Pair)
A type of twisted pair cabling that does not include shielding around its conductors.
NRZI (Non-Return to Zero Inverted)
A variation of the on-off keying digital transmission encoding scheme.
SVC (Switched Virtual Circuit)
A virtual circuit associated with dial-up and demand-dial connections and provide more flexibility than PVCs, allowing a single connection to an endpoint to connect to multiple endpoints as needed.
PVC (Permanent Virtual Circuit)
A virtual circuit associated with leased lines and connects two endpoints, which are always on.
RF
Radio Frequency
RFI
Radio Frequency Interference
RG
Radio Guide
ThinNet
Refers to Ethernet networking over RG58/U or RG58A/U cabling.
ThickNet
Refers to Ethernet networking over RG8 cabling.
plenum
Refers to an air handling space, including ducts and other parts of the HVAC system in a building.
VCC (Vertical Cross-Connect)
Refers to cables that run vertically between floors in a building, or vertically between equipment in an equipment rack.
Network Administration
Refers to day-to-day management maintenance and configuration of networks.
in phase
Refers to two waves of the same frequency that begin at the same time.
out of phase
Refers to two waves that either start at an offset from each other or have different frequencies.
Duplex Mode
Refers to whether the traffic is one-way (talk or listen) or two-way (talk and listen).
RJ
Registered Jack
active IDS
An IDS that detects a security breach according to the parameters it has been configured with, logs the activity, and then takes the appropriate action to block the user from the suspicious activity.
passive IDS
An IDS that detects potential security breaches, logs the activity, and alerts security personnel.
802.11
An IEEE standard that specifies an over-the-air interface between a wireless client and a base station or between two wireless clients.
802.2
An IEEE standard used to address the need for MAC sub-layer addressing in bridges.
802.3
An IEEE standard used to standardize Ethernet and expand it to include a wide range of cable media.
default gateway
An IP address of the router that routes remote traffic from the computer's local subnet to remote subnets.
NIPS (Network-based IPS)
An IPS that is a host that prevents an intrusion on another host that resides on a different IP address and takes actions to prevent an intrusion.
HIPS (Host-based IPS)
An IPS that resides on a computer and uses a specific IP address. It detects and prevents the actions malicious code attempts to modify the system.
Authentication Header (AH)
An IPsec protocol that provides authentication and integrity services. However, it does not provide encryption sevices.
Encapsulating Security Payload (ESP)
An IPsec protocol that provides authentication, integrity, and encryption services.
satellite Internet
An Internet connection method that uses a satellite network.
NTP (Network Time Protocol)
An Internet protocol that enables synchronization of computer clock times in a network of computers by exchanging time signals.
Data Link layer
An OSI layer responsible for error-free transfer of data packets between nodes on the network.
session hijacking attack
An attack where the attacker exploits a legitimate session to obtain unauthorized access to an organization's network or services.
IV attack
An attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except for the user or network.
Diameter
An authentication protocol that is an updated version of RADIUS and improves on some of its features.
RA (Registration Authority)
An authority in a PKI that processes requests for digital certificates from users.
transit autonomous systems
An autonomous system in which the source or the destination node does not reside within the system.
stub autonomous systems
An autonomous system in which the source or the destination node must exist within the system.
AC (Alternating Current)
An electrical current that switches its flow back and forth in a circuit
circuit tester
An electrical instrument that displays whether an electrical outlet is wired correctly.
voltmeter
An electrical instrument that measures voltage and resistance between two points in a circuit.
cable tester
An electrical instrument that verifies if a signal is transmitted by a cable. Also called a media tester.
digital signal
An electrical signal that can have combinations of only two values: one and zero.
tone locator
An electronic device that emits an audible tone when it detects a signal in a set of wires.
tone generator
An electronic device that sends an electrical signal through one set of UTP cables.
whaling
An email- or web-based form of phishing which targets particularly wealthy individuals. Also known as spear phishing.
spam
An email-based threat that floods the user's inbox with emails that typically carry unsolicited advertising material for products or other spurious content, and which sometimes delivers viruses.
threat
Any potential violation of security policies or procedures.
exterior router
Any router entirely outside an AS.
attack
Any technique that is used to exploit a vulnerability in any application on a computer system without authorization.
hybrid topology
Any topology that exhibits the characteristics of more than one standard network topology.
password attack
Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately.
hoax
Any type of incorrect or misleading information that is disseminated to multiple users through unofficial channels.
unauthorized access
Any type of network or data access that is not explicitly approved by an organization.
Joiners
Anyone who becomes a member of a social media site
Maximum transmission unit (MTU)
The largest packet size supported on an interface.
ISO (International Organization for Standardization)
The largest standards-development body in the world, comprising the national standards institutes of 162 countries.
PEAP (Protected Extensible Authentication Protocol)
Similar to EAP-TLS, PEAP was proposed as an open standard by a coalition made up of Cisco Systems, Microsoft, and RSA Security.
RDP
Remote Desktop Protocol
Multifactor authentication
Similar to two factor authentication, multifactor authentication requires two or more types of successful authentication before granting access to a network.
SGCP
Simple Gateway Control Protocol
SMTP
Simple Mail Transfer Protocol
SNAT
Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the internet
SSAPs
Source Service Access Points used to identify which protocol handler should process an incoming frame.
End-to- End Delivery
Source to Destination
Most common topology for wireless networks
Star- wireless technologies all connect to a single WAP
SOA
Start of Authority
SPI
Stateful Packet Inspection
SOW
Statement of Work
TDR Tool (Time Domain Reflectometer)
Sends signal down the wire and time how long it takes to bounce back.
SLIP
Serial Line Internet Protocol
SLA
Service Level Agreement
SSID
Service Set Identifier
SDP
Session Description Protocol
SIP
Session Initiation Protocol
Network Type/ Access Model
The manner and mode in which nodes communicate with each other and share information.
subnetting
The process of logically dividing a network into smaller subnetworks or subnets.
deciphering
The process of reversing a cipher.
routing
The process of selecting the best route for moving a packet from its source to destination on a network.
analog modulation
The process of superimposing a low frequency data signal over a high frequency carrier waveform.
LEAP (Lightweight Extensible Authentication Protocol)
The proprietary EAP implementation of Cisco Systems.
IGP (Interior Gateway Protocol)
The protocol responsible for exchanging routing information between gateways within an AS.
EGP (Exterior Gateway Protocol)
The protocol responsible for exchanging routing information between two neighboring gateways.
RDP (Remote Desktop Protocol)
The protocol used by Microsoft's Terminal Set.vices implementations.
Switch
a switch is a device that channels incoming data from any of multiple input ports to the specific output port that will take the data toward its intended destination.
bandwidth
the amount of data that can be transferred over a network in a certain amount of time.
wireless local area network
wlan uses high frequency radio waves rather than wires to communicate between nodes
WWW
world wide web
Online fraud
any attempt ti conduct Fraudulent activities online, including deceiving consumers into releasing personal info
Host
any part of the network that gives data out where client accesses the data from such as a server
client
any part of the network that receives data such as a work station
Web Services
any piece of software that makes itself available over the internet and uses a standardized XML messaging system.
XML
eXtensible Markup Language
EMI (electromagnetic interference)
electrical devices can be sources of EMI. standard UTP has minimal resistance to EMI, while fiber optic is highly resistant.
Digital media
electronic media the functions using digital codes; Refering to media available via digital devices
Examples of the Client Server Model
email, printer servers
Class C Subnets
default: 255.255.255.0 number of subnets: 2,097,152 hosts per subnet: 254
DLC (Data Link Control)
specialized protocol used for communication between pc and non-pc devices.
TDM (Time-Division Multiplexing)
A multiplexing method in which the communication channel is divided into discrete time slots that are assigned to each node on a network.
DWDM (Dense Wavelength Division Multiplexing)
A multiplexing technology that uses light wavelengths to transmit data.
network name
A name assigned to a node to help users and technicians recognize the device.
ANS (Authoritative Name Server)
A name server that responds to name-related queries in one or more zones.
GPS (Global Positioning System)
A navigational system that consists of a network of satellites with 24 active satellites and 3 in standby mode.
encapsulation
A process of adding delivery information to the actual data in each layer.
Zeroconf (Zero Configuration Networking)
A set of standards used for automatically configuring and allocating IP address on Ethernet as well as wireless networks.
network acknowledgment
A signal used by a communication protocol between nodes on a network to acknowledge receipt of data.
TFTP (Trivial File Transfer Protocol)
A simple version of FTP that uses UDP as the transport protocol, and does not require a logon to the remote host.
NetBIOS
A simple, broadcast-based naming service.
Virtual LAN (VLAN)
A single broadcast domain, representing a single subnet. Typically, a group of ports on a switch is assigned to a single VLAN. For traffic to travel between two VLANS, that traffic needs to be routed.
VPN concentrator
A single device that incorporates advanced encryption and authentication methods in order to handle a large number of VPN tunnels.
LC (Local Connector)
A small form factor ceramic ferrule connector for both singlemode and multimode fiber.
SOHO (Small office/home office)
A small network that can comprise up to 10 nodes.
DMZ (demilitarized zone)
A small section of a private network that is located between two firewalls and made available for public access.
VSAT (Very Small Aperture Terminal)
A small telecommunication Earth station that consists of a small antenna that transmits and receives signals from satellites.
patch
A small unit of supplemental code meant to address either a security problem or a functionality flaw in a software package or operating system.
sine wave
A smoothly oscillating curve that is the result of calculating the sine of the angles between zero and 360 and plotting the results.
IDS (Intrusion Detection System)
A software and/ or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress.
high bandwidth application
A software application or program that requires large amounts of network bandwidth for data transmission.
data window
A flow control technique in which multiple packets are sent as a unit. The recipient acknowledges each window rather than each packet, resulting in higher throughput.
buffering
A flow control technique in which received data is stored on a temporary high-speed memory location.
stateless firewall
A flrewall that manages and maintains the connection state of a session using the filter and ensures that only authorized packets are permitted in sequence.
stateful firewall
A flrewall that monitors communication paths and data flow on the network.
impedance
A force that opposes the flow of electricity in an AC circuit. Impedance is measured in ohms.
NAT (Network Address Translation)
A form of Internet security that conceals internal addressing schemes from external networks such as the Internet.
broadcast radio
A form of RF networking that is non-directional, uses a single frequency for transmission, and comes in low- and high-power versions.
man-in-the-middle attack
A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
spoofing
A human- or software-based attack where the goal is to pretend to be someone else for the purpose of identity concealment.
guessing
A human-based attack where the goal is to guess a password or PIN through brute force means or by using deduction.
X.25
A legacy packet switching network technology developed in the 1970s to move data across less than reliable public carriers.
IS-IS (Intermediate System to Intermediate System)
A link-state routing protocol used within a network.
Load balancer
A load balancer is a device that distributes network or application traffic across a cluster of servers. Load balancing improves responsiveness and increases availability of applications
broadcast domain
A logical area in a computer network where any node connected to the computer network can directly transmit to any other node in the domain without a central routing device.
DET (Directory Entry Table)
A logical link between a directory and the files it contains that is implemented by the NTFS.
tunnel
A logical path through the network that appears like a point-to-point connection.
subnet
A logical subset of a larger network, created by an administrator to improve network performance or to provide security.
Decibel (dB) loss
A loss of signal power. If a transmission's dB loss is too great, the transmission cannot be properly interpreted by the intended recipient.
ARP Cache Poisoning
A man-in-the-middle attack, where the attacker associates his MAC address with someone else's IP address, so all traffic will be sent to him first. The attacker sends out unsolicited ARPs, which can either be requests or replies
connector
A metal device at the end of a wire to connect video equipment and network nodes in a LAN.
NaaS (Network as a Service)
A method by which service providers lease resources on the network such as communication services and infrastructure.
cipher
A method for concealing the meaning of text.
unicast transmission
A method for data transfer from a source address to a destination address.
MPPE (Microsoft Point-to-Point Encryption)
A method of data encryption between PPP dial up connections or PPTP VPN connections.
load balancing
A method of dividing work among the devices on a network.
Prefix notation
A method of indicating how many bits are in a subnet mask. For example, /24 is prefix notation for a 24bit subnet mask. Prefix notation is also known as slash notation.
shielding
A method of placing grounded conductive material around the media to prevent the introduction of noise into the media.
satellite television
A method of relaying video and audio signals directly to the subscriber's television sets using geosynchronous satellites.
Dotted decimal notation
A method of writing an IPv4 address or subnet mask, where groups of 8 bits are separated by periods.
Traffic filtering
A method that allows only legitimate traffic through to the network.
PaaS (Platform as a Service)
A method that enables infrastructure and tools from the service provider so that the client does not need to manage them.
IaaS (Infrastructure as a Service)
A method that provides network resources such as for storage and allow the client can deploy software and add network components such as firewalls.
bluejacking
A method used by attackers to send out unwanted Bluetooth signals from PDAs, mobile phones, and laptops to other Bluetooth-enabled devices.
address munging
A method used by end users to provide a fake name or address to post on consumer websites or newsgroups.
RAS (Remote Access Services)
A method where the user can dial in and authenticate with the same account he or she uses at the office.
half duplex
A mode of communication that permits two-way transmission, but in only one direction at a time.
promiscuous mode
A mode of operation for network adapters that enables them to capture all packets sent across the network, regardless of the source or destination of the packets.
Client/Sever Model
A model, at least 1 computer acts like a server that holds resources that are accessed over a network by clients
Triple DES (3DES)
A more-secure variant of DES that repeatedly encodes the message using three separate DES keys.
BPL (Broadband over Powerlines)
A technology that allows domestic power lines for broadband transmission.
dedicated lines
A telecommunication path that is available 24 hours a day for use by a designated user.
satellite phone
A telephone system that relies on the satellite network to provide services, instead of the infrastructure of the local telephone switch.
attacker
A term for a user who gains unauthorized access to computers and networks for malicious purposes.
NAC (Network Access Control)
A term that refers to collected protocols, policies, and hardware that govern access on devices to and from a network.
Telnet
A terminal emulation protocol that allows users at one site to simulate a session on a remote host.
wire crimper
A tool that attaches media connectors to the ends of cables.
punch down tool
A tool used in a wiring closet to connect cable wires directly to a patch panel.
physical topology
A topology that describes a network's physical layout and shape.
logical topology
A topology that describes the data-flow patterns in a network.
wireless communication
A type of communication in which signals are transmitted over a distance without the use of a physical medium.
coaxial cable
A type of copper cable that features a central conductor surrounded by an insulator and braided or foil shielding.
sliding window
A type of data window in which block sizes are variable. Window size is continually reevaluated during transmission, with the sender always attempting to send the largest window it can to speed throughput.
multimode fiber
A type of fiber optic cable that carries multiple light signals on a single strand.
replay attack
A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.
remote networking
A type of network communication that enables users who are not at their physical locations to access network resources.
cell switching network
A type of network, similar to a packet switching network, in which data is transmitted as fixed-length packets called cells.
dictionary attack
A type of password attack that automates password guessing by comparing encrypted passwords against a predetermined list of possible password values.
digital certificate
An electronic document that associates credentials with a public key.
multimeter
An electronic measuring instrument that takes electronic measurements such as voltage, current, and resistance.
honeynet
An entire dummy network used to lure attackers.
IEEE (Institute of Electrical and Electronics Engineers)
An organization dedicated to advancing theory and technology in electrical sciences.
policy statement
An outline of the plan for the individual component on a network policy.
static routing
An type of routing used by a network administrator to manually specify the mappings in the routing table.
ASP
Application Service Provider
ASIC
Application Specific Integrated Circuit
Upper Layers of the OSI Model
Application, Presentation, Session
Which layers takes user input and converts it into data?
Application, Presentation, Session
IPSec Protocol
Internet Protocol Security (IPsec) is a network protocol suite that authenticates and encrypts the packets of data sent over a network
WINS Server
Microsoft's Version of a NetBIOS name server. Utilizes primary and secondary WINS server for redundancy and has more features than an ordinary NetBIOS server
BNC (Bayonet Neill-Concelman) Connector
Miniature quick connect/disconnect radio frequency connector used for coaxial cable. Similar to tv cable.
NIC
Network Interface Card
NIPS
Network Intrusion Prevention System
Disadvantages of Ring Topology
Same weaknesses of Bus Topology, along with adding the difficulty of adding a node to a token ring network.
SSL
Secure Sockets Layer
backoff
The random amount of time a node in a CSMA/CD network waits after a collision has occurred; a typical backoff period is a few milliseconds long.
troubleshooting
The recognition, diagnosis, and resolution of problems on a network.
cryptography
The science of hiding information to protect sensitive information and communication from unauthorized access.
non-repudiation
The security goal of ensuring that data remains associated with the party that creates it or sends a transmission.
privilege bracketing
The security method of allowing privileges to a user only when needed and revoking them as soon as the task is complete.
IRP (Incident Response Policy)
The security policy that determines the actions that an organization will take following a confirmed or potential secmity breach.
least privilege
The security principle that establishes that users and software should only have the minimal level of access that is necessary for them to perform the duties required of them.
ohm
The value of electrical resistance through which one volt will maintain a current of one ampere.
hash
The value that results from hashing encryption. Also known as hash value or message digest.
NetBIOS Sessions
Uses TCP Port 139, Provides Error Detection and Recovery, Session Layer of OSI Model, utilized by many Microsoft services
peer-to-peer
a controller network that simply connects computers to each other or to a device such as a printer but but a server is not necessary
Spectators
largest group consumers who read what other consumers produce but do not create any content themselves
Class A netid/hostid order
netid . hostid . hostid . hostid
Class B netid/hostid order
netid . netid . hostid . hostid
GRE
Generic Routing Encapsulation
Range of octets
0 to 255 (256 numbers that range from 0 to 2^8-1)
Class A first octet range
1 - 126
inter-domain routing
Routing a packet among different autonomous systems.
intra-domain routing
Routing a packet within an autonomous system.
Examples of central NetBIOS name resolution services
-DNS -NetBIOS Name Server -WINS Server
AAAA
A DNS record that maps the host name to its IP address using a 128-bit IPv6 address.
SOA (Start of Authority)
A DNS record that specifies authoritative information about a DNS zone.
Netstat
Depending on parameters, gives varying degrees of info about TCP/IP connections and protocols.
Physical Topology
Depicts how the cabling physically connects network devices
SNAT (Secure Network Address Translation)
Extension of NAT, one-to-one translation.
EGP
Exterior Gateway Protocol
DCE (Data Communications Equipment)
Interface devices such as modems on a Frame Relay network.
IGP
Interior Gateway Protocol
IDF
Intermediate Distribution Frame
IS-IS
Intermediate System to Intermediate System
ICMP
Internet Control Message Protocol
IGMP
Internet Group Multicast Protocol
IMAP4
Internet Message Access Protocol version 4
Access control list (ACL)
Rules typically applied to router interfaces, which specify permitted and denied traffic.
DNS (Domain Name System)
The naming service used on the Internet and many TCP/IP-based networks.
UDP
User Datagram Protocol
WINS
Window Internet Name Service
WEP
Wired Equivalent Privacy. Form of wireless security considered weak by today's standards. Replaced by WPA.
WAP
Wireless Application Protocol/Wireless Access Point
WLAN
Wireless Local Area Network
wireless adapter
the device that v you must have on your computer in order to connect tp a wireless network
mother board
the main circuit board of the microcomputer
Routing
the process of moving a packet of data from source to destination.
daemon
A background process that performs a specific operation.
Unified threat management (UTM)
A firewall or gateway that attempts to bundle multiple security functions into a single physical or logical device.
PVC (Polyvinyl Chloride)
A flexible rubber-like plastic used to surround some twisted pair cabling.
RSA
A popular and widely deployed asymmetric encryption algorithm.
pharming
An attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website.
FX vs TX
FX such as 100BaseFX is the same thing as 100BaseTX but with fiber optic connections and an SC or ST connector.
FC
Fibre Channel
FTP
File Transfer Protocol
FTPS
File Transfer Protocol Security
FDM
Frequency Division Multiplexing
Protocols in the Data Link layer
-Ethernet for LANs -PPP (Point-to-Point) -HDLC (High-Level Data Link Control) -ADCCP (Advanced Data Communication Control Procedures) for point-to-point connections -PTPPD - Point-To-Point Portal Device
Protocols in the Transport Layer
-TCP -UDP
network baseline
A baseline that documents the network's current performance level and provides a quantitative basis for identifying abnormal or unacceptable performance.
Physical Layer
1. Communicates directly with the physical media. It is responsible for activating, deactivating, and maintaining the physical link. It handles raw bits of data steam and places it on a wire to be picked up by the receiving node
Private network (Class A) range
10.0.0.0 - 10.255.255.255
What range is reserved as a "Loopback"
127.0.0.0 - 127.255.255.255
Class B first octet range
128 - 191
Number of bits in IPv6 address
128 bits
NetBIOS Names
16 bytes, usually 15 characters.
Private network (Class B) range
172.16.0.0 - 172.31.255.255
Class C first octet range
192 - 223
Private Network (Class C) range
192.168.0.0-192.168.255.255
Data Link Layer
2. Provides transparent network services to the Network layer. It converts the bits into frames and makes sure they are in the correct order. Also does error checking by adding a CRC to the frame s flow control.
Class C addresses
A block of IP addresses from 192.0.0.0 to 223.255.255.255 that provides the largest number of networks (2,097,150) and the smallest number of nodes per network (254).
DDoS attack (Distributed Denial of Service attack)
A software attack in which an attacker hijacks or manipulates multiple computers (through the use of zombies or drones) on disparate networks to carry out a DoS attack.
network analyzer
A software or hardware tool that integrates diagnostic and reporting capabilities to provide a comprehensive view of an organization's network.
antivirus software
A software program that scans a computer or network for known viruses, Trojans, worms, and other malicious software.
GPG
GNU Privacy Guard
Bluetooth
A wireless technology that facilitates short-range wireless communication between devices such as personal computers, laptop, cellular phones, and gaming consoles, thus creating a WPAN.
Blogs
AKA weblogs; web-based journals in which writers editorialize and interact with other users
ADSL
Asymmetric Digital Subscriber Line
voice over data systems
Communications systems that replace traditional telephone links by transmitting analog voice communications over digital WAN networking technologies.
Link State Routing protocols
OSPF and ISIS, where routers construct a map of the connectivity
PTP
Point-to-Point
HTTPS (Secure HTTP)
Securely tranfer HTTP data through SSL. Port: TCP 443
ANSI (American National Standards Institute)
The national standards institute of the United States, which facilitates the formation of a variety of national standards, as well as promoting those standards internationally.
SA (Security Association)
The negotiated relationship between two computers using IPSec. SAs are the result of the two-stage negotiation process. These stages are known as Phase 1 and Phase 2.
frequency
The number of complete cycles per second in a wave. Also, called the period of the wave.
cost
The number of hops along a route between two networks.
packet loss
The number of packets that are lost or damaged during transmission.
route convergence
The period of time between a network change and the router updates to reach a steady state once again.
refraction
The phenomenon of light rays bending due to a change in speed when passing from one transparent medium to another.
Media
The physical connection used to transport electrical signals between the network devices
Full-duplex
This connection allows a device to simultaneously transmit and receive data.
threshold
When monitoring network performance, the value that signals that an object or component is functioning outside acceptable performance limits.
What is "packet sniffing"?
When other nodes receive network traffic that is not directed towards them.
Punch down tool
When terminating wires on a punch down block, you should use a punch down tool, which is designed to properly insert an insulated wire between two contact blades in a punch down block, without damaging the blades.
Wireless Fidelity (WiFi)
Wireless technology that utilizes low-frequency (2.4 and 5GHz) mid-powered radio waves. IEEE 802.11(letter)
VPN(Host to Site)
a technology that creates a safe and encrypted connection over a less secure network, such as the internet. VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications and other resources
VPN(Site to Site)
a type of VPN connection that is created between two separate locations. It provides the ability to connect geographically separate locations or networks, usually over the public Internet connection or a WAN connection.
Social network
a website where users can create a profile and interact with other users, post information, and engage in other forms of web-based communication
Connectivity
ability for consumers to be connected with marketers along with other consumers
Accessibility
ability for marketers to obtain digital info
Interactivity
ability of customers to express their needs and wants directly to the firm in response to its marketing communications
Addressability
ability of the marketer to identify customers before they make a purchase
Ring Topology
all devices are connected to one another in shape of a closed loop so that each devise is connected directly to two other devices one on either side of it
star topogy
all nodes are connected to a central computer
Media sharing sites
allow marketers to share photos, videos, and podcasts but are more limited in scope in how companies interact with consumers. Promotional oriented do not usually interact with consumers through personal messages or responses Potential to reach global audience
Border Gateway Protocol (BGR)
core routing protocol of the internet. maintains a table of IP networks and the data that designates where and how to reach each network through autonomous systems (AS). Bases routing decisions on path, network policies, and/or rule sets
Control
customer's ability to regulate the info they view as well as the rate and exposure to that info
CRC
cyclic redundancy check- technique used to detect errors in data. It t detects accidental changes to raw computer data.
Class A Subnets
default: 255.0.0.0 number of subnets: 126 hosts per subnet: 16,777,214
Class B Subnets
default: 255.255.0.0 number of subnets: 16,384 hosts per subnet: 65,534
VPN Concentrator
primarily adds the capabilities of a VPN router by adding advanced data and network security to the communications. It has the ability to create and manage a large quantity of VPN tunnels.
Enhanced Interior Gateway Routing Protocol (EIGRP)
proprietary hybrid protocol from cisco that is a distance vector routing protocol that functions like a link state routing protocol. Stores information in three tables- neighboring table, topology table, routing table.
RAS (Remote Access Service)
rarely used, unsecure, outdated. Provides dial-up access and once was the protocol of choice for connecting to the internet.
rom
read only memory refers to special memory used to store to store programs that boot the computers memory
Data Encryption
readable data is converted to an encoded version that can only be decoded by someone if they have access to a decryption key.
Fault-tolerance
refers to redundancy in cases of component failure; the ability of a system (a network, node, server, etc.) to remain available or operational even after a component of that system has failed.
Conversationalists
regularly update their social media sites
Plenum grade cabling
required if cabling will be run between the ceiling and the next floor. Resistant to fire and does not emit poisonous gasses when burned.
OSPF (Open shortest path first)
routes IP packets within a single routing domain and was designed to support variable length subnet masking (VLSM)and classess inter-domain routing addressing (CIDR).
Exterior Gateway Protocol (EGP)
routing protocol that is used across different autonomous domains. (BGP is an EGP)
Interior gateway protocol (IGP)
routing protocol that is used within an autonomous system which is sometimes referred to as an administrative domain.
How do you check the IP address information?
run ipconfig (or ifconfig for unix)
HIDS
security management for computers and networks. anti-threat applications programs are installed on every network computer that has access to the outside environment such as the Internet.
APIPA (Automatic private internet protocol addressing)
self-assigning IP addresses when DHCP server in unavailable.
10GBase-SR
shortwave laser over multi-mode fiber optics; LC or SC connector 300 meters 10 gbps
RARP (Reverse ARP)
translates MAC addresses into IP addresses
PAT (Port Address Translation)
translates communications between hosts on a private network and hosts on a public network.
PTPP (Point to Point tunneling protocol)
tunneling protocol that can encapsulate connection-oriented PPP packets into connection-less IP packets. Data remains within the IP capsule. Client-server system requires PTPP client, PTPP server, and special network access server to provide normal PPP service. Commonly used to set up VPNs.
1000Base-SX
twinax or short haul copper; 9 pin shielded d-subminiature connector 25 meters 1gbps
Wiki
type of software that creates an interface that enables users to add or edit the content of some types of websites
Punch Down Tool
used to affix an untwisted twisted-pair cable onto a fixed connector, such as a wall jack ,switchboard, etc. **connects cable to wall jack (female)
Ping
used to check if a route is available to a certain network node.
Network and Performance Monitoring Tools
used to establish a baseline/control group in identifying performance issues. Track traffic, use, utilization, etc.
RIPv1 (routing information protocol)
using hop count as a routing metric. Maximum number of hops allowed is 15.
WAN
wide area network largest type of network in terms of geographic area largest WAN is the internet.
wi-fi
wireless local area network that uses radio signals to transmit data
2.4GHz vs 5 GHz
2.4GHz tends to have a better range while 5GHz has a higher theoretical throughput.
NCP
Network Control Protocol
NFS
Network File Service
NIU
Network Interface Unit
NIDS
Network Intrusion Detection System
SMA (Sub Multi Assembly or Sub Miniature type A)
A connector with a threaded ferrule on the outside to itself where water or other environmental factors necessitate a waterproof connection.
CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance)
A contention-based media access method in which nodes can transmit whenever they have data to send.
CSMA/CD (Carrier Sense Multiple Access/Collision Detection)
A contention-based media access method in which nodes can transmit whenever they have data to send.
contention domain
A contention-based network on which a group of nodes compete with each other for access to the media.
Security Policy
A continually changing document that dictates a set of guidlines for network use. These guidelines complement organizational objectives by specifying rules for how a network is used.
multiplexing
A controlled media access method in which a central device called a multiplexer combines signals from multiple nodes and transmits the combined signal across a medium.
polling
A controlled media access method in which a central device contacts each node to check whether it has data to transmit.
HSM (Hardware Security Module)
A cryptographic module that can generate cryptographic keys.
domain
A grouping of computers on the Internet based on the nature of their operations.
white hat
A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.
black hat
A hacker who exposes vulnerabilities for financial gain or for some malicious purpose.
Half-duplex
A half duplex connection allows a device to either receive or transmit data at any one time. However, a half duplex device cannot simultaneously transmit and receive.
USB (Universal Serial Bus)
A hardware interface standard designed to provide connections for numerous peripherals.
environment monitor
A hardware tool that ensures that environmental conditions do not spike or plummet temperature above or below equipment specifications.
carrier signal
A high frequency signal that is superimposed on an analog signal to carry information.
intelligent hub
A hub that polls the state of each node and grants permission to transmit in tum.
passive hub
A hub that receives data transmitted from a device on one port and broadcasts it out to the devices connected on all other ports.
active hub
A hub that regenerates the signal similar to a repeater.
AUP
Acceptable Use Policy
AP
Access Point
APC
Angle Polished Connector
collision domain
Another name for a contention domain.
SDH (Synchronous Digital Hierarchy)
Another optical communications standard that is based upon SONET and implemented widely outside the U.S.
VER (Voltage Event Recorder)
Another tool to use in conjunction with or in addition to using a voltmeter to test and verify that the electrical signals transmitting through the network cables are within the required specifications.
software attack
Any attack that targets software resources including operating systems, applications, protocols, and files.
multi-factor authentication
Any authentication scheme that requires validation of at least two of the possible authentication factors.
vulnerability
Any condition that leaves a system open to attack.
node
Any device that can connect to the network and generate, process, or transfer data.
Gateway
Any device that serves to interfaces with other networks using dissimilar protocols. Example: it might interface between a home network and the internet, or or between a NetBIOS network and an IPX/SPX network.
wireless security
Any method of securing your WLAN network to prevent unauthorized network access and network data theft while ensuring that authorized users can connect to the network.
APIPA
Automatic Private Internet Protocol Addressing
AS
Autonomous System
CPU
Central Processing Unit
DCS
Distributed Computer System
DDoS
Distributed Denial of Service
DNS
Domain Name Service/Domain Name Server/Domain Name System
EAPOL (Extensible Authentication Protocol over LAN)
EAP over LAN as used in 802.1X implementations.
XDSL
Extended Digital Subscriber Line
SRV (Service Locator)
(Service Locator) A DNS record that specifies a generic service location record for newer protocols.
Downsides to wireless technology
-Cost (though it is coming down) -interfence from microwaves, cell phones, radios, etc. -Insecurity: ease of access, defaulted with no authentication.
Data Link Layer (Layer 2)
-Transfers data between adjacent nodes in a Wide Area Network (WAN) or between any given Local Area Networks (LANs). -Provides procedural means to transfer data between network entities and sometimes to detect and correct errors that have occurred within the Physical Layer. -Does not cross boundaries of local network segement but focus on local delivery, addressing, media arbitration. Examples: Switch
What address is reserved as a "Broadcast" address?
255.255.255.255
Maximum number of IP addresses in IPv4
256^4 = 4,294,967,296 maximum addresses, though some are reserved or unavailable.
Number of bits in IPv4 adress
32-bits
Transport Layer
4. Converts data received from the upper layers into segments and prepares them for transport. Responsible for end-to-end delivery of a message
Session Layer
5. Establishes, maintains, and terminates end-to-end sessions between 2 applications on 2 network nodes
Presentation Layer
6. Represents the data in a particular format to the application layer. Defines encryption, compression, and conversion functions
OSI Model: The Layers
7- Application 6- Presentation 5- Session 4- Transport 3- Network 2- Data Link 1- Physical
Application Layer
7. Provides network services directly to the user's application
Public key infrastructure (PKI)
A PKI system uses digital certificates and a certificate authority to allow secure communication across a public network.
traffic shaping
A QoS mechanism that introduces some amount of delay in traffic that exceeds an administratively defined rate.
pathping
A TCP / IP command that provides information about latency and packet loss on a network.
Terminal Access Controller Access Control System Plus (TACACS+)
A TCP based protocol used to communicate with a AAA server. Unlike RADIUS, TACACS+ encrypts an entire authentication packet rather than just the password. TACACS+ offers authentication features, but they are not as robust as the accounting features found in RADIUS. Also, unlike RADIUS, TACACS+ is a Cisco proprietary protocol.
ping
A TCP/IP command used to verify the network connectivity of a computer, and also to check if the target system is active.
NETSTAT
A TCP/IP utility that shows the status of each active connection.
Remote Authentication Dial In User Service (RADIUS)
A UDP based protocol used to communicate with a AAA server. Unlike TACACS+, RADIUS does not encrypt an entire authentication packet, but only the password. However, RADIUS offers more robust accounting features than TACACS+. Also, RADIUS is a standards based protocol, whereas TACACS+ is a Cisco proprietary protocol.
BOOTP (Bootstrap Protocol)
A UDP network protocol that helps diskless workstation computers get an IP address before loading an advanced operating system.
traceroute command
A UNIX command that displays every router hop along the path from a source host to a destination host on an IP network. Imformation about the router hop can include the IP address of the router hop and the round trip delay of that router hop.
VTP (VLAN Trunking Protocol)
A VLAN management protocol developed by Cisco.
SSL VPN (Secure Socket Layer VPN)
A VPN format that works with a web browser-installing a separate client is not necessary.
Layer 2 Forwarding (L2F)
A VPN protocol designed with the intent of providing a tunneling protocol for PPP. Like L2TP, L2F lacks native security features.
Layer 2 Tunneling Protocol (L2TP)
A VPN protocol that lacks security features, such as encryption. However, L2TP can still be used for a secure VPN connection if it is combined with another protocol that provides encryption.
ICS (Internet Connection Sharing)
A WAN connectivity method that connects multiple computers to the Internet by using a single Internet connection.
cable Internet access
A WAN connectivity technology that uses a cable television connection and a cable modem to provide high-speed Internet access to homes and small businesses.
Web services
A Web service is a software service used to communicate between two devices on a network
wireless tester
A Wi-Fi spectrum analyzer used to detect devices and points of interference, as well as analyze and troubleshoot network issues on a WLAN.
Microsoft Management Console (MMC)
A Windows tool that is used to manage IPSec policies on Windows systems.
IP Security Monitor
A Windows tool that provides a main mode and a quick mode to verify IPSec statistics.
NBTSTAT
A Windows utility that is used to view and manage NetBIOS name cache information.
signal bounce
A condition in which the signals endlessly move from one end of a cable to the other end.
VLAN switch
A configurable managed switch used on VLANs that creates a logical network structure, even when computers are on different physical segments.
ESS (Extended Service Set)
A configuration of multiple BSSs used to handle mobility on a wireless network.
Remote desktop
A connection mode that enables a user to access any network system from their workstation and perform tasks on the remote system.
TCP (Transmission Control Protocol)
A connection-oriented, guaranteed-delivery protocol used to send data packets between computers over a network like the Internet.
IP (Internet Protocol)
A connectionless Network-layer protocol that is responsible for sending data packets across a network.
SC (Subscriber Connector or Standard Connector)
A connector used in a duplex configuration where two fibers are terminated into two SC connectors that are molded together.
FC (Face Contact)
A connector used in industrial settings that has a heavy duty ferrule in the center for more mechanical stability than SMA or ST connectors.
ST (Straight Tip)
A connector used to connect multimode fiber.
transceiver
A device that has a transmitter and a receiver integrated into it to send and receive data.
modem
A device that modulates and demodulates data over an analog signal sent via a telephone line.
demultiplexer
A device that performs demultiplexing. Also called a demux.
multiplexer
A device that performs multiplexing. Also called a mux.
oscilloscope
A device that plots the amplitude of an analog signal as a function of time and displays analog signals as sine wave-shaped plots.
WAP (Wireless Access Point)
A device that provides a connection between wireless devices and can connect to wired networks.
UPS (uninterruptible power supply)
A device that provides backup power when the electrical power fails or drops to an unacceptable voltage level.
encryption devices
A device that provides encryption, decryption, and access control using an HSM.
repeater
A device that regenerates a signal to improve transmission distances.
NIC (Network Interface Card)
A device that serves as an interface between the computer and the network. Also called a network adapter or network card.
smart jack
A device that serves as the demarcation point between the end user's inside wiring and local access carriers' facilities.
modulator
A device that superimposes a high frequency carrier wave over an analog signal.
gateway
A device, software, or a system that converts data between incompatible systems.
Octet
A grouping of 8 bits. An IPv4 address consists of four octets
radio networking
A form of wireless communications in which signals are sent via RF waves. Also called RF networking.
infrared transmission
A form of wireless transmission over unbounded media in which signals are sent as pulses of infrared light.
security policy
A formalized statement that defines how security will be implemented within a particular organization.
network policy
A formalized statement that defines network functioning and establishes expectations for users, management, and IT personnel.
TCP/IP model
A four-layer data communication model developed by the United States Department of Defense. To some extent, it is similar to the OSI model.
GNU privacy guard (GPG)
A free variant of pretty good privacy (PGP), which is an asymmetric encryption algorithm.
RF (Radio Frequency)
A frequency in which network or other communications that take place using radio waves in the 10 KHz to 1 GHz range.
hot site
A fully configured alternate network that can be online quickly after a disaster.
hot spare
A fully configured and operational piece of backup equipment that can be swapped into a system with little to no interruption in functionality.
symmetric Digital Subscriber Line (ADSL)
A fully digital, dedicated connection to the telephone system that provides download speeds of up to 9 Mbps and upload speeds of up to 1 Mbps.
What OSI layer is a gateway?
A gateway operates in any of the OSI layers.
plenum cable
A grade of cable that does not give off noxious or poisonous gases when burned.
GIF (Graphics Interchange Format)
A graphic interchange format primarily used on the Internet.
Link local IP address
A link local IP address is a nonroutable IP address usable only on a local subnet.
OSPF (Open Shortest Path First)
A link-state routing protocol used on IP networks.
eavesdropping attack
A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as a sniffing attack.
sniffing attack
A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as an eavesdropping attack.
fiber optic cable
A network cable in which one or more glass or plastic strands, plus additional fiber strands or wraps, are surrounded by a protective outer jacket.
media access method
A network communications mechanism that determines whether or not a particular node can transmit data on a network at a given time.
terminator
A network component attached to the ends of a network cable that can impede or absorb signals so they cannot reflect onto the cable. Also... A resistor or other device added to the end of a cable to ensure that the end of the cable is not a source of signal reflections and noise.
server
A network computer that shares resources with and responds to requests from computers, devices, and other servers on the network.
Honey net
A network containing more than one honey pot.
network model
A network design specification for how the nodes on a network interact and communicate.
bridge
A network device that divides a logical bus network into subnets.
logical network diagram
A network diagram that documents the protocols and applications that control the flow of network traffic.
link redundancy
A network fault-tolerance method that provides alternative network connections that can function if a critical primary connection is interrupted.
centralized network
A network in which a central host computer controls all network communication and performs data processing and storage on behalf of clients.
packet switching network
A network in which data is broken up into separate packets and each packet is separately routed, without a dedicated connection between the endpoints.
network reconstruction plan
A network plan that provides the steps to reconstruct the network.
TCP/IP (Transmission Control Protocol/Internet Protocol)
A network protocol suite that is routable and allows computers to communicate across all types of networks.
HTTP (Hypertext Transfer Protocol)
A network protocol that works on the Application layer of the OSI and TCP /IP models and enables clients to connect to and retrieve web pages from a server to interact with websites.
routable protocol
A network protocol which provides separate network and node addresses to work with routers.
authentication
A network security measure in which a computer user or some other network component proves its identity in order to gain access to network resources.
topology
A network specification that determines the network's overall layout, signaling, and data-flow patterns.
MPLS (Multiprotocol Label Switching)
A network technology defined by a set of IETF specifications that enable Layer 3 devices, such as routers, to establish and manage network traffic.
WPAN (Wireless Personal Area Network)
A network that connects devices in very close proximity but not through a wireless access point.
PAN (Personal Area Network)
A network that connects two to three workstations with twisted pair cabling most often seen in small or home offices.
MAN (Metropolitan Area Network)
A network that covers an area equivalent to a city or other municipality.
CAN (Campus Area Network)
A network that covers an area equivalent to an academic campus or business park.
enterprise network
A network that includes elements of both local and wide area networks and is owned and operated by a single organization to interlink its computers and resources.
mixed mode network
A network that incorporates elements from more than one of the three standard network models.
ICANN (Internet Corporation for Assigned Names and Numbers)
A non-profit corporation that assigns unique identifications on the Internet, such as domain names, IP addresses, and extension names.
I SOC (Internet Society)
A non-profit organization that oversees standards and practices for the Internet.
simplex
A one-way mode of communication. Radio and television broadcasts ace simplex mode transmissions.
WiMAX (Worldwide Interoperability for Microwave Access)
A packet-based wireless technology that provides wireless broadband access over long distances.
strong password
A password that meets the complexity requirements that are set by a system administrator and documented in a password policy.
hotfix
A patch that is often issued on an emergency basis to address a specific security flaw.
USB connection
A personal computer connection that enables you to connect multiple peripherals to a single port with high performance and minimal device configuration.
physical tree topology
A physical network topology in which a central, or root, node is hierarchically connected to one or more nodes, which in turn are connected to other nodes lower in the hierarchy.
token
A physical or virtual object that stores authentication information.
segment
A physical subdivision of a network that links a number of devices, or serves as a connection between two specific nodes.
physical bus topology
A physical topology in which network nodes are arranged in a linear format.
physical network diagram
A pictorial representation of the location of all network devices and endpoints, it depicts their connections to one another.
logic bomb
A piece of code that sits dormant on a target computer until it is triggered by the occurrence of specific conditions, such as a specific date and time. Once the code is triggered, the logic bomb "detonates," performing whatever action it was programmed to do.
extranet
A private network that grants controlled access to users outside of the network.
worm
A piece of code that spreads from one computer to another on its own, not by attaching itself to another file.
Butt set
A piece of test equipment typically used by telephone technicians. The clips on a butt set can connect to the tip and ring wires on a punch down block connecting to a telephone. This allows the technician to check the line for a dial tone.
HOSTS file
A plaintext file configured on a client machine containing a list of IP addresses and their associated host names, which can be used for host name resolution as an alternative to DNS.
smart card
A plastic card containing an embedded computer chip that can store different types of electronic information.
VNC (Virtual Network Computing)
A platform-independent desktop sharing system.
PON (Passive Optical Network)
A point-to-multipoint optical network that is used for broadcast transmissions using optical systems.
disaster recovery plan
A policy and set of procedures that documents how people and resources will be protected in case of disaster, and how the organization will recover from the disaster and restore normal functioning.
demand priority
A polling technique in which nodes signal their state--either ready to transmit or idle--to an intelligent hub. The hub polls the state of each node and grants permission to transmit in turn.
host computer
A powerful, centralized computer system that performs data storage and processing tasks on behalf of clients and other network devices.
cold site
A predetermined alternate location where a network can be rebuilt after a disaster.
virtual PBX
A private communications service provider that provides a low-cost PBX service.
Trouble ticket
A problem report explaining the details of an issue being experienced in a network.
bluesnarfing
A process in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection.
intrusion detection
A process of monitoring the events occurring on a computer or a network, and analyzing them to detect possible incidents, which are violations or imminent threats of violation of computer security policies, and standard security practices.
digital signal modulation
A process of representing digital data with an analog signal so that digital data can be transmitted between different digital devices.
demultiplexing
A process that converts the multiplexed signals to independent signals.
parity check
A process used to detect errors in memory or data communication.
SSH (Secure Shell)
A program that enables a user or an application to log on to another computer over a network, run commands in a remote machine, and transfer files from one machine to the other.
Content Filter
A program to screen and restrict from access to Web pages or e-mail that is against the rules
IGMP (Internet Group Management Protocol)
A protocol in the TCP /IP suite that supports multicasting in a routed environment. used to add, delete, modify members of "multicast" groups.
AH protocol (Authentication Header protocol)
A protocol that IPSec uses to provide data integrity through the use of MDS and SHA. AH takes an IP packet and uses either MDS or AH to hash the IP header and the data payload, and then adds its own header to the packet.
ESP protocol (Encapsulating Security Payload protocol)
A protocol that IPSec uses to provide data integrity as well as data confidentiality (encryption) using one of the two encryption algorithms, DES or 3DES.
RADIUS (Remote Authentication Dial-In User Service)
A protocol that enables a server to provide standardized, centralized authentication for remote users.
EAP (Extensible Authentication Protocol)
A protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication.
WEP (Wired Equivalency Privacy)
A protocol that provides 64-bit, 128-bit, and 256-bit encryption using the Rivest Cipher 4 (RC4) algorithm for wireless communication that uses the 802.11 a and 802.11 b protocols.
SCP (Secure Copy Protocol)
A protocol that uses SSH to securely copy files between a local and a remote host, or between two remote hosts.
SMB (Server Message Block)
A protocol that works on the Application layer and is used to share files, serial ports, printers, and communications devices, including mail slots and named pipes, between computers.
PPP (Point-to-Point Protocol)
A protocol that works on the Data Link layer of the TCP/IP protocol suite, PPP is used to send IP datagrams over serial point-to-point links. PPP can be used in synchronous and asynchronous connections and can dynamically configure and test remote network connections.
IKE (Internet Key Exchange)
A protocol used by IPSec to create a master key, which in turn is used to generate bulk encryption keys for encrypting data.
IMAP4 (Internet Message Access Protocol)
A protocol used for retrieving email messages and folders from a mail server.
MME (Mesh Made Easy)
A protocol used for routing in wireless networks.
POP3 (Post Office Protocol version 3)
A protocol used from retrieving email from a mailbox on the mail server.
RFB (Remote Framebuffer)
A protocol used in VNC for remote access and graphical user interfaces (GUis).
Simple Network Management Protocol (SNMP)
A protocol used to monitor and manage network devices, such as routers, switches, and servers.
NNTP (Network News Transfer Protocol)
A protocol used to post and retrieve messages from newsgroups, usually from the worldwide bulletin board system called USENET.
Internet Key Exchange (IKE)
A protocol used to set up an IPsec session.
ICMP (Internet Control Message Protocol)
A protocol used with IP that attempts to report on the condition of a connection between two nodes.
network address
A protocol-specific identifier assigned to a node that maps to a MAC address.
iterative query
A query used by the DNS server for name resolution when a client requests only the information the server already has in its cache for a particular domain name.
recursive query
A query used by the DNS server for name resolution when a client requests that its preferred DNS server find data on other DNS servers.
LTE (Long Term Evolution)
A radio technology for wireless broadband access.
high availability
A rating that expresses how closely systems approach the goal of providing data availability 100 percent of the time.
baseline
A record of a system's performance statistics under normal operating conditions.
log file
A record of actions and events performed on an operating system.
interior router
A router arranged inside an AS and completely controlled by the AS administrator.
border router
A router situated on the edge of an AS that connects the AS to one or more remote networks.
Black hole router
A router that drops packets that cannot be fragmented and are exceeding the MTU size of an interface without notifying the sender.
path-vector routing
A routing method in which the router keeps track of the route from itself to the destination; however, rather than recording every individual node, path-vector routing can treat entire autonomous systems as nodes.
link state routing
A routing method that floods routing information to all routers within a network to build and maintain a more complex network route database.
routing loop
A routing process in which two routers discover different routes to the same location that include each other but never reach the endpoint.
virus
A sample of code that spreads from one computer to another by attaching itself to other files.
mutual authentication
A security mechanism that requires that each party in a communication verify its identity.
TKIP (Temporal Key Integrity Protocol)
A security protocol created by the IEEE 802.11i task group to replace WEP.
WPA (Wi-Fi Protected Access)
A security protocol introduced to address some of the shortcomings in WEP, WEP, WPA2, and WiFi.
TLS (Transport Layer Security)
A security protocol that uses certificates and public key cryptography for mutual authentication and data encryption over a TCP/IP connection.
SSL (Secure Sockets Layer)
A security protocol that uses certificates for authentication and encryption to protect web communication.
permission
A security setting that determines the level of access a user or group account has to a particular resource.
encryption
A security technique that converts data from plain, or cleartext form, into coded, or ciphertext form so that only authorized parties with the necessary decryption information can decode and read the data.
honeypot
A security tool used to lure attackers away from the actual network components. Also called a decoy or sacrificial lamb.
WLAN (Wireless Local Area Network)
A self-contained network of two or more computers connected using a wireless connection.
AS (Autonomous System)
A self-contained network on the Internet that deploys a single protocol and has a single administration.
LAN (Local Area Network)
A self-contained network that spans a small area, such as a single building, floor, or room.
peer
A self-sufficient computer that acts as both a server and a client.
BSS (Basic Service Set)
A service set that defines the way a WLAN is configured.
DHCP relay agent
A service that captures a BOOTP broadcast and forwards it through the router as a unicast transmission to a DHCP server on a remote subnet.
APIPA (Automatic Private IP Addressing)
A service that enables a DHCP client computer to configure itself automatically with an IP address on the 169.254.0.0 network in case no DHCP servers respond to the client's DHCP discover broadcast.
IPSec Policy Agent
A service that runs on each Windows computer that is used to transfer an IPSec policy agent from Active Directory or the local Registry to the IPSec driver.
SSO (Single Sign-On)
A session/user authentication process that permits a user to enter one name and password in order to access multiple applications.
ACL (Access Control List)
A set of data (user names, passwords, time and date, IP address, MAC address, etc.) that is used to control access to a resource such as a computer, file, or network.
Ethernet
A set of networking technologies and media access methods specified for LANs.
IPSec (Internet Protocol Security)
A set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet through data authentication and encryption.
QoS (Quality of Service)
A set of parameters that controls the level of quality provided to different types of network traffic.
IPSec policy
A set of security configuration settings that define how an IPSec-enabled system will respond to IP network traffic.
networking standard
A set of specifications, guidelines, or characteristics applied to network components to ensure interoperability and consistency between them.
DES (Data Encryption Standard)
A shared-key encryption algorithm that uses a 56-bit encryption key to encode data in 64-bit blocks.
Short
A short occurs when two copper connectors touch each other, resulting in current flowing through that short rather than the attached electrical circuit, because the short has lower resistance.
analog signal
A signal that oscillates over time between minimum and maximum values and can take on any value between those limits.
performance monitor
A software tool that monitors the state of services, processes, and resources on a system.
DFS (Distributed File System)
A software-based distributed hierarchical storage implementation that is built into Windows Server 2003, Windows Server 2008 R2, and other Windows server software.
virtual switch
A software-based switch that provides functionality similar to physical switches, and is used for connecting virtual systems to form a network.
hardware loopback plug
A special connector used for diagnosing transmission problems that redirects electrical signals back to the transmitting system.
crossover cable
A special network cable used in Ethernet UTP installations, in which the transmit and receive lines are crossed in a way that enables you to connect two hubs or two stations without using a switch.
SONET (Synchronous Optical Network)
A standard for synchronous data transmission on optical media.
PoE (Power over Ethernet)
A standard that specifies a method for supplying electrical power over Ethernet connections.
OCx (Optical Carrier x)
A standard that specifies the bandwidth for fiber optic transmissions.
troubleshooting model
A standardized step-by-step approach to the troubleshooting process.
Static IP addressing
A static IP address is an IP address that was manually configured for a device, versus one that was assigned via a DHCP server. It's called static because it doesn't change.
Access Point (Wired or Wireless)
A station that transmits and receives data. An access point connects users to other users within the network and also can serve as the point of interconnection between the WLAN and a fixed wire network.
MCC (Main cross-connect)
A structured cabling connection point that connects equipment cables, backbone cables, and entrance cables.
LLC (Logical Link Control)
A sub-layer of the Data Link layer of the OSI model that controls how data packets are placed on a media by controlling the Physical layer device.
MAC (Media Access Control)
A sub-layer of the Data Link layer of the OSI model that is responsible for sensing the presence of data frames on a medium and allowing the nodes to access the medium.
CIDR (Classless Inter Domain Routing)
A subnetting method that selects a subnet mask that meets an individual network's networking and node requirements and then treats the mask like a 32-bit binary word.
guideline
A suggestion for meeting the policy standard or best practices on a network policy.
NNI (Network-to-Network Interface)
A switch that is inside an ATM network.
circuit switching
A switching technique in which one endpoint creates a single path connection to another, depending on the requirement.
virtual circuit switching
A switching technique that connects endpoints logically through a provider's network.
label switching
A switching technology that saves up on processing time of packets by routers by adding a label to each incoming data packet.
Syslog
A syslog logging solution consists of two primary components: syslog servers, which receive and sote log messages sent form syslog clients; and syslog clients, which can be a variety of network devices that send logging information to a syslog server.
port filtering
A technique of selectively enabling or disabling TCP and UDP ports on computers or network devices.
IP filtering
A technique that determines the packets which will be allowed to pass and those which will be dropped by screening the packet based on certain criteria.
IV (Initialization Vector)
A technique used in cryptography to generate random numbers to be used along with a secret key to provide data encryption.
switching
A technique used to transmit information over a network to the destination network device.
GBIC (Gigabit Interface Converter)
A transceiver used to convert electrical signals into optical signals and vice versa.
SFP (Small Form Factor Pluggable)
A transceiver used to interconvert electrical signals to optical signals.
broadcast transmission
A transmission method in which data goes from a source node to all other nodes on a network.
multicast transmission
A transmission method in which data is sent from a server to specific nodes that are predefined as members of a multicast group.
broadband transmission
A transmission technique in which analog signaling is used to send data over a transmission medium using a portion of the medium's bandwidth.
baseband transmission
A transmission technique in which digital signaling is used to send data over a single transmission medium using the entire bandwidth of that medium.
parallel data transmission
A transmission technique in which multiple bits are transmitted across multiple transmission lines.
serial data transmission
A transmission technique in which the transmission of bits occurs as one per clock cycle, across a single transmission medium.
GRE Protocol
A tunneling tool meant to carry any OSI Layer 3 protocol over an IP network. GRE creates a private point-to-point connection like that of a virtual private network (VPN).
directional antenna
A type of antenna that concentrates the signal beam in a single direction.
omni-directional antenna
A type of antenna that radiates the signal beam out in all directions and has lower gain but a wider coverage area.
data theft
A type of attack in which unauthorized access is used to obtain protected network information.
social engineering attack
A type of attack where the goal is to obtain sensitive data, including user names and passwords, from network users through deception and trickery.
copper media
A type of bounded media that uses one or more copper conductors surrounded by a non-conductive insulated coating.
twisted pair
A type of cable in which two conductors or pairs of copper wires are twisted around each other and clad in a color-coded, protective insulating plastic sheath or jacket to form a pair.
cable certifiers
A type of certifier that can perform tests, such as cable testing and validity testing.
HVAC (Heating, Ventilating, and Air Conditioning)
A type of climate control system often found in large commercial or industrial buildings.
guessing attack
A type of password attack that involves and individual making repeated attempts to guess a password by entering different common password values, such as the user's name, a spouse's name, or a significant date.
brute force attack
A type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to try to crack encrypted passwords.
remote access protocol
A type of protocol that enables users to log on to a computer or network within an organization from an external location.
FHSS (Frequency Hopping Spread Spectrum)
A type of radio transmission in which a signal is sent on one channel at a time, and at predetermined fiXed intervals, the channel changes.
DSSS (Direct Sequence Spread Spectrum)
A type of radio transmission in which a single data signal is converted into multiple digital data signals called chips.
Unicast
A unicast communication flow is a one to one flow
domain name
A unique name that identifies a website on the Internet A period is used to separate the labels of domain names.
MAC address
A unique, hardware level address assigned to every networking device by its manufacturer. MAC addresses are six bytes long. Also known as a physical address.
data packet
A unit of data transfer between computers that communicate on a network.
packet
A unit of data transmitted on a network.
UNI (User-to-Network Interface)
A user device, it is an ATM border device that connects one ATM network to another or a LAN.
cracker
A user who breaks encryption codes, defeats software copy protections, or specializes in breaking into systems.
hacker
A user who excels at programming or managing and configuring computer systems, and has the skills to gain access to computer systems through unauthorized or unapproved means.
MTR (My traceroute)
A utility that is a combination of ping and traceroute used in a UNIX-based system.
nslookup
A utility that is used to test and troubleshoot domain name servers.
TTL (Time To Live)
A value for the ping command that determines how many hops an IP packet can travel before being discarded.
Checksum
A value to let the receiver test the integrity of received data.
OTDR (Optical Time-Domain Reflectometer)
A variation of TDR that transmits light-based signals of different wavelengths over fiber optic cabling to determine cabling issues.
partial mesh
A variation of mesh topology in which only a few nodes have direct links with all other nodes.
NRZ (Non-Return to Zero)
A variation of the on-off keying digital transmission encoding scheme.
connection
A virtual link between two nodes established for the duration of a communication session.
Connection Oriented
A virtual link must be established before any actual data canoe exchanged. Guarantees data will arrive in the order it was sent
VoIP (Voice over IP)
A voice over data implementation in which voice signals are transmitted over IP networks.
EAP-TLS (EAP-Transport Layer Security)
A widely supported feature in wireless routers and cards that provides robust security.
DS (Distribution System)
A wired connection between a BSS and a premise-wide network that enables mobility on devices.
infrastructure mode
A wireless configuration that uses one or more WAPs to connect wireless workstations to the cable backbone.
radiated connection
A wireless point-to-point or multipoint connection between devices.
HCC (Horizontal cross-connect)
A wiring closet where the horizontal cabling connects to a patch panel that is attached to the main facility by a backbone cable.
Applications
AKA Apps; software program the runs on mobile devices and gives users access to certain content most important feature: convenience and cost saving they offer consumer Mobile technology helps companies to be competitive and is also making inroads in transforming the shopping experience
Network Controllers
AKA a network card or network adapter. These cards have their own processors to handle the network interface rather than relying on the motherboard chipset or CPU to do it.
Electronic marketing
AKA e-marketing; strategic process of pricing distributing and promoting products and discovering the desires of customers using Digital media and Digital marketing
TIA (Telecommunications Industry Association)
Along with EIA, developed the 568 Commercial Building Telecommunication Cabling standard.
IEEE 1394
Also known as FireWire, used to connect up to 63 devices to form a small local network.
termination
Adding a resistor to the ends of a coax network segment to prevent reflections that would interfere with the proper reception of signals.
A
Address
ARP
Address Resolution Protocol
Area ID
Address assigned to routers in an OSPF network to prevent flooding beyond the routers in that particular network.
Characteristics of online media
Addressability Interactivity Accessibility Connectivity control
private IP address
Addresses used by organizations for nodes that need IP connectivity only within their enterprise network, but not external connections to the Internet.
AES
Advanced Encryption Standard. Today's preferred method of encryption for wireless networking (WPA2).
APT
Advanced Persistent Protocol
Client to site VPN
Also known as a remote access VPN, a client to site VPN interconnects a remote user with a site, as an alternative to dial up or ISDN connectivity, at a reduced cost.
Remote access VPN
Also known as a remote access VPN, a client to site VPN interconnects a remote user with a site, as an alternative to dial up or ISDN connectivity, at a reduced cost.
managed hub
Also known as an intelligent hub, this is a hub that enable you to monitor and configure its operations.
RSS feeds
Allow users to subscribe and receive updates made to a web page.
Single sign on (SSO)
Allows a user to authenticate once to gain access to multiple systems, without requiring the user to independently authenticate with each system.
NetBIOS (Network Basic Input/Output System)
Allows for session-layer communication on the OSI model. Primarily concerned with naming and starting/stopping NetBIOS sessions. Not routable, nodes only visible to nodes on same subnet.
DHCP (Dynamic Host Configuration Protocol)
Allows for the dynamic IP configuration of client nodes. Client requests IP address from server, server assigns the IP address, subnet mask, and default gateway.
POP3 (Post Office Protocol)
Allows users to download mail from server. Server holds onto mail until you access it. Once accesses, client will download all incoming mail and it will be wiped from the server. Port: TCP 110
Wireless Access Point (WAP)
Allows wireless devices to access and to communicate with the network Serves as a bridge between wired and wireless, but also can serve to connect wireless devices to another WAP. Most WAP devices direct traffic by MAC addresses.
ISDN (Integrated Service Data Network)
Almost-obsolete, allows for internet connection on reserved line set up by phone company. Consists of two 64 Kbps "B" channels for max transfer rate of 127 Kbps or 16 KB/S. Replaced by broadband.
host-based IDS
An IDS system that primarily uses software installed on a specific host such as a web server.
encoding
Also known as digital signal modulation.
ARIN
American Registry for Internet Numbers
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)
An AES cipher-based encryption protocol used in WPA2.
SNMP (Simple Network Management Protocol)
An Application-layer protocol used to exchange information between network devices.
Fast Ethernet
An Ethernet technology that can transmit data at speeds of 100 Mbps.
Gigabit Ethernet
An Ethernet technology that can transmit data at speeds of 1000 Mbps and primarily uses optical fibers for transmission.
FTP bounce
An FTP bounce attack uses the FTP PORT command to covertly open a connection with a remote system. Specifically, an attacker connects to an FTP server and uses the PORT command to cause the FTP server to open a communications channel with the intended victim, which might allow a connection from the FTP server, while a connection directly from the attacker might be denied.
application-based IDS
An IDS software component that monitors a specific application on a host.
network-based IDS
An IDS system that primarily uses passive hardware sensors to monitor traffic on a specific segment of the network.
IPS (Intrusion Prevention System)
An active, inline security device that monitors suspicious network and/ or system traffic and reacts in real time to block it Also called a Network Intrusion Prevention System (NIPS).
Security association (SA)
An agreement between the two IPsec peers about the cryptographic parameters to be used in an ISAKMP session.
SLA (Service Level Agreement)
An agreement entered into by the transmitter, ISP and the receiver, subscriber.
split horizon
An algorithm that prevents count-to-infinity loops by configuring a router from broadcasting internal network information.
poison reverse
An algorithm that prevents count-to-infmity loops by ensuring that a router broadcasts a route cost of 16 for all transmissions on its network.
fall-back plan
An alternate network reconstruction design that can be implemented temporarily to enable critical network elements to function.
caching engine
An application or service that stores requested data in order to provide faster responses to future requests for the data.
packet sniffing
An attack on wireless networks where an attacker captures data and registers data flows in order to analyze what data is contained in a packet.
buffer overflow
An attack that targets system vulnerability to cause the device operating system to crash or reboot and may result in loss of data or execute rogue code on devices.
FTP bounce attack
An attack that targets the FTP vulnerability to permit connected clients to open other connections on any port on the FTP server.
hybrid password attack
An attack that utilizes multiple attack vectors including dictionary, rainbow table, and brute force attack methodologies when trying to crack a password.
port scanning attack
An attack where an attacker scans your systems to see which ports are listening in an attempt to find a way to gain unauthorized access.
digital signature
An encrypted hash value that is appended to a message to identify the sender and the message.
CHAP (Challenge Handshake Authentication Protocol)
An encrypted remote-access authentication method that enables connections from any authentication method requested by the server, except for PAP and SPAP unencrypted authentication.
Asymmetric-Key Algorithm
An encryption method in which the key used to encrypt a message and the key used to decrypt it are different, or asymmetrical.
shared-key encryption
An encryption system in which a single key is shared between parties in a communication and used to both encode and decode the message.
key-pair encryption
An encryption system in which an individual has two encryption keys: the public key that anyone can use to encode the message, and the user's private key, which is used to decode messages.
PKI (Public Key Infrastructure)
An encryption system that is composed of a CA, certificates, software, services, and other cryptographic components, for the purpose of verifying authenticity and enabling validation of data and entities.
terminal
An end user's device on a host-based network, dedicated to transmitting data to a host for processing and displaying the result to the user.
CRC (Cyclic Redundancy Check)
An error detection method that can be applied to blocks of data, rather than individual words. Both the sender and receiver calculate EDC; if they match, the data is assumed to be valid.
EIGRP (Enhanced Interior Gateway Routing Protocol)
An improvement over IGRP that includes features that support VLSM and classful and classless subnet masks.
gain
An increase in the amplitude of a radio wave.
counter
An individual statistic about the operation of system objects such as software processes or hardware components, monitored by a performance monitor.
risk
An information security concept that indicates exposure to the chance of damage or loss, and signifies the likelihood of a hazard or threat
Trojan horse
An insidious type of malware that is itself a software attack and can pave the way for a number of other types of attacks.
dialectric
An insulator-a material that does not conduct electricity by separating the conductor and shield. The entire package is wrapped in an insulating layer called a sheath or jacket.
IETF (Internet Engineering Task Force)
An international open committee that works to develop and maintain Internet standards and contribute to the evolution and smooth operation of the Internet
lANA (Internet Assigned Number Authority)
An international organization established in 1993 to govern the use of Internet IP addresses. ICANN is now responsible for leasing IP addresses worldwide.
ITU (International Telecommunication Union)
An international organization within the United Nations that defines global technical standards for telecommunications.
PSTN (Public Switched Telephone Network)
An international telephone system that carries analog voice data.
IDS
An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations
Point to Point Tunneling Protocol (PPTP)
An older VPN protocol. Like L2TP and L2F, PPTP lacks native security features. However, Microsoft's versions of PPTP bundled with various versions of Microsoft Windows were enhanced to offer security features.
SCSI (Small Computer System Interface)
An older personal computer connection standard that provides high-performance data transfer between the SCSI device and the other components of the computer. SCSI is pronounced "scuzzy."
WINS (Windows Internet Naming Service)
An older type of naming service used on Windows-based networks.
Port
An opening into a node in which data is sent/received.
ICC (intermediate cross-connect)
An optional connection between the main cross-connect and the horizontal cross-connect.
rogue access point
An unauthorized wireless access point on a corporate or private network, which allows unauthorized individuals to connect to the network.
Asset Management
As related to networks, this is a formalized system of tracking network components and managing the lifecycle of those components.
ATM
Asynchronous Transfer Mode
Social engineering
Attackers sometimes use social techniques to obtain confidential information. For example, an attacker might pose as a member of an IT deparment and ask a company employ for her login credentials in order for the "IT staff to test the connection." This type of attack is called social engineering.
AAA
Authentication Authorization and Accounting
AH
Authentication Header
authentication by assertion
Authentication based entirely on a user name/password combination.
biometrics
Authentication schemes based on an individual's physical characteristics.
BERT
Bit-Error Rate Test
BRI
Basic Rate Interface
BSSID
Basic Service Set Identifier
BLE
Bluetooth Low Energy
BootP
Boot Protocol/Bootstrap Protocol
BGP
Border Gateway Protocol
BPDU
Bridge Protocol Data Unit
BNC
British Naval Connector/Bayonet Niell-Concelman
CAN
Campus Area Network
route command
Can add, modify, or delete routes in the IP routing table of Microsoft Windows and UNIX hosts. In addition, the route command can be used to view the IP routing table of Microsoft Windows hosts.
Public Networks
Can be accesses by many people and corporations.
arp command
Can beused in either the Microsoft Windows or the UNIX environment to see what a Layer 2 MAC address corresponds to in a Layer 3 IP address.
netstat command
Can display a variety of information about IP based connections on a Windows or UNIX host.
nslookup command
Can resolve a FQDN to an IP address on Microsoft Windows and Unix hosts.
dig command
Can resolve a FQDN to an IP address on UNIX hosts.
host command
Can resolve a FQDN to an ip address on hosts.
CNAME
Canonical Name
CSMA/CA
Carrier Sense Multiple Access/Collision Avoidance
CDMA/CD
Carrier Sense Multiple Access/Collision Detection
CHAP
Challenge Handshake Authentication Protocol
CAM
Channel Access Method
CSU
Channel Service Unit
Windows security policies
Configuration settings within Windows operating systems that control the overall security behavior of the system.
Transport Layer Protocols are ether__________ OR _____________
Connectionless OR Connection Oriented
What class is 17.14.22.211
Class A
What class is 173.144.1.1?
Class B
What class is 204.213.288.222
Class C
COS
Class of Service
CIDR
Classless Inter Domain Routing
CCTV
Closed Circuit TV
CDMA
Code Division Multiple Access
trunking
Combining multiple network connections to increase bandwidth and reliability.
CARP
Common Address Redundancy Protocol
IrDA (Infrared Data)
Communication through infrared beams. Does not pass through solid objects, so a direct and clear path is essential. Operates around 16-25 Mbps but can be faster. Uncommon for wireless transmissions due to objects blocking beam. (TV Remote).
CAT
Computer and Telephone
Examples of networking Devices
Computers, Printer, Routers, Hubs, and Modems
multipoint connections
Connections between many nodes.
Network Addressing
Configured in software by a network admin, Uses protocols to define the addressing scheme and format.
Result of sharing an IP address
Conflicts because an IP address reflects a "one-on-one" relationship between hardware and logical address. Neither one will receive full communications.
Networking
Connecting 2 or more devices so they can communicate and share information and resources
Internetworking
Connecting multiple networks with the purpose fo creating one large network
Grounding
Connection of a shield or conductor to an electrical ground point, such as a pipe or wire that is in contact with the ground.
UDP (User Datagram Protocol)
Connection-less equivalent of TCP. Session is not created and no guarantee of delivery. Unreliable, but does facilitate some high-level protocols. Ports are always between 1 and 65536.
network administration
Covers the support functions that are required to manage the network. It comprises functions that do not involve performing changes such as configuring and tuning or the running of the actual network.
Social Telegraphics
Creators conversationalists critics collectors joiners spectators inactives
DLP
Data Leak Prevention
What OSI layer is Ethernet in?
Data Link (layer 2). Remember: it is not a protocol.
DLC
Data Link Control
Which layer adds a frame header when converting the packets the packets into frames?
Data Link Layer
DSU
Data Service Unit
ciphertext
Data that has been encoded with a cipher and is unreadable.
DNS Records
Data that is looked up by the name servers to return information to requesting DNS clients
DOCSIS
Data-Over-Cable Service Interface Specification
dB
Decibels
T1/T2/T3 T(X) Lines
Dedicated lines between remote site to network backbone. Used in larger businesses and more expensive. T1- operates at 1.544 Mbps T2 - operates at 6.312 Mbps T3 - operates at 44.376Mbps **used by larger businesses
IEEE 802 Standard
Define the physical components such as cabling and network interfaces. It corresponds to the DataLink or Physical Layer
DMZ
Demilitarized Zone
DoS
Denial of Service
DWDM
Dense Wavelength Division Multiplexing is an optical multiplexing technology used to increase bandwidth over existing fiber networks. DWDM works by combining and transmitting multiple signals simultaneously at different wavelengths on the same fiber.
DNAT
Destination Network Address Translation
DSAP
Destination Service Access Point- the boundary between the Data Link Layer and the Network Layer
Time domain reflectometer (TDR)
Detects the location of a fault in a copper cable by sending an electric signal down the copper cable and measuring the time required for the signal to bounce back from the cable fault. A TDM can tehn mathematically calculate the location of the fault.
Optical time domain reflectometer (OTDR)
Detects the location of a fault in a fiber cable by sending light down the fiber optic cable and measuring the time required for the light to bounce back from the cable fault. The OTDM can then mathematically calculate the location of the fault.
Frame synchronization
Determines where one frame ends and the next begins.
Router
Device used to forward packets across network segments to reach a certain destination address. A router can determine where a packet should be sent to given its final destination IP address. Usually forwards packets to other routers, but sometimes also forward to other pieces of equipment.
Star Network
Devices are connected through a central hub. New nodes can be easily added so they are easy to expand.
Bus
Devices are connected to a central cable. A defective cable segment and any changes can affect this whole entire network
Ethernet Auto-negotiation
Devices determine which mode to use
DSCP
Differentiated Services Code Point
DSL
Digital Subscriber Line
DSSS
Direct Sequence Spread Spectrum
Ipconfig
Displays IP configuration information. Also can be used to force a DHCP release or renew operation. /all displays all information... /release releases DHCP lease... /renew renews DHCP lease...
nbtstat command
Displays NetBIOS information for IP based networks. The nbt prefix of the nbtstat command refers to NetBIOS over TCP/IP, which is called NBT. This command can, for example, display a listing of NetBIOS device names learned by a Microsoft Windows based PC.
Ifconfig
Displays IP configuration information in a UNIX enviroment.
DHCP
Dynamic Host Configuration Protocol is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers configured for a given network.
Dynamic Host Configuration Protocol (DHCP)
Dynamically assigns IP address information to network devices.
E1
E-Carrier Level 1
Star Topology
Each node maintains an individual connection to a switch, where all other nodes are connected. Traffic between two known nodes only goes through the switch and not through other nodes.
distance-vector routing
Each router passes a copy of its routing table to its adjacent neighbors. The neighbor adds the route to its own table, incrementing the metric to reflect the extra distance to the end network. The distance is given as a hop count; the vector component specifies the address of the next hop.
EIA/TIA
Electronic Industries Alliance/Telecommunication Industries Association
ESD
Electrostatic Discharge
EMI
Electromagnetic Interference
noise
Electromagnetic interference that disrupts the signal.
IPX/SPX (internet pack exchange/sequenced packed exchange)
Employed on Novell (NetWare) networks IPX: Novell equivalent of IP protocol in TCP/IP suite- connectionless. Fastest routable protocolbut hardly available not widely accepted due to lack of developer consensus and limited hardware. SPX: is equivalent to TCP- connection oriented.
media converter
Enables networks running on different media to interconnect and exchange signals.
RIng
Every node is locally connected to two other nodes forming a ring. Traffic flows through the ring until it gets to its destination
ESP
Encapsulated Security Packets
Physical Layer (Layer 1)
Encompasses most of the physical aspects of the network. Layer of low-level networking equipment. It is never concerned with protocols or other such higher-layer items.
Secure Connections
Encrypted, sometimes tunneled, difficult to intercept connections. Typically employed in VPN applications and corporate remote networks.
Examples of Physical Layer:
Examples are: -Network adapter -Repeater -Some low-level network hubs -Modem -Fiber Media Converter
What is the frame technology standard that drives most networks today?
Ethernet (802.3)
Peer- to Peer Model
Every computer can as both client and server at the same time.
Full mesh
Every device in a network is connected to every other device.
ESSID
Extended Service Set Identifier
EUI
Extended Unique Identifier
EAP
Extensible Authentication Protocol
EDNS
Extension Mechanisms for DNS
SFTP (Secure FTP)
FTP that uses SSH for security. Uses the port that SSH uses (default TCP 22).
FHSS
Frequency Hopping Spread Spectrum
FM
Frequency Modulation
FQDN
Fully Qualified Domain Name
Winipcfg
GUI-based windows 9x-era ipconfig tool
GBIC
Gigabit Interface Converter
Gbps
Gigabits per second
GSM
Global System for Mobile Communications
Areas
Groups of logically associated OSPF routers designed to maximize routing efficiency while keeping the amount of broadcast traffic well managed. Areas are assigned a 32-bit value that manifests as an integer between 0 and 4294967295 or can take a form similar to an IP address
cable modem
Hardware that connects subscribers to a service provider's cable systems.
HVAC
Heating, Ventilation and Air Conditioning
Hz
Hertz
HDMI
High Definition Multimedia Interface
HT
High Throughput
HDLC
High-Level Data Link Control
HSPA
High-Speed Packet Access
HSRP
Hot Standby Router Protocol
TCP/IP Stack
Home to the most pervasive and prevalent protocols that cover many layers of the OSI model. Key aspects include: ip addressing, protocols at the network transport session and application layers, TCP ports, ARP protocol, DHCP.
HIPS
Host Intrusion Prevention System
Intrusion detection system (IDS)
IDS devices can recognize the signature of a well known attack and respond to stop the attack. However, an IDS sensor does not reside in line with the traffic flow. Therefore, ine or more malicious packets might reach an intended victim before the traffic flow is stopped by an IDS sensor.
TE (Terminal Equipment)
ISDN communications equipment that stations use to accomplish tasks at both ends of a communications link.
Intrusion prevention system (IPS)
IPS devices can recognize the signature of a well known attack and respond to stop the attack. An IPS device resides in line with the traffic flow, unlike an IDS sensor.
Which IP version uses hexidecimal (base 16) and which one uses octal (base 8).
IPv6 uses hexidecimal, and IPv4 uses octal.
Name Server (NS) Record
Identifies the DNS server that has authority over a particular domain
Mail Exchange (MX) Server
Identifies the mail server that has authority for a particular domain
Acceptable use policy (AUP)
Identifies what users of a network are and are not allowed to do on that network. For example, retrieving sports scores during working hours via an organization's Internet connection might be deemed inappropriate by an AUP.
Disadvantages of Bus Topology
If one node goes down, then network as a whole can fail. The need for terminators. The amount of traffic created (every node between A and B must receive the packet that A sends). Hard to trouble shoot (which one is down?).
Cable certifier
If you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range of the cable, you can use a cable certifier.
Microsoft Active Directory
Implementation of LDAP created by MS for easier administration. Linux and *Nix users can connect to AD server via SAMBA (open source *Nix client). An AD Domain server can be used to centrally manage the Windows network especially: -security -access control -Windows features like group policy
scope
In DHCP, the IP addresses that a DHCP server is configured with and can assign to clients.
NTU (Network Termination Unit)
In ISDN, a device that can directly connect to ISDNaware equipment, such as phones or ISDN NICs in computers.
NT (Network Termination)
In ISDN, a device that connects the local telephone exchange lines to the customer's telephone or data equipment
TA (Terminal Adapters)
In ISDN, the hardware interface between a computer and an ISDN line.
branching factor
In a physical tree topology, the number of point-to-point connections that are consistently found between a node and the nodes beneath it in the tree structure.
algorithm
In encryption, the rule, system, or mechanism used to encrypt data.
public key
In key-pair encryption, the key that is available to all and is used to encode data.
private key
In key-pair encryption, the key that is known only to an individual and is used to decode data.
Bus topology
In the bus topology computers are arranged in the linear format. All devices are connected to a central cable called the bus or bakbone
Top Level Domain (TLD)
Include .com .us .info Final suffix of any domain
Subdomains
Include common entries such as www.yahoo.com and uncommon ones such as state.country.gov Domains that fall under a TLD.
Session Layer (Layer 5)
Initiates and terminates the transport layer connection-oriented services. Not widely used by protocols, but manages connections that the Transport Layer provides. "Bosses transport layer around."
ICA
Independent Computer Architecture
Disadvantages of Mesh/"ad hoc" Topology
Inefficient, requires a large amount of overheard, and is difficult to manage.
IT
Information Technology
IaaS
Infrastructure as a Service
IV
Initialization Vector
Stateful firewall
Inspects traffic leaving the inside network as it goes out to the Internet. Then, when returning traffic from the same session attempts to enter the inside network, the stateful firewall permits that traffic. The process of inspecting traffic to identify unique sessions is called stateful inspection.
LDAP
Lightweight Directory Access Protocol
IEEE
Institute of Electrical and Electronics Engineers
procedure
Instructions that detail specifically how to implement the policy on a network policy.
ISDN
Integrated Services Digital Network
ITS
Intelligent Transportation System
Site to site VPN
Interconnects two sites, as an alternative to a leased line, at a reduced cost.
DTE (Data Termination Equipment)
Interface devices such as NICs and routers on a Frame Relay network.
IANA
Internet Assigned Numbers Authority
ICS
Internet Connection Sharing/Industrial Control System
ICANN
Internet Corporation for Assigned Names and Numbers
IKE
Internet Key Exchange
InterNIC
Internet Network Information Center
IP
Internet Protocol
IPsec
Internet Protocol Security
IPv4
Internet Protocol version 4
IPv6
Internet Protocol version 6
ISAKMP
Internet Security Association and Key Management Protocol
ISP
Internet Service Provider
IPS
Intrusion Prevention System
spim
Is an IM-based attack just like spam, but is propagated through instant messaging instead of through email.
de-encapsulation
It is the reverse process of removing the added information, as data passes to the next higher layer at the receiver end.
What is a loopback address?
It returns the node that requests it
KVM
Keyboard Video Mouse
Kbps
Kilobits per second
1000Base-LX
Laser over fiber; SC connector 5000 meters 1gbps
What OSI layer is a WAP?
Layer 2 Data Link or Layer 3 Networking depending on what it is doing
What OSI layer is a bridge?
Layer 2 Data link
L2F
Layer 2 Forwarding
L2TP
Layer 2 Tunneling Protocol
What OSI layer is a switch?
Layer 2 data link
What OSI layer is a router?
Layer 3 Networking
10BaseT facts
Length of Cable: 100 meters Type: Twisted pair with exclusive media (connected to hubs rather than to other nodes). RJ-45. Speed: 10 Mbps Use: Used RJ-45 connectors
1000BaseT ("Gigabit Ethernet") facts
Length of Cable: 100 meters (328 feet) Type: Twisted pair, xclusive media (connected to hubs rather than to other nodes). RJ-45. Speed: 1000Mpbs Use: Improvement of 100BaseTx
100BaseTX ("Fast Ethernet") facts
Length of Cable: 100 meters. Type: Twisted pair, xclusive media (connected to hubs rather than to other nodes). RJ-45. Speed: 100 Mbps. Use: Improvement of 10BaseT, can auto-negotiate speed.
10Base2 facts
Length of Cable: 185 meters Type: Coaxial cable with required BNC connector. Shared medium. Speed: 10 Mbps Use: Old and rarely used.
Faster Speed/Other media Ethernet (10GBASE-SR, 10GBASE-CX4, etc) facts
Length of Cable: 2000+ meters Type: Next-generation fiber optic cabling. Speed: 10+ Gbps Use: Improvement of 1000BaseT, change in connectors and cabling.
10Base5 facts
Length of Cable: 500 meters Type: Special coaxial cable. Needs "vampire taps." Shared Medium Speed: 10MBps Use: Oldest technology and media
LED
Light Emitting Diode
LWAPP
Light Weight Access Point Protocol
What does LAN stand for?
Local Area Network
LLC
Logical Link Control
What does LLC stand for?
Logical Link Control
LLC Sublayer
Logical Link Control, the supper sublayer of the Data Link Layer. Defined in the IEEE 802.2 standard. It masks the underlying physical network technologies by hiding their differences to provide a single interface to the Network layer. Uses SSAPs and DSA{s to help lower layers communicate with the network layer protocols. Also it is responsible for the acknowledgment of individual frames.
VLAN (Virtual LAN)
Logical network segment that oerates on the same physical LAN but separated logically from other network segments. A VLAN server can map certain physical addresses to logical VLAN networks and appropriately load-balance traffic originating from connected hosts.
LTE
Long Term Evolution
Which Sublayer converts the frames into bits that the Physical Layer can put on the wire?
MAC Sublayer
HOSTS file:
MS Windows file, has NetBIOS name entries for remote network hosts as well as local ones
LMHOSTS file:
MS Windows file, has NetBIOS name entries for the LAN
MX
Mail Exchanger
MDF
Main Distribution Frame
malware
Malicious code, such as viruses, Trojans, or worms, which is designed to gain unauthorized access to, make unauthorized use of, or damage computer systems and networks.
MIB
Management Information Base
MIBS
Management Information Bases
network management
Management of systems on the network using various activities, methods, procedures, and tools that relate to the operation, administration, maintenance, and provisioning of these systems.
mux (multiplexer)
Manages separate signals in a logical star topology and enables them to share media.
Asset Management
Managing each aspect of a network, from documentation to performance to hardware.
NetBEUI (NetBIOS Extended User Interface)
Microsoft protocol suite, not routable, meant for small Windows-based LAN.
MSA
Master Service Agreement
MSDS
Material Safety Data Sheet
MTU
Maximum Transmission Unit
MT-RJ
Mechanical Transfer-Registered Jack
What does MAC stand for (not Macintosh)?
Media Access Control
MAC
Media Access Control/Medium Access Control
MDI
Media Dependent Interface
MDIX
Media Dependent Interface Crossover
MGCP
Media Gateway Control Protocol
Mbps
Megabits per second
MBps
Megabytes per second
MOU
Memorandum of Understanding
Broadcast
Message to all users, all nodes on a network to resolve a given name.
MAN
Metropolitan Area Network
MS-CHAP
Microsoft Challenge Handshake Authentication Protocol
Centralized Network Type
Modified client-server network in which the clients have no individual control. All maintenance and setup occurs at the server level. Advantages: extreme ease of management and ability to micromanage. Disadvantages: prohibitive cost and inflexibility.
Combined/Hybrid Topology
More than one topology is utilized. Example: Home network is a star. Xbox 360 connected to mac pro is a "kind of" a bus. Mac pro to the router is part of the star, so the network is a star with a bus connected to it. Everything from the xbox360 goes through the mac pro to get to the network.
DNS (Domain Name Service)
Most common medium of name resolution, operates on concept of domains. Name resolution protocol of choice in the TCP/IP suite
Address (A) Record
Most important DNS record. Maps domain name into an IP address. This is a one-to-one function
MPLS
Multi-Protocol Label Switching
MLA
Multilateral Agreement
MMF
Multimode Fiber
MIMO
Multiple Input, Multiple Output
chips
Multiple data signals generated in the DSSS technique.
MUMIMO
Multiuser Multiple Input, Multiple Output
Internet Security Association and Key Management Protocol (ISAKMP)
Negotiates parameters for an IPsec session.
Which layer adds a network header and converts the segments into packets?
Network
NAC
Network Access Control
NAT
Network Address Translation is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. The main use is to limit the number of public IP addresses an company must use.
NAS
Network Attached Storage
NetBEUI
Network Basic Input/Output Extended User Interface
Transport Layer (Layer 4)
Network layer's packets are sorted and organized into "segments". Contains information on the connection and the transmission of data. Attaches segments information about the state of a connection. Transport layer uses the LLC sub-layer of layer 2 to establish connections.
Client-server Access Network Type
Nodes can act as clients or servers. Advantages:Management is easy and the network can offer services that decentralized networks cannot,.
Ethernet Promiscuous mode
Nodes can receive all frames of information and not just those passed along to those specific computers. This is defeated using switching.
Bus Topology
Nodes of the network are individually linked up to two successive other nodes or another node and a terminating node/terminator. AKA "Daisy chained."
IPv4 address
Numeric identifier of a network node that uniquely identifies that node either on a LAN or wider Internet.
demilitarized zone (DMZ)
Often contains servers that should be accessible from the Internet. This approach would, for example, allow users on the Internet to initiate an email or a web session coming into an organizations email or web server. However, other protocols would be blocked.
cycle
One complete oscillation of an analog signal.
OSI Model
Open Center Interconnection model is a reference model for the comeliest aspects related to a network
ping command
One of the most commonly used command line commands. It can check IP connectivity between two network devices. Multiple platforms support the ping command.
POTS (Plain Old Telephone Service)
One of the oldest yet most popular. Utilizes phone networks and analog-to-digital modems. Must establish a POTS "hand-shake" which takes a minute or two. Slow access, usually 56 Kb/S or 7 KB/S. Inexpensive, uses existing infrastructure.
hashing encryption
One-way encryption that transforms cleartext into a coded form that is never decrypted.
OSPF
Open Shortest Path First
OSI
Open Systems Interconnect
Circuit Level firewall
Operates at the Session layer (layer 5). Filter traffic based on whether or not a session has been established between the destination and source using TCP handshaking. Regulate traffic based on whether or not a trusted connection has been established.
Proxy
Operates at the application layer. Serves as filters of client-internet traffic. Instead of establishing direct connections between the clients and servers on the internet, clients connect to the proxy server which can filter their request and forward it to the internet. Information back is also filtered then sent to the client.
ARP (Address Resolution Protocol)
Operates at the network layer and is used to translate logical IP addresses into Data Link MAC addresses. Translator between layers 2 and 3.
Packet Filtering Firewall
Operates at the network layer. Filters traffic based on the headers (destination/source) of the individual packets.
Application Level Firewall
Operates in the Application Layer (obviously). Inspects the contents of packets, rather than just the headers. Similar to proxies in that they operate and regulate between two segments of the network.
Stateful Inspection Firewall
Operates in the network, session, and application layers. Combines circuit level and application level firewall techniques. Most common today. It assures the connection/sesssion between the two parties is valid and inspects the packets from this connection to assure the packets are not malicious.
OS
Operating Systems
Pointer (PTR) Record
Opposite of the A record, translates IP addresses into DNS names
OCx
Optical Carrier
OTDR
Optical Time Domain Reflectometer
OUI
Organizationally Unique Identifier
Pretty good privacy (PGP)
PGP is a widely deployed asymmetric encryption algorithm and is ofter used to encrypt email traffic.
dial-up lines
PS1N connections that use modems, existing phone lines, and long-distance carrier services to provide low-cost, low-bandwidth WAN connectivity and remote network access.
Multicast
Packet sent to more than one user but not all users -distinguished from the broadcast.
PAP
Password Authentication Protocol
Decentralized Network Type
Peer to peer. No distinctions between client and server. Every node acts as a client and/or server depending on the task at hand. Many file sharing networks are considered decentralized. Advantages: ease of setup. Disadvantage: Difficulty of maintenance ( a setting must be changed on each node to reflect a setting change on the whole network).
PVC
Permanent Virtual Circuit
PAN
Personal Area Network
PC
Personal Computer
What OSI layer does a modem work in?
Physical layer/ layer 1
What OSI layer is a hub?
Physical/Layer 1
How would you test if TCP/IP is configured on a host computer?
Ping local host (127.0.0.1)
POTS
Plain Old Telephone System
PaaS
Platform as a Service
Power over Ethernet (PoE)
PoE allows an Ethernet switch to provide power to an attached device by applying power to the same wires in a UTP cable that are used to transmit and receive data.
PPP
Point-to-Point Protocol
PPPoE
Point-to-Point Protocol over Ethernet
PPTP
Point-to-Point Tunneling Protocol
PTR
Pointer
PAT
Port Address Translation
PoE
Power over Ethernet
incident management
Practices and procedures that govern how an organization will respond to an incident in progress.
PSK
Pre-Shared Key
PGP
Pretty Good Privacy
PRI
Primary Rate Interface
Ethical and Legal issues
Privacy Online fraud Intellectual property and illegal activity
E-Market Strategies
Product considerations Pricing considerations distribution considerations promotion considerations
PDU
Protocol Data Unit
Router discovery protocols
Protocols that are used to identify routers on the network.
VPN protocols
Protocols that provide VPN functionality.
Secondary Name Servers
Provide redundancy and can allow for additional checking of DNS entries.
WPA2 (Wi-Fi Protected Access v2)
Provides WPA with Advanced Encryption Standard (AES) cipher-based CCMP encryption for even greater security and to replace TKIP.
TACACS (Terminal Access Controller Access Control System)
Provides centralized authentication and authorization services for remote users.
Secure Sockets Layer (SSL)
Provides cryptography and reliability for upper layers (Layers 5-7) of the OSI model. SSL, which was introduced in 1995, has largely been prelaced by Transport Layer Security (TLS). However, recent versions of SSL have been enhanced to be more comparable with TLS. Both SSL and TLS are able to provide secure web browsing via HTTPS.
PKI
Public Key Infrastructure
PSTN
Public Switched Telephone Network
DNSBLs (DNS blacklists)
Published lists that contain email addresses that ace confirmed as spam sources.
main memory temporary memory data can be changed or deleted info is lost when the computer shuts down
Ram
Mesh/"Ad Hoc"
Rare, only used in wireless networks when the nodes are set in "ad hoc" mode. Every node is connected to every other node. The wireless cards maintain connection to each other one forming a mesh of a network. Adds redundancy, but makes network management almost impossible.
RTP
Real Time Protocol
RTSP
Real Time Streaming Protocol
Advanced Encryption Standard (AES)
Released in 2001, AES is typically considered the preferred symmetric encryption algorithm. AES is available in 128-bit key, 192-bit key, and 256-bit key versions.
Disadvantages of Star Topology
Reliance on the switch (which is a fail-point) and the amount of wiring necessary.
RADIUS
Remote Authentication Dial-In User Service
RSH
Remote Shell
RAS
Remote access server- A RAS includes specialized server software used for remote connectivity. This software is designed to provide authentication, connectivity and resource access services to connecting users.
Telnet (Telecommunications Network)
Remotely connect to a node. Cleartext (even the password). Terminal emulation because remote terminal is available upon connection. Port: TCP 23
Binary Code
Represents text, computer processor instructions, or other data usually using 0 and 1. The binary code assigns a pattern of binary digits to each character.
waveform
Represents the shape of an analog signal.
Two factor authentication (TFA)
Requires two types of authentication from a user seeking admission to a network. For example, a user might need to know something and have something.
DNS (Domain Name System) Protocol
Resolves domain names into IP addresses. Port: UDP 53
RARP (command)
Returns the IP address that maps to a given mac address
ARP (command)
Returns the MAC address that maps from a given IP address
RARP
Reverse Address Resolution Protocol
RTT
Round Trip Time or Real Transfer Time
RIP
Routing Internet Protocol
SCP
Secure Copy Protocol
SFTP
Secure File Transfer Protocol
SHA
Secure Hash Algorithm
SSH
Secure Shell
SSL VPN Protocol
Secure Sockets Layer virtual private network is a form of VPN that can be used with a standard Web browser. an SSL VPN does not require the installation of specialized client software on the end user's computer.
SA
Security Association
SIEM
Security Information and Event Management
OSI Model: Definition
Seven layer model describes the way and means that networks use to operate and for communication. Each layer depends on the layers below to operate.
SMS
Short Message Service
Modem
Short for modulator demodulate. Acts as a translator between digital and analog networks. Example: acts as the intermediary between analog phone systems and digital networks.
Bluetooth 802.15.1
Short-range wireless technology. Limited to 20-35ft access range. Designed for portable consumer wireless devices and Bluetooth enabled WAPs.
SPB
Shortest Path Bridging
SNTP
Simple Network Time Protocol
FTP (File Transfer Protocol)
Simple file transfers with no security. Transferred in "cleartext". Ports: TCP 20(data); TCP 21(transmission control)
SMF
Single Mode Fiber
Toner Probe
Sometimes called a fox and hound, a toner probe allows you to place a tone generator at one end of the connection and use a probe on the punchdown block to audibly detect which wire the tone generator is connected.
SFP
Small Form-factor Pluggable
SOHO
Small Office/Home Office
Types of digital media
Social networks blogs wikis media-sharing sites virtual reality gaming mobile devices applications and widgets
SDLC
Software Development Life Cycle
SaaS
Software as a Service
socket
Software in an operating system that connects an application with a network protocol.
codec
Software or hardware that codes and decodes digital data to and from the analog format.
adware
Software that automatically displays or downloads advertisements when it is used.
terminal emulator
Software that enables a standard client computer to appear to a host computer as a dedicated terminal.
rootkit
Software that is intended to take full or partial control of a system at the lowest levels.
TTS (Transaction Tracking System)
Software that monitors a transaction through to completion.
Virtual private network (VPN)
Some VPNs can support secure communication between two sites over an untrusted network.
MT-RJ (Mechanical Transfer Registered Jack)
Sometimes called a Fiber Jack connector, it is a compact snap-to-lock connector used with multimode fiber.
STP
Spanning Tree Protocol / Shielded Twisted Pair
Channel Service Unit/Data Service Unit CSU/DSU
Special type of bridge that operates between WANs and LANs. Found in devices such as cable modems (which actually are not technically modems but digital signal converters).
Private IP addresses
Specific Class A, B, and C networks have been designed for private use. Although these networks are routable, within the organication, sevice providers do not route these private networks over the public Internet.
802.11b facts
Speed: 11 Mbps Usage: Cheaper 2.4GHZ mode
802.11n facts
Speed: 150/300/450/600 Mbps Usage: Works at either 2.4GHz or 5GHz
802.11a facts
Speed: 54 Mbps Usage: 5GHz band, outdated. Expensive.
802.11g facts
Speed: 54/108 Mbps Usage: Cross between 802.11a and 802.11b. 2.4GHz at fast speeds and is backwards compatible.
load balancer
Stand-alone network devices that perform load balancing as their primary function.
SC
Standard Connector/Subscriber Connector
SC Connector
Standard/Subscriber Connector. Fiber-optic cable connector. Uses push-pull latching. Square.
SPS
Standby Power Supply
Which topology is used the most often?
Star
NetBIOS Name Server
Stores NetBIOS names in a central location for easy name resolution. Returns IP address based on a NetBIOS name.
ST
Straight Tip or Snap Twist
ST Conncetor
Straight tip, single twist connector for fiber-optic cables.
MAC Sublayer
Sublayer of the Data Link layer. Determines who is allowed to access the media at any one time. Provides frame synchronization.
DSL (Digital Subscriber Line)
Successor to ISDN. Utilizes special DSL modem to translate high-speed signal to network friendly language. Can be as slow as 256 Kbps andfaster than 10 Mbps. Most limited to 15,000 to 18,000 ft. Not a true dedicated line. SDSL - synchronous speed up and down ADSL - download speed much higher than upload; most common today IDSL - works up to 30,000ft.. **Used in small business/office or home connection
SCADA
Supervisory Control and Data Acquisition
spyware
Surreptitiously installed malicious software that is intended to track and report on the usage of a target system, or collect other data the author wishes to obtain.
SVC
Switched Virtual Circuit
Examples of Data Link Layer Devices
Switches, Bridges, WAPs and NICs
SDSL
Symmetrical Digital Subscriber Line
SONET
Synchronous optical networking is a standardized digital communication protocol that is used to transmit a large volume of data over relatively long distances using a fiber optic medium. multiple digital data streams are transferred at the same time over optical fiber using LEDs and laser beams.
SYSLOG
System Log
SNIPS (System and Network Integrated Polling Software)
System and network monitoring software that runs on UNIX systems and offers both a command-line and web interface to monitor network and system devices.
Unified Voice Services
Takes all methods of communication and integrates them together seamlessly (smartphone)
Transport layer
The OSI layer that accepts data from the upper layers, and breaks it up into smaller units known as segments, passes them on to the lower layers, and ensures that all segments arrive correctly at the other end.
Telco
Telephone Company
TKIP
Temporal Key Integrity Protocol. Depreciated form of encryption for wireless networking.
TACACS+
Terminal Access Control Access Control System+
TACACS
Terminal Access Controller Access Control System is an older authentication protocol common to UNIX networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system.
TA
Terminal Adaptor
T1
Terrestrial Carrier Level 1
Oscilloscope
Test media for shorts and other issues. Visual display unit measures analog and digital signals, gives accurate readings of frequency and voltage. Does not time signal's reflection.
Defualt gateway
The IP address of a router to which a networked device sends traffic destined for a dubnet other than the devices local subnet.
Application layer
The OSI layer provides services and utilities that enable applications to access the network and its resources.
Physical layer
The OSI layer provides the means for transmitting data bits over a physical medium.
Network layer
The OSI layer that addresses data packets, routes the packets from a source to a destination through the network, and ensures the delivery of those packets.
Session layer
The OSI layer that is responsible foe establishing a connection between network devices, maintaining the connection, and then terminating or reestablishing it when required.
Presentation layer
The OSI layer that is responsible for translating data into a network compatible format.
SPI (Security Parameters Index)
The SPI helps the computer keep track of the computers it is communicating with.
EDC (Error Detection Code)
The bits that are attached to transmitted data to indicate its original contents.
fault tolerance
The ability of a network or system to withstand a foreseeable component failure and still continue to provide an acceptable level of service.
War Diving
The act of searching for Wi-Fi by person in a moving vehicle to "mooch" off of.
war driving
The act of searching for instances of wireless LAN networks while in motion, using wireless tracking devices like PDAs, mobile phones, or laptops.
hop
The action of forwarding a packet from one router to the next.
Mac Adress
The adds that devices in a network uses. It burned into the chip of the physical ne
disaster recovery
The administrative function of protecting people and resources while restoring a failed network or systems as quickly as possible.
cell
The area covered by a wireless access point Alternatively, a cell is a type of network, similar to a packet switching network, in which data is transmitted as fixed-length packets called cells.
protocol binding
The assignment of a protocol to a NIC.
premise wiring
The collection of drop cables, patch panels, and patch cables that together make a functional network.
IPSec driver
The component of IPSec that watches packets being sent and received to determine if the packets need to be signed and encrypted, based on Group Policy or local Registry settings.
network media
The conduit through which signals flow, can be either bounded or unbounded.
drain
The connection point between a shield and the ground.
amplitude
The crest or trough of a wave from the midpoint of the waveform to its top or bottom.
L2TP (Layer Two Tunneling Protocol)
The de facto standard VPN protocol for tunneling PPP sessions across a variety of network protocols such as IP, Frame Relay, or ATM.
signal
The electromagnetic pulses that ace transmitted across a network medium.
port
The endpoint of a logical connection that client computers use to connect to specific server programs.
FCS (Frame Check Sequence)
The extra characters added to a frame for detecting and correcting errors.
attenuation
The fading or degradation of a signal as it travels across a network medium.
first responder
The first person or team to respond to an accident, damage site, or natural disaster in an IT company.
OUI (Organizationally Unique Identifier)
The first three bytes of a MAC address that uniquely identify a network device manufacturer.
phase
The fixed point where a wave's cycle begins in relationship to a fixed point.
Cleartext
The form of a message or data which is in a form that is immediately understandable to a human being without additional processing
integrity
The fundamental security goal of ensuring that electronic data is not altered or tampered with.
availability
The fundamental security goal of ensuring that systems operate continuously and that authorized persons can access data that they need.
confidentiality
The fundamental security goal of keeping information and communications private and protecting them from unauthorized access.
network backbone
The highest-speed transmission path that carries the majority of network data.
FQDN (Fully Qualified Domain Name)
The host name combined with the host's domain name.
physical security
The implementation and practice of various control mechanisms that are intended to restrict physical access to facilities.
port mirroring
The practice of duplicating all traffic on one port in a switch to a second port.
patch management
The practice of monitoring for, evaluating, testing, and installing software patches and updates.
Packet Shaper
The practice of regulating network data transfer to assure a certain level of performance, quality of service or return on investment.
implicit deny
The principle that establishes that everything that is not explicitly allowed is denied.
enciphering
The process of applying a cipher.
Port Forwarding
The process of configuring a router to make a computer or other network device that is connected to it accessible to other computers and network devices from outside of the local network.
demodulation
The process of decoding or removing a low frequency data signal from a high frequency carrier waveform.
EDAC (Error Detection and Correction)
The process of determining if transmitted data has been received correctly and completely, and if not, rebuilding the data to its correct form.
error detection
The process of determining if transmitted data has been received correctly and completely.
latency sensitivity
The susceptibility of a device to experience issues that affect delay within a network.
Logical Topology
The route the signal takes on the network.
Connectionless
The sender doesn't establish a connection, so there isn't guarantee that the data is delivered.
Internet
The single largest global WAN that virtually links every country in the world.
Bits
The smallest unit of data in a computer. It has a single binary value, either 0 or 1.
SSL (Secure Socket Layer)
The standard security technology for establishing an encrypted link between a web server and a browser.
CIA triad (Confidentiality, Integrity, Availability)
The three principles of security control and management: confidentiality, integrity, and availability. Also known as the information security triad or information security triple.
latency
The time delay for a packet to go from a source to a destination and back to the source.
data transmission
The transfer of data between computers or other electronic devices through a network.
cleartext
The unencrypted form of data. Also known as plaintext
host name
The unique name given to a network node on a TCP /IP network.
jitter
The variability of latency over time across a network.
Topology
The way information flows in a network
non-interactive mode
This mode of the nslookup utility prints only the name and requested details for one host or domain and is useful for a single query.
Distributed denial of service (DDoS)
These attacks can increase the amount of traffic flooded to a target system. Specifically, an attacker compromises multiple systems, and those compromised systems, called zombies, can be instructed by the attacker to simultaneously launch a DDoS attack against a target system.
Buffer overflow
This attack occurs when an attacker leverages a vulnerability in an application, causing data to be written to a memory area thats being used by a different application.
Multilayer Switch
This device can perform the functions of a switch as well as that of a router at incredibly fast speeds.
Packet
This is a small amount of computer data sent over a network
interactive mode
This mode of the nslookup utility enables you to query name servers for information about hosts and domains, or to print a list of hosts in a domain.
TDM
Time Division Multiplexing
TDR
Time Domain Reflectometer
TTL
Time to Live
Electrostatic discharge (ESD) wrist strap
To prevent static electricity in your body from damagin electrical components on a circuit board. The strap has a clip that you attach to ground.
Tone Generator
Tool used to identify a cable by the tone generated and is usually used with twisted pair cabling
Vampire Tap
Tool used to pierce into caoxiale cable
Tracert
Traces the connection path to a remote host, step-by-step.
Presentation Layer (Layer 6)
Translates info from the Transport layer in to data to be used at the Application Layer. Interprets segments/packets it receives and change them in to "data formats" that we know and the PC can recognize.
SNMP
Translation Simple Network Management Protocol
TCP
Transmission Control Protocol
Which layer add a segment header while converting the data into segments?
Transport
TLS
Transport Layer Security
Which layers deal with protocols for delivery and routing of packets?
Transport and Network
TMS
Transportation Management System
TFTP
Trivial File Transfer Protocol
TTLS
Tunneled Transport Layer Security
TOS
Type of Service
TFTP (Trivial FTP)
UDP version of FTP, relatively unreliable. Inefficient. Used more often for inter-network communication. Port: UDP 69
UPC
Ultra Polished Connector
zombie
Unauthorized software introduced on multiple computers to manipulate the computers into mounting a DDoS attack. Also called a drone.
drone
Unauthorized software introduced on multiple computers to manipulate the computers into mounting a DDoS attack. Also called a zombie.
plaintext
Unencoded data. Also known as cleartext.
UC
Unified Communications
UTM
Unified Threat Management
URL
Uniform Resource Locator
UPS
Uninterruptible Power Supply
UNC
Universal Naming Convention
USB
Universal Serial Bus
UTP
Unshielded Twisted Pair
electrical noise
Unwanted signals that are introduced into network media. Noise interferes with the proper reception of transmitted signals.
Canonical Name (CNAME) Record
Used to map a subdomain (or different domain) to a domain. Used as an alias. Example: Most website have a CNAME record that maps www.website.com to website.com
AppleTalk
Used for Apple (macintosh) networks. Routable, can be used in large LANs and some WANs. Uncommon due to presence of many Windows computers on networks.
Partical Mesh
Used in backbone environment to provide fault tolerant connections between critical servers and network devices
Carrier sense multiple access collision detect (CSMA/CD)
Used on an Ethernet network to help prevent a collision from occurring and to recover if a collision does occur. CSMA/CD is only needed on half-duplex connections.
Crimper
Used to attach a connector to the end of an unshielded twisted pair cable.
Bridge
Used to connect two physical network segments together, forming a larger inter-network. It can forward packets or reject them based on their destination MAC address. The connected network segments must have the same network ID.
Nsloookup
Used to troubleshoot DNS issues, cn be used to find an IP given a DNS name
Digital marketing
Uses all digital media including the internet and mobile and interactive channels, to develop communication and exchanges with customers
DVM (Digital Volt Meter)
Uses an analog-to-digital converter to display numeric voltage readings.
Application Layer (Layer 7)
Uses end-user application protocols like FTP and HTTP, services like DHCP and DNS. Ask "does this facilitate networking, or does networking facilitate the service?" If the latter, it's an Application Layer service.
SSTP (Secure Socket Tunneling Protocol)
Uses the HTTP over SSL protocol and encapsulates an IP packet with an SSTP header.
X Window system
Uses the X protocol that leverages a client-server relationship to provide graphical user interface and input device management functionality to applications.
WWAN (Wireless Wide Area Network)
Uses the wireless network technology to allow users to check email, surf the web, and connect to corporate resources accessible within the cellular network boundaries.
How are wireless networks compatible with Ethernet?
Using a MAC bridge that translates wireless frames into Ethernet frames
Data Conversion
Using a program to change one type of data to another.
war chalking
Using symbols to mark off a sidewalk or wall to indicate that there is an open wireless network which may be offering Internet access.
L2TP (Layer 2 Tunneling Protocol)
Utilizes IPSec (IP Security) to encrypt data all the way from the client to the server. Versatile because it can accommodate protocols other than IP to send datagrams. Common in VPN applications.
OC1/OC3/OC(X) - Optical Carrier
Utilizes SONET fiber-optic technology to all speeds exceeding 50 Gbps, though OC1 "only" operates at 51 Mbps. **only large companies would need such speed
PPP (point-to-point) protocol
Utilizes direct connection from a client to WAN over TCP/IP. Single remote access packets. Advantageous for dial-up services. Most common dial-up networking protocol today. When you think dial-up access, think PPP.
Cable
Utilizes traditional coaxial cable. Requires a cable modem to translate between cable signal and Layer 2 segments. Costs more than DSL. Speeds exceed 60 Mbps. ** small to medium-sized business applications and many home settings
VTP
VLAN Trunk Protocol
VLAN
Virtual Local Area Network
voluntary tunnels
VPN tunnels that are created between client endpoints at the request of the client
compulsory tunnels
VPN tunnels that are established by the WAN carrier without involvement from client endpoints.
VDSL
Variable Digital Subscriber Line
VTC
Video Teleconference
a board that plugs into a personal computer to give it a disable capabilities
Video card
VNC
Virtual Network Connection
VPN
Virtual Private Network
VoIP
Voice over IP
vishing
Voice phishing, a human-based attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services such as VoIP.
WMS
Warehouse Management System
Bit error rate tester (BERT)
When troubleshooting a link where you suspect a high bit error rate (BER), you can use a piece of test equipment called a bit error rate tester, which contains bot a pattern generator and an error detector and can calculate a BER for the tested transmission link.
DHCP Release/Renew system
Whena address is requested and assigned, it is leased to the node. When half the lease time has expired, a renewal is requested for the IP address. When the node is gone 87.5% of the time of the lease, the server will send out a broadcast asking for an IP address. Node loses ip address once lease expires.
Network Layer (Layer 3)
Where frames of the Data Link layer becomes packets. Translates frames it receives from layer 2 into more logical packets to be routed to other networks. You cannot verify that the other person ever reads the message. This layer uses IP address and does routing.
WPA2
Wi-Fi Protected Access. Uses AES to encrypt data. Should be used when possible.
WPA
Wi-Fi Protected Access. Uses TKIP to encrypt data. Replaced/improved to WPA2.
WPS
WiFi Protected Setup
What does WAN stand for?
Wide Area Network
Asymmetric encryption
With asymmetric encryption, the sender and receiver of a packet use different keys.
Symmetric encryption
With symmetric encryption, both the sender and the receiver of a packet use the same key for encryption and decryption.
interference
Within wireless networking, the phenomenon by which radio waves from other devices interfere with the 802.11 wireless signals.
www
World Wide Web
Zeroconf
Zero Configuration
network interface card
a card installed in a computer that allows you to connect to a network
File transfer protocol
a communication method for transferring data between computers on the internet
firewall
a computer firewall limits the data that can pass through the computers and protect the network server or client machine from damage by authority users.
switch
a computer network device that connects devices that connects networks segment
Network Nodes
a connection point that can receive, create, store or send data along distributed network routes. It can recognize, process and forward transmissions to other network nodes.
modem
a device that allows computers to communicate over telephone lines
router
a device that transfers data from one network to another
hub
a device that uses its ports to connect devices like computers printers etc together
Dynamic DNS
a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.
Frame Relay
a packet-switching telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between endpoints in wide area networks (WANs).
parallel port
a parallel interface for connecting an external device such as a printer
work station
a personal computer located on a network
Data Compression
a program that uses a formula or algorithm to determine how to shrink the size of the data.
Network Interface Card (NIC)
allows a node to connect to the network, whether it be PCI, ISA, or USB.
blue tooth
allows electronic devices like cell phones and computers to exchange data over short distances using radio waves.
Redundancy
allows for data access even when one server is down - no one server can become a choke/fail point. In network application, means multiple hard drives, multiple servers, etc.
RIP (Routing Information Protocol)
allows for the routeing of internal (and also some internet) traffic and adapting to changes in network structure.
sound card
an expansion board that enables a computer that manipulate and output sounds
usb (aka) universal serial port
an external bus that supports that data transfer
Podcast
audio or video file that can be downloaded from the internet with a subscription that automatically delivers new content to listening devices or personal computer; offer benefit of convenience giving users the ability to listen to view content when and where they choose
computer network
computers connected together for the purpose of sharing information and resources
TCP (Tranmission Control Protocol)
connection-oriented, allows reliable data transfer and receipt of delivery. Uses ports. High-level protocols rely on TCP ports to allow outside nodes to communicate with specific services. Ports are always between 1 and 65536.
Creators
consumers who create their own media outlets
DHCP Scopes
determines the address configurations used on a subnet. In this video, you'll learn how scopes are administered on a DHCP server.
mesh topology
device are connected with many redundant interconnected between to networks
UTP unshielded twisted pair
does not have a foil jacket to help prevent cross talk
Load Balancing
feature that can intelligently delegate traffic and requests from clients across the network and onto other servers tin a way that maximizes network efficiency.
Number of octets in IPv4
four (4)
End-to End Sessions
indicates a communication happening between two applications
Primary Name Server
handles client requests, checking against DNS entries stored in a local file
STP shielded twisted pair
has a foil jacket to help prevent cross talk
protocol
how data is formatted transmitted and received in a network
Unique NetBIOS Name
if a NetBIOS name resolves to a single IP address (one-to-one) relationship
Group NetBIOS Name
if a NetBIOS name resolves to more than one computer.
RIPv2 (routing information protocol)
improved RIPv1, ability to include subnet information with its updates and allows for CIDR support.
Distance-vector routing protocols
include RIP and IGRP, uses distance as one factor and the vector as the other.
Hostid
indicates the actual specific node
Netid
indicatest the network that a node is on
10GBASE-EW
laser over either single or multi-mode fiber LC or SC connectors 40 kilometers 10 GBps
10GBASE-ER
laser over either single or multi-mode fiberoptics. SC or LC connectors 40 kilometers 10 GBps
10GBASE-LW
laser over single-mode fiber optics LC or SC connectors 2000 meters 10 Gbps
10GBASE-LR
laser over single-mode fiber optics; LC or SC connectors 2000 meters 10 Gbps
Collectors
least recognized group gather info and organize content generated by critics and creators
IS-IS (Intermediate system to intermediate system)
link state protocol that operates by forwarding network topology information throughout a network of routers. Typically for larger networks
LAN
local area network a geographic network that covers a relatively small geographic area such as a building or a small campus no more than a mile distance between computers
RS-232 serial cable
many are being replaced with usb enabled interfaces
serial port
many newer system have replaced the serial port
MAN metropolitan Area Network
metropolitan area network a geographic network that covers a large area like a city or community mat be used to connect computers in libraries government agencies etc together no more than 30 miles in size
Class C netid/hostid order
netid . netid . netid . hostid
Virtual sites
offering significant opportunities for marketers to connect with consumers in a unique way role-playing game product placement EX: sims
Inactives
online users who do not participate in online digital media
Critics
people who comment on blogs or post ratings and reviews
DHCP Reservations
permanent IP address assignment. It is a specific IP address within a DHCP scope that is permanently reserved for leased use to a specific DHCP client.
Access control
prevents unauthorized access to network resources and maintains the integrity of those resources through only allowing certain users to access information. Two basic types are: *User Level - user defines what they want to be accessed by other users *Mandated- central server defines how access to various network resources takes place (like an AD server). Forms of Access Control: *login screen *windows share where only users of a certain group can access it
10GBASE-SW
showtwave laser over multi-mode fiberoptics; LC or SC connectors 300 meters 10Gbps
cross talk
signal overflow from an adjacent wire
Widgets
small bits of software on a website, desktop, or mobile device that enables users to interface with the application and operating system
cpu
the cpu is the brains of the computer where most calculations take place