Network collection

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Network Layer

3. Converts the segments from the transport layer into packets and is responsible for path determination, routing delivering of these packets, and logical addressing

Sub-layers of Data Link (Layer 2)

"LLC Sublayer" and "MAC Sublayer"

wiring schematic

A combination of a floor plan and a physical network topology. Similar to physical network diagrams, you can see the nodes on the network and how they are physically connected.

CSU/DSU (Channel Service Unit/Data Service Unit)

A combination of two WAN connectivity devices on a Frame Relay network that work together to connect a digital WAN line with a customer's LAN.

tracert

A command that determines the route data takes to get to a particular destination.

arp utility

A command that enables an administrator to view and manipulate the ARP cache, including deleting it or adding an entry to it.

arping

A command used to discover hosts on a network, similar to ping, but that relies on ARP rather than ICMP. The arping command won't cross any routers, so it will only work within a broadcast domain.

coax

A common abbreviation for coaxial cable.

Protocols

A common language all network devices can use. Usually comes in a a suite of several protocols with different purposes

Challemge-Response Authentication Mechanism Message Digest 5 (CRAM-MD5)

A common variant of HMAC frequently used in email systems. Like CHAP, CRAM-MD5 only preforms one way authentication. (The server authenticates the client)

dial-up modem

A communication device that converts a computer's digital signals into analog signals before transmission over telephone lines.

synchronous communications

A communication method in which a byte is sent in a standardized time interval, enabling the receiver to use the predetermined time interval as the means to distinguish between bytes in the data stream.

asynchronous communications

A communication method in which special start and stop bit patterns are inserted between each byte of data allowing the receiver to distinguish between the bytes in the data stream.

LDAP (Lightweight Directory Access Protocol)

A communications protocol that defines how a client can access information, perform operations, and share directory data on a server.

SMTP (Simple Mail Transfer Protocol)

A communications protocol that enables sending email from a client to a server or between servers.

Host based IPS (HIPS)

A HIPS system is a computer running intrusion prevention software for the purpose of protecting the computer from attacks.

Logical Addressing

A IP address that is assigned to it for the purpose of routing between networks.It operates at the network layer

PDH (Plesiochronous Digital Hierarchy)

A communications standard that can carry data over fibre optic or microwave radio systems.

bottleneck

A component of a system that performs poorly when compared to other components and reduces the overall system performance.

JPEG (Joint Photographic Experts Group)

A compressed graphical file format that reduces the file size.

network scanner

A computer program used for scanning networks to obtain user names, host names, groups, shares, and services. Also known as network enumerators.

switched Ethernet

A LAN technology that connects computers using switches, enabling the devices on each switched connection to utilize the full bandwidth of the medium.

STP (Spanning-Tree Protocol)

A Layer 2 protocol that is used for routing and prevents network loops by adopting a dynamic routing method.

PPTP (Point-to-Point Tunneling Protocol)

A Microsoft VPN layer 2 protocol that increases the security of PPP by providing tunneling and data encryption for PPP packets and uses the same authentication methods as PPP.

routing table

A database created manually or by a route-discovery protocol that contains network addresses as perceived by a specific router. A router uses its route table to forward packets to another network or router.

tracert command

A Microsoft Windows based command that displays every router hop along the path from a source host to a destination host on an IP network. Information about a router hop can include such information as the IP address of the router hop and the round trip delay of that router hop.

ipconfig command

A Microsoft Windows command that can be used to display IP address configuration parameters on a PC. In addition, if DHCP is used by the PC, the ipconfig command can be used to release and renew a DHCP lease, which is often useful during troubleshooting.

Network based IDS (NIDS)

A NIDS device is a network appliance dedicated to the purpose of acting as an IDS sensor.

Network based IPS (NIPS)

A NIPS device is a network appliance dedicated to the purpose of acting as an IPS sensor.

DMZ (Demilitarized Zone)

A "catch-all" host for requests on non-configured ports. Used so that port forwarding doesn't have to be configured for each service, and as a security feature so that all non-port-forwarded traffic can be directed to a single host.

All People Seem To Need Data Processing

A acronym to help you remember the 7 layers of the OSI Model. Application, Presentation, Session, Transport, Network, Data Link, Physical

RARP (Reverse Address Resolution Protocol)

A allows a node on a local area network to discover its IP address from a router's ARP table or cache.

demarc

A demarcation point where a building's wiring ends and the telephone company's wiring begins.

demarc extension

A demarcation point where a network connectivity line terminates within or just outside of a building and may need to be extended further to accommodate the extended connectivity segment.

Class D addresses

A block of IP addresses from 224.0.0.0 to 239.255.255.255 used to support multicast sessions.

Class E addresses

A block of IP addresses from 240.0.0.0 to 255.255.255.255 used for research and experimentation purposes.

Class A addresses

A block of iP addresses from 1.0.0.0 to 127.255.255.255 that provides the largest number of nodes (16,777,214) for the smallest number of networks (126), thus increasing the number of nodes per network.

Class B addresses

A block ofiP addresses from 128.0.0.0 to 191.255.255.255 that provides a good balance between the number of networks and the number of nodes per network-16,382 networks of 65,534 nodes each.

Open

A broken strand of copper that prevents current from flowing through a circuit.

cache

A buffer that is used when reading information from a disk or RAM.

1Pv6 address

A 128-bit hexadecimal number assigned to a computer on a TCP/IP network.

AUI connector (Attachment Unit Interface connector)

A 15-pin D-shaped connector. Also known as a DIX connector, named for the three companies that invented it Digital Equipment Corporation (DEC), Intel, and Xerox.

warm site

A business site that performs noncritical functions under normal conditions, but which can be rapidly converted to a key operations site if needed .

IDF (Intermediate Distribution Frame)

A cable rack that interconnects the telecommunications wiring between an MDF and any workstation devices.

MDF (Main Distribution Frame)

A cable rack that interconnects the telecommunications wiring between itself and any number of IDFs.

packet sniffer

A device or program that monitors network communications and captures data.

AP (Access Point)

A device or software that facilitates communication and provides enhanced security to wireless devices.

Hub

A device that allows multiple computers to communicate with each other over a network. It has several Ethernet ports that are used to connect two or more network devices together

STA (Station)

A device that contains an IEEE 802.11 conformant MAC interface to a wireless medium with an Ethernet-like driver interface.

wireless antenna

A device that converts high frequency signals on a cable into wireless electromagnetic waves and vice versa.

Analog Modem

A device that converts the computer's digital pulses to tones that can be carried over analog telephone lines, and vice versa.

T -carrier system

A digital and packet switched system that makes communication more scalable than the analog, circuit-switched systems.

ISDN (Integrated Services Digital Network)

A digital circuit switching technology that carries both voice and data.

on-off keying

A digital data transmission encoding scheme in which a change in voltage from one state to another within a predetermined interval is symbolized by a 1.

SSID (Service Set Identifier)

A 32-bit alphanumeric string that identifies a WAP and all devices attached to it.

1Pv4 address

A 32-bit binary number assigned to a computer on a TCP /IP network.

subnet mask

A 32-bit number assigned to each host for dividing the 32-bit binary IP address into network and node portions.

top

A CPU usage monitoring tool that provides a static snapshot, or a realtime display of the processes currently running on a CPU.

TACACS+ (TACACS Plus)

A Cisco proprietary product that uses TCP port 49, supports multifactor authentication and is considered more secure and scalable than RADIUS.

Cable tester

A cable tester can test the conductors in an Ethernet cable. It contains two parts. By connecting these parts of the cable tester to each end of a cable under test, you can check the wires in the cable for continuity. In addition, you can verify that an RJ-45 connector has the correct pinout.

disaster

A catastrophic loss of system functioning due to a cause that cannot reasonably be foreseen or avoided.

ATM (Asynchronous Transfer Mode)

A cell-switching network technology designed for the high-speed transfer of voice, video, and data in LANs, WANs, and telephone networks.

group policy

A centralized configuration management feature available for Active Directory on Windows Server systems.

DSH (Digital Signal Hierarchy)

A channelized data transmission standard used to multiplex several single data or voice channels for a greater total bandwidth.

vampire tap

A clamshell-like device that clamps over an RG8 cable, making contact with its conductors, and permitting a networking device to connect to the ThickNet segment.

custom TCP/IP subnet

A class of leased addresses that are divided into smaller groups to serve a network's needs.

flow control

A class of technique for optimizing the exchange of data between systems.

TIFF (Tagged Image File Format)

A digital format used to handle images used in publishing and photography.

Manchester encoding

A digital transmission encoding scheme that represents the transition from positive to ground with a 0 and a negative to positive voltage transition in the middle of the bit period designates a binary 1.

point-to-point connection

A direct connection between two nodes on a network.

PBX parachute

A disaster recovery service provided by virtual PBX that keeps the phone service running in case of power failure.

IGRP (Interior Gateway Routing Protocol)

A distance-vector routing protocol developed by Cisco as an improvement over RIP and RIP v2.

FDDI (Fiber Distributed Data Interface)

A dual-ring, token-passing fiber network that operates at 100 Mbps.

cold spare

A duplicate piece of backup equipment that can be configured to use as an alternate if needed.

Dynamic IP addressing

A dynamic IP address is an IP address that's automatically assigned to each connection, or node, of a network. This automatic assignment of IP addresses is done by what's called a DHCP server.

802.x

A family of networking standards developed by IEEE.

full duplex

A feature of NIC that allows multiple devices to send and receive data simultaneously without data collision.

Remote Access

A feature that allows an administrator to access client systems from any location on the network.

zone

A file that physically divides the DNS database and contains the actual IP-to-host name mappings for one or more domains.

EFS (Encrypting File System)

A file-encryption tool available on Windows systems that have partitions formatted with NTFS.

Firewall

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

microwave transmission

A form of point-to-point wireless transmission over unbounded media in which signals are sent via pulses of electromagnetic energy in the microwave region of the spectrum.

spread spectrum

A form of radio transmission in which the signal is sent over more than one frequency to discourage eavesdropping.

VLSM (Variable Length Subnet Mask)

A classless subnet mask that can be customized to a different length for each subnet based on the number of nodes on that subnet.

Kerberos

A client server authentication protocol that supports mutual authentication between a client and a server. Kerberos uses the concept of a trusted third party that hands out tickets to be used instead of a username and password combination.

NFS (Network File System)

A client/ server application that enables users to access shared files stored on different types of computers and work with those files as if they were stored locally on their own computers.

standard

A measure of adherence to the network policy.

hertz

A measure of the number of cycles per second in an analog signal. One cycle per second equals one hertz.

TDR (Time-Domain Reflectometer)

A measuring tool that transmits an electrical pulse on a cable and measures the way the signal reflects back on the TDR to determine network issues.

controlled media access

A media access method in which a central device or system controls when and for how long each node can transmit Also called deterministic media access.

contention-based media access

A media access method in which nodes compete or cooperate among themselves for media access time. Also called competitive media access.

Baseline

A collection of data portraying the characteristics of a network under normal operating conditions. Data collected while troubleshooting can then be contrasted against baseline data.

rollup

A collection of previously issued patches and hotflxes, usually meant to be applied to one component of a system, such as the web browser or a particular service.

Software firewall

A computer running firewall software. For example, the software firewall could protect the computer itself. Alternatively, a software firewall could be a computer with more than one network interface card that runs firewall software to filter traffic flowing through the computer.

DNS records

A DNS record is a database record used to map a URL to an IP address. DNS records are stored in DNS servers and work to help users connect their websites to the outside world.

NS (Name Server)

A DNS record that delegates a DNS zone to use the given authoritative name servers.

MX (Mail Exchange)

A DNS record that maps a domain name to a mail exchange server list.

CNAME (Canonical name record)

A DNS record that maps multiple canonical names (aliases) to one A record.

PTR (Pointer)

A DNS record that maps the IP address to a host name for reverse lookup functionality.

DNS Servers

A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases, serves to resolve, or translate, those common names to IP addresses as requested.

Ethernet frame

A data packet that has been encoded on the Data Link layer for transmission from one node to another on an Ethernet network.

store and forward

A data transmission method used to send data to a server or router where the data is stored until the next hop becomes available.

tunneling

A data transport technique in which a data packet is transferred inside the frame or packet of another protocol, enabling the infrastructure of one network to be used to travel to another network.

certificate repository

A database containing digital certificates.

FDM (Frequency-Division Multiplexing)

A multiplexing method in which data from multiple nodes is sent over multiple frequencies or channels, over a network medium.

Hardware firewall

A network appliance dedicated to the purpose of acting as a firewall. This appliance can have multiple interfaces for connecting to areas of a network requiring varying levels of security.

DoS attack (Denial of Service attack)

A network attack in which an attacker disables systems that provide network services by consuming a network link's available bandwidth, consuming a single system's available resources, or exploiting programming flaws in an application or operating system.

peer-to-peer network

A network in which resource sharing, processing, and communications control are completely decentralized.

client/server network

A network in which servers provide resources to clients.

OSI reference model (Open Systems Interconnection)

A network model developed by ISO for communication through open system networks.

endpoint

A network node that is the source or destination for data transfer.

redistribution point

A network node that is used to transfer data.

Denial of service (DoS)

A DoS attack floods a system with an excessive amount of traffic or requests, which consumes the systems processing resources and prevents the system from responding to many legitimate requests.

botnet

A collection of software robots run by a command and control program that is controlled by a person.

service pack

A collection of system updates that can include functionality enhancements, new features, and typically all patches, updates, and hotfixes issued up to the point of the release of the service pack.

Collision

A collision occurs when two devices on an Ethernet network simultaneously transmit a frame. Because an Ethernet segment cannot handle more than one frame at a time, both frames become corrupted.

Crimping Tool/Crimper

Connects media to a connector. Most crimping tools used for twisted pair cabling. **connects cable to connector/clip (male)

WAN (Wide Area Network)

A network that spans multiple geographic locations, connecting multiple LANs using long-range transmission media.

open system network

A network that supports multiple communication protocol suites that different vendors develop.

logical star topology

A network topology in which a central device controls network access for nodes that are wired as a physical bus.

physical ring topology

A network topology in which all network nodes are connected in a circle.

logical bus topology

A network topology in which all nodes receive the data transmission at the same time, regardless of the physical wiring layout of the network.

logical ring topology

A network topology in which each node receives data only from its upstream neighbor and retransmits it only to its downstream neighbor, regardless of the physical layout of the network.

physical mesh topology

A network topology in which each node has a direct, point-to-point connection to every other node.

physical star topology

A network topology that uses a central connectivity device with separate point-to-point connections to each node.

flooding

A network transmission state in which data arrives at a receiving node too quickly to be processed.

Nessus

A network vulnerability scanner available from Tenable Network Security.

Nmap

A network vulnerability scanner.

Private Networks

A network within a corporation can only be accessed only by users working for with that corporation

unbounded media

A networking medium that does not use a physical connection between devices and can transmit electromagnetic signals through the air using radio waves, microwaves, or infrared radiation.

bounded media

A networking medium that uses a physical conductor, typically made of metal or glass.

HTTP

Hypertext Transfer Protocol

HTTPS

Hypertext Transfer Protocol Secure

access control

In security terms, the process of determining and assigning privileges to various resources, objects, and data.

Full Duplex

A node can transmit and receive at the same time.

Half Duplex

A node can transmit or receive, but not both at the same time.

differential signaling

A noise reduction technique in which the signals from two inputs are compared; signals that are identical on the two inputs are ignored, while those that are different on the inputs are accepted

BGP (Border Gateway Protocol)

A path-vector protocol used by ISPs to establish routing between one another.

IBSS (Independent Basic Service Set)

A peer-to-peer network where each wireless station acts as both a client and a wireless AP.

ad-hoc mode

A peer-to-peer wireless configuration where each wireless workstation talks directly to other workstations.

intranet

A private network that uses Internet protocols and services to share a company's information with its employees.

Reverse Proxy

A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server.

HTTPS (HTTP Secure)

A secure version of HTTP that provides a secure connection between web browser and a server.

authorization

In security terms, the process of determining what rights and privileges a particular entity has.

serial cable

A serial cable is a type of bounded network media that transfers information between two devices using serial transmission.

accountability

In security terms, the process of determining who to hold responsible for a particular activity or event.

CARP (Common Address Redundancy Protocol)

A redundancy protocol that allows a number of computers to be grouped together to use a single virtual network interface between them.

auditing

In security terms, the process of tracking and recording system activities and resource access. Also known as accounting.

virtual server

A remote software tool that can run its own operating systems or applications, similar to a physical server.

ICA (Independent Computing Architecture)

A remote terminal protocol used by Citrix MetaFrame and MetaFrame XP software as add-ons to Microsoft Terminal Services.

PAP (Password Authentication Protocol)

A remote-access authentication method that sends client IDs and passwords as cleartext

logical state

A representation of digital data in the binary form of 1 's and 0's corresponding to the different voltage levels for mathematical reasons and to describe the working of digital devices.

VPN (Virtual Private Network)

Like LANs that are spread across the Internet so that multiple remote clients can connect to one logical network.

LACP

Link Aggregation Control Protocol

LC

Local Connector

LEC

Local Exchange Carrier

nm

Nanometer

CA (Certificate Authority)

A server that can issue digital certificates and the associated public/private key pairs.

10Base standards

A set of standards that describes the media type and the speeds at which each type of media operates

RAID (Redundant Array of Independent or Inexpensive Disks)

A set of vendor-independent specifications for fault-tolerant configurations on multiple-disk systems.

NNTP

Network News Transport Protocol

NTP

Network Time Protocol

POP

Post Office Protocol

POP3

Post Office Protocol version 3

butt set

A special type of telephone used by telecom technicians when installing and testing local lines. Also known as a lineman's test set.

security incident

A specific instance of a risk event occurring, whether or not it causes damage.

key

A specific piece of information that is used in conjunction with an algorithm to perform encryption and decryption in cryptography.

IEEE 802.1 x

A standard for securing networks by implementing EAP as the authentication protocol over either a wired or wireless Ethernet LAN, rather than the more traditional implementation of EAP over PPP.

ES (Edge System)

A system on a Frame Relay network that efficiently manages traffic between a user and the backbone network.

proxy server

A system that isolates internal networks from the servers by downloading and storing files on behalf of clients.

certificate management system

A system that provides the software tools to perform the day-to-day functions of a PKI.

change management

A systematic way of approving and executing change in order to assure maximum security, stability, and availability of information technology services.

FAT (File Allocation Table)

A table on a hard disk maintained by the operating system that provides a map of clusters that files have been stored in.

ARP cache

A table used to maintain a correlation between each MAC address and its corresponding IP address.

EIA (Electronic Industries Alliance)

A trade association accredited by ANSI to develop and jointly issue standards for telecommunications and electronics.

IP Security (IPsec)

A type of VPN that provides confidentiality, integrity, and authentication.

fixed length window

A type of data window in which each block of packets is of the same size. Typically, fixed length windows are small to avoid flooding the buffers of less-powerful receivers.

protocol analyzer

A type of diagnostic software that can examine and display data packets that are being transmitted over a network. Also called a network analyzer.

DC (Direct Current)

A type of electric current that flows unidirectionally.

phishing

A type of email-based social engineering attack, in which the attacker sends email from a spoofed source, such as a bank, to try to elicit private information from the victim.

singlemode fiber

A type of fiber optic cable that carries a single optical signal.

IP spoofing attack

A type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system.

malicious code attack

A type of software attack where an attacker inserts malicious software into a user's system.

port scanner

A type of software that searches a network host for open ports.

impersonation

A type of spoofing in which an attacker pretends to be someone they are not, typically an average user in distress, or a help desk representative.

Token ring

A type of technology used on ring networks in which computers pass a special sequence of bits called a token between them.

UTP (Unshielded Twisted Pair)

A type of twisted pair cabling that does not include shielding around its conductors.

NRZI (Non-Return to Zero Inverted)

A variation of the on-off keying digital transmission encoding scheme.

SVC (Switched Virtual Circuit)

A virtual circuit associated with dial-up and demand-dial connections and provide more flexibility than PVCs, allowing a single connection to an endpoint to connect to multiple endpoints as needed.

PVC (Permanent Virtual Circuit)

A virtual circuit associated with leased lines and connects two endpoints, which are always on.

RF

Radio Frequency

RFI

Radio Frequency Interference

RG

Radio Guide

ThinNet

Refers to Ethernet networking over RG58/U or RG58A/U cabling.

ThickNet

Refers to Ethernet networking over RG8 cabling.

plenum

Refers to an air handling space, including ducts and other parts of the HVAC system in a building.

VCC (Vertical Cross-Connect)

Refers to cables that run vertically between floors in a building, or vertically between equipment in an equipment rack.

Network Administration

Refers to day-to-day management maintenance and configuration of networks.

in phase

Refers to two waves of the same frequency that begin at the same time.

out of phase

Refers to two waves that either start at an offset from each other or have different frequencies.

Duplex Mode

Refers to whether the traffic is one-way (talk or listen) or two-way (talk and listen).

RJ

Registered Jack

active IDS

An IDS that detects a security breach according to the parameters it has been configured with, logs the activity, and then takes the appropriate action to block the user from the suspicious activity.

passive IDS

An IDS that detects potential security breaches, logs the activity, and alerts security personnel.

802.11

An IEEE standard that specifies an over-the-air interface between a wireless client and a base station or between two wireless clients.

802.2

An IEEE standard used to address the need for MAC sub-layer addressing in bridges.

802.3

An IEEE standard used to standardize Ethernet and expand it to include a wide range of cable media.

default gateway

An IP address of the router that routes remote traffic from the computer's local subnet to remote subnets.

NIPS (Network-based IPS)

An IPS that is a host that prevents an intrusion on another host that resides on a different IP address and takes actions to prevent an intrusion.

HIPS (Host-based IPS)

An IPS that resides on a computer and uses a specific IP address. It detects and prevents the actions malicious code attempts to modify the system.

Authentication Header (AH)

An IPsec protocol that provides authentication and integrity services. However, it does not provide encryption sevices.

Encapsulating Security Payload (ESP)

An IPsec protocol that provides authentication, integrity, and encryption services.

satellite Internet

An Internet connection method that uses a satellite network.

NTP (Network Time Protocol)

An Internet protocol that enables synchronization of computer clock times in a network of computers by exchanging time signals.

Data Link layer

An OSI layer responsible for error-free transfer of data packets between nodes on the network.

session hijacking attack

An attack where the attacker exploits a legitimate session to obtain unauthorized access to an organization's network or services.

IV attack

An attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except for the user or network.

Diameter

An authentication protocol that is an updated version of RADIUS and improves on some of its features.

RA (Registration Authority)

An authority in a PKI that processes requests for digital certificates from users.

transit autonomous systems

An autonomous system in which the source or the destination node does not reside within the system.

stub autonomous systems

An autonomous system in which the source or the destination node must exist within the system.

AC (Alternating Current)

An electrical current that switches its flow back and forth in a circuit

circuit tester

An electrical instrument that displays whether an electrical outlet is wired correctly.

voltmeter

An electrical instrument that measures voltage and resistance between two points in a circuit.

cable tester

An electrical instrument that verifies if a signal is transmitted by a cable. Also called a media tester.

digital signal

An electrical signal that can have combinations of only two values: one and zero.

tone locator

An electronic device that emits an audible tone when it detects a signal in a set of wires.

tone generator

An electronic device that sends an electrical signal through one set of UTP cables.

whaling

An email- or web-based form of phishing which targets particularly wealthy individuals. Also known as spear phishing.

spam

An email-based threat that floods the user's inbox with emails that typically carry unsolicited advertising material for products or other spurious content, and which sometimes delivers viruses.

threat

Any potential violation of security policies or procedures.

exterior router

Any router entirely outside an AS.

attack

Any technique that is used to exploit a vulnerability in any application on a computer system without authorization.

hybrid topology

Any topology that exhibits the characteristics of more than one standard network topology.

password attack

Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately.

hoax

Any type of incorrect or misleading information that is disseminated to multiple users through unofficial channels.

unauthorized access

Any type of network or data access that is not explicitly approved by an organization.

Joiners

Anyone who becomes a member of a social media site

Maximum transmission unit (MTU)

The largest packet size supported on an interface.

ISO (International Organization for Standardization)

The largest standards-development body in the world, comprising the national standards institutes of 162 countries.

PEAP (Protected Extensible Authentication Protocol)

Similar to EAP-TLS, PEAP was proposed as an open standard by a coalition made up of Cisco Systems, Microsoft, and RSA Security.

RDP

Remote Desktop Protocol

Multifactor authentication

Similar to two factor authentication, multifactor authentication requires two or more types of successful authentication before granting access to a network.

SGCP

Simple Gateway Control Protocol

SMTP

Simple Mail Transfer Protocol

SNAT

Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the internet

SSAPs

Source Service Access Points used to identify which protocol handler should process an incoming frame.

End-to- End Delivery

Source to Destination

Most common topology for wireless networks

Star- wireless technologies all connect to a single WAP

SOA

Start of Authority

SPI

Stateful Packet Inspection

SOW

Statement of Work

TDR Tool (Time Domain Reflectometer)

Sends signal down the wire and time how long it takes to bounce back.

SLIP

Serial Line Internet Protocol

SLA

Service Level Agreement

SSID

Service Set Identifier

SDP

Session Description Protocol

SIP

Session Initiation Protocol

Network Type/ Access Model

The manner and mode in which nodes communicate with each other and share information.

subnetting

The process of logically dividing a network into smaller subnetworks or subnets.

deciphering

The process of reversing a cipher.

routing

The process of selecting the best route for moving a packet from its source to destination on a network.

analog modulation

The process of superimposing a low frequency data signal over a high frequency carrier waveform.

LEAP (Lightweight Extensible Authentication Protocol)

The proprietary EAP implementation of Cisco Systems.

IGP (Interior Gateway Protocol)

The protocol responsible for exchanging routing information between gateways within an AS.

EGP (Exterior Gateway Protocol)

The protocol responsible for exchanging routing information between two neighboring gateways.

RDP (Remote Desktop Protocol)

The protocol used by Microsoft's Terminal Set.vices implementations.

Switch

a switch is a device that channels incoming data from any of multiple input ports to the specific output port that will take the data toward its intended destination.

bandwidth

the amount of data that can be transferred over a network in a certain amount of time.

wireless local area network

wlan uses high frequency radio waves rather than wires to communicate between nodes

WWW

world wide web

Online fraud

any attempt ti conduct Fraudulent activities online, including deceiving consumers into releasing personal info

Host

any part of the network that gives data out where client accesses the data from such as a server

client

any part of the network that receives data such as a work station

Web Services

any piece of software that makes itself available over the internet and uses a standardized XML messaging system.

XML

eXtensible Markup Language

EMI (electromagnetic interference)

electrical devices can be sources of EMI. standard UTP has minimal resistance to EMI, while fiber optic is highly resistant.

Digital media

electronic media the functions using digital codes; Refering to media available via digital devices

Examples of the Client Server Model

email, printer servers

Class C Subnets

default: 255.255.255.0 number of subnets: 2,097,152 hosts per subnet: 254

DLC (Data Link Control)

specialized protocol used for communication between pc and non-pc devices.

TDM (Time-Division Multiplexing)

A multiplexing method in which the communication channel is divided into discrete time slots that are assigned to each node on a network.

DWDM (Dense Wavelength Division Multiplexing)

A multiplexing technology that uses light wavelengths to transmit data.

network name

A name assigned to a node to help users and technicians recognize the device.

ANS (Authoritative Name Server)

A name server that responds to name-related queries in one or more zones.

GPS (Global Positioning System)

A navigational system that consists of a network of satellites with 24 active satellites and 3 in standby mode.

encapsulation

A process of adding delivery information to the actual data in each layer.

Zeroconf (Zero Configuration Networking)

A set of standards used for automatically configuring and allocating IP address on Ethernet as well as wireless networks.

network acknowledgment

A signal used by a communication protocol between nodes on a network to acknowledge receipt of data.

TFTP (Trivial File Transfer Protocol)

A simple version of FTP that uses UDP as the transport protocol, and does not require a logon to the remote host.

NetBIOS

A simple, broadcast-based naming service.

Virtual LAN (VLAN)

A single broadcast domain, representing a single subnet. Typically, a group of ports on a switch is assigned to a single VLAN. For traffic to travel between two VLANS, that traffic needs to be routed.

VPN concentrator

A single device that incorporates advanced encryption and authentication methods in order to handle a large number of VPN tunnels.

LC (Local Connector)

A small form factor ceramic ferrule connector for both singlemode and multimode fiber.

SOHO (Small office/home office)

A small network that can comprise up to 10 nodes.

DMZ (demilitarized zone)

A small section of a private network that is located between two firewalls and made available for public access.

VSAT (Very Small Aperture Terminal)

A small telecommunication Earth station that consists of a small antenna that transmits and receives signals from satellites.

patch

A small unit of supplemental code meant to address either a security problem or a functionality flaw in a software package or operating system.

sine wave

A smoothly oscillating curve that is the result of calculating the sine of the angles between zero and 360 and plotting the results.

IDS (Intrusion Detection System)

A software and/ or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress.

high bandwidth application

A software application or program that requires large amounts of network bandwidth for data transmission.

data window

A flow control technique in which multiple packets are sent as a unit. The recipient acknowledges each window rather than each packet, resulting in higher throughput.

buffering

A flow control technique in which received data is stored on a temporary high-speed memory location.

stateless firewall

A flrewall that manages and maintains the connection state of a session using the filter and ensures that only authorized packets are permitted in sequence.

stateful firewall

A flrewall that monitors communication paths and data flow on the network.

impedance

A force that opposes the flow of electricity in an AC circuit. Impedance is measured in ohms.

NAT (Network Address Translation)

A form of Internet security that conceals internal addressing schemes from external networks such as the Internet.

broadcast radio

A form of RF networking that is non-directional, uses a single frequency for transmission, and comes in low- and high-power versions.

man-in-the-middle attack

A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.

spoofing

A human- or software-based attack where the goal is to pretend to be someone else for the purpose of identity concealment.

guessing

A human-based attack where the goal is to guess a password or PIN through brute force means or by using deduction.

X.25

A legacy packet switching network technology developed in the 1970s to move data across less than reliable public carriers.

IS-IS (Intermediate System to Intermediate System)

A link-state routing protocol used within a network.

Load balancer

A load balancer is a device that distributes network or application traffic across a cluster of servers. Load balancing improves responsiveness and increases availability of applications

broadcast domain

A logical area in a computer network where any node connected to the computer network can directly transmit to any other node in the domain without a central routing device.

DET (Directory Entry Table)

A logical link between a directory and the files it contains that is implemented by the NTFS.

tunnel

A logical path through the network that appears like a point-to-point connection.

subnet

A logical subset of a larger network, created by an administrator to improve network performance or to provide security.

Decibel (dB) loss

A loss of signal power. If a transmission's dB loss is too great, the transmission cannot be properly interpreted by the intended recipient.

ARP Cache Poisoning

A man-in-the-middle attack, where the attacker associates his MAC address with someone else's IP address, so all traffic will be sent to him first. The attacker sends out unsolicited ARPs, which can either be requests or replies

connector

A metal device at the end of a wire to connect video equipment and network nodes in a LAN.

NaaS (Network as a Service)

A method by which service providers lease resources on the network such as communication services and infrastructure.

cipher

A method for concealing the meaning of text.

unicast transmission

A method for data transfer from a source address to a destination address.

MPPE (Microsoft Point-to-Point Encryption)

A method of data encryption between PPP dial up connections or PPTP VPN connections.

load balancing

A method of dividing work among the devices on a network.

Prefix notation

A method of indicating how many bits are in a subnet mask. For example, /24 is prefix notation for a 24bit subnet mask. Prefix notation is also known as slash notation.

shielding

A method of placing grounded conductive material around the media to prevent the introduction of noise into the media.

satellite television

A method of relaying video and audio signals directly to the subscriber's television sets using geosynchronous satellites.

Dotted decimal notation

A method of writing an IPv4 address or subnet mask, where groups of 8 bits are separated by periods.

Traffic filtering

A method that allows only legitimate traffic through to the network.

PaaS (Platform as a Service)

A method that enables infrastructure and tools from the service provider so that the client does not need to manage them.

IaaS (Infrastructure as a Service)

A method that provides network resources such as for storage and allow the client can deploy software and add network components such as firewalls.

bluejacking

A method used by attackers to send out unwanted Bluetooth signals from PDAs, mobile phones, and laptops to other Bluetooth-enabled devices.

address munging

A method used by end users to provide a fake name or address to post on consumer websites or newsgroups.

RAS (Remote Access Services)

A method where the user can dial in and authenticate with the same account he or she uses at the office.

half duplex

A mode of communication that permits two-way transmission, but in only one direction at a time.

promiscuous mode

A mode of operation for network adapters that enables them to capture all packets sent across the network, regardless of the source or destination of the packets.

Client/Sever Model

A model, at least 1 computer acts like a server that holds resources that are accessed over a network by clients

Triple DES (3DES)

A more-secure variant of DES that repeatedly encodes the message using three separate DES keys.

BPL (Broadband over Powerlines)

A technology that allows domestic power lines for broadband transmission.

dedicated lines

A telecommunication path that is available 24 hours a day for use by a designated user.

satellite phone

A telephone system that relies on the satellite network to provide services, instead of the infrastructure of the local telephone switch.

attacker

A term for a user who gains unauthorized access to computers and networks for malicious purposes.

NAC (Network Access Control)

A term that refers to collected protocols, policies, and hardware that govern access on devices to and from a network.

Telnet

A terminal emulation protocol that allows users at one site to simulate a session on a remote host.

wire crimper

A tool that attaches media connectors to the ends of cables.

punch down tool

A tool used in a wiring closet to connect cable wires directly to a patch panel.

physical topology

A topology that describes a network's physical layout and shape.

logical topology

A topology that describes the data-flow patterns in a network.

wireless communication

A type of communication in which signals are transmitted over a distance without the use of a physical medium.

coaxial cable

A type of copper cable that features a central conductor surrounded by an insulator and braided or foil shielding.

sliding window

A type of data window in which block sizes are variable. Window size is continually reevaluated during transmission, with the sender always attempting to send the largest window it can to speed throughput.

multimode fiber

A type of fiber optic cable that carries multiple light signals on a single strand.

replay attack

A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.

remote networking

A type of network communication that enables users who are not at their physical locations to access network resources.

cell switching network

A type of network, similar to a packet switching network, in which data is transmitted as fixed-length packets called cells.

dictionary attack

A type of password attack that automates password guessing by comparing encrypted passwords against a predetermined list of possible password values.

digital certificate

An electronic document that associates credentials with a public key.

multimeter

An electronic measuring instrument that takes electronic measurements such as voltage, current, and resistance.

honeynet

An entire dummy network used to lure attackers.

IEEE (Institute of Electrical and Electronics Engineers)

An organization dedicated to advancing theory and technology in electrical sciences.

policy statement

An outline of the plan for the individual component on a network policy.

static routing

An type of routing used by a network administrator to manually specify the mappings in the routing table.

ASP

Application Service Provider

ASIC

Application Specific Integrated Circuit

Upper Layers of the OSI Model

Application, Presentation, Session

Which layers takes user input and converts it into data?

Application, Presentation, Session

IPSec Protocol

Internet Protocol Security (IPsec) is a network protocol suite that authenticates and encrypts the packets of data sent over a network

WINS Server

Microsoft's Version of a NetBIOS name server. Utilizes primary and secondary WINS server for redundancy and has more features than an ordinary NetBIOS server

BNC (Bayonet Neill-Concelman) Connector

Miniature quick connect/disconnect radio frequency connector used for coaxial cable. Similar to tv cable.

NIC

Network Interface Card

NIPS

Network Intrusion Prevention System

Disadvantages of Ring Topology

Same weaknesses of Bus Topology, along with adding the difficulty of adding a node to a token ring network.

SSL

Secure Sockets Layer

backoff

The random amount of time a node in a CSMA/CD network waits after a collision has occurred; a typical backoff period is a few milliseconds long.

troubleshooting

The recognition, diagnosis, and resolution of problems on a network.

cryptography

The science of hiding information to protect sensitive information and communication from unauthorized access.

non-repudiation

The security goal of ensuring that data remains associated with the party that creates it or sends a transmission.

privilege bracketing

The security method of allowing privileges to a user only when needed and revoking them as soon as the task is complete.

IRP (Incident Response Policy)

The security policy that determines the actions that an organization will take following a confirmed or potential secmity breach.

least privilege

The security principle that establishes that users and software should only have the minimal level of access that is necessary for them to perform the duties required of them.

ohm

The value of electrical resistance through which one volt will maintain a current of one ampere.

hash

The value that results from hashing encryption. Also known as hash value or message digest.

NetBIOS Sessions

Uses TCP Port 139, Provides Error Detection and Recovery, Session Layer of OSI Model, utilized by many Microsoft services

peer-to-peer

a controller network that simply connects computers to each other or to a device such as a printer but but a server is not necessary

Spectators

largest group consumers who read what other consumers produce but do not create any content themselves

Class A netid/hostid order

netid . hostid . hostid . hostid

Class B netid/hostid order

netid . netid . hostid . hostid

GRE

Generic Routing Encapsulation

Range of octets

0 to 255 (256 numbers that range from 0 to 2^8-1)

Class A first octet range

1 - 126

inter-domain routing

Routing a packet among different autonomous systems.

intra-domain routing

Routing a packet within an autonomous system.

Examples of central NetBIOS name resolution services

-DNS -NetBIOS Name Server -WINS Server

AAAA

A DNS record that maps the host name to its IP address using a 128-bit IPv6 address.

SOA (Start of Authority)

A DNS record that specifies authoritative information about a DNS zone.

Netstat

Depending on parameters, gives varying degrees of info about TCP/IP connections and protocols.

Physical Topology

Depicts how the cabling physically connects network devices

SNAT (Secure Network Address Translation)

Extension of NAT, one-to-one translation.

EGP

Exterior Gateway Protocol

DCE (Data Communications Equipment)

Interface devices such as modems on a Frame Relay network.

IGP

Interior Gateway Protocol

IDF

Intermediate Distribution Frame

IS-IS

Intermediate System to Intermediate System

ICMP

Internet Control Message Protocol

IGMP

Internet Group Multicast Protocol

IMAP4

Internet Message Access Protocol version 4

Access control list (ACL)

Rules typically applied to router interfaces, which specify permitted and denied traffic.

DNS (Domain Name System)

The naming service used on the Internet and many TCP/IP-based networks.

UDP

User Datagram Protocol

WINS

Window Internet Name Service

WEP

Wired Equivalent Privacy. Form of wireless security considered weak by today's standards. Replaced by WPA.

WAP

Wireless Application Protocol/Wireless Access Point

WLAN

Wireless Local Area Network

wireless adapter

the device that v you must have on your computer in order to connect tp a wireless network

mother board

the main circuit board of the microcomputer

Routing

the process of moving a packet of data from source to destination.

daemon

A background process that performs a specific operation.

Unified threat management (UTM)

A firewall or gateway that attempts to bundle multiple security functions into a single physical or logical device.

PVC (Polyvinyl Chloride)

A flexible rubber-like plastic used to surround some twisted pair cabling.

RSA

A popular and widely deployed asymmetric encryption algorithm.

pharming

An attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website.

FX vs TX

FX such as 100BaseFX is the same thing as 100BaseTX but with fiber optic connections and an SC or ST connector.

FC

Fibre Channel

FTP

File Transfer Protocol

FTPS

File Transfer Protocol Security

FDM

Frequency Division Multiplexing

Protocols in the Data Link layer

-Ethernet for LANs -PPP (Point-to-Point) -HDLC (High-Level Data Link Control) -ADCCP (Advanced Data Communication Control Procedures) for point-to-point connections -PTPPD - Point-To-Point Portal Device

Protocols in the Transport Layer

-TCP -UDP

network baseline

A baseline that documents the network's current performance level and provides a quantitative basis for identifying abnormal or unacceptable performance.

Physical Layer

1. Communicates directly with the physical media. It is responsible for activating, deactivating, and maintaining the physical link. It handles raw bits of data steam and places it on a wire to be picked up by the receiving node

Private network (Class A) range

10.0.0.0 - 10.255.255.255

What range is reserved as a "Loopback"

127.0.0.0 - 127.255.255.255

Class B first octet range

128 - 191

Number of bits in IPv6 address

128 bits

NetBIOS Names

16 bytes, usually 15 characters.

Private network (Class B) range

172.16.0.0 - 172.31.255.255

Class C first octet range

192 - 223

Private Network (Class C) range

192.168.0.0-192.168.255.255

Data Link Layer

2. Provides transparent network services to the Network layer. It converts the bits into frames and makes sure they are in the correct order. Also does error checking by adding a CRC to the frame s flow control.

Class C addresses

A block of IP addresses from 192.0.0.0 to 223.255.255.255 that provides the largest number of networks (2,097,150) and the smallest number of nodes per network (254).

DDoS attack (Distributed Denial of Service attack)

A software attack in which an attacker hijacks or manipulates multiple computers (through the use of zombies or drones) on disparate networks to carry out a DoS attack.

network analyzer

A software or hardware tool that integrates diagnostic and reporting capabilities to provide a comprehensive view of an organization's network.

antivirus software

A software program that scans a computer or network for known viruses, Trojans, worms, and other malicious software.

GPG

GNU Privacy Guard

Bluetooth

A wireless technology that facilitates short-range wireless communication between devices such as personal computers, laptop, cellular phones, and gaming consoles, thus creating a WPAN.

Blogs

AKA weblogs; web-based journals in which writers editorialize and interact with other users

ADSL

Asymmetric Digital Subscriber Line

voice over data systems

Communications systems that replace traditional telephone links by transmitting analog voice communications over digital WAN networking technologies.

Link State Routing protocols

OSPF and ISIS, where routers construct a map of the connectivity

PTP

Point-to-Point

HTTPS (Secure HTTP)

Securely tranfer HTTP data through SSL. Port: TCP 443

ANSI (American National Standards Institute)

The national standards institute of the United States, which facilitates the formation of a variety of national standards, as well as promoting those standards internationally.

SA (Security Association)

The negotiated relationship between two computers using IPSec. SAs are the result of the two-stage negotiation process. These stages are known as Phase 1 and Phase 2.

frequency

The number of complete cycles per second in a wave. Also, called the period of the wave.

cost

The number of hops along a route between two networks.

packet loss

The number of packets that are lost or damaged during transmission.

route convergence

The period of time between a network change and the router updates to reach a steady state once again.

refraction

The phenomenon of light rays bending due to a change in speed when passing from one transparent medium to another.

Media

The physical connection used to transport electrical signals between the network devices

Full-duplex

This connection allows a device to simultaneously transmit and receive data.

threshold

When monitoring network performance, the value that signals that an object or component is functioning outside acceptable performance limits.

What is "packet sniffing"?

When other nodes receive network traffic that is not directed towards them.

Punch down tool

When terminating wires on a punch down block, you should use a punch down tool, which is designed to properly insert an insulated wire between two contact blades in a punch down block, without damaging the blades.

Wireless Fidelity (WiFi)

Wireless technology that utilizes low-frequency (2.4 and 5GHz) mid-powered radio waves. IEEE 802.11(letter)

VPN(Host to Site)

a technology that creates a safe and encrypted connection over a less secure network, such as the internet. VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications and other resources

VPN(Site to Site)

a type of VPN connection that is created between two separate locations. It provides the ability to connect geographically separate locations or networks, usually over the public Internet connection or a WAN connection.

Social network

a website where users can create a profile and interact with other users, post information, and engage in other forms of web-based communication

Connectivity

ability for consumers to be connected with marketers along with other consumers

Accessibility

ability for marketers to obtain digital info

Interactivity

ability of customers to express their needs and wants directly to the firm in response to its marketing communications

Addressability

ability of the marketer to identify customers before they make a purchase

Ring Topology

all devices are connected to one another in shape of a closed loop so that each devise is connected directly to two other devices one on either side of it

star topogy

all nodes are connected to a central computer

Media sharing sites

allow marketers to share photos, videos, and podcasts but are more limited in scope in how companies interact with consumers. Promotional oriented do not usually interact with consumers through personal messages or responses Potential to reach global audience

Border Gateway Protocol (BGR)

core routing protocol of the internet. maintains a table of IP networks and the data that designates where and how to reach each network through autonomous systems (AS). Bases routing decisions on path, network policies, and/or rule sets

Control

customer's ability to regulate the info they view as well as the rate and exposure to that info

CRC

cyclic redundancy check- technique used to detect errors in data. It t detects accidental changes to raw computer data.

Class A Subnets

default: 255.0.0.0 number of subnets: 126 hosts per subnet: 16,777,214

Class B Subnets

default: 255.255.0.0 number of subnets: 16,384 hosts per subnet: 65,534

VPN Concentrator

primarily adds the capabilities of a VPN router by adding advanced data and network security to the communications. It has the ability to create and manage a large quantity of VPN tunnels.

Enhanced Interior Gateway Routing Protocol (EIGRP)

proprietary hybrid protocol from cisco that is a distance vector routing protocol that functions like a link state routing protocol. Stores information in three tables- neighboring table, topology table, routing table.

RAS (Remote Access Service)

rarely used, unsecure, outdated. Provides dial-up access and once was the protocol of choice for connecting to the internet.

rom

read only memory refers to special memory used to store to store programs that boot the computers memory

Data Encryption

readable data is converted to an encoded version that can only be decoded by someone if they have access to a decryption key.

Fault-tolerance

refers to redundancy in cases of component failure; the ability of a system (a network, node, server, etc.) to remain available or operational even after a component of that system has failed.

Conversationalists

regularly update their social media sites

Plenum grade cabling

required if cabling will be run between the ceiling and the next floor. Resistant to fire and does not emit poisonous gasses when burned.

OSPF (Open shortest path first)

routes IP packets within a single routing domain and was designed to support variable length subnet masking (VLSM)and classess inter-domain routing addressing (CIDR).

Exterior Gateway Protocol (EGP)

routing protocol that is used across different autonomous domains. (BGP is an EGP)

Interior gateway protocol (IGP)

routing protocol that is used within an autonomous system which is sometimes referred to as an administrative domain.

How do you check the IP address information?

run ipconfig (or ifconfig for unix)

HIDS

security management for computers and networks. anti-threat applications programs are installed on every network computer that has access to the outside environment such as the Internet.

APIPA (Automatic private internet protocol addressing)

self-assigning IP addresses when DHCP server in unavailable.

10GBase-SR

shortwave laser over multi-mode fiber optics; LC or SC connector 300 meters 10 gbps

RARP (Reverse ARP)

translates MAC addresses into IP addresses

PAT (Port Address Translation)

translates communications between hosts on a private network and hosts on a public network.

PTPP (Point to Point tunneling protocol)

tunneling protocol that can encapsulate connection-oriented PPP packets into connection-less IP packets. Data remains within the IP capsule. Client-server system requires PTPP client, PTPP server, and special network access server to provide normal PPP service. Commonly used to set up VPNs.

1000Base-SX

twinax or short haul copper; 9 pin shielded d-subminiature connector 25 meters 1gbps

Wiki

type of software that creates an interface that enables users to add or edit the content of some types of websites

Punch Down Tool

used to affix an untwisted twisted-pair cable onto a fixed connector, such as a wall jack ,switchboard, etc. **connects cable to wall jack (female)

Ping

used to check if a route is available to a certain network node.

Network and Performance Monitoring Tools

used to establish a baseline/control group in identifying performance issues. Track traffic, use, utilization, etc.

RIPv1 (routing information protocol)

using hop count as a routing metric. Maximum number of hops allowed is 15.

WAN

wide area network largest type of network in terms of geographic area largest WAN is the internet.

wi-fi

wireless local area network that uses radio signals to transmit data

2.4GHz vs 5 GHz

2.4GHz tends to have a better range while 5GHz has a higher theoretical throughput.

NCP

Network Control Protocol

NFS

Network File Service

NIU

Network Interface Unit

NIDS

Network Intrusion Detection System

SMA (Sub Multi Assembly or Sub Miniature type A)

A connector with a threaded ferrule on the outside to itself where water or other environmental factors necessitate a waterproof connection.

CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance)

A contention-based media access method in which nodes can transmit whenever they have data to send.

CSMA/CD (Carrier Sense Multiple Access/Collision Detection)

A contention-based media access method in which nodes can transmit whenever they have data to send.

contention domain

A contention-based network on which a group of nodes compete with each other for access to the media.

Security Policy

A continually changing document that dictates a set of guidlines for network use. These guidelines complement organizational objectives by specifying rules for how a network is used.

multiplexing

A controlled media access method in which a central device called a multiplexer combines signals from multiple nodes and transmits the combined signal across a medium.

polling

A controlled media access method in which a central device contacts each node to check whether it has data to transmit.

HSM (Hardware Security Module)

A cryptographic module that can generate cryptographic keys.

domain

A grouping of computers on the Internet based on the nature of their operations.

white hat

A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.

black hat

A hacker who exposes vulnerabilities for financial gain or for some malicious purpose.

Half-duplex

A half duplex connection allows a device to either receive or transmit data at any one time. However, a half duplex device cannot simultaneously transmit and receive.

USB (Universal Serial Bus)

A hardware interface standard designed to provide connections for numerous peripherals.

environment monitor

A hardware tool that ensures that environmental conditions do not spike or plummet temperature above or below equipment specifications.

carrier signal

A high frequency signal that is superimposed on an analog signal to carry information.

intelligent hub

A hub that polls the state of each node and grants permission to transmit in tum.

passive hub

A hub that receives data transmitted from a device on one port and broadcasts it out to the devices connected on all other ports.

active hub

A hub that regenerates the signal similar to a repeater.

AUP

Acceptable Use Policy

AP

Access Point

APC

Angle Polished Connector

collision domain

Another name for a contention domain.

SDH (Synchronous Digital Hierarchy)

Another optical communications standard that is based upon SONET and implemented widely outside the U.S.

VER (Voltage Event Recorder)

Another tool to use in conjunction with or in addition to using a voltmeter to test and verify that the electrical signals transmitting through the network cables are within the required specifications.

software attack

Any attack that targets software resources including operating systems, applications, protocols, and files.

multi-factor authentication

Any authentication scheme that requires validation of at least two of the possible authentication factors.

vulnerability

Any condition that leaves a system open to attack.

node

Any device that can connect to the network and generate, process, or transfer data.

Gateway

Any device that serves to interfaces with other networks using dissimilar protocols. Example: it might interface between a home network and the internet, or or between a NetBIOS network and an IPX/SPX network.

wireless security

Any method of securing your WLAN network to prevent unauthorized network access and network data theft while ensuring that authorized users can connect to the network.

APIPA

Automatic Private Internet Protocol Addressing

AS

Autonomous System

CPU

Central Processing Unit

DCS

Distributed Computer System

DDoS

Distributed Denial of Service

DNS

Domain Name Service/Domain Name Server/Domain Name System

EAPOL (Extensible Authentication Protocol over LAN)

EAP over LAN as used in 802.1X implementations.

XDSL

Extended Digital Subscriber Line

SRV (Service Locator)

(Service Locator) A DNS record that specifies a generic service location record for newer protocols.

Downsides to wireless technology

-Cost (though it is coming down) -interfence from microwaves, cell phones, radios, etc. -Insecurity: ease of access, defaulted with no authentication.

Data Link Layer (Layer 2)

-Transfers data between adjacent nodes in a Wide Area Network (WAN) or between any given Local Area Networks (LANs). -Provides procedural means to transfer data between network entities and sometimes to detect and correct errors that have occurred within the Physical Layer. -Does not cross boundaries of local network segement but focus on local delivery, addressing, media arbitration. Examples: Switch

What address is reserved as a "Broadcast" address?

255.255.255.255

Maximum number of IP addresses in IPv4

256^4 = 4,294,967,296 maximum addresses, though some are reserved or unavailable.

Number of bits in IPv4 adress

32-bits

Transport Layer

4. Converts data received from the upper layers into segments and prepares them for transport. Responsible for end-to-end delivery of a message

Session Layer

5. Establishes, maintains, and terminates end-to-end sessions between 2 applications on 2 network nodes

Presentation Layer

6. Represents the data in a particular format to the application layer. Defines encryption, compression, and conversion functions

OSI Model: The Layers

7- Application 6- Presentation 5- Session 4- Transport 3- Network 2- Data Link 1- Physical

Application Layer

7. Provides network services directly to the user's application

Public key infrastructure (PKI)

A PKI system uses digital certificates and a certificate authority to allow secure communication across a public network.

traffic shaping

A QoS mechanism that introduces some amount of delay in traffic that exceeds an administratively defined rate.

pathping

A TCP / IP command that provides information about latency and packet loss on a network.

Terminal Access Controller Access Control System Plus (TACACS+)

A TCP based protocol used to communicate with a AAA server. Unlike RADIUS, TACACS+ encrypts an entire authentication packet rather than just the password. TACACS+ offers authentication features, but they are not as robust as the accounting features found in RADIUS. Also, unlike RADIUS, TACACS+ is a Cisco proprietary protocol.

ping

A TCP/IP command used to verify the network connectivity of a computer, and also to check if the target system is active.

NETSTAT

A TCP/IP utility that shows the status of each active connection.

Remote Authentication Dial In User Service (RADIUS)

A UDP based protocol used to communicate with a AAA server. Unlike TACACS+, RADIUS does not encrypt an entire authentication packet, but only the password. However, RADIUS offers more robust accounting features than TACACS+. Also, RADIUS is a standards based protocol, whereas TACACS+ is a Cisco proprietary protocol.

BOOTP (Bootstrap Protocol)

A UDP network protocol that helps diskless workstation computers get an IP address before loading an advanced operating system.

traceroute command

A UNIX command that displays every router hop along the path from a source host to a destination host on an IP network. Imformation about the router hop can include the IP address of the router hop and the round trip delay of that router hop.

VTP (VLAN Trunking Protocol)

A VLAN management protocol developed by Cisco.

SSL VPN (Secure Socket Layer VPN)

A VPN format that works with a web browser-installing a separate client is not necessary.

Layer 2 Forwarding (L2F)

A VPN protocol designed with the intent of providing a tunneling protocol for PPP. Like L2TP, L2F lacks native security features.

Layer 2 Tunneling Protocol (L2TP)

A VPN protocol that lacks security features, such as encryption. However, L2TP can still be used for a secure VPN connection if it is combined with another protocol that provides encryption.

ICS (Internet Connection Sharing)

A WAN connectivity method that connects multiple computers to the Internet by using a single Internet connection.

cable Internet access

A WAN connectivity technology that uses a cable television connection and a cable modem to provide high-speed Internet access to homes and small businesses.

Web services

A Web service is a software service used to communicate between two devices on a network

wireless tester

A Wi-Fi spectrum analyzer used to detect devices and points of interference, as well as analyze and troubleshoot network issues on a WLAN.

Microsoft Management Console (MMC)

A Windows tool that is used to manage IPSec policies on Windows systems.

IP Security Monitor

A Windows tool that provides a main mode and a quick mode to verify IPSec statistics.

NBTSTAT

A Windows utility that is used to view and manage NetBIOS name cache information.

signal bounce

A condition in which the signals endlessly move from one end of a cable to the other end.

VLAN switch

A configurable managed switch used on VLANs that creates a logical network structure, even when computers are on different physical segments.

ESS (Extended Service Set)

A configuration of multiple BSSs used to handle mobility on a wireless network.

Remote desktop

A connection mode that enables a user to access any network system from their workstation and perform tasks on the remote system.

TCP (Transmission Control Protocol)

A connection-oriented, guaranteed-delivery protocol used to send data packets between computers over a network like the Internet.

IP (Internet Protocol)

A connectionless Network-layer protocol that is responsible for sending data packets across a network.

SC (Subscriber Connector or Standard Connector)

A connector used in a duplex configuration where two fibers are terminated into two SC connectors that are molded together.

FC (Face Contact)

A connector used in industrial settings that has a heavy duty ferrule in the center for more mechanical stability than SMA or ST connectors.

ST (Straight Tip)

A connector used to connect multimode fiber.

transceiver

A device that has a transmitter and a receiver integrated into it to send and receive data.

modem

A device that modulates and demodulates data over an analog signal sent via a telephone line.

demultiplexer

A device that performs demultiplexing. Also called a demux.

multiplexer

A device that performs multiplexing. Also called a mux.

oscilloscope

A device that plots the amplitude of an analog signal as a function of time and displays analog signals as sine wave-shaped plots.

WAP (Wireless Access Point)

A device that provides a connection between wireless devices and can connect to wired networks.

UPS (uninterruptible power supply)

A device that provides backup power when the electrical power fails or drops to an unacceptable voltage level.

encryption devices

A device that provides encryption, decryption, and access control using an HSM.

repeater

A device that regenerates a signal to improve transmission distances.

NIC (Network Interface Card)

A device that serves as an interface between the computer and the network. Also called a network adapter or network card.

smart jack

A device that serves as the demarcation point between the end user's inside wiring and local access carriers' facilities.

modulator

A device that superimposes a high frequency carrier wave over an analog signal.

gateway

A device, software, or a system that converts data between incompatible systems.

Octet

A grouping of 8 bits. An IPv4 address consists of four octets

radio networking

A form of wireless communications in which signals are sent via RF waves. Also called RF networking.

infrared transmission

A form of wireless transmission over unbounded media in which signals are sent as pulses of infrared light.

security policy

A formalized statement that defines how security will be implemented within a particular organization.

network policy

A formalized statement that defines network functioning and establishes expectations for users, management, and IT personnel.

TCP/IP model

A four-layer data communication model developed by the United States Department of Defense. To some extent, it is similar to the OSI model.

GNU privacy guard (GPG)

A free variant of pretty good privacy (PGP), which is an asymmetric encryption algorithm.

RF (Radio Frequency)

A frequency in which network or other communications that take place using radio waves in the 10 KHz to 1 GHz range.

hot site

A fully configured alternate network that can be online quickly after a disaster.

hot spare

A fully configured and operational piece of backup equipment that can be swapped into a system with little to no interruption in functionality.

symmetric Digital Subscriber Line (ADSL)

A fully digital, dedicated connection to the telephone system that provides download speeds of up to 9 Mbps and upload speeds of up to 1 Mbps.

What OSI layer is a gateway?

A gateway operates in any of the OSI layers.

plenum cable

A grade of cable that does not give off noxious or poisonous gases when burned.

GIF (Graphics Interchange Format)

A graphic interchange format primarily used on the Internet.

Link local IP address

A link local IP address is a nonroutable IP address usable only on a local subnet.

OSPF (Open Shortest Path First)

A link-state routing protocol used on IP networks.

eavesdropping attack

A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as a sniffing attack.

sniffing attack

A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as an eavesdropping attack.

fiber optic cable

A network cable in which one or more glass or plastic strands, plus additional fiber strands or wraps, are surrounded by a protective outer jacket.

media access method

A network communications mechanism that determines whether or not a particular node can transmit data on a network at a given time.

terminator

A network component attached to the ends of a network cable that can impede or absorb signals so they cannot reflect onto the cable. Also... A resistor or other device added to the end of a cable to ensure that the end of the cable is not a source of signal reflections and noise.

server

A network computer that shares resources with and responds to requests from computers, devices, and other servers on the network.

Honey net

A network containing more than one honey pot.

network model

A network design specification for how the nodes on a network interact and communicate.

bridge

A network device that divides a logical bus network into subnets.

logical network diagram

A network diagram that documents the protocols and applications that control the flow of network traffic.

link redundancy

A network fault-tolerance method that provides alternative network connections that can function if a critical primary connection is interrupted.

centralized network

A network in which a central host computer controls all network communication and performs data processing and storage on behalf of clients.

packet switching network

A network in which data is broken up into separate packets and each packet is separately routed, without a dedicated connection between the endpoints.

network reconstruction plan

A network plan that provides the steps to reconstruct the network.

TCP/IP (Transmission Control Protocol/Internet Protocol)

A network protocol suite that is routable and allows computers to communicate across all types of networks.

HTTP (Hypertext Transfer Protocol)

A network protocol that works on the Application layer of the OSI and TCP /IP models and enables clients to connect to and retrieve web pages from a server to interact with websites.

routable protocol

A network protocol which provides separate network and node addresses to work with routers.

authentication

A network security measure in which a computer user or some other network component proves its identity in order to gain access to network resources.

topology

A network specification that determines the network's overall layout, signaling, and data-flow patterns.

MPLS (Multiprotocol Label Switching)

A network technology defined by a set of IETF specifications that enable Layer 3 devices, such as routers, to establish and manage network traffic.

WPAN (Wireless Personal Area Network)

A network that connects devices in very close proximity but not through a wireless access point.

PAN (Personal Area Network)

A network that connects two to three workstations with twisted pair cabling most often seen in small or home offices.

MAN (Metropolitan Area Network)

A network that covers an area equivalent to a city or other municipality.

CAN (Campus Area Network)

A network that covers an area equivalent to an academic campus or business park.

enterprise network

A network that includes elements of both local and wide area networks and is owned and operated by a single organization to interlink its computers and resources.

mixed mode network

A network that incorporates elements from more than one of the three standard network models.

ICANN (Internet Corporation for Assigned Names and Numbers)

A non-profit corporation that assigns unique identifications on the Internet, such as domain names, IP addresses, and extension names.

I SOC (Internet Society)

A non-profit organization that oversees standards and practices for the Internet.

simplex

A one-way mode of communication. Radio and television broadcasts ace simplex mode transmissions.

WiMAX (Worldwide Interoperability for Microwave Access)

A packet-based wireless technology that provides wireless broadband access over long distances.

strong password

A password that meets the complexity requirements that are set by a system administrator and documented in a password policy.

hotfix

A patch that is often issued on an emergency basis to address a specific security flaw.

USB connection

A personal computer connection that enables you to connect multiple peripherals to a single port with high performance and minimal device configuration.

physical tree topology

A physical network topology in which a central, or root, node is hierarchically connected to one or more nodes, which in turn are connected to other nodes lower in the hierarchy.

token

A physical or virtual object that stores authentication information.

segment

A physical subdivision of a network that links a number of devices, or serves as a connection between two specific nodes.

physical bus topology

A physical topology in which network nodes are arranged in a linear format.

physical network diagram

A pictorial representation of the location of all network devices and endpoints, it depicts their connections to one another.

logic bomb

A piece of code that sits dormant on a target computer until it is triggered by the occurrence of specific conditions, such as a specific date and time. Once the code is triggered, the logic bomb "detonates," performing whatever action it was programmed to do.

extranet

A private network that grants controlled access to users outside of the network.

worm

A piece of code that spreads from one computer to another on its own, not by attaching itself to another file.

Butt set

A piece of test equipment typically used by telephone technicians. The clips on a butt set can connect to the tip and ring wires on a punch down block connecting to a telephone. This allows the technician to check the line for a dial tone.

HOSTS file

A plaintext file configured on a client machine containing a list of IP addresses and their associated host names, which can be used for host name resolution as an alternative to DNS.

smart card

A plastic card containing an embedded computer chip that can store different types of electronic information.

VNC (Virtual Network Computing)

A platform-independent desktop sharing system.

PON (Passive Optical Network)

A point-to-multipoint optical network that is used for broadcast transmissions using optical systems.

disaster recovery plan

A policy and set of procedures that documents how people and resources will be protected in case of disaster, and how the organization will recover from the disaster and restore normal functioning.

demand priority

A polling technique in which nodes signal their state--either ready to transmit or idle--to an intelligent hub. The hub polls the state of each node and grants permission to transmit in turn.

host computer

A powerful, centralized computer system that performs data storage and processing tasks on behalf of clients and other network devices.

cold site

A predetermined alternate location where a network can be rebuilt after a disaster.

virtual PBX

A private communications service provider that provides a low-cost PBX service.

Trouble ticket

A problem report explaining the details of an issue being experienced in a network.

bluesnarfing

A process in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection.

intrusion detection

A process of monitoring the events occurring on a computer or a network, and analyzing them to detect possible incidents, which are violations or imminent threats of violation of computer security policies, and standard security practices.

digital signal modulation

A process of representing digital data with an analog signal so that digital data can be transmitted between different digital devices.

demultiplexing

A process that converts the multiplexed signals to independent signals.

parity check

A process used to detect errors in memory or data communication.

SSH (Secure Shell)

A program that enables a user or an application to log on to another computer over a network, run commands in a remote machine, and transfer files from one machine to the other.

Content Filter

A program to screen and restrict from access to Web pages or e-mail that is against the rules

IGMP (Internet Group Management Protocol)

A protocol in the TCP /IP suite that supports multicasting in a routed environment. used to add, delete, modify members of "multicast" groups.

AH protocol (Authentication Header protocol)

A protocol that IPSec uses to provide data integrity through the use of MDS and SHA. AH takes an IP packet and uses either MDS or AH to hash the IP header and the data payload, and then adds its own header to the packet.

ESP protocol (Encapsulating Security Payload protocol)

A protocol that IPSec uses to provide data integrity as well as data confidentiality (encryption) using one of the two encryption algorithms, DES or 3DES.

RADIUS (Remote Authentication Dial-In User Service)

A protocol that enables a server to provide standardized, centralized authentication for remote users.

EAP (Extensible Authentication Protocol)

A protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication.

WEP (Wired Equivalency Privacy)

A protocol that provides 64-bit, 128-bit, and 256-bit encryption using the Rivest Cipher 4 (RC4) algorithm for wireless communication that uses the 802.11 a and 802.11 b protocols.

SCP (Secure Copy Protocol)

A protocol that uses SSH to securely copy files between a local and a remote host, or between two remote hosts.

SMB (Server Message Block)

A protocol that works on the Application layer and is used to share files, serial ports, printers, and communications devices, including mail slots and named pipes, between computers.

PPP (Point-to-Point Protocol)

A protocol that works on the Data Link layer of the TCP/IP protocol suite, PPP is used to send IP datagrams over serial point-to-point links. PPP can be used in synchronous and asynchronous connections and can dynamically configure and test remote network connections.

IKE (Internet Key Exchange)

A protocol used by IPSec to create a master key, which in turn is used to generate bulk encryption keys for encrypting data.

IMAP4 (Internet Message Access Protocol)

A protocol used for retrieving email messages and folders from a mail server.

MME (Mesh Made Easy)

A protocol used for routing in wireless networks.

POP3 (Post Office Protocol version 3)

A protocol used from retrieving email from a mailbox on the mail server.

RFB (Remote Framebuffer)

A protocol used in VNC for remote access and graphical user interfaces (GUis).

Simple Network Management Protocol (SNMP)

A protocol used to monitor and manage network devices, such as routers, switches, and servers.

NNTP (Network News Transfer Protocol)

A protocol used to post and retrieve messages from newsgroups, usually from the worldwide bulletin board system called USENET.

Internet Key Exchange (IKE)

A protocol used to set up an IPsec session.

ICMP (Internet Control Message Protocol)

A protocol used with IP that attempts to report on the condition of a connection between two nodes.

network address

A protocol-specific identifier assigned to a node that maps to a MAC address.

iterative query

A query used by the DNS server for name resolution when a client requests only the information the server already has in its cache for a particular domain name.

recursive query

A query used by the DNS server for name resolution when a client requests that its preferred DNS server find data on other DNS servers.

LTE (Long Term Evolution)

A radio technology for wireless broadband access.

high availability

A rating that expresses how closely systems approach the goal of providing data availability 100 percent of the time.

baseline

A record of a system's performance statistics under normal operating conditions.

log file

A record of actions and events performed on an operating system.

interior router

A router arranged inside an AS and completely controlled by the AS administrator.

border router

A router situated on the edge of an AS that connects the AS to one or more remote networks.

Black hole router

A router that drops packets that cannot be fragmented and are exceeding the MTU size of an interface without notifying the sender.

path-vector routing

A routing method in which the router keeps track of the route from itself to the destination; however, rather than recording every individual node, path-vector routing can treat entire autonomous systems as nodes.

link state routing

A routing method that floods routing information to all routers within a network to build and maintain a more complex network route database.

routing loop

A routing process in which two routers discover different routes to the same location that include each other but never reach the endpoint.

virus

A sample of code that spreads from one computer to another by attaching itself to other files.

mutual authentication

A security mechanism that requires that each party in a communication verify its identity.

TKIP (Temporal Key Integrity Protocol)

A security protocol created by the IEEE 802.11i task group to replace WEP.

WPA (Wi-Fi Protected Access)

A security protocol introduced to address some of the shortcomings in WEP, WEP, WPA2, and WiFi.

TLS (Transport Layer Security)

A security protocol that uses certificates and public key cryptography for mutual authentication and data encryption over a TCP/IP connection.

SSL (Secure Sockets Layer)

A security protocol that uses certificates for authentication and encryption to protect web communication.

permission

A security setting that determines the level of access a user or group account has to a particular resource.

encryption

A security technique that converts data from plain, or cleartext form, into coded, or ciphertext form so that only authorized parties with the necessary decryption information can decode and read the data.

honeypot

A security tool used to lure attackers away from the actual network components. Also called a decoy or sacrificial lamb.

WLAN (Wireless Local Area Network)

A self-contained network of two or more computers connected using a wireless connection.

AS (Autonomous System)

A self-contained network on the Internet that deploys a single protocol and has a single administration.

LAN (Local Area Network)

A self-contained network that spans a small area, such as a single building, floor, or room.

peer

A self-sufficient computer that acts as both a server and a client.

BSS (Basic Service Set)

A service set that defines the way a WLAN is configured.

DHCP relay agent

A service that captures a BOOTP broadcast and forwards it through the router as a unicast transmission to a DHCP server on a remote subnet.

APIPA (Automatic Private IP Addressing)

A service that enables a DHCP client computer to configure itself automatically with an IP address on the 169.254.0.0 network in case no DHCP servers respond to the client's DHCP discover broadcast.

IPSec Policy Agent

A service that runs on each Windows computer that is used to transfer an IPSec policy agent from Active Directory or the local Registry to the IPSec driver.

SSO (Single Sign-On)

A session/user authentication process that permits a user to enter one name and password in order to access multiple applications.

ACL (Access Control List)

A set of data (user names, passwords, time and date, IP address, MAC address, etc.) that is used to control access to a resource such as a computer, file, or network.

Ethernet

A set of networking technologies and media access methods specified for LANs.

IPSec (Internet Protocol Security)

A set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet through data authentication and encryption.

QoS (Quality of Service)

A set of parameters that controls the level of quality provided to different types of network traffic.

IPSec policy

A set of security configuration settings that define how an IPSec-enabled system will respond to IP network traffic.

networking standard

A set of specifications, guidelines, or characteristics applied to network components to ensure interoperability and consistency between them.

DES (Data Encryption Standard)

A shared-key encryption algorithm that uses a 56-bit encryption key to encode data in 64-bit blocks.

Short

A short occurs when two copper connectors touch each other, resulting in current flowing through that short rather than the attached electrical circuit, because the short has lower resistance.

analog signal

A signal that oscillates over time between minimum and maximum values and can take on any value between those limits.

performance monitor

A software tool that monitors the state of services, processes, and resources on a system.

DFS (Distributed File System)

A software-based distributed hierarchical storage implementation that is built into Windows Server 2003, Windows Server 2008 R2, and other Windows server software.

virtual switch

A software-based switch that provides functionality similar to physical switches, and is used for connecting virtual systems to form a network.

hardware loopback plug

A special connector used for diagnosing transmission problems that redirects electrical signals back to the transmitting system.

crossover cable

A special network cable used in Ethernet UTP installations, in which the transmit and receive lines are crossed in a way that enables you to connect two hubs or two stations without using a switch.

SONET (Synchronous Optical Network)

A standard for synchronous data transmission on optical media.

PoE (Power over Ethernet)

A standard that specifies a method for supplying electrical power over Ethernet connections.

OCx (Optical Carrier x)

A standard that specifies the bandwidth for fiber optic transmissions.

troubleshooting model

A standardized step-by-step approach to the troubleshooting process.

Static IP addressing

A static IP address is an IP address that was manually configured for a device, versus one that was assigned via a DHCP server. It's called static because it doesn't change.

Access Point (Wired or Wireless)

A station that transmits and receives data. An access point connects users to other users within the network and also can serve as the point of interconnection between the WLAN and a fixed wire network.

MCC (Main cross-connect)

A structured cabling connection point that connects equipment cables, backbone cables, and entrance cables.

LLC (Logical Link Control)

A sub-layer of the Data Link layer of the OSI model that controls how data packets are placed on a media by controlling the Physical layer device.

MAC (Media Access Control)

A sub-layer of the Data Link layer of the OSI model that is responsible for sensing the presence of data frames on a medium and allowing the nodes to access the medium.

CIDR (Classless Inter Domain Routing)

A subnetting method that selects a subnet mask that meets an individual network's networking and node requirements and then treats the mask like a 32-bit binary word.

guideline

A suggestion for meeting the policy standard or best practices on a network policy.

NNI (Network-to-Network Interface)

A switch that is inside an ATM network.

circuit switching

A switching technique in which one endpoint creates a single path connection to another, depending on the requirement.

virtual circuit switching

A switching technique that connects endpoints logically through a provider's network.

label switching

A switching technology that saves up on processing time of packets by routers by adding a label to each incoming data packet.

Syslog

A syslog logging solution consists of two primary components: syslog servers, which receive and sote log messages sent form syslog clients; and syslog clients, which can be a variety of network devices that send logging information to a syslog server.

port filtering

A technique of selectively enabling or disabling TCP and UDP ports on computers or network devices.

IP filtering

A technique that determines the packets which will be allowed to pass and those which will be dropped by screening the packet based on certain criteria.

IV (Initialization Vector)

A technique used in cryptography to generate random numbers to be used along with a secret key to provide data encryption.

switching

A technique used to transmit information over a network to the destination network device.

GBIC (Gigabit Interface Converter)

A transceiver used to convert electrical signals into optical signals and vice versa.

SFP (Small Form Factor Pluggable)

A transceiver used to interconvert electrical signals to optical signals.

broadcast transmission

A transmission method in which data goes from a source node to all other nodes on a network.

multicast transmission

A transmission method in which data is sent from a server to specific nodes that are predefined as members of a multicast group.

broadband transmission

A transmission technique in which analog signaling is used to send data over a transmission medium using a portion of the medium's bandwidth.

baseband transmission

A transmission technique in which digital signaling is used to send data over a single transmission medium using the entire bandwidth of that medium.

parallel data transmission

A transmission technique in which multiple bits are transmitted across multiple transmission lines.

serial data transmission

A transmission technique in which the transmission of bits occurs as one per clock cycle, across a single transmission medium.

GRE Protocol

A tunneling tool meant to carry any OSI Layer 3 protocol over an IP network. GRE creates a private point-to-point connection like that of a virtual private network (VPN).

directional antenna

A type of antenna that concentrates the signal beam in a single direction.

omni-directional antenna

A type of antenna that radiates the signal beam out in all directions and has lower gain but a wider coverage area.

data theft

A type of attack in which unauthorized access is used to obtain protected network information.

social engineering attack

A type of attack where the goal is to obtain sensitive data, including user names and passwords, from network users through deception and trickery.

copper media

A type of bounded media that uses one or more copper conductors surrounded by a non-conductive insulated coating.

twisted pair

A type of cable in which two conductors or pairs of copper wires are twisted around each other and clad in a color-coded, protective insulating plastic sheath or jacket to form a pair.

cable certifiers

A type of certifier that can perform tests, such as cable testing and validity testing.

HVAC (Heating, Ventilating, and Air Conditioning)

A type of climate control system often found in large commercial or industrial buildings.

guessing attack

A type of password attack that involves and individual making repeated attempts to guess a password by entering different common password values, such as the user's name, a spouse's name, or a significant date.

brute force attack

A type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to try to crack encrypted passwords.

remote access protocol

A type of protocol that enables users to log on to a computer or network within an organization from an external location.

FHSS (Frequency Hopping Spread Spectrum)

A type of radio transmission in which a signal is sent on one channel at a time, and at predetermined fiXed intervals, the channel changes.

DSSS (Direct Sequence Spread Spectrum)

A type of radio transmission in which a single data signal is converted into multiple digital data signals called chips.

Unicast

A unicast communication flow is a one to one flow

domain name

A unique name that identifies a website on the Internet A period is used to separate the labels of domain names.

MAC address

A unique, hardware level address assigned to every networking device by its manufacturer. MAC addresses are six bytes long. Also known as a physical address.

data packet

A unit of data transfer between computers that communicate on a network.

packet

A unit of data transmitted on a network.

UNI (User-to-Network Interface)

A user device, it is an ATM border device that connects one ATM network to another or a LAN.

cracker

A user who breaks encryption codes, defeats software copy protections, or specializes in breaking into systems.

hacker

A user who excels at programming or managing and configuring computer systems, and has the skills to gain access to computer systems through unauthorized or unapproved means.

MTR (My traceroute)

A utility that is a combination of ping and traceroute used in a UNIX-based system.

nslookup

A utility that is used to test and troubleshoot domain name servers.

TTL (Time To Live)

A value for the ping command that determines how many hops an IP packet can travel before being discarded.

Checksum

A value to let the receiver test the integrity of received data.

OTDR (Optical Time-Domain Reflectometer)

A variation of TDR that transmits light-based signals of different wavelengths over fiber optic cabling to determine cabling issues.

partial mesh

A variation of mesh topology in which only a few nodes have direct links with all other nodes.

NRZ (Non-Return to Zero)

A variation of the on-off keying digital transmission encoding scheme.

connection

A virtual link between two nodes established for the duration of a communication session.

Connection Oriented

A virtual link must be established before any actual data canoe exchanged. Guarantees data will arrive in the order it was sent

VoIP (Voice over IP)

A voice over data implementation in which voice signals are transmitted over IP networks.

EAP-TLS (EAP-Transport Layer Security)

A widely supported feature in wireless routers and cards that provides robust security.

DS (Distribution System)

A wired connection between a BSS and a premise-wide network that enables mobility on devices.

infrastructure mode

A wireless configuration that uses one or more WAPs to connect wireless workstations to the cable backbone.

radiated connection

A wireless point-to-point or multipoint connection between devices.

HCC (Horizontal cross-connect)

A wiring closet where the horizontal cabling connects to a patch panel that is attached to the main facility by a backbone cable.

Applications

AKA Apps; software program the runs on mobile devices and gives users access to certain content most important feature: convenience and cost saving they offer consumer Mobile technology helps companies to be competitive and is also making inroads in transforming the shopping experience

Network Controllers

AKA a network card or network adapter. These cards have their own processors to handle the network interface rather than relying on the motherboard chipset or CPU to do it.

Electronic marketing

AKA e-marketing; strategic process of pricing distributing and promoting products and discovering the desires of customers using Digital media and Digital marketing

TIA (Telecommunications Industry Association)

Along with EIA, developed the 568 Commercial Building Telecommunication Cabling standard.

IEEE 1394

Also known as FireWire, used to connect up to 63 devices to form a small local network.

termination

Adding a resistor to the ends of a coax network segment to prevent reflections that would interfere with the proper reception of signals.

A

Address

ARP

Address Resolution Protocol

Area ID

Address assigned to routers in an OSPF network to prevent flooding beyond the routers in that particular network.

Characteristics of online media

Addressability Interactivity Accessibility Connectivity control

private IP address

Addresses used by organizations for nodes that need IP connectivity only within their enterprise network, but not external connections to the Internet.

AES

Advanced Encryption Standard. Today's preferred method of encryption for wireless networking (WPA2).

APT

Advanced Persistent Protocol

Client to site VPN

Also known as a remote access VPN, a client to site VPN interconnects a remote user with a site, as an alternative to dial up or ISDN connectivity, at a reduced cost.

Remote access VPN

Also known as a remote access VPN, a client to site VPN interconnects a remote user with a site, as an alternative to dial up or ISDN connectivity, at a reduced cost.

managed hub

Also known as an intelligent hub, this is a hub that enable you to monitor and configure its operations.

RSS feeds

Allow users to subscribe and receive updates made to a web page.

Single sign on (SSO)

Allows a user to authenticate once to gain access to multiple systems, without requiring the user to independently authenticate with each system.

NetBIOS (Network Basic Input/Output System)

Allows for session-layer communication on the OSI model. Primarily concerned with naming and starting/stopping NetBIOS sessions. Not routable, nodes only visible to nodes on same subnet.

DHCP (Dynamic Host Configuration Protocol)

Allows for the dynamic IP configuration of client nodes. Client requests IP address from server, server assigns the IP address, subnet mask, and default gateway.

POP3 (Post Office Protocol)

Allows users to download mail from server. Server holds onto mail until you access it. Once accesses, client will download all incoming mail and it will be wiped from the server. Port: TCP 110

Wireless Access Point (WAP)

Allows wireless devices to access and to communicate with the network Serves as a bridge between wired and wireless, but also can serve to connect wireless devices to another WAP. Most WAP devices direct traffic by MAC addresses.

ISDN (Integrated Service Data Network)

Almost-obsolete, allows for internet connection on reserved line set up by phone company. Consists of two 64 Kbps "B" channels for max transfer rate of 127 Kbps or 16 KB/S. Replaced by broadband.

host-based IDS

An IDS system that primarily uses software installed on a specific host such as a web server.

encoding

Also known as digital signal modulation.

ARIN

American Registry for Internet Numbers

CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

An AES cipher-based encryption protocol used in WPA2.

SNMP (Simple Network Management Protocol)

An Application-layer protocol used to exchange information between network devices.

Fast Ethernet

An Ethernet technology that can transmit data at speeds of 100 Mbps.

Gigabit Ethernet

An Ethernet technology that can transmit data at speeds of 1000 Mbps and primarily uses optical fibers for transmission.

FTP bounce

An FTP bounce attack uses the FTP PORT command to covertly open a connection with a remote system. Specifically, an attacker connects to an FTP server and uses the PORT command to cause the FTP server to open a communications channel with the intended victim, which might allow a connection from the FTP server, while a connection directly from the attacker might be denied.

application-based IDS

An IDS software component that monitors a specific application on a host.

network-based IDS

An IDS system that primarily uses passive hardware sensors to monitor traffic on a specific segment of the network.

IPS (Intrusion Prevention System)

An active, inline security device that monitors suspicious network and/ or system traffic and reacts in real time to block it Also called a Network Intrusion Prevention System (NIPS).

Security association (SA)

An agreement between the two IPsec peers about the cryptographic parameters to be used in an ISAKMP session.

SLA (Service Level Agreement)

An agreement entered into by the transmitter, ISP and the receiver, subscriber.

split horizon

An algorithm that prevents count-to-infinity loops by configuring a router from broadcasting internal network information.

poison reverse

An algorithm that prevents count-to-infmity loops by ensuring that a router broadcasts a route cost of 16 for all transmissions on its network.

fall-back plan

An alternate network reconstruction design that can be implemented temporarily to enable critical network elements to function.

caching engine

An application or service that stores requested data in order to provide faster responses to future requests for the data.

packet sniffing

An attack on wireless networks where an attacker captures data and registers data flows in order to analyze what data is contained in a packet.

buffer overflow

An attack that targets system vulnerability to cause the device operating system to crash or reboot and may result in loss of data or execute rogue code on devices.

FTP bounce attack

An attack that targets the FTP vulnerability to permit connected clients to open other connections on any port on the FTP server.

hybrid password attack

An attack that utilizes multiple attack vectors including dictionary, rainbow table, and brute force attack methodologies when trying to crack a password.

port scanning attack

An attack where an attacker scans your systems to see which ports are listening in an attempt to find a way to gain unauthorized access.

digital signature

An encrypted hash value that is appended to a message to identify the sender and the message.

CHAP (Challenge Handshake Authentication Protocol)

An encrypted remote-access authentication method that enables connections from any authentication method requested by the server, except for PAP and SPAP unencrypted authentication.

Asymmetric-Key Algorithm

An encryption method in which the key used to encrypt a message and the key used to decrypt it are different, or asymmetrical.

shared-key encryption

An encryption system in which a single key is shared between parties in a communication and used to both encode and decode the message.

key-pair encryption

An encryption system in which an individual has two encryption keys: the public key that anyone can use to encode the message, and the user's private key, which is used to decode messages.

PKI (Public Key Infrastructure)

An encryption system that is composed of a CA, certificates, software, services, and other cryptographic components, for the purpose of verifying authenticity and enabling validation of data and entities.

terminal

An end user's device on a host-based network, dedicated to transmitting data to a host for processing and displaying the result to the user.

CRC (Cyclic Redundancy Check)

An error detection method that can be applied to blocks of data, rather than individual words. Both the sender and receiver calculate EDC; if they match, the data is assumed to be valid.

EIGRP (Enhanced Interior Gateway Routing Protocol)

An improvement over IGRP that includes features that support VLSM and classful and classless subnet masks.

gain

An increase in the amplitude of a radio wave.

counter

An individual statistic about the operation of system objects such as software processes or hardware components, monitored by a performance monitor.

risk

An information security concept that indicates exposure to the chance of damage or loss, and signifies the likelihood of a hazard or threat

Trojan horse

An insidious type of malware that is itself a software attack and can pave the way for a number of other types of attacks.

dialectric

An insulator-a material that does not conduct electricity by separating the conductor and shield. The entire package is wrapped in an insulating layer called a sheath or jacket.

IETF (Internet Engineering Task Force)

An international open committee that works to develop and maintain Internet standards and contribute to the evolution and smooth operation of the Internet

lANA (Internet Assigned Number Authority)

An international organization established in 1993 to govern the use of Internet IP addresses. ICANN is now responsible for leasing IP addresses worldwide.

ITU (International Telecommunication Union)

An international organization within the United Nations that defines global technical standards for telecommunications.

PSTN (Public Switched Telephone Network)

An international telephone system that carries analog voice data.

IDS

An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations

Point to Point Tunneling Protocol (PPTP)

An older VPN protocol. Like L2TP and L2F, PPTP lacks native security features. However, Microsoft's versions of PPTP bundled with various versions of Microsoft Windows were enhanced to offer security features.

SCSI (Small Computer System Interface)

An older personal computer connection standard that provides high-performance data transfer between the SCSI device and the other components of the computer. SCSI is pronounced "scuzzy."

WINS (Windows Internet Naming Service)

An older type of naming service used on Windows-based networks.

Port

An opening into a node in which data is sent/received.

ICC (intermediate cross-connect)

An optional connection between the main cross-connect and the horizontal cross-connect.

rogue access point

An unauthorized wireless access point on a corporate or private network, which allows unauthorized individuals to connect to the network.

Asset Management

As related to networks, this is a formalized system of tracking network components and managing the lifecycle of those components.

ATM

Asynchronous Transfer Mode

Social engineering

Attackers sometimes use social techniques to obtain confidential information. For example, an attacker might pose as a member of an IT deparment and ask a company employ for her login credentials in order for the "IT staff to test the connection." This type of attack is called social engineering.

AAA

Authentication Authorization and Accounting

AH

Authentication Header

authentication by assertion

Authentication based entirely on a user name/password combination.

biometrics

Authentication schemes based on an individual's physical characteristics.

BERT

Bit-Error Rate Test

BRI

Basic Rate Interface

BSSID

Basic Service Set Identifier

BLE

Bluetooth Low Energy

BootP

Boot Protocol/Bootstrap Protocol

BGP

Border Gateway Protocol

BPDU

Bridge Protocol Data Unit

BNC

British Naval Connector/Bayonet Niell-Concelman

CAN

Campus Area Network

route command

Can add, modify, or delete routes in the IP routing table of Microsoft Windows and UNIX hosts. In addition, the route command can be used to view the IP routing table of Microsoft Windows hosts.

Public Networks

Can be accesses by many people and corporations.

arp command

Can beused in either the Microsoft Windows or the UNIX environment to see what a Layer 2 MAC address corresponds to in a Layer 3 IP address.

netstat command

Can display a variety of information about IP based connections on a Windows or UNIX host.

nslookup command

Can resolve a FQDN to an IP address on Microsoft Windows and Unix hosts.

dig command

Can resolve a FQDN to an IP address on UNIX hosts.

host command

Can resolve a FQDN to an ip address on hosts.

CNAME

Canonical Name

CSMA/CA

Carrier Sense Multiple Access/Collision Avoidance

CDMA/CD

Carrier Sense Multiple Access/Collision Detection

CHAP

Challenge Handshake Authentication Protocol

CAM

Channel Access Method

CSU

Channel Service Unit

Windows security policies

Configuration settings within Windows operating systems that control the overall security behavior of the system.

Transport Layer Protocols are ether__________ OR _____________

Connectionless OR Connection Oriented

What class is 17.14.22.211

Class A

What class is 173.144.1.1?

Class B

What class is 204.213.288.222

Class C

COS

Class of Service

CIDR

Classless Inter Domain Routing

CCTV

Closed Circuit TV

CDMA

Code Division Multiple Access

trunking

Combining multiple network connections to increase bandwidth and reliability.

CARP

Common Address Redundancy Protocol

IrDA (Infrared Data)

Communication through infrared beams. Does not pass through solid objects, so a direct and clear path is essential. Operates around 16-25 Mbps but can be faster. Uncommon for wireless transmissions due to objects blocking beam. (TV Remote).

CAT

Computer and Telephone

Examples of networking Devices

Computers, Printer, Routers, Hubs, and Modems

multipoint connections

Connections between many nodes.

Network Addressing

Configured in software by a network admin, Uses protocols to define the addressing scheme and format.

Result of sharing an IP address

Conflicts because an IP address reflects a "one-on-one" relationship between hardware and logical address. Neither one will receive full communications.

Networking

Connecting 2 or more devices so they can communicate and share information and resources

Internetworking

Connecting multiple networks with the purpose fo creating one large network

Grounding

Connection of a shield or conductor to an electrical ground point, such as a pipe or wire that is in contact with the ground.

UDP (User Datagram Protocol)

Connection-less equivalent of TCP. Session is not created and no guarantee of delivery. Unreliable, but does facilitate some high-level protocols. Ports are always between 1 and 65536.

network administration

Covers the support functions that are required to manage the network. It comprises functions that do not involve performing changes such as configuring and tuning or the running of the actual network.

Social Telegraphics

Creators conversationalists critics collectors joiners spectators inactives

DLP

Data Leak Prevention

What OSI layer is Ethernet in?

Data Link (layer 2). Remember: it is not a protocol.

DLC

Data Link Control

Which layer adds a frame header when converting the packets the packets into frames?

Data Link Layer

DSU

Data Service Unit

ciphertext

Data that has been encoded with a cipher and is unreadable.

DNS Records

Data that is looked up by the name servers to return information to requesting DNS clients

DOCSIS

Data-Over-Cable Service Interface Specification

dB

Decibels

T1/T2/T3 T(X) Lines

Dedicated lines between remote site to network backbone. Used in larger businesses and more expensive. T1- operates at 1.544 Mbps T2 - operates at 6.312 Mbps T3 - operates at 44.376Mbps **used by larger businesses

IEEE 802 Standard

Define the physical components such as cabling and network interfaces. It corresponds to the DataLink or Physical Layer

DMZ

Demilitarized Zone

DoS

Denial of Service

DWDM

Dense Wavelength Division Multiplexing is an optical multiplexing technology used to increase bandwidth over existing fiber networks. DWDM works by combining and transmitting multiple signals simultaneously at different wavelengths on the same fiber.

DNAT

Destination Network Address Translation

DSAP

Destination Service Access Point- the boundary between the Data Link Layer and the Network Layer

Time domain reflectometer (TDR)

Detects the location of a fault in a copper cable by sending an electric signal down the copper cable and measuring the time required for the signal to bounce back from the cable fault. A TDM can tehn mathematically calculate the location of the fault.

Optical time domain reflectometer (OTDR)

Detects the location of a fault in a fiber cable by sending light down the fiber optic cable and measuring the time required for the light to bounce back from the cable fault. The OTDM can then mathematically calculate the location of the fault.

Frame synchronization

Determines where one frame ends and the next begins.

Router

Device used to forward packets across network segments to reach a certain destination address. A router can determine where a packet should be sent to given its final destination IP address. Usually forwards packets to other routers, but sometimes also forward to other pieces of equipment.

Star Network

Devices are connected through a central hub. New nodes can be easily added so they are easy to expand.

Bus

Devices are connected to a central cable. A defective cable segment and any changes can affect this whole entire network

Ethernet Auto-negotiation

Devices determine which mode to use

DSCP

Differentiated Services Code Point

DSL

Digital Subscriber Line

DSSS

Direct Sequence Spread Spectrum

Ipconfig

Displays IP configuration information. Also can be used to force a DHCP release or renew operation. /all displays all information... /release releases DHCP lease... /renew renews DHCP lease...

nbtstat command

Displays NetBIOS information for IP based networks. The nbt prefix of the nbtstat command refers to NetBIOS over TCP/IP, which is called NBT. This command can, for example, display a listing of NetBIOS device names learned by a Microsoft Windows based PC.

Ifconfig

Displays IP configuration information in a UNIX enviroment.

DHCP

Dynamic Host Configuration Protocol is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers configured for a given network.

Dynamic Host Configuration Protocol (DHCP)

Dynamically assigns IP address information to network devices.

E1

E-Carrier Level 1

Star Topology

Each node maintains an individual connection to a switch, where all other nodes are connected. Traffic between two known nodes only goes through the switch and not through other nodes.

distance-vector routing

Each router passes a copy of its routing table to its adjacent neighbors. The neighbor adds the route to its own table, incrementing the metric to reflect the extra distance to the end network. The distance is given as a hop count; the vector component specifies the address of the next hop.

EIA/TIA

Electronic Industries Alliance/Telecommunication Industries Association

ESD

Electrostatic Discharge

EMI

Electromagnetic Interference

noise

Electromagnetic interference that disrupts the signal.

IPX/SPX (internet pack exchange/sequenced packed exchange)

Employed on Novell (NetWare) networks IPX: Novell equivalent of IP protocol in TCP/IP suite- connectionless. Fastest routable protocolbut hardly available not widely accepted due to lack of developer consensus and limited hardware. SPX: is equivalent to TCP- connection oriented.

media converter

Enables networks running on different media to interconnect and exchange signals.

RIng

Every node is locally connected to two other nodes forming a ring. Traffic flows through the ring until it gets to its destination

ESP

Encapsulated Security Packets

Physical Layer (Layer 1)

Encompasses most of the physical aspects of the network. Layer of low-level networking equipment. It is never concerned with protocols or other such higher-layer items.

Secure Connections

Encrypted, sometimes tunneled, difficult to intercept connections. Typically employed in VPN applications and corporate remote networks.

Examples of Physical Layer:

Examples are: -Network adapter -Repeater -Some low-level network hubs -Modem -Fiber Media Converter

What is the frame technology standard that drives most networks today?

Ethernet (802.3)

Peer- to Peer Model

Every computer can as both client and server at the same time.

Full mesh

Every device in a network is connected to every other device.

ESSID

Extended Service Set Identifier

EUI

Extended Unique Identifier

EAP

Extensible Authentication Protocol

EDNS

Extension Mechanisms for DNS

SFTP (Secure FTP)

FTP that uses SSH for security. Uses the port that SSH uses (default TCP 22).

FHSS

Frequency Hopping Spread Spectrum

FM

Frequency Modulation

FQDN

Fully Qualified Domain Name

Winipcfg

GUI-based windows 9x-era ipconfig tool

GBIC

Gigabit Interface Converter

Gbps

Gigabits per second

GSM

Global System for Mobile Communications

Areas

Groups of logically associated OSPF routers designed to maximize routing efficiency while keeping the amount of broadcast traffic well managed. Areas are assigned a 32-bit value that manifests as an integer between 0 and 4294967295 or can take a form similar to an IP address

cable modem

Hardware that connects subscribers to a service provider's cable systems.

HVAC

Heating, Ventilation and Air Conditioning

Hz

Hertz

HDMI

High Definition Multimedia Interface

HT

High Throughput

HDLC

High-Level Data Link Control

HSPA

High-Speed Packet Access

HSRP

Hot Standby Router Protocol

TCP/IP Stack

Home to the most pervasive and prevalent protocols that cover many layers of the OSI model. Key aspects include: ip addressing, protocols at the network transport session and application layers, TCP ports, ARP protocol, DHCP.

HIPS

Host Intrusion Prevention System

Intrusion detection system (IDS)

IDS devices can recognize the signature of a well known attack and respond to stop the attack. However, an IDS sensor does not reside in line with the traffic flow. Therefore, ine or more malicious packets might reach an intended victim before the traffic flow is stopped by an IDS sensor.

TE (Terminal Equipment)

ISDN communications equipment that stations use to accomplish tasks at both ends of a communications link.

Intrusion prevention system (IPS)

IPS devices can recognize the signature of a well known attack and respond to stop the attack. An IPS device resides in line with the traffic flow, unlike an IDS sensor.

Which IP version uses hexidecimal (base 16) and which one uses octal (base 8).

IPv6 uses hexidecimal, and IPv4 uses octal.

Name Server (NS) Record

Identifies the DNS server that has authority over a particular domain

Mail Exchange (MX) Server

Identifies the mail server that has authority for a particular domain

Acceptable use policy (AUP)

Identifies what users of a network are and are not allowed to do on that network. For example, retrieving sports scores during working hours via an organization's Internet connection might be deemed inappropriate by an AUP.

Disadvantages of Bus Topology

If one node goes down, then network as a whole can fail. The need for terminators. The amount of traffic created (every node between A and B must receive the packet that A sends). Hard to trouble shoot (which one is down?).

Cable certifier

If you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range of the cable, you can use a cable certifier.

Microsoft Active Directory

Implementation of LDAP created by MS for easier administration. Linux and *Nix users can connect to AD server via SAMBA (open source *Nix client). An AD Domain server can be used to centrally manage the Windows network especially: -security -access control -Windows features like group policy

scope

In DHCP, the IP addresses that a DHCP server is configured with and can assign to clients.

NTU (Network Termination Unit)

In ISDN, a device that can directly connect to ISDNaware equipment, such as phones or ISDN NICs in computers.

NT (Network Termination)

In ISDN, a device that connects the local telephone exchange lines to the customer's telephone or data equipment

TA (Terminal Adapters)

In ISDN, the hardware interface between a computer and an ISDN line.

branching factor

In a physical tree topology, the number of point-to-point connections that are consistently found between a node and the nodes beneath it in the tree structure.

algorithm

In encryption, the rule, system, or mechanism used to encrypt data.

public key

In key-pair encryption, the key that is available to all and is used to encode data.

private key

In key-pair encryption, the key that is known only to an individual and is used to decode data.

Bus topology

In the bus topology computers are arranged in the linear format. All devices are connected to a central cable called the bus or bakbone

Top Level Domain (TLD)

Include .com .us .info Final suffix of any domain

Subdomains

Include common entries such as www.yahoo.com and uncommon ones such as state.country.gov Domains that fall under a TLD.

Session Layer (Layer 5)

Initiates and terminates the transport layer connection-oriented services. Not widely used by protocols, but manages connections that the Transport Layer provides. "Bosses transport layer around."

ICA

Independent Computer Architecture

Disadvantages of Mesh/"ad hoc" Topology

Inefficient, requires a large amount of overheard, and is difficult to manage.

IT

Information Technology

IaaS

Infrastructure as a Service

IV

Initialization Vector

Stateful firewall

Inspects traffic leaving the inside network as it goes out to the Internet. Then, when returning traffic from the same session attempts to enter the inside network, the stateful firewall permits that traffic. The process of inspecting traffic to identify unique sessions is called stateful inspection.

LDAP

Lightweight Directory Access Protocol

IEEE

Institute of Electrical and Electronics Engineers

procedure

Instructions that detail specifically how to implement the policy on a network policy.

ISDN

Integrated Services Digital Network

ITS

Intelligent Transportation System

Site to site VPN

Interconnects two sites, as an alternative to a leased line, at a reduced cost.

DTE (Data Termination Equipment)

Interface devices such as NICs and routers on a Frame Relay network.

IANA

Internet Assigned Numbers Authority

ICS

Internet Connection Sharing/Industrial Control System

ICANN

Internet Corporation for Assigned Names and Numbers

IKE

Internet Key Exchange

InterNIC

Internet Network Information Center

IP

Internet Protocol

IPsec

Internet Protocol Security

IPv4

Internet Protocol version 4

IPv6

Internet Protocol version 6

ISAKMP

Internet Security Association and Key Management Protocol

ISP

Internet Service Provider

IPS

Intrusion Prevention System

spim

Is an IM-based attack just like spam, but is propagated through instant messaging instead of through email.

de-encapsulation

It is the reverse process of removing the added information, as data passes to the next higher layer at the receiver end.

What is a loopback address?

It returns the node that requests it

KVM

Keyboard Video Mouse

Kbps

Kilobits per second

1000Base-LX

Laser over fiber; SC connector 5000 meters 1gbps

What OSI layer is a WAP?

Layer 2 Data Link or Layer 3 Networking depending on what it is doing

What OSI layer is a bridge?

Layer 2 Data link

L2F

Layer 2 Forwarding

L2TP

Layer 2 Tunneling Protocol

What OSI layer is a switch?

Layer 2 data link

What OSI layer is a router?

Layer 3 Networking

10BaseT facts

Length of Cable: 100 meters Type: Twisted pair with exclusive media (connected to hubs rather than to other nodes). RJ-45. Speed: 10 Mbps Use: Used RJ-45 connectors

1000BaseT ("Gigabit Ethernet") facts

Length of Cable: 100 meters (328 feet) Type: Twisted pair, xclusive media (connected to hubs rather than to other nodes). RJ-45. Speed: 1000Mpbs Use: Improvement of 100BaseTx

100BaseTX ("Fast Ethernet") facts

Length of Cable: 100 meters. Type: Twisted pair, xclusive media (connected to hubs rather than to other nodes). RJ-45. Speed: 100 Mbps. Use: Improvement of 10BaseT, can auto-negotiate speed.

10Base2 facts

Length of Cable: 185 meters Type: Coaxial cable with required BNC connector. Shared medium. Speed: 10 Mbps Use: Old and rarely used.

Faster Speed/Other media Ethernet (10GBASE-SR, 10GBASE-CX4, etc) facts

Length of Cable: 2000+ meters Type: Next-generation fiber optic cabling. Speed: 10+ Gbps Use: Improvement of 1000BaseT, change in connectors and cabling.

10Base5 facts

Length of Cable: 500 meters Type: Special coaxial cable. Needs "vampire taps." Shared Medium Speed: 10MBps Use: Oldest technology and media

LED

Light Emitting Diode

LWAPP

Light Weight Access Point Protocol

What does LAN stand for?

Local Area Network

LLC

Logical Link Control

What does LLC stand for?

Logical Link Control

LLC Sublayer

Logical Link Control, the supper sublayer of the Data Link Layer. Defined in the IEEE 802.2 standard. It masks the underlying physical network technologies by hiding their differences to provide a single interface to the Network layer. Uses SSAPs and DSA{s to help lower layers communicate with the network layer protocols. Also it is responsible for the acknowledgment of individual frames.

VLAN (Virtual LAN)

Logical network segment that oerates on the same physical LAN but separated logically from other network segments. A VLAN server can map certain physical addresses to logical VLAN networks and appropriately load-balance traffic originating from connected hosts.

LTE

Long Term Evolution

Which Sublayer converts the frames into bits that the Physical Layer can put on the wire?

MAC Sublayer

HOSTS file:

MS Windows file, has NetBIOS name entries for remote network hosts as well as local ones

LMHOSTS file:

MS Windows file, has NetBIOS name entries for the LAN

MX

Mail Exchanger

MDF

Main Distribution Frame

malware

Malicious code, such as viruses, Trojans, or worms, which is designed to gain unauthorized access to, make unauthorized use of, or damage computer systems and networks.

MIB

Management Information Base

MIBS

Management Information Bases

network management

Management of systems on the network using various activities, methods, procedures, and tools that relate to the operation, administration, maintenance, and provisioning of these systems.

mux (multiplexer)

Manages separate signals in a logical star topology and enables them to share media.

Asset Management

Managing each aspect of a network, from documentation to performance to hardware.

NetBEUI (NetBIOS Extended User Interface)

Microsoft protocol suite, not routable, meant for small Windows-based LAN.

MSA

Master Service Agreement

MSDS

Material Safety Data Sheet

MTU

Maximum Transmission Unit

MT-RJ

Mechanical Transfer-Registered Jack

What does MAC stand for (not Macintosh)?

Media Access Control

MAC

Media Access Control/Medium Access Control

MDI

Media Dependent Interface

MDIX

Media Dependent Interface Crossover

MGCP

Media Gateway Control Protocol

Mbps

Megabits per second

MBps

Megabytes per second

MOU

Memorandum of Understanding

Broadcast

Message to all users, all nodes on a network to resolve a given name.

MAN

Metropolitan Area Network

MS-CHAP

Microsoft Challenge Handshake Authentication Protocol

Centralized Network Type

Modified client-server network in which the clients have no individual control. All maintenance and setup occurs at the server level. Advantages: extreme ease of management and ability to micromanage. Disadvantages: prohibitive cost and inflexibility.

Combined/Hybrid Topology

More than one topology is utilized. Example: Home network is a star. Xbox 360 connected to mac pro is a "kind of" a bus. Mac pro to the router is part of the star, so the network is a star with a bus connected to it. Everything from the xbox360 goes through the mac pro to get to the network.

DNS (Domain Name Service)

Most common medium of name resolution, operates on concept of domains. Name resolution protocol of choice in the TCP/IP suite

Address (A) Record

Most important DNS record. Maps domain name into an IP address. This is a one-to-one function

MPLS

Multi-Protocol Label Switching

MLA

Multilateral Agreement

MMF

Multimode Fiber

MIMO

Multiple Input, Multiple Output

chips

Multiple data signals generated in the DSSS technique.

MUMIMO

Multiuser Multiple Input, Multiple Output

Internet Security Association and Key Management Protocol (ISAKMP)

Negotiates parameters for an IPsec session.

Which layer adds a network header and converts the segments into packets?

Network

NAC

Network Access Control

NAT

Network Address Translation is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. The main use is to limit the number of public IP addresses an company must use.

NAS

Network Attached Storage

NetBEUI

Network Basic Input/Output Extended User Interface

Transport Layer (Layer 4)

Network layer's packets are sorted and organized into "segments". Contains information on the connection and the transmission of data. Attaches segments information about the state of a connection. Transport layer uses the LLC sub-layer of layer 2 to establish connections.

Client-server Access Network Type

Nodes can act as clients or servers. Advantages:Management is easy and the network can offer services that decentralized networks cannot,.

Ethernet Promiscuous mode

Nodes can receive all frames of information and not just those passed along to those specific computers. This is defeated using switching.

Bus Topology

Nodes of the network are individually linked up to two successive other nodes or another node and a terminating node/terminator. AKA "Daisy chained."

IPv4 address

Numeric identifier of a network node that uniquely identifies that node either on a LAN or wider Internet.

demilitarized zone (DMZ)

Often contains servers that should be accessible from the Internet. This approach would, for example, allow users on the Internet to initiate an email or a web session coming into an organizations email or web server. However, other protocols would be blocked.

cycle

One complete oscillation of an analog signal.

OSI Model

Open Center Interconnection model is a reference model for the comeliest aspects related to a network

ping command

One of the most commonly used command line commands. It can check IP connectivity between two network devices. Multiple platforms support the ping command.

POTS (Plain Old Telephone Service)

One of the oldest yet most popular. Utilizes phone networks and analog-to-digital modems. Must establish a POTS "hand-shake" which takes a minute or two. Slow access, usually 56 Kb/S or 7 KB/S. Inexpensive, uses existing infrastructure.

hashing encryption

One-way encryption that transforms cleartext into a coded form that is never decrypted.

OSPF

Open Shortest Path First

OSI

Open Systems Interconnect

Circuit Level firewall

Operates at the Session layer (layer 5). Filter traffic based on whether or not a session has been established between the destination and source using TCP handshaking. Regulate traffic based on whether or not a trusted connection has been established.

Proxy

Operates at the application layer. Serves as filters of client-internet traffic. Instead of establishing direct connections between the clients and servers on the internet, clients connect to the proxy server which can filter their request and forward it to the internet. Information back is also filtered then sent to the client.

ARP (Address Resolution Protocol)

Operates at the network layer and is used to translate logical IP addresses into Data Link MAC addresses. Translator between layers 2 and 3.

Packet Filtering Firewall

Operates at the network layer. Filters traffic based on the headers (destination/source) of the individual packets.

Application Level Firewall

Operates in the Application Layer (obviously). Inspects the contents of packets, rather than just the headers. Similar to proxies in that they operate and regulate between two segments of the network.

Stateful Inspection Firewall

Operates in the network, session, and application layers. Combines circuit level and application level firewall techniques. Most common today. It assures the connection/sesssion between the two parties is valid and inspects the packets from this connection to assure the packets are not malicious.

OS

Operating Systems

Pointer (PTR) Record

Opposite of the A record, translates IP addresses into DNS names

OCx

Optical Carrier

OTDR

Optical Time Domain Reflectometer

OUI

Organizationally Unique Identifier

Pretty good privacy (PGP)

PGP is a widely deployed asymmetric encryption algorithm and is ofter used to encrypt email traffic.

dial-up lines

PS1N connections that use modems, existing phone lines, and long-distance carrier services to provide low-cost, low-bandwidth WAN connectivity and remote network access.

Multicast

Packet sent to more than one user but not all users -distinguished from the broadcast.

PAP

Password Authentication Protocol

Decentralized Network Type

Peer to peer. No distinctions between client and server. Every node acts as a client and/or server depending on the task at hand. Many file sharing networks are considered decentralized. Advantages: ease of setup. Disadvantage: Difficulty of maintenance ( a setting must be changed on each node to reflect a setting change on the whole network).

PVC

Permanent Virtual Circuit

PAN

Personal Area Network

PC

Personal Computer

What OSI layer does a modem work in?

Physical layer/ layer 1

What OSI layer is a hub?

Physical/Layer 1

How would you test if TCP/IP is configured on a host computer?

Ping local host (127.0.0.1)

POTS

Plain Old Telephone System

PaaS

Platform as a Service

Power over Ethernet (PoE)

PoE allows an Ethernet switch to provide power to an attached device by applying power to the same wires in a UTP cable that are used to transmit and receive data.

PPP

Point-to-Point Protocol

PPPoE

Point-to-Point Protocol over Ethernet

PPTP

Point-to-Point Tunneling Protocol

PTR

Pointer

PAT

Port Address Translation

PoE

Power over Ethernet

incident management

Practices and procedures that govern how an organization will respond to an incident in progress.

PSK

Pre-Shared Key

PGP

Pretty Good Privacy

PRI

Primary Rate Interface

Ethical and Legal issues

Privacy Online fraud Intellectual property and illegal activity

E-Market Strategies

Product considerations Pricing considerations distribution considerations promotion considerations

PDU

Protocol Data Unit

Router discovery protocols

Protocols that are used to identify routers on the network.

VPN protocols

Protocols that provide VPN functionality.

Secondary Name Servers

Provide redundancy and can allow for additional checking of DNS entries.

WPA2 (Wi-Fi Protected Access v2)

Provides WPA with Advanced Encryption Standard (AES) cipher-based CCMP encryption for even greater security and to replace TKIP.

TACACS (Terminal Access Controller Access Control System)

Provides centralized authentication and authorization services for remote users.

Secure Sockets Layer (SSL)

Provides cryptography and reliability for upper layers (Layers 5-7) of the OSI model. SSL, which was introduced in 1995, has largely been prelaced by Transport Layer Security (TLS). However, recent versions of SSL have been enhanced to be more comparable with TLS. Both SSL and TLS are able to provide secure web browsing via HTTPS.

PKI

Public Key Infrastructure

PSTN

Public Switched Telephone Network

DNSBLs (DNS blacklists)

Published lists that contain email addresses that ace confirmed as spam sources.

main memory temporary memory data can be changed or deleted info is lost when the computer shuts down

Ram

Mesh/"Ad Hoc"

Rare, only used in wireless networks when the nodes are set in "ad hoc" mode. Every node is connected to every other node. The wireless cards maintain connection to each other one forming a mesh of a network. Adds redundancy, but makes network management almost impossible.

RTP

Real Time Protocol

RTSP

Real Time Streaming Protocol

Advanced Encryption Standard (AES)

Released in 2001, AES is typically considered the preferred symmetric encryption algorithm. AES is available in 128-bit key, 192-bit key, and 256-bit key versions.

Disadvantages of Star Topology

Reliance on the switch (which is a fail-point) and the amount of wiring necessary.

RADIUS

Remote Authentication Dial-In User Service

RSH

Remote Shell

RAS

Remote access server- A RAS includes specialized server software used for remote connectivity. This software is designed to provide authentication, connectivity and resource access services to connecting users.

Telnet (Telecommunications Network)

Remotely connect to a node. Cleartext (even the password). Terminal emulation because remote terminal is available upon connection. Port: TCP 23

Binary Code

Represents text, computer processor instructions, or other data usually using 0 and 1. The binary code assigns a pattern of binary digits to each character.

waveform

Represents the shape of an analog signal.

Two factor authentication (TFA)

Requires two types of authentication from a user seeking admission to a network. For example, a user might need to know something and have something.

DNS (Domain Name System) Protocol

Resolves domain names into IP addresses. Port: UDP 53

RARP (command)

Returns the IP address that maps to a given mac address

ARP (command)

Returns the MAC address that maps from a given IP address

RARP

Reverse Address Resolution Protocol

RTT

Round Trip Time or Real Transfer Time

RIP

Routing Internet Protocol

SCP

Secure Copy Protocol

SFTP

Secure File Transfer Protocol

SHA

Secure Hash Algorithm

SSH

Secure Shell

SSL VPN Protocol

Secure Sockets Layer virtual private network is a form of VPN that can be used with a standard Web browser. an SSL VPN does not require the installation of specialized client software on the end user's computer.

SA

Security Association

SIEM

Security Information and Event Management

OSI Model: Definition

Seven layer model describes the way and means that networks use to operate and for communication. Each layer depends on the layers below to operate.

SMS

Short Message Service

Modem

Short for modulator demodulate. Acts as a translator between digital and analog networks. Example: acts as the intermediary between analog phone systems and digital networks.

Bluetooth 802.15.1

Short-range wireless technology. Limited to 20-35ft access range. Designed for portable consumer wireless devices and Bluetooth enabled WAPs.

SPB

Shortest Path Bridging

SNTP

Simple Network Time Protocol

FTP (File Transfer Protocol)

Simple file transfers with no security. Transferred in "cleartext". Ports: TCP 20(data); TCP 21(transmission control)

SMF

Single Mode Fiber

Toner Probe

Sometimes called a fox and hound, a toner probe allows you to place a tone generator at one end of the connection and use a probe on the punchdown block to audibly detect which wire the tone generator is connected.

SFP

Small Form-factor Pluggable

SOHO

Small Office/Home Office

Types of digital media

Social networks blogs wikis media-sharing sites virtual reality gaming mobile devices applications and widgets

SDLC

Software Development Life Cycle

SaaS

Software as a Service

socket

Software in an operating system that connects an application with a network protocol.

codec

Software or hardware that codes and decodes digital data to and from the analog format.

adware

Software that automatically displays or downloads advertisements when it is used.

terminal emulator

Software that enables a standard client computer to appear to a host computer as a dedicated terminal.

rootkit

Software that is intended to take full or partial control of a system at the lowest levels.

TTS (Transaction Tracking System)

Software that monitors a transaction through to completion.

Virtual private network (VPN)

Some VPNs can support secure communication between two sites over an untrusted network.

MT-RJ (Mechanical Transfer Registered Jack)

Sometimes called a Fiber Jack connector, it is a compact snap-to-lock connector used with multimode fiber.

STP

Spanning Tree Protocol / Shielded Twisted Pair

Channel Service Unit/Data Service Unit CSU/DSU

Special type of bridge that operates between WANs and LANs. Found in devices such as cable modems (which actually are not technically modems but digital signal converters).

Private IP addresses

Specific Class A, B, and C networks have been designed for private use. Although these networks are routable, within the organication, sevice providers do not route these private networks over the public Internet.

802.11b facts

Speed: 11 Mbps Usage: Cheaper 2.4GHZ mode

802.11n facts

Speed: 150/300/450/600 Mbps Usage: Works at either 2.4GHz or 5GHz

802.11a facts

Speed: 54 Mbps Usage: 5GHz band, outdated. Expensive.

802.11g facts

Speed: 54/108 Mbps Usage: Cross between 802.11a and 802.11b. 2.4GHz at fast speeds and is backwards compatible.

load balancer

Stand-alone network devices that perform load balancing as their primary function.

SC

Standard Connector/Subscriber Connector

SC Connector

Standard/Subscriber Connector. Fiber-optic cable connector. Uses push-pull latching. Square.

SPS

Standby Power Supply

Which topology is used the most often?

Star

NetBIOS Name Server

Stores NetBIOS names in a central location for easy name resolution. Returns IP address based on a NetBIOS name.

ST

Straight Tip or Snap Twist

ST Conncetor

Straight tip, single twist connector for fiber-optic cables.

MAC Sublayer

Sublayer of the Data Link layer. Determines who is allowed to access the media at any one time. Provides frame synchronization.

DSL (Digital Subscriber Line)

Successor to ISDN. Utilizes special DSL modem to translate high-speed signal to network friendly language. Can be as slow as 256 Kbps andfaster than 10 Mbps. Most limited to 15,000 to 18,000 ft. Not a true dedicated line. SDSL - synchronous speed up and down ADSL - download speed much higher than upload; most common today IDSL - works up to 30,000ft.. **Used in small business/office or home connection

SCADA

Supervisory Control and Data Acquisition

spyware

Surreptitiously installed malicious software that is intended to track and report on the usage of a target system, or collect other data the author wishes to obtain.

SVC

Switched Virtual Circuit

Examples of Data Link Layer Devices

Switches, Bridges, WAPs and NICs

SDSL

Symmetrical Digital Subscriber Line

SONET

Synchronous optical networking is a standardized digital communication protocol that is used to transmit a large volume of data over relatively long distances using a fiber optic medium. multiple digital data streams are transferred at the same time over optical fiber using LEDs and laser beams.

SYSLOG

System Log

SNIPS (System and Network Integrated Polling Software)

System and network monitoring software that runs on UNIX systems and offers both a command-line and web interface to monitor network and system devices.

Unified Voice Services

Takes all methods of communication and integrates them together seamlessly (smartphone)

Transport layer

The OSI layer that accepts data from the upper layers, and breaks it up into smaller units known as segments, passes them on to the lower layers, and ensures that all segments arrive correctly at the other end.

Telco

Telephone Company

TKIP

Temporal Key Integrity Protocol. Depreciated form of encryption for wireless networking.

TACACS+

Terminal Access Control Access Control System+

TACACS

Terminal Access Controller Access Control System is an older authentication protocol common to UNIX networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system.

TA

Terminal Adaptor

T1

Terrestrial Carrier Level 1

Oscilloscope

Test media for shorts and other issues. Visual display unit measures analog and digital signals, gives accurate readings of frequency and voltage. Does not time signal's reflection.

Defualt gateway

The IP address of a router to which a networked device sends traffic destined for a dubnet other than the devices local subnet.

Application layer

The OSI layer provides services and utilities that enable applications to access the network and its resources.

Physical layer

The OSI layer provides the means for transmitting data bits over a physical medium.

Network layer

The OSI layer that addresses data packets, routes the packets from a source to a destination through the network, and ensures the delivery of those packets.

Session layer

The OSI layer that is responsible foe establishing a connection between network devices, maintaining the connection, and then terminating or reestablishing it when required.

Presentation layer

The OSI layer that is responsible for translating data into a network compatible format.

SPI (Security Parameters Index)

The SPI helps the computer keep track of the computers it is communicating with.

EDC (Error Detection Code)

The bits that are attached to transmitted data to indicate its original contents.

fault tolerance

The ability of a network or system to withstand a foreseeable component failure and still continue to provide an acceptable level of service.

War Diving

The act of searching for Wi-Fi by person in a moving vehicle to "mooch" off of.

war driving

The act of searching for instances of wireless LAN networks while in motion, using wireless tracking devices like PDAs, mobile phones, or laptops.

hop

The action of forwarding a packet from one router to the next.

Mac Adress

The adds that devices in a network uses. It burned into the chip of the physical ne

disaster recovery

The administrative function of protecting people and resources while restoring a failed network or systems as quickly as possible.

cell

The area covered by a wireless access point Alternatively, a cell is a type of network, similar to a packet switching network, in which data is transmitted as fixed-length packets called cells.

protocol binding

The assignment of a protocol to a NIC.

premise wiring

The collection of drop cables, patch panels, and patch cables that together make a functional network.

IPSec driver

The component of IPSec that watches packets being sent and received to determine if the packets need to be signed and encrypted, based on Group Policy or local Registry settings.

network media

The conduit through which signals flow, can be either bounded or unbounded.

drain

The connection point between a shield and the ground.

amplitude

The crest or trough of a wave from the midpoint of the waveform to its top or bottom.

L2TP (Layer Two Tunneling Protocol)

The de facto standard VPN protocol for tunneling PPP sessions across a variety of network protocols such as IP, Frame Relay, or ATM.

signal

The electromagnetic pulses that ace transmitted across a network medium.

port

The endpoint of a logical connection that client computers use to connect to specific server programs.

FCS (Frame Check Sequence)

The extra characters added to a frame for detecting and correcting errors.

attenuation

The fading or degradation of a signal as it travels across a network medium.

first responder

The first person or team to respond to an accident, damage site, or natural disaster in an IT company.

OUI (Organizationally Unique Identifier)

The first three bytes of a MAC address that uniquely identify a network device manufacturer.

phase

The fixed point where a wave's cycle begins in relationship to a fixed point.

Cleartext

The form of a message or data which is in a form that is immediately understandable to a human being without additional processing

integrity

The fundamental security goal of ensuring that electronic data is not altered or tampered with.

availability

The fundamental security goal of ensuring that systems operate continuously and that authorized persons can access data that they need.

confidentiality

The fundamental security goal of keeping information and communications private and protecting them from unauthorized access.

network backbone

The highest-speed transmission path that carries the majority of network data.

FQDN (Fully Qualified Domain Name)

The host name combined with the host's domain name.

physical security

The implementation and practice of various control mechanisms that are intended to restrict physical access to facilities.

port mirroring

The practice of duplicating all traffic on one port in a switch to a second port.

patch management

The practice of monitoring for, evaluating, testing, and installing software patches and updates.

Packet Shaper

The practice of regulating network data transfer to assure a certain level of performance, quality of service or return on investment.

implicit deny

The principle that establishes that everything that is not explicitly allowed is denied.

enciphering

The process of applying a cipher.

Port Forwarding

The process of configuring a router to make a computer or other network device that is connected to it accessible to other computers and network devices from outside of the local network.

demodulation

The process of decoding or removing a low frequency data signal from a high frequency carrier waveform.

EDAC (Error Detection and Correction)

The process of determining if transmitted data has been received correctly and completely, and if not, rebuilding the data to its correct form.

error detection

The process of determining if transmitted data has been received correctly and completely.

latency sensitivity

The susceptibility of a device to experience issues that affect delay within a network.

Logical Topology

The route the signal takes on the network.

Connectionless

The sender doesn't establish a connection, so there isn't guarantee that the data is delivered.

Internet

The single largest global WAN that virtually links every country in the world.

Bits

The smallest unit of data in a computer. It has a single binary value, either 0 or 1.

SSL (Secure Socket Layer)

The standard security technology for establishing an encrypted link between a web server and a browser.

CIA triad (Confidentiality, Integrity, Availability)

The three principles of security control and management: confidentiality, integrity, and availability. Also known as the information security triad or information security triple.

latency

The time delay for a packet to go from a source to a destination and back to the source.

data transmission

The transfer of data between computers or other electronic devices through a network.

cleartext

The unencrypted form of data. Also known as plaintext

host name

The unique name given to a network node on a TCP /IP network.

jitter

The variability of latency over time across a network.

Topology

The way information flows in a network

non-interactive mode

This mode of the nslookup utility prints only the name and requested details for one host or domain and is useful for a single query.

Distributed denial of service (DDoS)

These attacks can increase the amount of traffic flooded to a target system. Specifically, an attacker compromises multiple systems, and those compromised systems, called zombies, can be instructed by the attacker to simultaneously launch a DDoS attack against a target system.

Buffer overflow

This attack occurs when an attacker leverages a vulnerability in an application, causing data to be written to a memory area thats being used by a different application.

Multilayer Switch

This device can perform the functions of a switch as well as that of a router at incredibly fast speeds.

Packet

This is a small amount of computer data sent over a network

interactive mode

This mode of the nslookup utility enables you to query name servers for information about hosts and domains, or to print a list of hosts in a domain.

TDM

Time Division Multiplexing

TDR

Time Domain Reflectometer

TTL

Time to Live

Electrostatic discharge (ESD) wrist strap

To prevent static electricity in your body from damagin electrical components on a circuit board. The strap has a clip that you attach to ground.

Tone Generator

Tool used to identify a cable by the tone generated and is usually used with twisted pair cabling

Vampire Tap

Tool used to pierce into caoxiale cable

Tracert

Traces the connection path to a remote host, step-by-step.

Presentation Layer (Layer 6)

Translates info from the Transport layer in to data to be used at the Application Layer. Interprets segments/packets it receives and change them in to "data formats" that we know and the PC can recognize.

SNMP

Translation Simple Network Management Protocol

TCP

Transmission Control Protocol

Which layer add a segment header while converting the data into segments?

Transport

TLS

Transport Layer Security

Which layers deal with protocols for delivery and routing of packets?

Transport and Network

TMS

Transportation Management System

TFTP

Trivial File Transfer Protocol

TTLS

Tunneled Transport Layer Security

TOS

Type of Service

TFTP (Trivial FTP)

UDP version of FTP, relatively unreliable. Inefficient. Used more often for inter-network communication. Port: UDP 69

UPC

Ultra Polished Connector

zombie

Unauthorized software introduced on multiple computers to manipulate the computers into mounting a DDoS attack. Also called a drone.

drone

Unauthorized software introduced on multiple computers to manipulate the computers into mounting a DDoS attack. Also called a zombie.

plaintext

Unencoded data. Also known as cleartext.

UC

Unified Communications

UTM

Unified Threat Management

URL

Uniform Resource Locator

UPS

Uninterruptible Power Supply

UNC

Universal Naming Convention

USB

Universal Serial Bus

UTP

Unshielded Twisted Pair

electrical noise

Unwanted signals that are introduced into network media. Noise interferes with the proper reception of transmitted signals.

Canonical Name (CNAME) Record

Used to map a subdomain (or different domain) to a domain. Used as an alias. Example: Most website have a CNAME record that maps www.website.com to website.com

AppleTalk

Used for Apple (macintosh) networks. Routable, can be used in large LANs and some WANs. Uncommon due to presence of many Windows computers on networks.

Partical Mesh

Used in backbone environment to provide fault tolerant connections between critical servers and network devices

Carrier sense multiple access collision detect (CSMA/CD)

Used on an Ethernet network to help prevent a collision from occurring and to recover if a collision does occur. CSMA/CD is only needed on half-duplex connections.

Crimper

Used to attach a connector to the end of an unshielded twisted pair cable.

Bridge

Used to connect two physical network segments together, forming a larger inter-network. It can forward packets or reject them based on their destination MAC address. The connected network segments must have the same network ID.

Nsloookup

Used to troubleshoot DNS issues, cn be used to find an IP given a DNS name

Digital marketing

Uses all digital media including the internet and mobile and interactive channels, to develop communication and exchanges with customers

DVM (Digital Volt Meter)

Uses an analog-to-digital converter to display numeric voltage readings.

Application Layer (Layer 7)

Uses end-user application protocols like FTP and HTTP, services like DHCP and DNS. Ask "does this facilitate networking, or does networking facilitate the service?" If the latter, it's an Application Layer service.

SSTP (Secure Socket Tunneling Protocol)

Uses the HTTP over SSL protocol and encapsulates an IP packet with an SSTP header.

X Window system

Uses the X protocol that leverages a client-server relationship to provide graphical user interface and input device management functionality to applications.

WWAN (Wireless Wide Area Network)

Uses the wireless network technology to allow users to check email, surf the web, and connect to corporate resources accessible within the cellular network boundaries.

How are wireless networks compatible with Ethernet?

Using a MAC bridge that translates wireless frames into Ethernet frames

Data Conversion

Using a program to change one type of data to another.

war chalking

Using symbols to mark off a sidewalk or wall to indicate that there is an open wireless network which may be offering Internet access.

L2TP (Layer 2 Tunneling Protocol)

Utilizes IPSec (IP Security) to encrypt data all the way from the client to the server. Versatile because it can accommodate protocols other than IP to send datagrams. Common in VPN applications.

OC1/OC3/OC(X) - Optical Carrier

Utilizes SONET fiber-optic technology to all speeds exceeding 50 Gbps, though OC1 "only" operates at 51 Mbps. **only large companies would need such speed

PPP (point-to-point) protocol

Utilizes direct connection from a client to WAN over TCP/IP. Single remote access packets. Advantageous for dial-up services. Most common dial-up networking protocol today. When you think dial-up access, think PPP.

Cable

Utilizes traditional coaxial cable. Requires a cable modem to translate between cable signal and Layer 2 segments. Costs more than DSL. Speeds exceed 60 Mbps. ** small to medium-sized business applications and many home settings

VTP

VLAN Trunk Protocol

VLAN

Virtual Local Area Network

voluntary tunnels

VPN tunnels that are created between client endpoints at the request of the client

compulsory tunnels

VPN tunnels that are established by the WAN carrier without involvement from client endpoints.

VDSL

Variable Digital Subscriber Line

VTC

Video Teleconference

a board that plugs into a personal computer to give it a disable capabilities

Video card

VNC

Virtual Network Connection

VPN

Virtual Private Network

VoIP

Voice over IP

vishing

Voice phishing, a human-based attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services such as VoIP.

WMS

Warehouse Management System

Bit error rate tester (BERT)

When troubleshooting a link where you suspect a high bit error rate (BER), you can use a piece of test equipment called a bit error rate tester, which contains bot a pattern generator and an error detector and can calculate a BER for the tested transmission link.

DHCP Release/Renew system

Whena address is requested and assigned, it is leased to the node. When half the lease time has expired, a renewal is requested for the IP address. When the node is gone 87.5% of the time of the lease, the server will send out a broadcast asking for an IP address. Node loses ip address once lease expires.

Network Layer (Layer 3)

Where frames of the Data Link layer becomes packets. Translates frames it receives from layer 2 into more logical packets to be routed to other networks. You cannot verify that the other person ever reads the message. This layer uses IP address and does routing.

WPA2

Wi-Fi Protected Access. Uses AES to encrypt data. Should be used when possible.

WPA

Wi-Fi Protected Access. Uses TKIP to encrypt data. Replaced/improved to WPA2.

WPS

WiFi Protected Setup

What does WAN stand for?

Wide Area Network

Asymmetric encryption

With asymmetric encryption, the sender and receiver of a packet use different keys.

Symmetric encryption

With symmetric encryption, both the sender and the receiver of a packet use the same key for encryption and decryption.

interference

Within wireless networking, the phenomenon by which radio waves from other devices interfere with the 802.11 wireless signals.

www

World Wide Web

Zeroconf

Zero Configuration

network interface card

a card installed in a computer that allows you to connect to a network

File transfer protocol

a communication method for transferring data between computers on the internet

firewall

a computer firewall limits the data that can pass through the computers and protect the network server or client machine from damage by authority users.

switch

a computer network device that connects devices that connects networks segment

Network Nodes

a connection point that can receive, create, store or send data along distributed network routes. It can recognize, process and forward transmissions to other network nodes.

modem

a device that allows computers to communicate over telephone lines

router

a device that transfers data from one network to another

hub

a device that uses its ports to connect devices like computers printers etc together

Dynamic DNS

a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

Frame Relay

a packet-switching telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between endpoints in wide area networks (WANs).

parallel port

a parallel interface for connecting an external device such as a printer

work station

a personal computer located on a network

Data Compression

a program that uses a formula or algorithm to determine how to shrink the size of the data.

Network Interface Card (NIC)

allows a node to connect to the network, whether it be PCI, ISA, or USB.

blue tooth

allows electronic devices like cell phones and computers to exchange data over short distances using radio waves.

Redundancy

allows for data access even when one server is down - no one server can become a choke/fail point. In network application, means multiple hard drives, multiple servers, etc.

RIP (Routing Information Protocol)

allows for the routeing of internal (and also some internet) traffic and adapting to changes in network structure.

sound card

an expansion board that enables a computer that manipulate and output sounds

usb (aka) universal serial port

an external bus that supports that data transfer

Podcast

audio or video file that can be downloaded from the internet with a subscription that automatically delivers new content to listening devices or personal computer; offer benefit of convenience giving users the ability to listen to view content when and where they choose

computer network

computers connected together for the purpose of sharing information and resources

TCP (Tranmission Control Protocol)

connection-oriented, allows reliable data transfer and receipt of delivery. Uses ports. High-level protocols rely on TCP ports to allow outside nodes to communicate with specific services. Ports are always between 1 and 65536.

Creators

consumers who create their own media outlets

DHCP Scopes

determines the address configurations used on a subnet. In this video, you'll learn how scopes are administered on a DHCP server.

mesh topology

device are connected with many redundant interconnected between to networks

UTP unshielded twisted pair

does not have a foil jacket to help prevent cross talk

Load Balancing

feature that can intelligently delegate traffic and requests from clients across the network and onto other servers tin a way that maximizes network efficiency.

Number of octets in IPv4

four (4)

End-to End Sessions

indicates a communication happening between two applications

Primary Name Server

handles client requests, checking against DNS entries stored in a local file

STP shielded twisted pair

has a foil jacket to help prevent cross talk

protocol

how data is formatted transmitted and received in a network

Unique NetBIOS Name

if a NetBIOS name resolves to a single IP address (one-to-one) relationship

Group NetBIOS Name

if a NetBIOS name resolves to more than one computer.

RIPv2 (routing information protocol)

improved RIPv1, ability to include subnet information with its updates and allows for CIDR support.

Distance-vector routing protocols

include RIP and IGRP, uses distance as one factor and the vector as the other.

Hostid

indicates the actual specific node

Netid

indicatest the network that a node is on

10GBASE-EW

laser over either single or multi-mode fiber LC or SC connectors 40 kilometers 10 GBps

10GBASE-ER

laser over either single or multi-mode fiberoptics. SC or LC connectors 40 kilometers 10 GBps

10GBASE-LW

laser over single-mode fiber optics LC or SC connectors 2000 meters 10 Gbps

10GBASE-LR

laser over single-mode fiber optics; LC or SC connectors 2000 meters 10 Gbps

Collectors

least recognized group gather info and organize content generated by critics and creators

IS-IS (Intermediate system to intermediate system)

link state protocol that operates by forwarding network topology information throughout a network of routers. Typically for larger networks

LAN

local area network a geographic network that covers a relatively small geographic area such as a building or a small campus no more than a mile distance between computers

RS-232 serial cable

many are being replaced with usb enabled interfaces

serial port

many newer system have replaced the serial port

MAN metropolitan Area Network

metropolitan area network a geographic network that covers a large area like a city or community mat be used to connect computers in libraries government agencies etc together no more than 30 miles in size

Class C netid/hostid order

netid . netid . netid . hostid

Virtual sites

offering significant opportunities for marketers to connect with consumers in a unique way role-playing game product placement EX: sims

Inactives

online users who do not participate in online digital media

Critics

people who comment on blogs or post ratings and reviews

DHCP Reservations

permanent IP address assignment. It is a specific IP address within a DHCP scope that is permanently reserved for leased use to a specific DHCP client.

Access control

prevents unauthorized access to network resources and maintains the integrity of those resources through only allowing certain users to access information. Two basic types are: *User Level - user defines what they want to be accessed by other users *Mandated- central server defines how access to various network resources takes place (like an AD server). Forms of Access Control: *login screen *windows share where only users of a certain group can access it

10GBASE-SW

showtwave laser over multi-mode fiberoptics; LC or SC connectors 300 meters 10Gbps

cross talk

signal overflow from an adjacent wire

Widgets

small bits of software on a website, desktop, or mobile device that enables users to interface with the application and operating system

cpu

the cpu is the brains of the computer where most calculations take place


Ensembles d'études connexes