CompTIA Network Plus

An IEEE 802.3 specification for Ethernet at 10Mbps over thin coaxial cable. The maximum length of a 10Base2 segment is 185 meters (607 feet). 10Base2 operates at 10Mbps and uses a baseband transmission method.

The IEEE 802.3 specification for 10Mbps Ethernet using thick coaxial cable. The maximum length of a 10Base5 segment is 500 meters (1,640 feet).

The IEEE 802.3 specification for running Ethernet at 10Mbps over fiber-optic cable. The maximum length of a 10BaseFL segment is 2,000 meters.

The IEEE 802.3i specification for running Ethernet at 10Mbps over twisted-pair cabling. The maximum length of a 10BaseT segment is 100 meters (328 feet).

A 10Gbps Ethernet networking standard that can be used up to 40,000 meters.

Both the ER and EW Gigabit standards deploy with extralong- wavelength single-mode fiber. This medium provides transmission distances ranging from 2 meters to 40 kilometers. 10GbaseER deploys over dark fiber, but the EW standard is used primarily with SONET equipment.

A 10Gbps Ethernet networking standard that can be used up to 10,000 meters. 10GbaseLR uses single-mode fiberoptic cabling.

The 10GbaseLW Ethernet standard is over singlemode fiber. Both the LR and LW standards are designed to be used over long-wavelength single-mode fiber, giving it a potential transmission range of anywhere from 2 meters to 10 kilometers. The LW standard is designed to connect to SONET equipment.

A 10Gbps Ethernet networking standard that can be used over relatively short distances, up to 300 meters.

Both SR and SW are designed for deployment over shortwavelength multimode fiber. The distance range for both classifications ranges from as little as 2 meters to 300 meters. The difference between the two classifications is that SR is designed for use over dark fiber. The 10GbaseSW standard is designed for longer-distance data communications and connects to SONET equipment.

A term commonly used to refer to the 10Gbps Ethernet networking standards such as 10GbaseER, 10GbaseLR, and 10GbaseSR. 10 Gigabit Ethernet is defined in the IEEE 802.3ae standard.

The IEEE 802.3 specification for running Fast Ethernet at 100Mbps over fiber-optic cable. The maximum length of a 100BaseFX segment is 2,000 meters (6,561 feet) in full-duplex mode.

The IEEE 802.3 specification for running Ethernet at 100Mbps over twisted-pair cabling. The maximum length of a 100BaseT segment is 100 meters (328 feet).

An IEEE 802.3u specification, also known as Fast Ethernet, for running Ethernet at 100Mbps over STP or UTP. The maximum length of a 100BaseTX segment is 100 meters (328 feet).

An IEEE 802.3ab standard that specifies Gigabit Ethernet over Category 5 UTP cable. The standard allows for fullduplex transmission using four pairs of twisted cable.

Telecommunications standards from the Telecommunications Industry Association (TIA) and the Electronics Industry Association (EIA). These 568 standards specify the pin arrangements for the RJ-45 connectors on UTP or STP cables. The number 568 refers to the order in which the wires within the UTP cable are terminated and attached to the connector.

Authentication, authorization, and accounting. Authentication is the process to determine if someone is authorized to use the network� if he can log on to the network. Authorization refers to identifying the resources a user can access after he is authenticated. Accounting refers to the tracking methods used to identify who uses the network and what they do on the network.

A transmitter and receiver (transceiver) device commonly used to facilitate communication between a wireless client and a wired network. Wireless APs are used with the wireless infrastructure network topology to provide a connection point between WLANs and a wired Ethernet LAN.

The acknowledgment message sent between two hosts during a TCP session.

(access control list) The list of trustees assigned to a file or directory. A trustee can be any object available to the security subsystem. The term ACL is also used with routers and firewall systems to refer to the list of permitted computers or users.

Used in Windows network environments, this is a directory services system that enables network objects to be stored in a database. This database can then be divided and distributed among different servers on the network.

A hub that has power supplied to it for the purposes of regenerating the signals that pass through it.

Defines a wireless network layout whereby devices communicate directly between themselves without using an access point. Sometimes called an unmanaged or peer-to-peer wireless topology.

A set of numbers used to identify and locate a resource or device on a network. An example is an IP address such as 192.168.2.1.

A person responsible for the control and security of the user accounts, resources, and data on a network.

On a Windows system, the default account that has rights to access everything and to assign rights to other users on the network. Unlike other user accounts, the Administrator account cannot be deleted.

(Asymmetric Digital Subscriber Line) A service that transmits digital voice and data over existing (analog) phone lines.

(Advanced Encryption Standard) An encryption algorithm for securing sensitive networks used by U.S. Government agencies. Has become the encryption standard for corporate networks.

(Authentication Header) One of the two separate protocols IPSec consists of (the other being ESP). AH provides the authentication and integrity checking for data packets.

(Amplitude Modulation) One of the earliest forms of radio modulation, this is a technique used in communication to transmit information over a radio wave.

(American National Standards Institute) An organization that publishes standards for communications, programming languages, and networking.

A software application that detects and removes virus programs.

(wireless access point) A network device that offers connectivity between wireless clients and (usually) a wired portion of the network.

(Automatic Private IP Addressing) A technology implemented on certain Windows platforms through which a system assigns itself an IP address in the absence of a DHCP server. Addresses are assigned from the 169.254.x.x address range.

Layer 7 of the OSI model, which provides support for end users and for application programs using network resources.

Application-layer firewalls operate at the application layer of the OSI model. Application layer firewalls can inspect data packets traveling to or from an application.

A log file on a Windows system that provides information on events that occur within an application.

A flag that is set on a file after it has been created or altered. Some backup methods reset the flag to indicate that it has been backed up.

(American Registry for Internet Numbers) The regional Internet registry responsible for managing both IPv4 and IPv6 IP number distribution.

(Address Resolution Protocol) A protocol in the TCP/IP suite used to resolve IP addresses to MAC addresses. Specifically, the ARP command returns a Layer 2 address for a Layer 3 address.

The ARP utility that resolves IP addresses to MAC addresses. The ARP ping utility tests connectivity by pinging a MAC address directly.

A table of entries used by ARP to store resolved ARP requests. Entries can also be manually stored.

A group of devices arranged in a fault-tolerant configuration. See also RAID.

(Application Service Provider) A vendor who provides computerbased services over the network.

The loss of signal experienced as data transmits over distance and across the network medium.

(Asynchronous Transfer Mode) A packet-switching technology that provides transfer speeds ranging from 1.544Mbps to 622Mbps.

The process by which a user�s identity is validated on a network. The most common authentication method is a username and password combination.

(bearer) channel In ISDN, a 64Kbps channel that carries data. See also D (delta) channel.

A network segment that acts as a trunk between other network segments. Backbones typically are high-bandwidth implementations such as fiber-optic cable.

A document or plan that defines what type of backups are made, when, and what data is backed up.

The width of the range of electrical frequencies, or how many channels the medium can support. Bandwidth correlates to the amount of data that can traverse the medium at one time, but other factors determine the maximum speed supported by a cable .

A term applied to any medium that can carry only a single data signal at a time. Compare with broadband.

A measurement of performance of a device or system for the purposes of future comparison. Baselining is a common server administration task.

The speed or rate of signal transfer. Baud rate bandwidth is measured in cycles per second, or Hertz (Hz). The word baud is derived from the name of French telegraphy expert J. M. Baudot.

(Building Distribution Frame) A network wiring closet typically housing wiring distribution equipment and hardware. Two common network BDFs are the Intermediate Distribution Frame (IDF) and the Main Distribution frame (MDF).

In a wireless network, beaconing refers to the continuous transmission of small packets (beacons) that advertise the presence of a base station (access point).

(Bit-Error Rate Test) A test to see the number of received bits of a data stream that has changed due to noise, interference, or other distortion.

Border Gateway Protocol. Used between gateway hosts on the Internet. BGP examines the routing table, which contains a list of known routers, the addresses they can reach, and a cost metric associated with the path to each router so that the best available route is chosen. BGP communicates between the routers using TCP.

A base 2 numbering system used in digital signaling. It uses only the numbers 1 and 0.

The process of associating a protocol with a NIC.

The science and technology of measuring and analyzing biological data. Biometrics is used for security purposes to analyze and compare characteristics such as voice patterns, retina patterns, and hand measurements.

(Basic Input/Output System) A basic set of instructions that a device needs to operate.

An electronic digit used in the binary numbering system. Bit is a contraction of the terms binary and digit.

A total loss of electrical power.

A low-cost, short-range RF technology designed to replace many of the cords used to connect devices. Bluetooth uses 2.4GHz RF and provides transmission speeds up to 24Mbps.

(Bayonet Neill Concelman) connector A family of connectors typically associated with thin coaxial cabling and 10Base2 networks. BNC connectors use a twist-and-lock mechanism to connect devices to the network.

Bootp is a TCP/IP protocol used by a network device to obtain an IP address and other network information such as server address and default gateway.

Describes any medium that has physical constraints, such as coaxial, fiber-optic, and twisted pair. Compare with unbound medium.

See unbound medium.

(Bridge Protocol Data Unit) Identifies the status of ports and bridges across the network. BPDUs are simple data messages exchanged between switches. They contain information on ports and provide the status of those ports to other switches.

(Basic Rate Interface) An ISDN digital communications line that consists of three independent channels: two B channels each at 64Kbps and one D channel at 16Kbps. ISDN BRI is often referred to as 2B+D. See also ISDN and PRI.

A device that connects and passes packets between two network segments that use the same communications protocol. Bridges operate at the data link layer of the OSI model. A bridge filters, forwards, or floods an incoming frame based on the packet�s MAC address.

A list of MAC addresses that a bridge keeps and uses when it receives packets. The bridge uses the bridging address table to determine which segment the destination address is on before it sends the packet to the next interface or drops the packet (if it is on the same segment as the sending node).

A communications strategy that uses analog or digital signaling over multiple communications channels.

A packet-delivery system in which a copy of a packet is transmitted to all hosts attached to the network.

An undesirable condition in which broadcasts become so numerous that they bog down the flow of data across the network.

A device that you can use to combine the benefits of both routers and bridges. Its common usage is to route routable protocols at the network layer of the OSI model and to bridge nonroutable protocols at the data link layer.

A short-term decrease in the voltage level, usually caused by the startup demands of other electrical devices.

(Basic Service Set Identification) The BSSID is the MAC address of the wireless access point (AP).

An area of memory in a device used to temporarily store data before it is forwarded to another device or location.

A linear LAN architecture in which all devices connect to a common cable, called a bus or backbone.

The butt set is typically associated with telephony systems. It is used to test and access the phone line using clip wires that attach to the phone cable.

A set of bits (usually 8) that operate as a unit to signify a character.

A device that provides Internet access over cable television lines.

A tool used to strip the sheathing from copper cabling.

A device used to check for electrical continuity along a length of cable. Cable tester is a generic term that can be applied to devices such as volt/ohm meters and TDRs.

A type of DNS server that operates the same way as secondary servers except that a zone transfer does not take place when the caching-only server is started.

(Common Address Redundancy Protocol) A protocol that enables multiple hosts on the same network to share a set of IP addresses and thus provides failover redundancy. It is commonly used with routers and firewalls and can provide load balancing.

A signal that carries data. The carrier signal is modulated to create peaks and troughs, which represent binary bits.

A process in which a detailed record of every change made to the network is documented.

A communications path used for data transmission.

(Challenge Handshake Authentication Protocol) A protocol that challenges a system to verify identity. CHAP is an improvement over Password Authentication Protocol (PAP) in which one-way hashing is incorporated into a threeway handshake. RFC 1334 applies to both PAP and CHAP.

A basic method of error checking that involves calculating the sum of bytes in a section of data and then embedding the result in the packet. When the packet reaches the destination, the calculation is performed again to make sure that the value is still the same.

(classless interdomain routing) An IP addressing scheme that enables a single IP address to designate many unique IP addresses. CIDR addressing uses an IP address followed by a / and the IP network prefix. An example of a CIDR address is 192.168.100.0/16. CIDR is sometimes called supernetting.

A type of network security system whereby network traffic is filtered based on specified session rules and may be restricted to recognized computers only.

A method of sending data between two parties in which a dedicated circuit is created at the beginning of the conversation and is broken at the end. All data transported during the session travels over the same path, or circuit.

A TCP/IP network that uses addresses from 1 to 126 and supports up to 126 subnets with 16,777,214 unique hosts each.

A TCP/IP network that uses addresses from 128 to 191 and supports up to 16,384 subnets with 65,534 unique hosts each.

A TCP/IP network that uses addresses from 192 to 223 and supports up to 2,097,152 subnets with 254 unique hosts each.

A node that uses the services from another node on a network.

A networking architecture in which frontend, or client, nodes request and process data stored by the back-end, or server, node.

The hosting, storage, and delivery of computing as a service rather than a product. The end user accesses remotely stored programs and other resources through the Internet without the need for expensive local networking devices, services, and support.

A technology that enables two or more computers to act as a single system to provide improved fault tolerance, load balancing, and failover capability.

(canonical name) Specifies an alias or nickname for a canonical hostname record in a domain name system (DNS) database. CNAME records are used to give a single computer multiple names (aliases).

A data cable, commonly referred to as coax, that is made of a solid copper core insulated and surrounded by braided metal and covered with a thick plastic or rubber covering. Coax is the standard cable used in cable television and in older bus topology networks.

A disaster recovery site that provides office space, but the customer provides and installs all the equipment needed to continue operations.

A redundant piece of hardware stored in case a component should fail. Typically used for server systems.

The result of two frames simultaneously transmitting on an Ethernet network and colliding, thereby destroying both frames.

A segment of an Ethernet network between managing nodes, where only one packet can be transmitted at a time. Switches, bridges, and routers can be used to segment a network into separate collision domains.

An LED on networking equipment that flashes to indicate a collision on the network. A collision light can be used to determine whether the network is experiencing many collisions.

The transfer of information between nodes on a network.

A device that combines several communications channels into one. It is often used to combine multiple terminals into one line.

Packet transfer in which delivery is not guaranteed.

Packet transfer in which delivery is guaranteed.

The linking of nodes on a network for communication to take place.

When a change in the network routing is made, it takes some time for the routers to detect and accommodate this change

Normally, a backup of the entire hard drive. A copy backup is similar to a full backup, except that the copy backup does not alter the state of the archive bits on files.

A value used to encourage or discourage the use of a certain route through a network. Routes that are to be discouraged are assigned a higher cost, and those that are to be encouraged are assigned a lower cost. See also metric.

A person who attempts to break software code or gain access to a system to which he or she is not authorized. See also hacker.

The process of attempting to break software code, normally to defeat copyright protection or alter the software�s functioning. Also the process of attempting to gain unauthorized access to a computer system. See also hacking.

A challenge-response authentication mechanism.

(cyclical redundancy check) A method used to check for errors in packets that have been transferred across a network. A computation bit is added to the packet and recalculated at the destination to determine whether the entire content of the packet has been correctly transferred.

A tool used to join connectors to the ends of network cables.

A cable that can be used to directly connect two devices�such as two computer systems� or as a means to expand networks that use devices such as hubs or switches. A traditional crossover cable is a UTP cable in which the wires are crossed for the purposes of placing the transmit line of one device on the receive line of the other. A T1 crossover is used to connect two T1 CSU/DSU devices in a back-to-back configuration.

Electronic interference caused when two wires are too close to each other, and the adjacent cable creates interference.

(carrier sense multiple access with collision avoidance) A contention media access method that uses collision-avoidance techniques.

(carrier sense multiple access with collision detection) A contention media access method that uses collision-detection and retransmission techniques.

(Channel Service Unit/Data Service Unit) Acts as a translator between the LAN data format and the WAN data format. Such a conversion is necessary because the technologies used on WAN links are different from those used on LANs.

A switching method that does not copy the entire packet into the switch buffers. Instead, the destination address is captured into the switch, the route to the destination node is determined, and the packet is quickly sent out the corresponding port. Cut-through packet switching maintains a low latency.

In a frame, the field or section that contains the data.

Layer 2 of the OSI model, which is above the physical layer. Data comes off the cable, goes through the physical layer, and goes into the data link layer. The data link layer has two distinct sublayers: MAC and LLC.

An information grouping transmitted as a unit at the network layer. See also packet.

A 25-pin connector used for serial port or parallel port connection between PCs and peripheral devices.

A nine-pin connector used for serial port or parallel port connection between PCs and peripheral devices.

(delta) channel The channel used on ISDN to communicate signaling and other related information. Use of the D channel leaves the B channels free for data communication. See also B (bearer) channel.

(Dynamic Domain Name Service) A form of DNS that enables systems to be registered and deregistered with DNS dynamically. DDNS is facilitated by DHCP, which passes IP address assignments to the DNS server for entry into the DNS server records. This is in contrast with the conventional DNS system, in which entries must be manually made.

(Distributed Denial of Service) A DoS attack that utilizes more than one computer in the attack. See DoS (Denial of Service).

(digital data storage) A format for storing computer data on a DAT. DDS-formatted tapes can be read by either a DDS or DAT drive. The original DDS standard specified a 4mm tape cartridge with a capacity of 1.3GB. Subsequent implementations of DDS have taken the capacity to 40GB with compression.

A dedicated circuit used in WANs to provide a constant connection between two points.

Normally a router or a multihomed computer to which packets are sent when they are destined for a host on a different network.

The point at which communication lines enter a customer�s premises. Sometimes shortened to simply demarc.

The network address to which data is sent.

(Dynamic Host Configuration Protocol) A protocol that provides dynamic IP addressing to DHCPenabled workstations on the network.

Refers to the connection of a remote node to a network using POTS.

A backup of only the data that has been created or changed since the previous full backup. In a differential backup, the state of the archive bits is not altered.

On a Linux, UNIX, or Macintosh system, you can use the dig command to perform manual DNS lookups.

A system that enables network resources to be viewed as objects stored in a database. This database can then be divided and distributed among different servers on the network. Examples of directory services systems include Novell Directory Services and Microsoft Active Directory.

A plan for implementing duplicate computer services if a natural disaster, a human-made disaster, or another catastrophe occurs. A disaster recovery plan includes offsite backups and procedures to activate information systems in alternative locations.

A fault-tolerant standard based on RAID 1 that uses disk mirroring with dual disk controllers. See also RAID.

A fault-tolerant standard that is defined as RAID 1 and mirrors data between two disks to create an exact copy.

An implementation of RAID in which data is distributed across multiple disks in a stripe. Some striping implementations provide performance improvements (RAID 0), whereas others provide fault tolerance (RAID 5).

A type of routing in which a router uses broadcasts to inform neighboring routers on the network of the routes it knows about. Compare with linkstate routing.

(Data Link Control) The service provided by the data link layer of the OSI model.

(Demilitarized Zone) An area for placing web and other servers that serve the general public outside the firewall, therefore isolating them from internal network access.

(Domain Name Service) A system used to translate domain names, such as www.quepublishing.com, into IP addresses, such as 165.193.123.44. DNS uses a hierarchical namespace that enables the database of hostname- to-IP address mappings to be distributed across multiple servers.

(Data-Over-Cable Service Interface Specification) A telecommunications standard for transmitting high-speed data over existing cable TV systems.

A logical boundary of an Active Directory Structure on Windows servers. Also, a section of the DNS namespace.

A server that runs application software that enables the server to perform a role associated with the DNS service.

(denial of service) attack A type of hacking attack in which the target system is overwhelmed with requests for service, which keeps it from servicing any requests�legitimate or otherwise.

A period of time during which a computer system or network is unavailable. This may be due to scheduled maintenance or hardware or software failure.

(Digital Subscriber Line) A public network technology that delivers high bandwidth over conventional copper wiring over limited distances.

(data service unit) A network communications device that formats and controls data for transmission over digital lines. A DSU is used with a CSU.

(data terminal equipment) A device used at the user end of a user network interface that serves as a data source, a destination, or both. DTE devices include computers, protocol translators, and multiplexers.

A keyboard/monitor combination that enables access to a multiuser system but provides no processing or storage at the local level.

In RAID, a RAID 1 mirror set in which each drive is connected to a separate controller to eliminate the single point of failure that the controller created.

(Dense Wavelength Division Multiplexing) A form of multiplexing optical signals that replaces SONET/SDH regenerators with erbium doped fiber amplifiers (EDFAs) and can also amplify the signal and allow it to travel a greater distance. The main components of a DWDM system include a terminal multiplexer, line repeaters, and a terminal demultiplexer.

A routing system that enables routing information to be communicated between devices automatically and that can recognize changes in the network topology and update routing tables accordingly. Compare with static routing.

A flow control mechanism that prevents the sender of data from overwhelming the receiver. The amount of data that can be buffered in a dynamic window varies in size, hence its name.

(E-Carrier Level 1) An E1 link that operates over two separate sets of wires, typically twisted-pair cable.

(Extensible Authentication Protocol) An extension of PPP that supports authentication methods more secure than a standard username and password combination. EAP is commonly used as an authentication protocol for token cards, smart cards, and digital certificates.

(Extension Mechanisms for DNS) As specified by the Internet Engineering Task Force as RFC 2671, EDNS increases the size of the flags fields, return codes and label types available in basic DNS.

(Exterior Gateway Protocol) The exterior gateway protocol defines distance vector protocols commonly used between hosts on the Internet to exchange routing table information. BGP is an example of an EGP. See BGP.

(Enhanced Interior Gateway Routing Protocol) A protocol that enables routers to exchange information more efficiently than earlier network protocols. Routers configured to use EIGRP keep copies of their neighbors� routing information and query these tables to help find the best possible route for transmissions to follow.

(electromagnetic interference) External interference of electromagnetic signals that causes a reduction in data integrity and increased error rates in a transmission medium.

A technique used by protocols in which header and trailer information is added to the protocol data unit as it is passed down through the protocol stack on a sending system. The reverse process, decapsulation, is performed at the receiving system as the packet travels up through the protocol suite.

Modifying data for security purposes prior to transmission so that the data cannot be read without the decryption method.

(electrostatic discharge) A condition created when two objects of dissimilar electrical charge come into contact with each other. The result is that a charge from the object with the higher electrical charge discharges itself into the object with the lower-level charge. This discharge can be harmful to computer components and circuit boards.

(Encapsulated Security Packets) One of the two separate protocols IPSec consist of (the other being AH). ESP provides encryption services.

(Extended Service Set) The extended service set (ESS) refers to two or more BSS sets connected, therefore using multiple APs. The ESS would be used to create WLANs or larger wireless networks and is a collection of APs and clients. See BSS.

(Extended Service Set Identifier) The terms ESSID and SSID are used interchangeably, but they are different. The SSID is the name used with BSS networks, and the ESSID is the network name used with an ESS wireless network design. With an ESS, not all APs necessarily use the same name.

The most common LAN technology. Ethernet can be implemented using coaxial, twisted-pair, or fiber-optic cable. Ethernet typically uses the CSMA/CD media access method and has various implementation standards.

A utility available on Windows Server systems and client systems including Windows 7/Vista/XP. It is commonly used to gather systems information and also is used in the troubleshooting process.

The automatic switching from one device or system to another. Servers can be configured in a failover configuration so that if the primary server fails, the secondary server automatically takes over.

The IEEE 802.3u specification for data transfers of up to 100Mbps over twisted-pair cable. See also 100BaseFX, 100BaseT, and 100BaseTX.

The capability of a component, system, or network to endure a failure.

(Fiber Distributed Data Interface) A high-speed data transfer technology designed to extend the capabilities of existing LANs by using a dual-ring topology and a token-passing access method.

(Frequency-Division Multiplexing) A technology that divides the output channel into multiple smaller-bandwidth channels, each of which uses a different frequency range.

(Frequency Hopping Spread Spectrum) A multiple access method of transferring radio signals in the frequency- hopping code division multiple access (FH-CDMA) scheme.

Also known as fiber optics or optical fiber, a physical medium that can conduct modulated light transmissions. Compared with other transmission media, fiberoptic cable is more expensive, but it is not susceptible to EMI or crosstalk, and it is capable of high data rates and increased distances.

A technology that defines full gigabit-per-second data transfer over fiber-optic cable. Commonly used with storage area network (SAN) implementations.

A program, system, device, or group of devices that acts as a barrier between one network and another. Firewalls are configured to enable certain types of traffic to pass while blocking others.

A method of controlling the amount of data transmitted within a given period of time. Different types of flow control exist. See also dynamic window and static window.

(Frequency Modulation) One form of radio modulation, this communication technique transmits information over a radio wave.

(fully qualified domain name) The entire domain name. It specifies the name of the computer, the domain in which it resides, and the top-level DNS domain (for example, www.marketing.quepublishing.com).

A switching method that uses the first 64 bytes of a frame to determine whether the frame is corrupted. If this first part is intact, the frame is forwarded.

A grouping of information transmitted as a unit across the network at the data link layer of the OSI model.

In a data frame, the field that specifies the length of a frame.

In a data frame, the field that names the protocol being sent in the frame.

The number of cycles of an alternating current signal over a unit of time. Frequency is expressed in hertz.

(File Transfer Protocol) A protocol that provides for the transfer of files between two systems. FTP is part of the TCP/IP suite and operates at Layer 7 of the OSI model.

A screw-type connector used with coaxial cable. In computing environments, it is most commonly used to connect cable modems to ISP equipment or incoming cable feeds.

A backup in which files, regardless of whether they have been changed, are copied to the backup medium. In a full backup, the files� archive bits are reset.

A system in which data simultaneously transmits in two directions. Compare with half duplex.

A hardware or software solution that enables communications between two dissimilar networking systems or protocols. A gateway can operate at any layer of the OSI model but is commonly associated with the application layer.

(gigabit) 1 billion bits, or 1000Mb.

(Gigabit Interface Converter) A Gigabit Ethernet and fibre channel transceiver standard.

(gigabits per second) The throughput of a given network medium in terms of 1 billion bps.

(grandfather, father, son) A tape rotation backup strategy of maintaining backups on a daily, weekly, and monthly schedule. Backups are made on a 5-day or 7- day schedule. A full backup is performed at least once a week. On all other days, full, incremental, or differential backups (or no backups at all) are performed. The daily incremental, or differential, backups are known as the son. The father is the last full backup in the week (the weekly backup). The grandfather is the last full backup of the month (the monthly backup).

An IEEE 802.3 specification that defines standards for data transmissions of 1Gbps. See also 1000BaseX.

(GNU Privacy Guard) An IETF RFC 4880-compliant alternative to the PGP suite of cryptographic software.

A method of flow control in which the sending and receiving hosts agree on a rate of data transmission. After the rate is determined, the communication takes place at the guaranteed rate until the sender is finished. No buffering takes place at the receiver.

A person who carries out attacks on a computer software program. See also cracker.

A connection in which data is transmitted in both directions but not simultaneously. Compare with full duplex.

The initial communication between two data communication devices, during which they agree on protocol and transfer rules for the session.

The hardwareencoded MAC address burned into every NIC.

A device plugged into an interface for the purposes of simulating a network connection. This enables the interface to be tested as if it is operating while connected.

(High-Level Data Link Control) An ISO developed bitoriented synchronous data link layer protocol used for point-to-point or point-to-multipoint connections.

The means by which routing protocols determine the shortest way to reach a given destination. Each router constitutes one hop. If a router is four hops away from another router, for example, three routers, or hops, exist between the first router and the destination. In some cases, the final step is also counted as a hop.

Ties the telecommunication room to the end user. Specifically, the horizontal cabling extends from the telecommunications outlet, or network outlet with RJ-45 connectors, at the client end. It includes all cable from that outlet to the telecommunication room to the horizontal crossconnect. The term horizontal crossconnect refers to the distribution point for the horizontal cable.

Typically refers to any device on the network that has been assigned an IP address.

A firewall system installed and configured on and used for an individual host. Contrast to a network firewall that provides firewall services for all network nodes.

An identifier used to uniquely identify a client or resource on a network.

A name assigned to a system for the purposes of identifying it on the network in a more user-friendly manner than by the network address.

A text file that contains hostname-to-IP address mappings. All commonly used platforms accommodate static name resolution using the HOSTS file.

A disaster recovery term used to describe an alternative network site that can be immediately functional in the event of a disaster at the primary site.

In a RAID configuration, a drive that sits idle until another drive in the RAID array fails, at which point the hot spare takes over the role of the failed drive.

An area in which an access point provides public wireless broadband network services to mobile visitors through a WLAN. Hotspots are often located in heavily populated places such as airports, hotels, and coffee shops.

The removal and replacement of a component in a system while the power is still on and the system is functioning.

(Hot Standby Router Protocol) A Cisco proprietary protocol used for establishing redundant gateways.

(Hypertext Transfer Protocol) A protocol used by web browsers to transfer pages, links, and graphics from the remote node to the user�s computer.

(Hypertext Transfer Protocol Secure) A protocol that performs the same function as HTTP but does so over an encrypted link, ensuring the confidentiality of any data that is uploaded or downloaded. Also referred to as S-HTTP.

A hardware device that acts as a connection point on a network that uses twisted-pair cable. Also known as a concentrator or a multiport repeater.

A Windows-based communications program that enables users to establish host/shell access to a remote system.

(Hertz) Equivalent to cycles per second, hertz is the unit of frequency defined as the number of cycles per second of a periodic phenomenon.

(Internet Assigned Numbers Authority) An organization responsible for IP addresses, domain names, and protocol parameters. Some functions of IANA, such as domain name assignment, have been devolved into other organizations.

(Internet Control Message Protocol) A network layer Internet protocol documented in RFC 792 that reports errors and provides other information relevant to IP packet processing. Utilities such as ping and tracert use functionality provided by ICMP.

(Internet Connection Sharing) The use of one device with access to the Internet as an access point for other devices to connect.

Some networks use multiple wiring closets. When this is the case, the wiring closet, known as the main distribution frame (MDF), connects to secondary wiring closets, or intermediate distribution frames (IDFs). See also MDF.

(Intrusion Detection System) A software application or hardware device that monitors a network or system for malicious or nonpolicy related activity and reports to a centralized management system.

(Institute of Electrical and Electronics Engineers) A professional organization that, among other things, develops standards for networking and communications.

A standard that defines a system for connecting up to 63 devices on an external bus. IEEE 1394 is commonly used with consumer electronic devices such as video cameras and MP3 players. IEEE 1394 is based on a technology developed by Apple Computers called FireWire.

A standard that defines the OSI model�s physical and data link layers. This standard allows two IEEE LAN stations to communicate over a LAN or WAN and is often called the internetworking standard.

An IEEE security standard designed for authenticating wireless devices. This standard uses Extensible Authentication Protocol (EAP) to provide a central authentication server to authenticate each user on the network.

A standard that defines the LLC sublayer of the data link layer for the entire series of protocols covered by the 802.x standards. This standard specifies the adding of header fields, which tell the receiving host which upper layer sent the information.

A standard that specifies physical layer attributes, such as signaling types, data rates, and topologies, as well as the media access method used. It also defines specifications for the implementation of the physical layer and the MAC sublayer of the data link layer, using CSMA/CD. This standard also includes the original specifications for Fast Ethernet.

A standard that defines how production machines should communicate. It establishes a common protocol for use in connecting these machines. It also defines specifications for the implementation of the physical layer and the MAC sublayer of the data link layer, using token ring access over a bus topology.

A standard used to define token ring. However, it does not specify a particular topology or transmission medium. It provides specifications for the implementation of the physical layer and the MAC sublayer of the data link layer, using a token-passing media access method on a ring topology.

A standard that defines the distributed queue dual-bus technology to transfer high-speed data between nodes. It provides specifications for the implementation of MANs.

A standard that defines the design, installation, and testing of broadband-based communications and related physical media connectivity.

A standard that defines the Fiber Optic Technical Advisory Group, which advises the other 802 standards committees on various fiberoptic technologies and standards.

A standard that defines the integration of voice and data transmissions using isochronous Ethernet.

A standard that focuses on security issues by defining a standard method for protocols and services to exchange data securely by using encryption mechanisms.

The original IEEE wireless standard, which defines standards for wireless LAN communication.

A wireless networking standard operating in the 5GHz band. 802.11a supports a maximum theoretical data rate of 54Mbps. Depending on interference, 802.11a could have a range of 150 feet at the lowest speed setting. Higher-speed transmissions would see a lower range. 802.11a uses the CSMA/CA media access method and is incompatible with 802.11b and 802.11g.

A commonly deployed IEEE wireless standard that uses the 2.4GHz RF range and offers speeds up to 11Mbps. Under ideal conditions, the transmission range can be as far as 75 meters.

An IEEE wireless standard that is backward compatible with 802.11b. 802.11g offers a data rate of 54Mbps. Like 802.11b, 802.11g uses the 2.4GHz RF range.

The 802.11n standard significantly increase throughput in both the 2.4GHz and 5GHz frequency range. The baseline goal of the standard reaches speeds of 100Mbps, but given the right conditions, 802.11n speeds may reach 600Mbps. In practical operation, 802.11n speeds are much less.

A standard that defines 100BaseVG-AnyLAN, which uses a 1Gbps signaling rate and a special media access method that enables 100Mbps data traffic over voice-grade cable.

(Internet Engineering Task Force) A group of research volunteers responsible for specifying the protocols used on the Internet and the architecture of the Internet.

A command used on Linux, UNIX, and OS/2 systems to obtain configuration for and configure network interfaces.

(Internet Group Management Protocol) A protocol used for communication between devices within the same multicast group. IGMP provides a mechanism for systems to detect and make themselves aware of other systems in the same group.

The interior gateway protocol (IGP) identifies the protocols used to exchanging routing information between routers within a LAN or interconnected LANs. See EGP.

(Internet Information Services) A web server application and supporting services created by Microsoft for Microsoft Windows.

(Internet Key Exchange) An IPSec protocol that uses X.509 certificates for authentication.

(Internet Message Access Protocol version 4) A protocol that enables email to be retrieved from a remote server. It is part of the TCP/IP suite, and it is similar in operation to POP3 but offers more functionality.

A backup of only files that have been created or changed since the last backup. In an incremental backup, the archive bit is cleared to indicate that a file has been backed up.

A wireless data communication method that uses light pulses in the infrared range as a carrier signal.

A wireless topology that defines a wireless network composed of an access point connected to a wired LAN. Wireless devices communicate with the wired LAN through the access point (AP).

The file system or directory access rights valid at a given point as a result of those rights being assigned at a higher level in the directory structure.

A hub or switch that contains some management or monitoring capability.

A UPS that has associated software for monitoring and managing the power provided to the system. For information to be passed between the UPS and the system, the UPS and system must be connected, which normally is achieved through a serial or USB connection.

A device, such as a card or plug, that connects pieces of hardware with a computer so that information can be moved from place to place (for example, between computers and printers, hard disks, and other devices, or between two or more nodes on a network). Also, the part of an application or operating system that the user sees.

Anything that can compromise a signal�s quality. On bound media, crosstalk and EMI are examples of interference. In wireless environments, atmospheric conditions that degrade a signal�s quality would be considered interference.

Functionality built into the TCP/IP stack that enables you to verify the correct functioning of the stack. You can ping any IPv4 address in the 127.x.x.x range, except the network address (127.0.0.0) or the broadcast address (127.255.255.255). The address 127.0.0.1 is most commonly used. In IPv6, the localhost (loopback) address is 0:0:0:0:0:0:0:1.

The name of an area of the DNS namespace. The Internet domain name normally is expressed along with the toplevel domain to which it belongs (for example, comptia.org).

In the TCP/IP architectural model, the layer responsible for addressing, packaging, and routing functions. Protocols that operate at this layer are responsible for encapsulating packets into Internet datagrams. All necessary routing algorithms are run here.

A group of networks connected by routers or other connectivity devices so that the networks function as one network.

The process or procedures that warn you about successful or failed unauthorized access to a system.

(Internet Protocol) A network layer protocol, documented in RFC 791, that offers a connectionless internetwork service. IP provides features for addressing, packet fragmentation and reassembly, type-ofservice specification, and security.

The unique address used to identify the network number and node address of a device connected to a TCP/IP network. IPv4 addresses typically are expressed in dotted-decimal format, such as 192.168.1.1. A typical IPv6 address looks like 2001:0:4137:9e76:18d1: 2094:b980:a30.

(Intrusion Prevention System) A network device that continually scans the network, looking for inappropriate activity.

A Windows command that provides information about the configuration of the TCP/IP parameters, including the IP address.

(IP Security) A protocol used to provide strong security standards for encryption and authentication on virtual private networks.

(Internet Protocol version 4) A suite of protocols used for communication on a local area network and for accessing the Internet.

(Internet Protocol version 6) The new version of IP, which has a larger range of usable addresses than the current version of IP, IPv4, and enhanced security.

A wireless networking technology that uses infrared beams to send data transmissions between devices.

(Internet Security Association and Key Management Protocol) Defined by RFC 2408, ISAKMP is a protocol typically used by IKE for key exchange.

(Integrated Services Digital Network) An internationally adopted standard for providing endto- end digital communications between two points. ISDN is a dialup technology allowing data, voice, and other source traffic to be transmitted over a dedicated link.

A device that enables communication over an ISDN link.

Intermediate System-to- Intermediate System. A link-state protocol that discovers the shortest path for data to travel using the shortest path first (SPF) algorithm. IS-IS routers distribute topology information to other routers, allowing them to make the best path decisions.

(International Organization for Standardization) A voluntary organization founded in 1946 that is responsible for creating international standards in many areas, including communications and computers. This also includes the development of the OSI model.

(Internet service provider) A company or organization that provides facilities for clients to access the Internet.

(Initialization Vector) A fixed size input used in cryptography. The larger initialization vector, the more it increases the difficulty in cracking and minimizes the risk of replay.

(or jumpering) Refers to the physical placement of shorting connectors on a board or card.

A term used to describe devices configured via a software utility rather than by physical jumpers on the circuit board.

(kilobit) 1,000 bits.

(kilobyte) 1,000 bytes.

A network authentication protocol designed to ensure that the data sent across networks is encrypted and safe from attack. Its primary purpose is to provide authentication for client/server applications.

(Layer 2 Forwarding) A Cisco tunneling protocol designed to specifically tunnel point-to-point protocol (PPP) traffic.

(Layer 2 Tunneling Protocol) A VPN protocol that defines its own tunneling protocol and works with the advanced security methods of IPSec. L2TP enables PPP sessions to be tunneled across an arbitrary medium to a home gateway at an ISP or corporation.

(Link Aggregation Control Protocol) An IEEE specification that provides a control method of bundling several physical ports into one single channel.

(local area network) A group of connected computers located in a single geographic area�usually a building or office�that share data and services.

The delay induced by a piece of equipment or device used to transfer data.

A media connector used with fiber-optic cabling.

A protocol used to access and query compliant directory services systems such as Microsoft Active Directory and Novell Directory services.

A bridge that builds its own bridging address table instead of requiring someone to manually enter information. Most modern bridges are learning bridges. Also called a smart bridge.

An older computer system or technology.

A device used to stabilize the flow of power to the connected component. Also known as a power conditioner or voltage regulator.

An LED on a networking device such as a hub, switch, or NIC. The illumination of the link light indicates that, at a hardware level, the connection is complete and functioning.

A dynamic routing method in which routers tell neighboring routers of their existence through packets called linkstate advertisements (LSAs). By interpreting the information in these packets, routers can create maps of the entire network. Compare with distance-vector routing.

A UNIX-like operating system kernel created by Linus Torvalds. Linux is distributed under an open-source license agreement, as are many of the applications and services that run on it.

(logical link control) layer A sublayer of the data link layer of the OSI model. The LLC layer provides an interface for network layer protocols and the MAC sublayer.

A text file used in a Windows network environment that contains a list of NetBIOS hostname- to-IP address mappings used in TCP/IP name resolution.

The addressing method used in providing manually assigned node addressing.

The appearance of the network to the devices that use it, even if in physical terms the layout of the network is different. See also physical topology.

A continuous circle that a packet takes through a series of nodes in a network until it eventually times out.

A device used for loopback testing.

A troubleshooting method in which the output and input wires are crossed or shorted in a manner that enables all outgoing data to be routed back into the card.

(Media Access Control) address A six-octet number, described in hexadecimal, that uniquely identifies a host on a network. It is a unique number burned into the network interface.

In the OSI model, the lower of the two sublayers of the data link layer. It is defined by the IEEE as being responsible for interaction with the physical layer.

Version 10 of an operating system designed for Macintosh computer systems. Mac OS X represents a complete shift in Apple operating systems because it is based on UNIX code and as such can be managed using UNIX utilities and procedures.

(metropolitan area network) A network that spans a defined geographic location, such as a city or suburb.

The supplying name server that has authority in a DNS zone.

(megabit) 1 million bits. Used to rate transmission transfer speeds.

(megabyte) 1 million bytes. Usually refers to file size.

(megabits per second) How many millions of bits can travel across a given medium in a second.

The main distribution frame is a type of wiring closet. The primary wiring closet for a network typically holds the majority of the network gear, including routers, switches, wiring, servers, and more. This is also typically the wiring closet where outside lines run into the network. This main wiring closet is known as the MDF. One of the key components in the MDF is a primary patch panel. The network connector jacks attached to this patch panel lead out to the building for network connections. See also IDF.

(medium-dependent interface) A type of port found on Ethernet networking devices such as hubs and switches in which the wiring is straight through. MDI ports are sometimes called uplink ports. They are intended for use as connectivity points to other hubs and switches.

(medium-dependent interface crossed) A type of port found on Ethernet networking devices in which the wiring is crossed so that the transmit line of one device becomes the receive line of the other. MDI-X is used to connect hubs and switches to client computers.

Network media converters are used to interconnect different types of cables within an existing network. For example, the media converter can be used to connect newer Gigabit Ethernet technologies with older 100BaseT networks.

Defines a range of software or hardware tools designed to test a particular media type.

The label assigned to define the location in memory where information is stored.

A type of network topology in which each node connects to every other node. The mesh network provides a high level of redundancy because it provides alternative routes for data to travel should a single route becomes unavailable.

A value that can be assigned to a route to encourage or discourage the use of the route. See also cost.

(Management Information Base) A data set that defines the criteria that can be retrieved and set on a device using SNMP.

The process of using switches to divide a network into smaller segments.

A wireless technology sometimes used to transmit data between buildings and across vast distances.

A fault-tolerant technique in which an exact duplicate of data on one volume is created on another. Mirroring is defined as RAID 1. See also RAID.

(Multimode Fiber) A type of fiber in which many beams of light travel through the cable, bouncing off the cable walls. This strategy actually weakens the signal, reducing the length and speed at which the data signal can travel. See also SMF.

(modulator-demodulator) A device used to modulate and demodulate the signals that pass through it. It converts the direct current pulses of the serial digital code from the controller into the analog signals compatible with the telephone network.

(Multiprotocol Label Switching) A technology designed to speed up network traffic flow by moving away from the use of traditional routing tables. Instead of routing tables, MPLS uses short labels to direct packets and forward them through the network.

(multistation access unit) A device used in an IBM Token-Ring Network. It organizes the connected nodes into an internal ring and uses the RI and RO connectors to expand to other MSAUs on the network. Sometimes referred to as MAU.

A media connector used with fiber-optic cabling.

A single-packet transmission from one sender to a specific group of destination nodes.

A term used to refer to a device that has more than one network interface.

A tool used to measure voltage, current and resistance.

A term used to refer to a programming language, technology, or protocol that runs on different types of CPUs or operating systems.

A technique of combining multiple channels over a transmission path and then recovering or demultiplexing the separate channels at the receiving end. Examples include FDM, TDM, CDM, and WDM.

(Network as a Service) A cloud computing model offered by many telecom providers provided on demand in a pay-as-you-go model.

(Network Access Control) A computer networking security solution that uses a set of network protocols with the goal to unify endpoint security solutions such as antivirus, vulnerability assessment, and authentication.

A server that contains a database of name resolution information used to resolve network names to network addresses.

(Network Address Translation) A standard that enables the translation of IP addresses used on one network to a different IP address that is acceptable for use on another network. This translation enables multiple systems to access an external network, such as the Internet, through a single IP address.

(Network attached Storage) A specialized file level computer storage device connected to a network.

A Windows operating system command-line utility that displays protocol statistics and current TCP/IP connections using NetBIOS over TCP/IP (NBT).

(NetBIOS Extended User Interface) A nonroutable, Microsoft-proprietary networking protocol designed for use in small networks.

(Network Basic Input/Output System) A software application that enables different applications to communicate between computers on a LAN.

A Windows operating system command-line utility that displays protocol statistics and current TCP/IP network connections.

See NIC.

The part of a TCP/IP address that specifies the network portion of the IP address. The network ID is determined by the class of the address, which in turn is determined by the subnet mask used.

The bottom layer of the TCP/IP architectural model, which is responsible for sending and receiving frames.

Layer 3 of the OSI model, which is where routing based on node addresses (IP addresses) occurs.

An operating system that runs on the servers on a network. Network operating systems include Windows Server 2008, UNIX, and Linux.

A discussion group that focuses on a specific topic and is made up of a collection of messages posted to an Internet site. Newsgroups are useful resources for support personnel.

(Network File System) A file sharing and access protocol most commonly associated with UNIX and Linux systems.

(network interface card) A hardware component that serves as the interface, or connecting component, between a network and the node. It has a transceiver, a MAC address, and a physical connector for the network cable. Also called a network adapter or network card.

(Network Intrusion Prevention System) A network security system that monitors, blocks, and reports malicious network activity.

(Network Management System) An application that acts as a central management point for network management. Most NMS systems use SNMP to communicate with network devices. See also SNMP.

(Network News Transfer Protocol) An Internet protocol that controls how news articles are to be queried, distributed, and posted. NNTP uses port 119.

Another name for EMI. See also EMI.

Windows and Linux/UNIX command-line utility used to query Domain Name System (DNS) servers and clients to obtain DNS information.

(Network Time Protocol) A protocol used to communicate time synchronization information between devices on the network. NTP is part of the TCP/IP suite. NTP uses port 123.

(operating system) The main computer program that manages and integrates all the applications running on a computer. The OS handles all interactions with the processor.

(Open Systems Interconnect) reference model A seven-layer model created by the ISO to standardize and explain the interactions of networking protocols.

(Open Shortest Path First) A link-state routing protocol used on TCP/IP networks. Compare with distance-vector routing.

A tool used to locate problems with optical media, such as cable breaks.

A packet refers to a unit of data that travels in communication networks.

A firewall method in which each packet that attempts to pass through the firewall is examined to determine its contents. The packet is then allowed to pass, or it is blocked, as appropriate.

A device or application that enables data to be copied from the network and analyzed. In legitimate applications, it is a useful network troubleshooting tool.

(personal area network) A network layout whereby devices work together in close proximity to share information and services, commonly using technologies such as Bluetooth or infrared.

(Password Authentication Protocol) A simple authentication protocol in which the username and password are sent to the remoteaccess server in clear text, making it possible for anyone listening to network traffic to steal both. PAP typically is used only when connecting to older UNIX-based remote-access servers that do not support any additional authentication protocols.

A hub that has no power and therefore does not regenerate the signals it receives. Compare with active hub.

A set of characters used with a username to authenticate a user on a network and to provide the user with rights and permissions to files and resources.

(Port Address Translation) A variation on NAT (Network Address Translation). With PAT, all systems on the LAN are translated into the same IP address, but with a different port number assignment. See also NAT.

A fix for a bug in a software application. Patches can be downloaded from the Internet to correct errors or security problems in software applications.

A cable, normally twisted pair, used to connect two devices. Strictly speaking, a patch cable is the cable that connects a port on a hub or switch to the patch panel, but today people commonly use the term to refer to any cable connection.

A device in which the cables used in coaxial or twisted-pair networks converge and are connected. The patch panel is usually in a central location.

A network environment that does not have dedicated servers, where communication occurs between similarly capable network nodes that act as both clients and servers.

Authorization provided to users that allows them to access objects on a network. Network administrators generally assign permissions. Permissions are slightly different from but often used with rights.

The MAC address on every NIC. The physical address is applied to a NIC by the manufacturer. Except for rare occurrences, it is never changed.

Layer 1 of the OSI model, where all physical connectivity is defined.

A diagram that displays the physical layout of a network including placement of systems and all network cabling.

The actual physical layout of the network. Common physical topologies include star, bus, and ring. Compare with logical topology.

A TCP/IP stack utility that works with ICMP and that uses echo requests and replies to test connectivity to other systems.

(Public Key Infrastructure) A collection of software, standards, and policies combined to enable users from the Internet or other unsecured public networks to securely exchange data. PKI uses a public and private cryptographic key pair obtained and shared through a trusted authority.

The space between the structural ceiling and a drop-down ceiling. It is commonly used for heating, ventilation, and air conditioning systems and to run network cables.

An architecture designed to enable the operating system to detect hardware devices and for the driver to be automatically loaded and configured.

(Power over Ethernet) A technology that enables electrical power to be transmitted over twisted- pair Ethernet cable. The power is transferred, along with data, to provide power to remote devices.

(PtMP) A wireless connection designed to link multiple wired networks. Signals in point-to-multipoint networks travel from a central node such as a base station of a cellular system, an access point of a WLAN, or a satellite.

(PtP) Refers to a wireless topology configuration. It identifies the communication link from one node directly to one other node. Wireless point-to-point systems are often used in wireless backbone systems such as microwave relay communications, or as a replacement for a single wired communication cable.

Policies refer to an organization�s documented rules regarding what is to be done, or not done, and why. Network procedures differ from policies in that they identify the way in which tasks are to be performed.

The media access method for transmitting data in which a controlling device is used to contact each node to determine whether it has data to send.

(Post Office Protocol version 3) A protocol that is part of the TCP/IP suite used to retrieve mail stored on a remote server. The most commonly used version of POP is POP3. POP is an application layer protocol.

In physical networking terms, a pathway on a networking device that enables other devices to be connected. In software terms, a port is the entry point into an application, a system, or a protocol stack.

A process by which two ports on a device, such as a switch, are configured to receive the same information. Port mirroring is useful in troubleshooting scenarios.

(plain old telephone system) The current analog public telephone system. See also PSTN.

(Point-to-Point Protocol) A common dialup networking protocol that includes provisions for security and protocol negotiation. Provides host-to-network and switch-toswitch connections for one or more user sessions.

(Point-to-Point Protocol over Ethernet) An Internet connection authentication protocol that uses two separate technologies, Ethernet and PPP, to provide a method for multiple users to share a common Digital Subscriber Line (DSL), cable modem, or wireless connection to the Internet.

(Point-to-Point Tunneling Protocol) A protocol that encapsulates private network data in IP packets. These packets are transmitted over synchronous and asynchronous circuits to hide the Internet�s underlying routing and switching infrastructure from both senders and receivers.

Layer 6 of the OSI model, which prepares information to be used by the application layer.

(Primary Rate Interface) A high-level network interface standard for use with ISDN. PRI is defined as having a rate of 1.544Mbps, and it consists of a single 64Kbps D channel plus 23 T1 B channels for voice or data. See also BRI and ISDN.

The DNS server that offers zone data from files stored locally on the machine.

A network to which access is limited, restricted, or controlled. Most corporate networks are private networks. Compare with public network.

A standard or specification created by a single manufacturer, vendor, or other private enterprise.

A set of rules or standards that control data transmission and other interactions between networks, computers, peripheral devices, and operating systems.

Protocol analyzers can be hardware- or software-based with their primary function being to analyze network protocols such as TCP, UPD, HTTP, FTP and more.

A device, application, or service that acts as an intermediary between two hosts on a network, eliminating the capability for direct communication.

A server that acts as a go-between for a workstation and the Internet. A proxy server typically provides an increased level of security, caching, NAT, and administrative control.

(public switched telephone network) A term that refers to all the telephone networks and services in the world. The same as POTS, PSTN refers to the world�s collection of interconnected public telephone networks that are both commercial- and government-owned. All the PSTN is digital, except the connection between local exchanges and customers (which is called the local loop or last mile), which remains analog.

A network, such as the Internet, to which anyone can connect with the most minimal of restrictions. Compare with private network.

A device used to connect network cables from equipment closets or rooms to other parts of a building. Connections to networking equipment such as hubs or switches are established from the punchdown block. Also used in telecommunications wiring to distribute phone cables to their respective locations throughout the building.

A hand tool that enables the connection of twistedpair wires to wiring equipment such as a patch panel.

(permanent virtual circuit) A permanent dedicated virtual link shared in a Frame Relay network, replacing a hardwired dedicated end-to-end line.

(quality of service) Describes the strategies used to manage and increase the flow of network traffic. QoS features enable administrators to predict bandwidth use, monitor that use, and control it to ensure that bandwidth is available to the applications that need it.

(Remote Authentication Dial-in User Service) A security standard that employs a client/server model to authenticate remote network users. Remote users are authenticated using a challenge-andresponse mechanism between the remote-access server and the RADIUS server.

(Redundant Array of Inexpensive Disks) A method to store data on multiple hard drives, enabling the overlapping of I/O operations. The RAID levels offer either fault-tolerance or performance advantages.

A RAID configuration that employs data striping but that lacks redundancy because no parity information is recorded (see RAID 5). As a result, RAID 0 offers no fault tolerance, but it does offer increased performance. Requires a minimum of two disks.

A fault-tolerant method that uses disk mirroring to duplicate the information stored on a disk. Also called disk duplexing when the two drives in a RAID 1 array are connected to separate disk controllers.

A fault-tolerant method that uses disk striping with distributed parity. Striping is done across the disks in blocks.

Also called RAID 1/0. A RAID configuration in which stripe sets (RAID 0) are mirrored (RAID 1). This combination provides the fault-tolerant aspects of RAID 1 and the performance advantages of RAID 0.

(Reverse Address Resolution Protocol) A protocol, part of the TCP/IP suite, that resolves MAC addresses to IP addresses. Its relative ARP resolves IP addresses to MAC addresses. RARP resides on the network layer of the OSI model.

(Remote Access Service) A Windows service that enables access to the network through remote connections.

(Remote Desktop Protocol) A presentation layer protocol that supports traffic between a Windows Terminal Client and Windows Terminal Server.

Regulations are actual legal restrictions with legal consequences.

In networking, having physical control of a remote computer through software.

A node or computer connected to a network through a remote connection. Dialing in to the Internet from home is an example of the remote node concept.

A device that regenerates and retransmits signals on a network. Repeaters usually are used to strengthen signals going long distances.

A system that requests the resolution of a name to an IP address. This term can be applied to both DNS and WINS clients.

To transfer data from backup media to a server. The opposite of backup.

(Request for Comments) The process by which standards relating to the Internet, the TCP/IP suite, and associated technologies are created, commented on, and approved.

Designations for the coaxial cable used in thin coaxial networks that operate on the Ethernet standard.

An authorization provided to users that allows them to perform certain tasks. The network administrator generally assigns rights. Slightly different from but often used with the term permissions.

(Routing Information Protocol) A protocol that uses hop count as a routing metric to control the direction and flow of packets between routers on an internetwork.

A connector used with telephone systems. Can have up to six conductors.

A connector used with twisted-pair cable. Can support eight conductors for four pairs of wires.

The entire path between two nodes on a network.

A device that works at the network layer of the OSI model to control the flow of data between two or more network segments.

An algorithm for public-key cryptography. Can be used for encryption purposes. RSA is used as a secure solution for e-commerce.

Real-time Transport Protocol (RTP). The Internet-standard protocol for the transport of real-time data, including audio and video.

A momentary drop in the voltage provided by a power source.

The SC connector is a type of connector used with fiber cabling.

(Secure Copy Protocol) A basic file-copying protocol that uses Secure Shell (SSH) technology to provide security to the transfer.

(Symmetrical Digital Subscriber Line) A DSL implementation that offers the same speeds for uploads and downloads. It is not widely implemented in the home/small business environment and cannot share a phone line.

A type of DNS server that gets its zone data from another DNS name server that has authority in that zone.

A log located in the Windows Event Viewer that provides information on audit events that the administrator has determined to be security-related. These events include logons, attempts to log on, attempts to access areas that are denied, and attempts to log on outside normal hours.

A physical section of a network.

A network node that fulfills service requests for clients. Usually referred to by the type of service it performs, such as file server, communications server, or print server.

An application run from a network share rather than from a copy installed on a local computer.

A network operating system dedicated to providing services to workstations, or clients. See also client/server networking.

A software update that fixes multiple known problems and in some cases provides additional functionality to an application or operating system.

How long the dialog remains open between two nodes.

Layer 5 of the OSI model, which establishes, manages, and terminates sessions between applications on different nodes.

(Secure File Transfer Protocol) An implementation of File Transfer Protocol (FTP) that uses Secure Shell (SSH) technology to provide additional authentication and encryption services for file transfers.

The infrastructure component routed directly into an internetwork�s backbone for optimal systems access. It provides connectivity to servers and other shared systems.

An interface, graphical or otherwise, that enables a user to access the functionality of an operating system.

An application layer protocol designed to establish and maintain multimedia sessions such as Internet telephony calls.

(Single-mode fiber) A type of fiber that uses a single direct beam of light, thus allowing for greater distances and increased transfer speeds. See also MMF.

(Simple Mail Transfer Protocol) An Internet protocol used for the transfer of email messages and attachments.

(Static NAT) A simple form of NAT. SNAT maps a private IP address directly to a static unchanging public IP address. See also NAT.

(Simple Network Management Protocol) Provides network devices with a method to monitor and control network devices

A software component that enables a device to communicate with, and be contacted by, an SNMP management system.

An SNMP utility that sends an alarm to notify the administrator that something within the network activity differs from the established threshold, as defined by the administrator.

(start of authority) A record of information containing data on DNS zones and other DNS records. A DNS zone is the part of a domain for which an individual DNS server is responsible. Each zone contains a single SOA record.

(Small Office / Home Office) A small network typically serving 1 to 10 users.

(Synchronous Optical Network) A U.S. standard for data transmission that operates at speeds up to 2.4Gbps over optical networks referred to as OC-x, where x is the level. The international equivalent of SONET is Synchronous Digital Hierarchy (SDH).

The address of the host that sent the frame. The source address is contained in the frame so that the destination node knows who sent the data.

A bridge used in source-route bridging to send a packet to the destination node through the route specified by the sending node.

An instantaneous, dramatic increase in the voltage input to a device. Spikes are responsible for much of the damage done to network hardware components.

(Standby Power Supply) A type of power supply in which the SPS monitors the power line and switches to battery power as soon as it detects a problem. During the time it takes to switch to battery power, the computer does not receive any power and may power down. This is in contrast to an online UPS, which constantly provides battery power.

(Secure Shell) An application, such as Telnet, that enables a session to be opened on a remote host. SSH differs from Telnet in that it provides additional authentication methods and encryption for data as it traverses the network. SSH uses TCP/IP port 22.

(Service Set Identifier) A unique client identifier sent over the WLAN that acts as a simple password used for authentication between a wireless client and an access point. The SSID is used to differentiate between networks. Therefore, the client system and the AP must use the same SSID.

(Secure Sockets Layer) A method of securely transmitting information to and receiving information from a remote website. SSL is implemented through HTTPS. SSL operates at the presentation layer of the OSI model and uses TCP/IP port 443.

(Spanning Tree Algorithm) A standard defined by IEEE 802.1 as part of STP to eliminate loops in an internetwork with multiple paths.

A type of physical network design is which all nodes connect to a centralized device�in most cases a network switch.

An IP address manually assigned to a network device, as opposed to dynamically via DHCP.

A routing method in which all routes must be entered into a device manually and in which no route information is exchanged between routing devices on the network. Compare with dynamic routing.

A mechanism used in flow control that prevents the sender of data from overwhelming the receiver. The amount of data that can be buffered in a static window is configured dynamically by the protocol.

ST refers to a type of fiber connector.

(SAN) A subnetwork of storage devices, usually found on high-speed networks and shared by all servers on a network.

A fast-packetswitching method that produces higher latency than other switching methods because the entire contents of the packet are copied into the switch�s onboard buffers. CRC calculations are performed before the packet can be passed on to the destination address.

(shielded twisted pair) Twisted-pair network cable that has shielding to insulate the cable from EMI.

(Spanning Tree Protocol) A protocol developed to eliminate the loops caused by the multiple paths in an internetwork. STP is defined in IEEE 802.1.

A privately controlled segment of the DNS namespace that exists under other segments of the namespace as a division of the main domain. Sometimes also called a child domain.

A logical division of a network, based on the address to which all the devices on the network are assigned.

A 32-bit address used to mask, or screen, a portion of an IP address to differentiate the part of the address that designates the network and the part that designates the host.

The process of using parts of the node portion of an assigned IP address to create more network IDs. Although subnetting increases the number of network IDs, it decreases the number of node addresses available for each network ID.

The process of aggregating IP network addresses and using them as a single network address range.

A voltage increase that is less dramatic than that of a spike but can last much longer. Sometimes called a swell. The opposite of a brownout.

An inexpensive and simple device placed between a power outlet and a network component to protect the component from spikes and surges. Also known as a surge suppressor.

(switched virtual circuit) A virtual circuit dynamically established on demand to form a dedicated link. It is broken when transmission is complete.

A Layer 2 networking device that forwards frames based on destination addresses.

A message sent to initiate a TCP session between two devices. The full term is synchronization packet.

A digital signal transmission method that uses a precise clocking method and a predefined number of bits sent at a constant rate.

A log, accessed through Event Viewer on Windows Server platforms, that provides information and warnings on events logged by operating system components and hardware devices. These events include driver failures, device conflicts, read/write errors, timeouts, and bad block errors.

T1 lines are a form of TCarrier lines that offer transmission speeds of 1.544Mbps. E1 refers to the European equivalent of T1. See also T-carrier.

See also crossover cable.

T3 carrier lines offer transmission speeds of up to 44.736Mbps, using 672 64Kbps B channels. See also T-carrier.

(Terminal Access Controller Access Control System Plus) A security protocol designed to provide centralized validation of users who are attempting to gain access to a router or Network Access Server (NAS). TACACS+ is a set of security protocols designed to provide authentication, authorization, and accounting (AAA) of remote users. TACACS uses TCP port 49 by default.

T-carrier lines are highspeed dedicated digital lines that can be leased from telephone companies. T-carrier lines can support both voice and data transmissions and are often used to create pointto- point private networks.

(Transmission Control Protocol) A connection-oriented, reliable data transmission communication service that operates at the transport layer of the OSI model. TCP is part of the TCP/IP suite.

(Transmission Control Protocol/Internet Protocol) A suite of protocols that includes TCP and IP. TCP/IP was originally designed for use on large internetworks but has now become the de facto protocol for networks of all sizes.

A socket, or connection to an endpoint, used in TCP/IP communication transmissions.

(Time-Division Multiplexing) Divides a single communication channel into multiple channels, enabling data signals to be transferred simultaneously as subchannels in one communication channel. Despite being only a single channel, data signals take turns sending data.

(time-domain reflectometer) A device used to test copper cables to determine whether and where a break is on the cable. For optical cables, an optical TDR is used.

A standard terminal emulation protocol in the TCP/IP stack. Telnet is used to perform terminal emulation over TCP/IP via remote terminal connections, enabling users to log in to remote systems and use resources as if they were connected to a local system.

A device used to monitor temperature typically in a server room or wiring closet.

A service on Windows Server platforms that enables clients to connect to the server as if it were a multiuser operating system. All the processing for the client session is performed on the server. Only screen updates and user input are transmitted across the network connection.

(Trivial File Transfer Protocol) A simplified version of FTP that enables file transfers but does not offer any security or file management capabilities. TFTP uses TCP/IP port 69.

The thick cable most commonly used as the backbone of a coaxial network. It is approximately .375 inches in diameter.

The IEEE 802.3 standard 10Base5, which describes Ethernet networking using thick coaxial cabling. Also called ThickNet.

An application run from a back-end server system such as Microsoft Terminal Services. The processing tasks are all performed at the terminal server rather than on the client. In basic usage, only screen updates are sent from the terminal server, and only keyboard and mouse data is sent to the terminal server.

Cable that is thinner than thick coaxial cable but still about .25 inches in diameter. It is commonly used in older bus topologies.

The 802.3a standard 10Base2, which describes Ethernet networking using thin coaxial cabling. Also called ThinNet.

A device used to test the actual data throughput of a network cable.

(Telecommunications Industry Association) An organization that, along with the Electronic Industries Association (EIA), develops standards for telecommunications technologies.

(Temporal Key Integrity Protocol ) Designed to address the shortcomings of the WEP security protocol. TKIP is an encryption protocol defined in IEEE 802.11i.

A digital communication line used in WANs. Commonly used T designations are T1 (Trunk Level 1) and T3 (Trunk Level 3). It is also possible to use only part of a T1 line, which is known as fractional T1. T1 lines support a data transmission rate of up to 1.544 Mbps.

(Transport Layer Security ) A security protocol designed to ensure privacy between communicating client/server applications. When a server and client communicate, TLS ensures that no one can eavesdrop and intercept or otherwise tamper with the data message. TLS is the successor to SSL.

A frame that provides controlling information. In a token ring network, the node that possesses the token is the one that is allowed to transmit next.

An IBM-proprietary token-passing LAN topology defined by IEEE standard 802.5. It operates at either 4Mbps or 16Mbps in a star topology.

Traditionally an ISA or Microchannel device with 4Mbps or 16Mbps transfer capability used to connect nodes to a token ring network.

A device used with a tone locator to locate and diagnose problems with twisted-pair cabling. Commonly referred to as fox and hound.

A network tool used to locate the ends of a run of network cable.

The shape or layout of a physical network and the flow of data through the network. See also logical topology and physical topology.

A function of the TCP/IP suite, implemented in utilities such as traceroute and tracert, which enables the entire path of a packet to be tracked between source and destination hosts. It is used as a troubleshooting tool.

A Windows command-line utility used to track the route a data packet takes to get to its destination.

To send data using light, electronic, or electric signals. In networking, this is usually done in the form of digital signals composed of bits.

A situation in which the bridges on a network tell each other which ports on the bridge should be opened and closed, which ports should be forwarding packets, and which ports should be blocking packets�all without the assistance of any other device.

Layer 4 of the OSI model. Protocols at this layer perform functions such as segmenting data so that it can be sent over the network and then reassembling the segmented data on the receiving end. The transport layer also deals with some of the errors that can occur in a stream of data, such as dropped and duplicated packets.

A communications protocol responsible for establishing a connection and ensuring that all data has arrived safely. It is defined in Layer 4 of the OSI model.

A type of program that appears legitimate but performs some illicit activity when it is run.

(Time To Live) A value assigned to a packet of data to prevent it from moving around the network indefinitely. The TTL value is decremented each time the packet crosses a router, until it reaches 0, at which point it is removed from the network.

A type of cable that uses multiple twisted pairs of copper wire.

(User Datagram Protocol) A communications protocol that provides connectionless, unreliable communication services and operates at the transport layer of the OSI model. It requires a network layer protocol such as IP to guide it to the destination host.

(or boundless medium) Any medium that does not have physical constraints. Examples of unbound media are infrared, wireless, and microwave. Compare with bound medium.

(Universal Naming Convention) An industry-naming standard for computers and resources that provides a common syntax that should work in most systems, including Windows, UNIX, and NetWare. An example of a UNC name is \\servername\sharename.

Communication that takes place over a network between a single sender and a single receiver.

(uninterruptible power supply) A system that provides protection against power surges and power outages. During blackouts, a UPS gives you time to shut down systems or devices on the network before the temporary power interruption becomes permanent. A UPS is also called battery backup.

How long a device has been on and operating.

(uniform resource locator) A name used to identify a website and subsequently a page on the Internet. An example of a URL is www.quepublishing.com/products.

(universal serial bus) A type of interface between a computer system and peripheral devices. The USB interface enables you to add or remove devices without shutting down the computer. USB supports up to 127 devices. USB also supports autodetection and plug and play.

(unshielded twisted pair) A type of cable that uses multiple twisted pairs of copper wire in a casing that does not provide much protection from EMI. The most common network cable in Ethernet networks, UTP is rated in categories including Category 1 through Category 6, as well as Category 5e and Category 6a.

(Variable Digital Subscriber Line) An asymmetric version of DSL that supports high-bandwidth applications such as VoIP and HDTV. It is the fastest available form of DSL and uses fiber-optic cabling.

The main or vertical cross-connect is the location where outside cables enter the building for distribution. This may include Internet and phone cabling.

A software program designed specifically to adversely affect a system or network. A virus is usually designed to be passed on to other systems with which it comes in contact.

(virtual LAN) A group of devices located on one or more different LAN segments, whose configuration is based on logical instead of physical connections. This enables the devices to operate as if they were connected to the same physical switch, regardless of whether they are connected to the same switch.

(virtual network computing) Enables remote login, in which clients can access their own desktops while being physically away from their computers.

(Voice over IP) Any of a number of technologies that enable voice communication across the Internet Protocol.

Multiple disks or partitions of disks that have been configured to read as one drive.

(virtual private network) A network that uses a public network such as the Internet as a backbone to connect two or more private networks. A VPN provides users with the equivalent of a private network in terms of security. VPNs can also be used as a means of establishing secure remote connectivity between a remote system and another network.

(VLAN Trunking Protocol) A Cisco proprietary protocol that manages the addition, deletion, and renaming of VLANs for the entire network. Information about changes to a VLAN or the addition of a new VLAN to a network is distributed to all switches on the network simultaneously and does not need to be done one at a time.

(wide area network) A data communications network that serves users across a broad geographic area. WANs often use transmission devices such as modems or CSUs/DSUs to carry signals over leased lines or common carrier lines.

A disaster recovery site offering most equipment and applications. Compare to a cold site that refers to a disaster recovery site with limited hardware and typically only a reserved location. A hot site is one with duplicate hardware and software and can be operational within minutes of a disaster.

A server that runs an application and makes the contents of certain directories on that server, or other servers, available to clients for download, via a protocol such as HTTP.

(Wired Equivalent Privacy) A data encryption method used to protect the transmission between 802.11 wireless clients and access points. WEP security has come under scrutiny because it uses an insufficient key length and provides no automated method for distributing the keys.

A voluntary standard that manufacturers can adhere to, which aims to create compatibility between wireless devices. WiFi is an abbreviation for wireless fidelity.

(Windows Internet Name Service) A NetBIOS name-to-IP address resolution service that runs on Windows Server platforms.

A dynamically built database of NetBIOS names and IP addresses used by WINS.

A tool used to create networking cables. The type of wire crimping tool used depends on the cable being made.

The band of frequency used for wireless communications. Each IEEE wireless standard specifies the channels that can be used.

Networking that uses any unbound media, such as infrared, microwave, or radio waves.

Network documentation designed to show the physical wiring of a network. The wiring schematic can often be used in the troubleshooting process.

(Wireless Internet Service Provider) A service provider that specializes in offering users wireless access to the Internet, often including hotspot access.

(wireless LAN) A local area network created using wireless transmission methods such as radio or infrared rather than traditional wired solutions.

A client computer on a network that does not offer any services of its own but that uses the services of the servers on the network.

A self-replicating program that can perform destructive acts to a single computer or across a network, both wired and wireless.

(WiFi Protected Access) A data encryption method used on 802.11 wireless LANs. WPA is an industry-supported standard designed to address WEP�s security shortcomings.

An ITU-T standardized protocol suite for packet switching networks.

(Extended Digital Subscriber Line) All the variations of DSL available are lumped together under the label XDSL.

(Extensible Markup Language) A set of rules for the encoding of documents in a machine readable format.

The passing of DNS information from one name server to a secondary name server.