Term
| MAC (media access control) address |
|
Definition
| Unique 48-bit address assigned to each network card. IEEE assigns blocks of possible addresses to various NIC manufacturers to help ensure that each address is unique. The Data Link layer of the OSI seven-layer model uses MAC addresses to locate machines. |
|
|
Term
|
Definition
| A method of limiting access to a wireless network based on the physical addresses of wireless NICs. |
|
|
Term
|
Definition
| A method of limiting access to a wireless network based on the physical addresses of wireless NICs. |
|
|
Term
|
Definition
| IP address assigned to a specific MAC address in a DHCP server. |
|
|
Term
|
Definition
| he unique 48-bit address assigned to a network interface card. This is also known as the MAC address or the EUI-48 |
|
|
Term
|
Definition
| Programming within an application that enables users to control aspects of it (generally to handle repetitive tasks). Also, any type of malware that exploits application macros to replicate and activate. |
|
|
Term
|
Definition
| Special holding area on an e-mail server that separates out e-mail for each user. |
|
|
Term
| main distribution frame (MDF) |
|
Definition
| The room in a building that stores the demarc, telephone cross-connects, and LAN cross-connects. |
|
|
Term
|
Definition
| The time it takes to implement and thoroughly test a network change. |
|
|
Term
|
Definition
| A user who consciously attempts to access, steal, or damage resources. |
|
|
Term
|
Definition
| Any program or code (macro, script, and so on) that’s designed to do something on a system or network that you don’t want to have happen. Some examples of malware include spyware, rootkits, worms, and ransomware. |
|
|
Term
|
Definition
| An attacker taps into communications between two systems, covertly intercepting traffic thought to be only between those systems, reading or in some cases even changing the data and then sending the data on. |
|
|
Term
|
Definition
| Networking devices, such as routers and advanced switches, that are extensively configurable. |
|
|
Term
|
Definition
| Network that is monitored by the SNMP protocol consisting of SNMP managed devices, management information base (MIB) items, and SNMP manager(s). |
|
|
Term
|
Definition
| Networking devices, such as routers and advanced switches, that are extensively configurable. |
|
|
Term
| management information base (MIB) |
|
Definition
| SNMP’s management database. |
|
|
Term
| mandatory access control (MAC) |
|
Definition
| A security model in which every resource is assigned a label that defines its security level. If the user lacks that security level, they do not get access. |
|
|
Term
|
Definition
| An entryway with two successive locked doors and a small space between them providing one-way entry or exit. This is a security measure taken to prevent unauthorized entry. |
|
|
Term
|
Definition
| A simple point-to-point connection between two IPv6 networks. |
|
|
Term
| maximum transmission unit (MTU) |
|
Definition
| Specifies the largest size of a data unit in a communications protocol, such as Ethernet. |
|
|
Term
|
Definition
|
|
Term
| MD5 (Message-Digest Algorithm Version 5) |
|
Definition
| An older hashing function that has been cracked and should have been replaced by now—especially in any security context. |
|
|
Term
| mean time between failures (MTBF) |
|
Definition
| A factor typically applied to a hardware component that represents the manufacturer’s best guess (based on historical data) regarding how much time will pass between major failures of that component. |
|
|
Term
| mean time to failure (MTTF) |
|
Definition
| Indicates the length of time a device is expected to last in operation. In MTTF, only a single, definitive failure will occur and will require that the device be replaced rather than repaired. |
|
|
Term
| mean time to repair (MTTR) |
|
Definition
| The estimated amount of time it takes to replace or fix a failed system. |
|
|
Term
| Mechanical Transfer Registered Jack (MT-RJ) |
|
Definition
| A type of small form factor (SFF) fiber connector. |
|
|
Term
| Media Access Control (MAC) |
|
Definition
| The part of a NIC that prepares outgoing frames, processes incoming frames, and controls the physical layer interface. The MAC is responsible for tasks such as addressing outgoing frames and validating the length and FCS of incoming frames. |
|
|
Term
| Media Access Control (MAC) address table |
|
Definition
| A database every switch maintains, listing the MAC address and port of each connected device. |
|
|
Term
|
Definition
| A device that lets you interconnect different types of Ethernet cable. |
|
|
Term
| Media Gateway Control Protocol (MGCP) |
|
Definition
| A protocol that is designed to be a complete VoIP or video presentation connection and session controller. MGCP uses TCP ports 2427 and 2727. |
|
|
Term
|
Definition
| A network of far-flung routers and servers that provides sufficient bandwidth for video teleconferencing (VTC) via quality of service (QoS) and other tools. |
|
|
Term
|
Definition
| A prefix that usually stands for the binary quantity 1,048,576. One megabyte is 1,048,576 bytes. One megahertz, however, is 1,000,000 hertz. |
|
|
Term
| memorandum of understanding (MOU) |
|
Definition
| A document that defines an agreement between two parties in situations where a legal contract is not appropriate. |
|
|
Term
|
Definition
| Topology in which each computer has a direct or indirect connection to every other computer in a network. Any node on the network can forward traffic to other nodes. Popular in cellular and many wireless networks. |
|
|
Term
|
Definition
| A tool that enables a penetration tester to use a massive library of exploits and payloads as well as tweak them for specific penetrations. |
|
|
Term
|
Definition
| Iteration of the Internet that relies on virtual reality (VR) environments to create a 3-D experience for user interaction. Early attempts at creating this space include Second Life (video game) and many science fiction stories, such as Neuromancer, The Matrix, and Snow Crash. Facebook uses the term Metaverse. NVIDIA refers to the space as the Omniverse. |
|
|
Term
|
Definition
| Relative value that defines the “cost” of using a particular route (to determine the best one). |
|
|
Term
|
Definition
| A metropolitan area network (MAN) based on the Ethernet standard. |
|
|
Term
| metropolitan area network (MAN) |
|
Definition
| Multiple computers connected via cabling, radio, leased phone lines, or infrared that are within the same city. A perfect example of a MAN is the Tennessee city Chattanooga’s gigabit network available to all citizens, the Chattanooga Gig. |
|
|
Term
|
Definition
| A unit of measure that equals a frequency of 1 million cycles per second. |
|
|
Term
|
Definition
| Also called drive mirroring, reading and writing data at the same time to two drives for fault-tolerance purposes. Considered RAID level 1. |
|
|
Term
|
Definition
| Also called high-throughput, or 802.11a-ht/802.11g-ht, one of three modes used with 802.11n wireless networks wherein the wireless access point (WAP) sends special packets that support older standards yet can also improve the speed of those standards via 802. |
|
|
Term
|
Definition
| A light distortion problem unique to multimode fiber-optic cable. |
|
|
Term
|
Definition
| A simplified representation of a real object or process. In the case of networking, models represent logical tasks and subtasks that are required to perform network communication. |
|
|
Term
| modem (modulator-demodulator) |
|
Definition
| A device that converts both digital bit streams into analog signals (modulation) and incoming analog signals back into digital signals (demodulation). Most commonly used to interconnect telephone lines and computers. |
|
|
Term
|
Definition
| The various multiplexing and demultiplexing technologies and protocols, both analog and digital. |
|
|
Term
| modulator-demodulator (modem) |
|
Definition
| A device that converts both digital bit streams into analog signals (modulation) and incoming analog signals back into digital signals (demodulation). Most commonly used to interconnect telephone lines and computers. |
|
|
Term
|
Definition
| A group of computers connected to the same access switch. |
|
|
Term
|
Definition
| A query that asks an NTP server about the traffic between itself and peers. |
|
|
Term
|
Definition
| A feature of some video surveillance systems that starts and stops recordings based on actions caught by the camera(s). |
|
|
Term
|
Definition
| Bracket that acts as a holder for a faceplate in cable installations. |
|
|
Term
|
Definition
| Microsoft’s dominant variation of the CHAP protocol, uses a slightly more advanced encryption protocol. |
|
|
Term
| MTU (maximum transmission unit) |
|
Definition
| Specifies the largest size of a data unit in a communications protocol, such as Ethernet. |
|
|
Term
|
Definition
| Method of sending a packet in which the sending computer sends it to a group of interested computers. |
|
|
Term
|
Definition
| A set of IP addresses reserved for one-to-many communication, such as in streaming video conferencing. |
|
|
Term
| multifactor authentication (MFA) |
|
Definition
| A form of authentication where a user must use two or more factors to prove his or her identity. Methods of multifactor authentication involve knowledge factors (like passwords or pin numbers), possession factors (like a badge or smart card), and inherence factors (like fingerprints or voice). |
|
|
Term
|
Definition
| A switch that has functions that operate at multiple layers of the OSI seven-layer model. |
|
|
Term
|
Definition
| A tool for testing voltage (AC and DC), resistance, and continuity. |
|
|
Term
|
Definition
| Type of fiber-optic cable with a large-diameter core that supports multiple modes of propagation. The large diameter simplifies connections, but has drawbacks related to distance. |
|
|
Term
|
Definition
| Type of fiber-optic cable that uses LEDs. |
|
|
Term
|
Definition
| An availability solution in which more than one connection or path between a server and SAN is maintained in order to ensure continued availability in the event that one connection goes down. |
|
|
Term
| multiple input/multiple output (MIMO) |
|
Definition
| eature in 802.11n and later WAPs that enables them to make multiple simultaneous connections. See also multiuser MIMO (MU-MIMO). |
|
|
Term
|
Definition
| Device that merges information from multiple input channels to a single output channel. |
|
|
Term
| Multiprotocol Label Switching (MPLS) |
|
Definition
| Router feature that labels certain data to use a desired connection. It works with any type of packet switching (even Ethernet) to force certain types of data to use a certain path. |
|
|
Term
| multisource agreement (MSA) |
|
Definition
| A document that details the interoperability of network hardware from a variety of manufacturers. |
|
|
Term
|
Definition
| The ability to support multiple customers on the same infrastructure at the same time. Multitenancy enables customers with small computing needs to only pay for what they actually need in exchange for sharing the same infrastructure with other customers. Comes with the risk those customers will hog shared resources or compromise the infrastructure (by accident or on purpose). |
|
|
Term
|
Definition
| Feature of 802.11ac and later networking that enables a WAP to broadcast to multiple users simultaneously. See also multiple input/multiple output (MIMO). |
|
|
Term
|
Definition
| DNS record that SMTP servers use to determine where to send mail for a given domain. |
|
|
Term
|
Definition
| Terminal command in Linux that dynamically displays the route a packet is taking. Similar to traceroute. |
|
|
Term
|
Definition
| A method that enables one computer on the network to locate another to establish a session. All network protocols perform name resolution by providing some form of name server. |
|
|
Term
|
Definition
| DNS servers that hold the actual name and IP DNS records in a kind of database called a zone. |
|
|
Term
| NAT (network address translation) |
|
Definition
A means of translating a system’s IP address into another IP address before sending it out to a larger network. NAT manifests itself by a NAT program that runs on a system or a router. A network using NAT provides the systems on the network with private IP addresses. The system running the NAT software has two interfaces: one connected to the network and the other connected to the larger network.
The NAT program takes packets from the client systems bound for the larger network and translates their internal private IP addresses to its own public IP address, enabling many systems to share a single IP address. |
|
|
Term
|
Definition
| Special database in a NAT router that stores destination IP addresses and ephemeral source ports from outgoing packets and compares them against returning packets. A NAT translation table also maps internal sockets to their external counterparts. |
|
|
Term
|
Definition
| A transition mechanism that attaches the bytes of an IPv4 address onto the end of an IPv6 address for network traversal. |
|
|
Term
|
Definition
| The VLAN designation assigned to all frames without 802.1Q tags entering a trunk port on a switch. In addition, any frames that are part of the native VLAN will not receive an 802.1Q tag when they leave the trunk port. |
|
|
Term
| near-end crosstalk (NEXT) |
|
Definition
| Crosstalk at the same end of a cable from which the signal is being generated. |
|
|
Term
|
Definition
| IPv6 packet sent in response to a multicast neighbor solicitation packet, telling the requesting system the MAC address of the system it solicited. |
|
|
Term
|
Definition
| IPv6 protocol that performs the same functions as ARP in IPv4 and plays a role in features such as SLAAC. It consists of five ICMP control message types: neighbor solicitation, neighbor advertisement, router solicitation, router advertisement, and redirect. |
|
|
Term
| Neighbor Discovery Protocol (NDP) |
|
Definition
| IPv6 protocol that performs the same functions as ARP in IPv4 and plays a role in features such as SLAAC. It consists of five ICMP control message types: neighbor solicitation, neighbor advertisement, router solicitation, router advertisement, and redirect. |
|
|
Term
|
Definition
| IPv6 process of finding a MAC address of a local host, given its IPv6 address. |
|
|
Term
|
Definition
| Popular and extremely comprehensive vulnerability testing tool. |
|
|
Term
| NetBEUI (NetBIOS Extended User Interface) |
|
Definition
| Microsoft’s first networking protocol, designed to work with NetBIOS. NetBEUI is long obsolesced by TCP/IP. NetBEUI did not support routing. |
|
|
Term
| NetBIOS (Network Basic Input/Output System) |
|
Definition
| A protocol that operates at the Session layer of the OSI seven-layer model. This protocol creates and manages connections based on the names of the computers involved. |
|
|
Term
| NetBIOS over TCP/IP (NetBT) |
|
Definition
| A Microsoft-created protocol that enables NetBIOS naming information to be transported over TCP/IP networks. The result is that Microsoft naming services can operate on a TCP/IP network without the need for DNS services. |
|
|
Term
|
Definition
Microsoft’s first networking protocol, designed to work with NetBIOS. NetBEUI is long obsolesced by TCP/IP. NetBEUI did not support routing.
A protocol that operates at the Session layer of the OSI seven-layer model. This protocol creates and manages connections based on the names of the computers involved. |
|
|
Term
|
Definition
| The primary tool used to monitor packet flow on a network. |
|
|
Term
|
Definition
| Component process of NetFlow that captures and saves data from a NetFlow-enabled device’s cache for future NetFlow analysis. |
|
|
Term
|
Definition
| A command-line utility used to examine the TCP/IP connections open on a given host. Once universal, though it is being replaced by ss in Linux. |
|
|
Term
|
Definition
| A collection of two or more devices interconnected by telephone lines, coaxial cables, satellite links, radio, and/or some other communication technique. A computer network is a group of computers that are connected together and communicate with one another for a common purpose. Computer networks support “people and organization” networks, users who also share a common purpose for communicating. |
|
|
Term
| network access control (NAC) |
|
Definition
| Control over information, people, access, machines, and everything in between. |
|
|
Term
|
Definition
| Rules that define who can access the network, how it can be accessed, and what resources of the network can be used. |
|
|
Term
| network access server (NAS) |
|
Definition
| System that controls the modems in a RADIUS network. |
|
|
Term
| network address translation (NAT) |
|
Definition
A means of translating a system’s IP address into another IP address before sending it out to a larger network. NAT manifests itself by a NAT program that runs on a system or a router. A network using NAT provides the systems on the network with private IP addresses. The system running the NAT software has two interfaces: one connected to the network and the other connected to the larger network.
The NAT program takes packets from the client systems bound for the larger network and translates their internal private IP addresses to its own public IP address, enabling many systems to share a single IP address. |
|
|
Term
|
Definition
| Feature-packed network box that incorporates numerous processes such as routing, network address translation (NAT), switching, intrusion detection and prevention systems, firewall, and more. |
|
|
Term
| network attached storage (NAS) |
|
Definition
| A dedicated file server that has its own file system and typically uses hardware and software designed for serving and storing files. |
|
|
Term
|
Definition
| Also called blocks, contiguous ranges of IP addresses that are assigned to organizations and end users by IANA. |
|
|
Term
|
Definition
| An equipment room that holds servers, switches, routers, and other network gear. |
|
|
Term
|
Definition
| The process of gathering together and planning the layout for the equipment needed to create a network. |
|
|
Term
| network function virtualization (NFV) |
|
Definition
| A network architecture that applies infrastructure-as-code (IaC)-style automation and orchestration to network management. |
|
|
Term
| network function virtualization infrastructure (NFVI) |
|
Definition
| The foundation of hardware (such as generic servers and switches) and software (like hypervisors and controllers) that power network function virtualization (NFV). |
|
|
Term
|
Definition
| A number used in IP networks to identify the network on which a device or machine exists. |
|
|
Term
|
Definition
| A device by which a system accesses a network. In most cases, this is a NIC or a modem. |
|
|
Term
| network interface card (NIC) |
|
Definition
| Traditionally, an expansion card that enables a PC to link physically to a network. Modern computers now use built-in NICs, no longer requiring physical cards, but the term “NIC” is still very common. |
|
|
Term
| network interface unit (NIU) |
|
Definition
| Another name for a demarc. |
|
|
Term
|
Definition
| Layer 3 of the OSI seven-layer model. |
|
|
Term
| Network Management Software (NMS) |
|
Definition
| Tools that enable you to describe, visualize, and configure an entire network. |
|
|
Term
| network management system (NMS) |
|
Definition
| A set of standards for communication with network devices (switches, routers, WAPs) connected to a TCP/IP network. Used for network management. |
|
|
Term
|
Definition
| A highly detailed illustration of a network, down to the individual computers. A network map shows IP addresses, ports, protocols, and more. |
|
|
Term
|
Definition
| Another name for the Service Set Identifier (SSID). |
|
|
Term
| network operations center (NOC) |
|
Definition
| A centralized location for techs and administrators to manage all aspects of a network. |
|
|
Term
| network performance baseline |
|
Definition
| Network performance and access patterns under normal conditions. A network performance baseline can be acquired through continuous performance monitoring or periodic benchmarks and is used to aid in network troubleshooting. |
|
|
Term
|
Definition
| The first 64 bits of an IPv6 address that identifies the network. |
|
|
Term
|
Definition
| Special software that exists in every network-capable operating system that acts to create unique identifiers for each system. It also creates a set of communication rules for issues like how to handle data chopped up into multiple packets and how to deal with routers. TCP/IP is the dominant network protocol suite today. |
|
|
Term
|
Definition
| Separating network assets through various means, such as with VLANs or with a DMZ, to protect against access by malicious actors. |
|
|
Term
|
Definition
| A shared resource on a network. |
|
|
Term
|
Definition
| The techniques, components, and practices involved in creating and operating computer-to-computer links. |
|
|
Term
|
Definition
| Any number of things that share one essential feature: the potential to damage network data, machines, or users. |
|
|
Term
| Network Time Protocol (NTP) |
|
Definition
| Protocol that gives the current time. |
|
|
Term
|
Definition
| Refers to the way that cables and other pieces of hardware connect to one another. |
|
|
Term
| network-based anti-malware |
|
Definition
| A single source server that holds current anti-malware software. Multiple systems can access and run the software from that server. The single site makes the software easier to update and administer than anti-malware installed on individual systems. |
|
|
Term
|
Definition
| Firewall, perhaps implemented in a gateway router or as a proxy server, through which all network traffic must pass inspection to be allowed or blocked. |
|
|
Term
|
Definition
| The next router a packet should go to at any given point. |
|
|
Term
| next-generation firewall (NGFW) |
|
Definition
| Network protection device that functions at multiple layers of the OSI model to tackle traffic no traditional firewall can filter alone. |
|
|
Term
|
Definition
| Connecting multiple NICs in tandem to increase bandwidth in smaller increments. |
|
|
Term
|
Definition
| A popular open-source network scanner designed to scan a network and create a map of hosts and services by sending out packets and examining the responses. Frequently used as a vulnerability scanner. |
|
|
Term
|
Definition
| A member of a network or a point where one or more functional units interconnect transmission lines. |
|
|
Term
|
Definition
| Undesirable signals bearing no desired information and frequently capable of introducing errors into the communication process. |
|
|
Term
|
Definition
| Software used in posture assessment that does not stay resident in client station memory. It is executed prior to login and may stay resident during the login session but is removed from client RAM when the login or session is complete. The agent presents the security characteristics to the access control server, which then decides to allow, deny, or redirect the connection. |
|
|
Term
|
Definition
| Not being able to deny having sent a message. |
|
|
Term
|
Definition
| A full backup of every selected file on a system. This type of backup turns off the archive bit after the backup. |
|
|
Term
|
Definition
| Data traffic entering and leaving a data center. Network devices seen in north-south traffic include edge routers, edge firewalls, and load balancers. |
|
|
Term
|
Definition
| A billionth of a second. Light travels a little over 11 inches in 1 ns. |
|
|
Term
|
Definition
| Records that list the authoritative DNS servers for a domain. |
|
|
Term
|
Definition
| A command-line tool used to query DNS servers manually for specific records. Used when a tech needs to see if a DNS record exists and confirm its value. |
|
|
Term
|
Definition
| A file system for hard drives that enables object-level security, long filename support, compression, and encryption. NTFS 4.0 debuted with Windows NT 4.0. Later Windows versions continue to update NTFS. |
|
|
Term
|
Definition
| Groupings of what Microsoft calls special permissions that have names like Execute, Read, and Write, and that allow or disallow users certain access to files. |
|
|
Term
|
Definition
| Command that puts the NTP server into interactive mode in order to submit queries. |
|
|
