Term
|
Definition
| Cable organizing device that adheres to walls, making for a much simpler, though less neat, installation than running cables in the walls. |
|
|
Term
|
Definition
| A diagram with information about the make and model of every component on a rack including details such as firmware versions, date of purchase, upgrade history, and service history. |
|
|
Term
|
Definition
| Set of sensors in an equipment closet or rack-mounted gear that can monitor and alert when an out-of-tolerance condition occurs in power, temperature, and/or other environmental aspects. |
|
|
Term
| radio frequency interference (RFI) |
|
Definition
| The phenomenon where a Wi-Fi signal is disrupted by a radio signal from another device. |
|
|
Term
|
Definition
| Ratings developed by the U.S. military to provide a quick reference for the different types of coaxial cables. |
|
|
Term
|
Definition
| A system that enables remote users to connect to a network service. |
|
|
Term
|
Definition
| Crypto-malware that uses some form of encryption to lock a user out of a system. Once the crypto-malware encrypts the computer, usually encrypting the boot drive, it informs the user that they must pay to get the system decrypted. Whether or not the data is actually decrypted upon payment depends primarily on the motive of the threat actor. |
|
|
Term
|
Definition
| The processing of transactions as they occur, rather than batching them. Pertaining to an application, processing in which response to input is fast enough to affect subsequent inputs and guide the process, and in which records are updated immediately. The time lag from input to output must be sufficiently brief for acceptable timeliness. Timeliness is a function of the total system: missile guidance requires output within a few milliseconds of input, whereas scheduling of steamships requires a response time in days. Real-time systems are those with a response time of milliseconds; interactive systems respond in seconds; and batch systems may respond in hours or days. |
|
|
Term
| Real-time Transport Protocol (RTP) |
|
Definition
| Protocol that defines the type of packets used on the Internet to move voice or data from a server to clients. The vast majority of VoIP solutions available today use RTP. |
|
|
Term
|
Definition
| Communication that offers both audio and video via unicast messages. |
|
|
Term
|
Definition
| The process where a receiving system verifies and puts together packets into coherent data. |
|
|
Term
| recovery point objective (RPO) |
|
Definition
| An upper limit to how much lost data an organization can tolerate if it must restore from a backup. Effectively dictates how frequently backups must be taken. |
|
|
Term
| recovery time objective (RTO) |
|
Definition
| he amount of time needed to restore full functionality from when the organization ceases to function. |
|
|
Term
|
Definition
| When a client requests a type of record belonging to an FQDN, and its DNS server does any legwork needed in order to return the record. This is in contrast to an iterative lookup, where the client itself asks each server down the DNS hierarchy (starting at the root) until it locates the authoritative DNS server that returns the record. |
|
|
Term
|
Definition
| The massive influx of traffic on a small or lesser-known Web site when it is suddenly made popular by a reference from the media. See also slashdotting. |
|
|
Term
| redundant array of independent [or inexpensive] disks [or devices] (RAID) |
|
Definition
| A way to create a fault-tolerant storage system. RAID has six levels. Level 0 uses byte-level striping and provides no fault tolerance. Level 1 uses mirroring or duplexing. Level 2 uses bit-level striping. Level 3 stores error-correcting information (such as parity) on a separate disk and data striping on the remaining drives. Level 4 is level 3 with block-level striping. Level 5 uses block-level and parity data striping. |
|
|
Term
|
Definition
| Used in DDoS attacks. The attacker sends requests to normal servers with the target’s IP address spoofed as the source. The normal servers respond to the spoofed IP address (the target system), overwhelming it with reflected traffic without identifying the true initiator. |
|
|
Term
|
Definition
| Used in DDoS attacks. The attacker sends requests to normal servers with the target’s IP address spoofed as the source. The normal servers respond to the spoofed IP address (the target system), overwhelming it with reflected traffic without identifying the true initiator. |
|
|
Term
|
Definition
| Bending of radio waves when transmitted through glass. |
|
|
Term
| Regional Internet Registries (RIRs) |
|
Definition
| Entities under the oversight of the Internet Assigned Numbers Authority (IANA). RIRs parcel out IP addresses from blocks delegated to them by IANA. |
|
|
Term
|
Definition
| Type of connector used on the end of telephone and networking cables. See RJ-11 and RJ-45, respectively. |
|
|
Term
|
Definition
| Port numbers from 1024 to 49151. IANA assigns these ports for anyone to use for their applications. |
|
|
Term
|
Definition
| Rules of law or policy that govern behavior in the workplace, such as what to do when a particular event occurs. |
|
|
Term
|
Definition
| Refers to computers, servers, and/or networks that are located in some other physical location. |
|
|
Term
|
Definition
| The capability to access a computer from outside a building in which it is housed. Remote access requires communications hardware, software, and actual physical links. |
|
|
Term
| remote access server (RAS) |
|
Definition
| Refers to both the hardware component (servers built to handle the unique stresses of a large number of clients calling in) and the software component (programs that work with the operating system to allow remote access to the network) of a remote access solution. |
|
|
Term
| Remote Authentication Dial-In User Service (RADIUS) |
|
Definition
| An AAA standard created to support ISPs with hundreds if not thousands of modems in hundreds of computers to connect to a single central database. RADIUS consists of three devices: the RADIUS server that has access to a database of user names and passwords, a number of network access servers (NASs) that control the modems, and a group of systems that dial into the network. |
|
|
Term
| Remote Desktop Protocol (RDP) |
|
Definition
| A Microsoft-created remote access protocol. |
|
|
Term
| Remote Installation Services (RIS) |
|
Definition
| A tool introduced with Windows 2000 that can be used to initiate either a scripted installation or an installation of an image of an operating system onto a PC. |
|
|
Term
|
Definition
| A connection on a faraway computer that enables you to control that computer as if you were sitting in front of it and logged in. Remote terminal programs all require a server and a client. The server is the computer to be controlled. The client is the computer from which you do the controlling. |
|
|
Term
| remote terminal unit (RTU) |
|
Definition
| In a SCADA environment, has the same functions as a controller plus additional autonomy to deal with connection loss. It is also designed to take advantage of some form of long-distance communication. |
|
|
Term
|
Definition
| A device that takes all of the frames it receives on one Ethernet segment and re-creates them on another Ethernet segment. Repeaters operate at Layer 1 (Physical) of the OSI seven-layer model. They do not check the integrity of the Layer 2 (Data Link) frame so they may repeat incorrectly formed frames. They were replaced in the early 1980s by bridges that perform frame integrity checking before repeating a frame. |
|
|
Term
|
Definition
| The tendency for a physical medium to impede electron flow. It is classically measured in a unit called ohms. See also impedance. |
|
|
Term
|
Definition
| A DNS component that queries name servers and translates DNS names to IP addresses. |
|
|
Term
|
Definition
| A cache used by Windows DNS clients to keep track of DNS information. |
|
|
Term
|
Definition
| Some device, software, or data accessible via a network connection. Examples include files on a fileserver, a shared printer directly connected to another workstation, an inventory tracking application hosted on local servers, and a remotely hosted e-mail server. |
|
|
Term
|
Definition
| Answer from an agent upon receiving a Get protocol data unit (PDU) from an SNMP manager. |
|
|
Term
|
Definition
| A DNS setting that resolves IP addresses to FQDNs. In other words, it does exactly the reverse of what DNS normally accomplishes using forward lookup zones. |
|
|
Term
|
Definition
| A connectivity solution that gathers information from its associated servers and shares that information to clients. The clients don’t know about the servers behind the scenes. The reverse proxy server is the only machine with which they interact. |
|
|
Term
|
Definition
| The transmission, intended or unintended, of radio frequencies. These transmissions may come from components that are intended to transmit RF, such as a Wi-Fi network card, or something less expected, such as a motherboard or keyboard. These emanations may be detected and intercepted, posing a potential threat to security. |
|
|
Term
|
Definition
| A grade of coaxial cable used for cable television and modern cable modem Internet connections. RG-6 has a characteristic impedance of 75 ohms. |
|
|
Term
|
Definition
| A grade of coaxial cable used for cable television and early cable modem Internet connections. RG-59 has a characteristic impedance of 75 ohms. |
|
|
Term
|
Definition
| A network topology in which all the computers on the network attach to a central ring of cable. |
|
|
Term
| RIP (Routing Information Protocol) |
|
Definition
| A routing protocol with several shortcomings, such as a maximum hop count of 15 and a routing table update interval of 30 seconds (causing every router on a network to send out its table at once). Also known as RIPv1. |
|
|
Term
|
Definition
| Second version of RIP. Adds support for CIDR and fixes some problems in RIPv1, but the maximum hop count of 15 still applies. |
|
|
Term
|
Definition
| Fire rating that designates the proper cabling to use for vertical runs between floors of a building. |
|
|
Term
|
Definition
| The process of how organizations evaluate, protect, and recover from threats and attacks that take place on their networks. |
|
|
Term
|
Definition
| A streaming symmetric-key algorithm. No longer secure due to the many vulnerabilities that have been discovered since its initial implementation. |
|
|
Term
| Rivest, Shamir, Adleman (RSA) |
|
Definition
| An asymmetric cryptography algorithm used to encrypt/decrypt messages and generate digital signatures. |
|
|
Term
|
Definition
| Connectors used for UTP cable on both telephone and network connections. |
|
|
Term
|
Definition
| Type of connector with four-wire UTP connections; usually found in telephone connections. |
|
|
Term
|
Definition
| Type of connector with eight-wire UTP connections; usually found in network connections and used for 10/100/1000BASE-T networking |
|
|
Term
|
Definition
| A process where clients seamlessly change wireless access point (WAP) connections, depending on whichever WAP has the strongest signal covered by the broadcast area. |
|
|
Term
| rogue access point (rogue AP) |
|
Definition
| An unauthorized wireless access point (WAP) installed in a computer network. A rogue access point may be part of an attack, or the result of a well-meaning user bringing in hardware from home. See also evil twin. |
|
|
Term
|
Definition
| An unauthorized DHCP server installed in a computer network. The rogue DHCP server might be in an unauthorized device installed by a well-meaning user, or it could be malicious as in an on-path attack. |
|
|
Term
| role-based access control (RBAC) |
|
Definition
| The most popular authentication model used in file sharing, defines a user’s access to a resource based on the roles the user plays in the network environment. This leads to the idea of creation of groups. A group in most networks is nothing more than a name that has clearly defined accesses to different resources. User accounts are placed into various groups. |
|
|
Term
|
Definition
| The process of downgrading—undoing—a recently applied patch or update. |
|
|
Term
|
Definition
| The generic term for nonvolatile memory that can be read from but not written to. This means that code and data stored in ROM cannot be corrupted by accidental erasure. Additionally, ROM retains its data when power is removed, which makes it the perfect medium for storing BIOS data or information such as scientific constants. |
|
|
Term
|
Definition
| The directory that contains all other directories. |
|
|
Term
|
Definition
| A type of malware that takes advantage of very low-level operating system functions to hide itself from all but the most aggressive of anti-malware tools. |
|
|
Term
|
Definition
| A command to display and edit the local system’s routing table. |
|
|
Term
|
Definition
| Occurs in a multiprotocol router, which learns route information using one routing protocol and disseminates that information using another routing protocol. |
|
|
Term
|
Definition
| A device that connects separate networks and forwards packets from one network to another based only on the network address for the protocol being used. For example, an IP router looks only at the IP network ID. Routers operate at Layer 3 (Network) of the OSI seven-layer model. |
|
|
Term
| router advertisement (IPv6) |
|
Definition
| Router’s response to a client’s router solicitation, also sent at regular intervals, that gives the client information to configure itself (prefix, prefix length, and more). |
|
|
Term
| router solicitation (IPv6) |
|
Definition
| Query from a host to find routers and get information to configure itself. |
|
|
Term
| Routing and Remote Access Service (RRAS) |
|
Definition
| Windows’ remote access server that provides VPN and dial-up services. Supports the PPTP, L2TP, or L2TP/IPsec protocols. |
|
|
Term
| Routing Information Protocol (RIP) |
|
Definition
| A routing protocol with several shortcomings, such as a maximum hop count of 15 and a routing table update interval of 30 seconds (causing every router on a network to send out its table at once). Also known as RIPv1. |
|
|
Term
|
Definition
| A situation where one or more routes through interconnected routers create a closed loop, causing the routers to respond slowly and the packets to go undelivered. |
|
|
Term
|
Definition
| A list of various networks and the next hop to reach them. Routers direct traffic for each network to the next hop. This table can be built either manually or automatically. |
|
|
Term
| RSA (Rivest, Shamir, Adleman) |
|
Definition
| An asymmetric cryptography algorithm used to encrypt/decrypt messages and generate digital signatures. |
|
|
Term
|
Definition
| A single piece of installed horizontal cabling. |
|
|
Term
|
Definition
| Fiber-optic connector used to terminate single-mode and multimode fiber. It is characterized by its push-pull, snap mechanical coupling, known as “stick and click.” Commonly referred to as subscriber connector, standard connector, and sometimes, Siemon connector. |
|
|
Term
|
Definition
| The capability to support network growth. |
|
|
Term
|
Definition
| A device that senses alterations of light and dark. It enables the user to import photographs, other physical images, and text into the computer in digital form. |
|
|
Term
|
Definition
| A lightly protected or unprotected subnet positioned between an outer firewall and an organization’s highly protected internal network. Screened subnets are used mainly to host public servers (such as Web servers). Traditionally known as a demilitarized zone (DMZ). |
|
|
Term
| SDSL (symmetric digital subscriber line) |
|
Definition
| Type of DSL connection that provides equal upload and download speed and, in theory, provides speeds up to 15 Mbps, although the vast majority of ISPs provide packages ranging from 192 Kbps to 9 Mbps. |
|
|
Term
|
Definition
| Authoritative DNS server for a domain. Unlike a primary name server, no additions, deletions, or modifications can be made to the zones on a secondary name server, which always gets all information from the primary name server in a process known as a zone transfer. |
|
|
Term
| Secure Copy Protocol (SCP) |
|
Definition
| One of the first SSH-enabled programs to appear after the introduction of SSH. SCP was one of the first protocols used to transfer data securely between two hosts and thus might have replaced FTP. SCP works well but lacks features such as a directory listing. |
|
|
Term
| Secure Hash Algorithm (SHA) |
|
Definition
| A popular family of cryptographic hashing algorithms including SHA-1, SHA-2, SHA-3. SHA-1 is no longer secure and should be replaced—especially in any security context. |
|
|
Term
|
Definition
| A terminal emulation program that looks exactly like Telnet but encrypts the data. SSH has replaced Telnet on the Internet. |
|
|
Term
| Secure Sockets Layer (SSL) |
|
Definition
| A protocol developed by Netscape for securing Web sites. Final version was 3.0 before the name was changed to TLS in 1999. See also Transport Layer Security (TLS). |
|
|
Term
|
Definition
| The practice of enhancing a network’s resilience against unwanted access or attack. |
|
|
Term
|
Definition
| In network design and construction, planning how to keep data protected from unapproved access. Security of physical computers and network resources is also considered. |
|
|
Term
|
Definition
| Person responsible for controlling access to physical resources such as buildings, secure rooms, and other physical assets. |
|
|
Term
| security information and event management (SIEM) |
|
Definition
| A two-part process consisting of security event management (SEM), which performs real-time monitoring of security events, and security information management (SIM), where the monitoring log files are reviewed and analyzed by automated and human interpreters. |
|
|
Term
|
Definition
| A log that tracks anything that affects security, such as successful and failed logons and logoffs. |
|
|
Term
|
Definition
| A set of procedures defining actions employees should perform to protect the network’s security. |
|
|
Term
|
Definition
| In early Ethernet, the bus cable to which the computers on an Ethernet network connect. In modern networks, a generic way of referring to any subset of a network—including a subnet or VLAN. Not to be confused with a TCP segment. |
|
|
Term
|
Definition
| In a TCP/IP network, the process of chopping requested data into chunks that will fit into a packet (and eventually into the NIC’s frame), organizing the packets for the benefit of the receiving system, and handing them to the NIC for sending. |
|
|
Term
|
Definition
| A method of defense in depth in which a single user can’t perform a particular task without direct involvement or observation by another party. One example is a server room that requires at least two employees to be badged in at any given time. |
|
|
Term
|
Definition
| Software that serves requests from client programs—and, by proxy, the hardware devices that host this software. |
|
|
Term
|
Definition
| Section of a data center dedicated to storing and operating racks of servers and equipment. |
|
|
Term
| Server Message Block (SMB) |
|
Definition
| Protocol used by Microsoft clients and servers to share file and print resources. |
|
|
Term
|
Definition
| A network in which one or more systems function as dedicated file, print, or application servers, but do not function as clients. |
|
|
Term
| service level agreement (SLA) |
|
Definition
| A document between a customer and a service provider that defines the scope, quality, and terms of the service to be provided. |
|
|
Term
| Service Set Identifier (SSID) |
|
Definition
| A 32-bit identification string, sometimes called a network name, that’s inserted into the header of each data packet processed by a wireless access point. |
|
|
Term
|
Definition
| Background programs in an operating system that do the behind-the-scenes grunt work that users don’t need to interact with on a regular basis. |
|
|
Term
|
Definition
| A networking term used to refer to the logical stream of data flowing between two programs and being communicated over a network. Many different sessions may be emanating from any one node on a network. |
|
|
Term
|
Definition
| The interception of a valid computer session to get authentication information. |
|
|
Term
| Session Initiation Protocol (SIP) |
|
Definition
| A signaling protocol for controlling voice and video calls over IP. SIP competes with H.323 for VoIP dominance. |
|
|
Term
|
Definition
| Type of connector with four-wire UTP connections; usually found in telephone connections. |
|
|
Term
|
Definition
| Type of connector with eight-wire UTP connections; usually found in network connections and used for 10/100/1000BASE-T networking |
|
|
Term
|
Definition
| A process where clients seamlessly change wireless access point (WAP) connections, depending on whichever WAP has the strongest signal covered by the broadcast area. |
|
|
Term
| rogue access point (rogue AP) |
|
Definition
| An unauthorized wireless access point (WAP) installed in a computer network. A rogue access point may be part of an attack, or the result of a well-meaning user bringing in hardware from home. See also evil twin. |
|
|
Term
|
Definition
| An unauthorized DHCP server installed in a computer network. The rogue DHCP server might be in an unauthorized device installed by a well-meaning user, or it could be malicious as in an on-path attack. |
|
|
Term
| role-based access control (RBAC) |
|
Definition
| The most popular authentication model used in file sharing, defines a user’s access to a resource based on the roles the user plays in the network environment. This leads to the idea of creation of groups. A group in most networks is nothing more than a name that has clearly defined accesses to different resources. User accounts are placed into various groups. |
|
|
Term
|
Definition
| The process of downgrading—undoing—a recently applied patch or update. |
|
|
Term
|
Definition
| The generic term for nonvolatile memory that can be read from but not written to. This means that code and data stored in ROM cannot be corrupted by accidental erasure. Additionally, ROM retains its data when power is removed, which makes it the perfect medium for storing BIOS data or information such as scientific constants. |
|
|
Term
|
Definition
| The directory that contains all other directories. |
|
|
Term
|
Definition
| A type of malware that takes advantage of very low-level operating system functions to hide itself from all but the most aggressive of anti-malware tools. |
|
|
Term
|
Definition
| A command to display and edit the local system’s routing table. |
|
|
Term
|
Definition
| Occurs in a multiprotocol router, which learns route information using one routing protocol and disseminates that information using another routing protocol. |
|
|
Term
|
Definition
| A device that connects separate networks and forwards packets from one network to another based only on the network address for the protocol being used. For example, an IP router looks only at the IP network ID. Routers operate at Layer 3 (Network) of the OSI seven-layer model. |
|
|
Term
| router advertisement (IPv6) |
|
Definition
| Router’s response to a client’s router solicitation, also sent at regular intervals, that gives the client information to configure itself (prefix, prefix length, and more). |
|
|
Term
| router solicitation (IPv6) |
|
Definition
| Query from a host to find routers and get information to configure itself. |
|
|
Term
| Routing and Remote Access Service (RRAS) |
|
Definition
| Windows’ remote access server that provides VPN and dial-up services. Supports the PPTP, L2TP, or L2TP/IPsec protocols. |
|
|
Term
| Routing Information Protocol (RIP) |
|
Definition
| A routing protocol with several shortcomings, such as a maximum hop count of 15 and a routing table update interval of 30 seconds (causing every router on a network to send out its table at once). Also known as RIPv1. |
|
|
Term
|
Definition
| A situation where one or more routes through interconnected routers create a closed loop, causing the routers to respond slowly and the packets to go undelivered. |
|
|
Term
|
Definition
| A list of various networks and the next hop to reach them. Routers direct traffic for each network to the next hop. This table can be built either manually or automatically. |
|
|
Term
| RSA (Rivest, Shamir, Adleman) |
|
Definition
| An asymmetric cryptography algorithm used to encrypt/decrypt messages and generate digital signatures. |
|
|
Term
|
Definition
| A single piece of installed horizontal cabling. |
|
|
Term
|
Definition
| Fiber-optic connector used to terminate single-mode and multimode fiber. It is characterized by its push-pull, snap mechanical coupling, known as “stick and click.” Commonly referred to as subscriber connector, standard connector, and sometimes, Siemon connector. |
|
|
Term
|
Definition
| The capability to support network growth. |
|
|
Term
|
Definition
| A device that senses alterations of light and dark. It enables the user to import photographs, other physical images, and text into the computer in digital form. |
|
|
Term
|
Definition
| A lightly protected or unprotected subnet positioned between an outer firewall and an organization’s highly protected internal network. Screened subnets are used mainly to host public servers (such as Web servers). Traditionally known as a demilitarized zone (DMZ). |
|
|
Term
| SDSL (symmetric digital subscriber line) |
|
Definition
| Type of DSL connection that provides equal upload and download speed and, in theory, provides speeds up to 15 Mbps, although the vast majority of ISPs provide packages ranging from 192 Kbps to 9 Mbps. |
|
|
Term
|
Definition
| Authoritative DNS server for a domain. Unlike a primary name server, no additions, deletions, or modifications can be made to the zones on a secondary name server, which always gets all information from the primary name server in a process known as a zone transfer. |
|
|
Term
| Secure Copy Protocol (SCP) |
|
Definition
| One of the first SSH-enabled programs to appear after the introduction of SSH. SCP was one of the first protocols used to transfer data securely between two hosts and thus might have replaced FTP. SCP works well but lacks features such as a directory listing. |
|
|
Term
| Secure Hash Algorithm (SHA) |
|
Definition
| A popular family of cryptographic hashing algorithms including SHA-1, SHA-2, SHA-3. SHA-1 is no longer secure and should be replaced—especially in any security context. |
|
|
Term
|
Definition
| A terminal emulation program that looks exactly like Telnet but encrypts the data. SSH has replaced Telnet on the Internet. |
|
|
Term
| Secure Sockets Layer (SSL) |
|
Definition
| A protocol developed by Netscape for securing Web sites. Final version was 3.0 before the name was changed to TLS in 1999. See also Transport Layer Security (TLS). |
|
|
Term
|
Definition
| The practice of enhancing a network’s resilience against unwanted access or attack. |
|
|
Term
|
Definition
| In network design and construction, planning how to keep data protected from unapproved access. Security of physical computers and network resources is also considered. |
|
|
Term
|
Definition
| Person responsible for controlling access to physical resources such as buildings, secure rooms, and other physical assets. |
|
|
Term
| security information and event management (SIEM) |
|
Definition
| A two-part process consisting of security event management (SEM), which performs real-time monitoring of security events, and security information management (SIM), where the monitoring log files are reviewed and analyzed by automated and human interpreters. |
|
|
Term
|
Definition
| A log that tracks anything that affects security, such as successful and failed logons and logoffs. |
|
|
Term
|
Definition
| A set of procedures defining actions employees should perform to protect the network’s security. |
|
|
Term
|
Definition
| In early Ethernet, the bus cable to which the computers on an Ethernet network connect. In modern networks, a generic way of referring to any subset of a network—including a subnet or VLAN. Not to be confused with a TCP segment. |
|
|
Term
|
Definition
| In a TCP/IP network, the process of chopping requested data into chunks that will fit into a packet (and eventually into the NIC’s frame), organizing the packets for the benefit of the receiving system, and handing them to the NIC for sending. |
|
|
Term
|
Definition
| A method of defense in depth in which a single user can’t perform a particular task without direct involvement or observation by another party. One example is a server room that requires at least two employees to be badged in at any given time. |
|
|
Term
|
Definition
| Software that serves requests from client programs—and, by proxy, the hardware devices that host this software. |
|
|
Term
|
Definition
| Section of a data center dedicated to storing and operating racks of servers and equipment. |
|
|
Term
| Server Message Block (SMB) |
|
Definition
| Protocol used by Microsoft clients and servers to share file and print resources. |
|
|
Term
|
Definition
| A network in which one or more systems function as dedicated file, print, or application servers, but do not function as clients. |
|
|
Term
| service level agreement (SLA) |
|
Definition
| A document between a customer and a service provider that defines the scope, quality, and terms of the service to be provided. |
|
|
Term
| Service Set Identifier (SSID) |
|
Definition
| A 32-bit identification string, sometimes called a network name, that’s inserted into the header of each data packet processed by a wireless access point. |
|
|
Term
|
Definition
| Background programs in an operating system that do the behind-the-scenes grunt work that users don’t need to interact with on a regular basis. |
|
|
Term
|
Definition
| A networking term used to refer to the logical stream of data flowing between two programs and being communicated over a network. Many different sessions may be emanating from any one node on a network. |
|
|
Term
|
Definition
| The interception of a valid computer session to get authentication information. |
|
|
Term
| Session Initiation Protocol (SIP) |
|
Definition
| A signaling protocol for controlling voice and video calls over IP. SIP competes with H.323 for VoIP dominance. |
|
|
Term
|
Definition
| manages connections between machines. Sockets operate at the Session layer. |
|
|
Term
|
Definition
| Handles the process of differentiating among various types of connections on a PC. |
|
|
Term
|
Definition
| The PDU with which a network management station commands an agent to make a change to a management information base (MIB) object. |
|
|
Term
|
Definition
| Generally refers to the user interface of an operating system. A shell is the command processor that is the actual interface between the kernel and the user. |
|
|
Term
| shielded twisted pair (STP) |
|
Definition
| A cabling for networks composed of pairs of wires twisted around each other at specific intervals. The twists serve to reduce interference (also called crosstalk). The more twists, the less interference. The cable has metallic shielding to protect the wires from external interference. See also unshielded twisted pair (UTP) for the more commonly used cable type in modern networks. |
|
|
Term
|
Definition
| Allows electricity to pass between two conductive elements that weren’t designed to interact together. Also called a short. |
|
|
Term
| Short Message Service (SMS) alert |
|
Definition
| A proactive message regarding an out-of-tolerance condition of an SNMP managed device sent as an SMS text. |
|
|
Term
|
Definition
| The process of surreptitiously monitoring people when they are accessing any kind of system in order to pilfer passwords, PIN codes, or sensitive information. A tried-and-true method of social engineering. |
|
|
Term
|
Definition
| A measurement of how well your wireless device is connecting to other devices. |
|
|
Term
| signal-to-noise ratio (SNR) |
|
Definition
| A measurement that expresses how much of a received transmission is discernable signal and how much is noise. Helps understand the amount of interference (such as RFI) when designing and troubleshooting Wi-Fi networks. |
|
|
Term
|
Definition
| Another name for logical topology. See logical topology. |
|
|
Term
|
Definition
| Specific pattern of bits or bytes that is unique to a particular virus. Virus scanning software maintains a library of signatures and compares the contents of scanned files against this library to detect infected files. |
|
|
Term
| Simple Mail Transfer Protocol (SMTP) |
|
Definition
| The main protocol used to send electronic mail on the Internet. SMTP uses TCP port 25. |
|
|
Term
| Simple Mail Transfer Protocol Secure (SMTPS) |
|
Definition
| Uses TCP port 587 to secure SMTP communication with TLS. SMTPS is not an extension of SMTP or a propriety protocol. |
|
|
Term
| Simple Network Management Protocol (SNMP) |
|
Definition
| A set of standards for communication with network devices (switches, routers, WAPs) connected to a TCP/IP network. Used for network management. |
|
|
Term
|
Definition
| One component or system that, if it fails, will bring down an entire process, workflow, or organization. |
|
|
Term
|
Definition
| A process whereby a client performs a one-time login to a gateway system. That system, in turn, takes care of the client’s authentication to any other connected systems for which the client is authorized to access. |
|
|
Term
|
Definition
| Fiber-optic cables that use lasers. |
|
|
Term
|
Definition
| A process that informs wireless network design by mapping out the physical space to identify requirements, obstacles, and sources of interference. |
|
|
Term
|
Definition
| A type of VPN connection using two VPN concentrators to connect two separate LANs permanently. |
|
|
Term
|
Definition
| The massive influx of traffic on a small or lesser-known Web site when it is suddenly made popular by a reference from the media. See also Reddit hug of death. |
|
|
Term
|
Definition
| A description of later-generation, fiber-optic connectors designed to be much smaller than the first iterations of connectors. See also LC connector and Mechanical Transfer Registered Jack (MT-RJ). |
|
|
Term
| small form-factor pluggable (SFP) |
|
Definition
| A Cisco module that enables you to add additional features to its routers. |
|
|
Term
| small office/home office (SOHO) |
|
Definition
| A classification of networking equipment, usually marketed to consumers or small businesses, which focuses on low price and ease of configuration. SOHO networks differ from enterprise networks, which focus on flexibility and maximum performance. |
|
|
Term
|
Definition
| Device (such as a credit card) that you insert into your PC or use on a door pad for authentication. |
|
|
Term
|
Definition
| Device (such as a credit card, USB key, etc.) that you insert into your PC in lieu of entering a password. |
|
|
Term
|
Definition
| Type of network interface unit (NIU) that enables ISPs or telephone companies to test for faults in a network, such as disconnections and loopbacks. |
|
|
Term
|
Definition
| A locker that an organization can control wirelessly to grant specific users temporary access. The lockers provide a secure way to deliver equipment to a specific user, keep items safe while users are away, or drop off items for someone else to retrieve later. |
|
|
Term
| SMB (Server Message Block) |
|
Definition
| Protocol used by Microsoft clients and servers to share file and print resources. |
|
|
Term
| SMTP (Simple Mail Transfer Protocol) |
|
Definition
| The main protocol used to send electronic mail on the Internet. SMTP uses TCP port 25. |
|
|
Term
|
Definition
| Saving a file on a portable medium and walking it over to another computer. |
|
|
Term
|
Definition
| Diagnostic program that can order a NIC to run in promiscuous mode. See also promiscuous mode. |
|
|
Term
|
Definition
| Device that enables the creation of UTP cables |
|
|
Term
| SNMP (Simple Network Management Protocol) |
|
Definition
| A set of standards for communication with network devices (switches, routers, WAPs) connected to a TCP/IP network. Used for network management. |
|
|
Term
|
Definition
| Software and station that communicates with SNMP agents to monitor and manage management information base (MIB) objects. |
|
|
Term
|
Definition
| SNMP manager PDU that collects management information base (MIB) information in a tree-oriented hierarchy of a MIB object and any of its subordinate objects. The snmpwalk command queries the object and then automatically queries all the objects that are subordinated to the root object being queried. |
|
|
Term
|
Definition
| The process of using or manipulating people inside an organization to gain unauthorized access. Common social-engineering techniques include phishing and impersonation. |
|
|
Term
|
Definition
| A combination of a port number, Layer 4 protocol, and an IP address that uniquely identifies a connection. |
|
|
Term
|
Definition
| Each pair consists of two linked sockets, one at each end of a TCP/IP session between two hosts. |
|
|
Term
|
Definition
| Programming instructions or data stored on some type of binary storage device. |
|
|
Term
| software as a service (SaaS) |
|
Definition
| Cloud service model that provides centralized applications accessed over a network. See also cloud computing. |
|
|
Term
| software-defined networking (SDN) |
|
Definition
| Programming that allows a master controller to determine how network components will move traffic through the network. Used in virtualization. |
|
|
Term
| SOHO (small office/home office) |
|
Definition
| A classification of networking equipment, usually marketed to consumers or small businesses, which focuses on low price and ease of configuration. SOHO networks differ from enterprise networks, which focus on flexibility and maximum performance. |
|
|
Term
|
Definition
| Firewall, typically simple, that is built into the firmware of a SOHO router. |
|
|
Term
|
Definition
| A cable that uses a single solid wire to transmit signals. |
|
|
Term
| SONET (Synchronous Optical Network) |
|
Definition
| An American fiber carrier standard for connecting fiber-optic transmission systems. SONET was proposed in the mid-1980s and is now an ANSI standard. SONET defines interface standards at the Physical layer of the OSI seven-layer model. |
|
|
Term
| Spanning Tree Protocol (STP) |
|
Definition
| A protocol that enables switches to detect and prevent switching loops automatically. See also switching loop. |
|
|
Term
|
Definition
| A tool used to scan for radio frequency (RF) sources in order to identify interference |
|
|
Term
|
Definition
| A Web site used to check an Internet connection’s throughput |
|
|
Term
| spine-and-leaf architecture |
|
Definition
| Data center architecture in which every spine switch connects to every leaf switch in a two-tiered mesh network. The mesh network removes the need for dedicated connections between the spine backbone switches, because traffic moves seamlessly from spine to leaf to spine, regardless of how many spine or leaf switches are on the network. |
|
|
Term
|
Definition
| A condition that occurs when signals on a pair of wires within a UTP cable interfere with the signals on another wire pair within that same cable. |
|
|
Term
|
Definition
| A security threat where an attacker makes some data seem as though it came from somewhere else, such as sending an e-mail with someone else’s e-mail address in the sender field. |
|
|
Term
|
Definition
| Any program that sends information about your system or your actions over the Internet. |
|
|
Term
| SQL (Structured Query Language) |
|
Definition
| A language created by IBM that relies on simple English-like statements to perform database queries. SQL enables databases from different manufacturers to be queried using a standard syntax. |
|
|
Term
|
Definition
| DNS record that associates servers for individual protocols with a domain. SRV records specify a host, port, protocol, and other details for a specific service. For example, VoIP clients can readily discover a domain’s associated SIP server. |
|
|
Term
| SSH File Transfer Protocol (SFTP) |
|
Definition
| A replacement for FTP released after many of the inadequacies of Secure Copy Protocol (SCP)—such as the inability to see the files on the other computer—were discovered. Not to be confused with Simple File Transfer Protocol, FTP over SSH, or FTPS. |
|
|
Term
|
Definition
| A wireless access point feature that announces the WAP’s SSID to make it easy for wireless clients to locate and connect to it. By default, most WAPs regularly announce their SSID. |
|
|
Term
| SSL (Secure Sockets Layer) |
|
Definition
| A protocol developed by Netscape for securing Web sites. Final version was 3.0 before the name was changed to TLS in 1999. See also Transport Layer Security (TLS). |
|
|
Term
|
Definition
| A type of VPN that formerly used SSL encryption but now uses TLS. The two most common types of SSL VPNs are SSL portal VPNs and SSL tunnel VPNs. In portal VPNs, clients connect to the VPN server using a standard Web browser; in tunnel VPNs they use a dedicated VPN client. Despite the fact that SSL is no longer in use, the SSL VPN moniker stuck. |
|
|
Term
|
Definition
| Fiber-optic connector used primarily with 2.5-mm, single-mode fiber. It uses a push-on, then twist-to-lock mechanical connection commonly called stick-and-twist although ST actually stands for straight tip. |
|
|
Term
|
Definition
| A network topology in which all computers in the network connect to a central wiring point. |
|
|
Term
|
Definition
| A hybrid of the star and bus topologies that uses a physical star, where all nodes connect to a single wiring point (such as a hub) and a logical bus that maintains the Ethernet standards. One benefit of a star-bus topology is fault tolerance. |
|
|
Term
|
Definition
| A hybrid topology which uses a physical star and logical ring. Star-ring ultimately lost market-share in favor of the more popular star-bus topology. |
|
|
Term
| start frame delimiter (SFD) |
|
Definition
| One-byte section of an Ethernet packet that follows the preamble and precedes the Ethernet frame. |
|
|
Term
| start of authority (SOA) record |
|
Definition
| DNS record that defines the primary name server in charge of a domain. Also includes parameters that control how secondary name servers check for updates to the zone file, such as the serial number which indicates whether the zone file has updates to fetch. |
|
|
Term
|
Definition
| Describes a DHCPv6 server that works very similarly to an IPv4 DHCP server, passing out IPv6 addresses, subnet masks, and default gateways as well as optional items like DNS server addresses. |
|
|
Term
| stateful filtering/stateful inspection |
|
Definition
| A method of filtering in which all packets are examined as a stream. Stateful devices can do more than allow or block; they can track when a stream is disrupted or packets get corrupted and act accordingly. |
|
|
Term
|
Definition
| Describes a DHCPv6 server that only passes out information like DNS servers’ IP addresses, but doesn’t give clients IPv6 addresses. |
|
|
Term
| stateless address autoconfiguration (SLAAC) |
|
Definition
| A process that enables network clients to determine their own IPv6 addresses without the need for DHCP. |
|
|
Term
| stateless filtering/stateless inspection |
|
Definition
| A method of filtering where the device that does the filtering looks at each IP packet individually, checking the packet for IP addresses and port numbers and blocking or allowing accordingly. |
|
|
Term
|
Definition
| A contract that defines the services, products, and time frames for the vendor to achieve. |
|
|
Term
|
Definition
| The process of assigning IP addresses by manually typing them into client computers. |
|
|
Term
|
Definition
| A type of network address translation (NAT) that maps a single routable IP address to a single machine, allowing you to access that machine from outside the network and vice versa. |
|
|
Term
|
Definition
| Entries in a router’s routing table that are not updated by any routing protocols. Static routes must be added, deleted, or changed by a router administrator. Static routes are the opposite of dynamic routes. |
|
|
Term
|
Definition
| A process by which a router uses manually entered static routes to forward traffic to other networks. |
|
|
Term
|
Definition
| A device or medium that can retain data for subsequent retrieval. |
|
|
Term
| storage area network (SAN) |
|
Definition
| A server that can take a pool of hard disks and present them over the network as any number of logical disks. |
|
|
Term
| STP (Spanning Tree Protocol) |
|
Definition
| A protocol that enables switches to detect and prevent switching loops automatically. See also switching loop. |
|
|
Term
|
Definition
| UTP or STP cable segment that has the wire and pin assignments at one end of the cable match the wire and same pin assignments at the other end. Straight-through cables are used to connect hosts to switches or to connect switches to routers and are the connective opposite of crossover cables. |
|
|
Term
|
Definition
| Fiber-optic connector used primarily with 2.5-mm, single-mode fiber. It uses a push-on, then twist-to-lock mechanical connection commonly called stick-and-twist although ST actually stands for straight tip |
|
|
Term
|
Definition
| A cable that uses a bundle of tiny wire strands to transmit signals. Stranded core is not quite as good a conductor as solid core, but it will stand up to substantial handling without breaking. |
|
|
Term
|
Definition
| An encryption method that encrypts a single bit at a time. Popular when data comes in long streams (such as with older wireless networks or cell phones). |
|
|
Term
|
Definition
| Two or more drives in a group that are used for a striped volume. |
|
|
Term
|
Definition
| Standards defined by the American National Standards Institute/Telecommunications Industry Association (ANSI/TIA) that define methods of organizing the cables in a network for ease of repair and replacement. |
|
|
Term
|
Definition
| Each independent network in a TCP/IP internetwork. |
|
|
Term
|
Definition
| Portion of an IP address that identifies bits shared by all hosts on that network. |
|
|
Term
|
Definition
| The value used in TCP/IP settings to divide the IP address of a host into its component parts: network ID and host ID. |
|
|
Term
|
Definition
| Taking a block of IP addresses and chopping it into multiple smaller groups. See also Classless Inter-Domain Routing (CIDR). |
|
|
Term
| subscriber connector (SC) |
|
Definition
| Fiber-optic connector used to terminate single-mode and multimode fiber. It is characterized by its push-pull, snap mechanical coupling, known as “stick and click.” Commonly referred to as subscriber connector, standard connector, and sometimes, Siemon connector. |
|
|
Term
| subscriber identity module (SIM) card |
|
Definition
| Small storage device used in cellular phones to identify the phone, enable access to the cellular network, and store information such as contacts. |
|
|
Term
|
Definition
| The process of identifying people who can take over certain positions (usually on a temporary basis) in case the people holding those critical positions are incapacitated or lost in an incident. |
|
|
Term
| supervisory control and data acquisition (SCADA) |
|
Definition
| A system that has the basic components of a distributed control system (DCS), yet is designed for large-scale, distributed processes and functions with the idea that remote devices may or may not have ongoing communication with the central control. |
|
|
Term
|
Definition
| A client computer in a RADIUS network. |
|
|
Term
|
Definition
| A Layer 2 (Data Link) multiport device that filters and forwards frames based on MAC addresses. |
|
|
Term
|
Definition
| Various methods to help modern switches deal with malicious software and other threats. Includes technologies such as flood guards. |
|
|
Term
|
Definition
| A circular path caused by connecting multiple switches together in a circuit. Switches use Spanning Tree Protocol (STP) to detect loops and disable the associated port. Also known as a bridge loop or bridging loop |
|
|
Term
|
Definition
| Type of DSL connection that provides equal upload and download speed and, in theory, provides speeds up to 15 Mbps, although the vast majority of ISPs provide packages ranging from 192 Kbps to 9 Mbps. |
|
|
Term
|
Definition
| Any encryption method that uses the same key for both encryption and decryption. |
|
|
Term
| Synchronous Digital Hierarchy (SDH) |
|
Definition
| European fiber carrier standard equivalent to SONET. |
|
|
Term
| Synchronous Optical Network (SONET) |
|
Definition
| An American fiber carrier standard for connecting fiber-optic transmission systems. SONET was proposed in the mid-1980s and is now an ANSI standard. SONET defines interface standards at the Physical layer of the OSI seven-layer model. |
|
|
Term
|
Definition
| System log collector in macOS and Linux. Useful for auditing, performance monitoring, and troubleshooting. |
|
|
Term
|
Definition
| Description of typical beginning and end of computing components. Handling such devices at the end includes system life cycle policies and asset disposal. |
|
|
Term
|
Definition
| A log file that records issues dealing with the overall system, such as system services, device drivers, or configuration changes. |
|
|
