Networking Glossary



This fiber optic cable adheres to the Physical Layer standard for networks. It specifies an exact 1 Gbps transmission using baseband transmission. The LX in the term represents its reliance on long wavelengths of 1300 nanometers.


This fiber optic cable adheres to the Physical Layer standard for networks. It specifies an exact 1 Gbps transmission using baseband transmission. The SX in the term represents its reliance on short wavelengths of 850 nanometers.


The Physical Layer standard for fiber optics cables that allows them to achieve 1 Gbps over a twisted-pair cable.


The Physical Layer standard for fiber optics cables that requires good baseband transmission, up to date twisted-pair cabling, and 100-Mbps throughput on all sections. 100Base-T is also called Fast Ethernet.


The Physical Layer standard for fiber optics cables that allows them to achieve 10-Gbps of data transmission over twisted-pair cables.

110 block

110 blocks are a type of a punchdown block whose purpose is to terminate twisted-pair wires. They can only do this to Cat 5 or better. Data connections rely on 110 blocks, while telephone connections do not. 110 stands for the model number of the earliest blocks of this type.

2FA (two-factor authentication)

A type of access where the person in question needs to provide something, like a keycard or retinal scan, and know something, like a password or PIN.


4G is the fourth generation of mobile phone service and connection. Its main feature is a packet-switched, all-IP network that has data and voice transmission capabilities.

66 block

This punchdown block is responsible for ending telephone calls. 66 stands for the model number of the first versions of these blocks.


This IEEE standard controls the wireless networking technique for multiple frequency bands in the 5-Ghz frequency range. It has a theoretical maximum throughput of 54 Mbps.


This IEEE standard controls the wireless networking technique that approaches Gigabit Ethernet capabilities. It is the first of its kind and exceeds earlier standards through improving its bandwidth and amplitude.


This IEEE standard covers DSSS (direct-sequence spread spectrum). Its signal ranges in the 2.4-GHz frequency. It has a theoretical maximum throughput of 11 Mbps.


This IEEE standard governs a wireless networking technique compatible with 802.11b. It ranges in the 2.4-GHz range but uses different data modulation techniques. These differences provide a theoretical maximum of 54 Mbps.


This IEEE standard governs a wireless networking technique capable of giving off signals in the range of 2.4-GHz and 5-GHz. It is capable of achieving a data throughput of anywhere between 65 Mbps and 600 Mbps.


This IEEE standard governs the format and appearance of VLANS and trunking within frames. It also controls the way switches and bridges translate and interpret this data.


This IEEE standard is a vendor-independent method of using the transmission’s port to secure connection and transmission between nodes. This method can do this regardless of whether the node is physical or logical. 802.1X is also called EAPoL and often utilizes RADIUS authentication.


This IEEE standard is a method of giving up to 15.4 watts over twisted-pair Ethernet connections. This method is also known as PoE (Power over Ethernet).


This IEEE standard is the upgraded version of 802.3af. It supplies up to 25.5 watts over Ethernet connections.


A (Address) record

This record is a type of DNS data record allowing mapping between the IPv4 address of a device to its specific domain name.

AAA (authentication, authorization, and accounting)

These three protocols enable a network to confirm a user’s identity, whether they are authorized for certain privileges on the machine or network, and to account for the user’s actions on the machine or network.

AAAA (Address) record

This DNS data record type allows mapping between IPv6 addresses and the domain names of their respective devices. It is traditionally pronounced as “quad-A record.”

Access Control

Access Control is a technique for managing who accesses what on a network.

Access Port

This port is used for an end node to interface on a switch. Any devices using an Access Port cannot access VLAN information.


Within networking, specifically security, accounting is the logging of all user activity and access levels on a network.

ACL (access control list)

Routers, among other devices, use this list of statements to give or deny permission any traffic on a network based on specific criteria.

AD (Active Directory)

Active directories are centralized databases containing the account information of their users. They also have data on security for all the computers on their network.

AD (administrative distance)

Protocol’s have a number assigned to them by a network administrator, who can change this number at their discretion. Lower values indicate good reliability of the protocol in question and are given higher priority.

AD DS (Active Directory Domain Services)

This Active Directory service manages user access to a network from any computer in the network. It also allows them to access any resources the Active Directory maintains.

Ad Hoc

This type of LAN is wireless; its stations communicate directly with each other rather than going through access points.

Address Translation

Address Translation is when a private IP address used by computers is substituted on the private network with a public IP address of a router or other gateway device. This process allows the computer to access other networks and the Internet.

ADSL (asymmetric DSL)

This popular version of DSL offers faster download speeds than upload speeds.

AES (Advanced Encryption Standard)

This standard consists of a private key encryption algorithm that utilizes highly advanced families of codes and ciphers. It also uses multiple stages of data transformation, further encrypting the data.

AF (Assured Forwarding)

This DiffServ forwarding application prioritizes data handling. Messages may not arrive on time or in the correct order if the network is busy.


This software routine collects information regarding a machine’s operation and compliance in regards to security benchmarks. The Agent will also provide this data to a network management application.

Agentless Authentication

This authentication process evaluates the user instead of the device. After authentication occurs, the device is scanned to ensure compliance with access control requirements.

AH (authentication header)

This header is a type of encryption within the context of IPsec that gives authentication of the IP packet’s data payload using public-key techniques.


Alerts are messages, often warnings, created when a pre-defined event occurs. The system always logs alerts.

Alien Crosstalk

Alien Crosstalk is the electromagnetic interference caused in a cable by signals traveling over a nearby cable.

Amplified DRDoS Attack

This attack utilizes small, simple requests at such high volumes that large responses and slowdowns occur within the target. Protocols like DNS, NTP, ICMP, LDAP, and SNMP are very susceptible to this type of attack.


A logical process of combining bits.


This wireless technology is an open-source method of gathering and tracking information obtained from machines like heart rate monitors, GPS devices, and many other activity monitoring machines.

Application layer

This layer is the seventh (the top) of the OSI model. Application layer protocols control the negotiation of formatting, procedural, security, synchronization, and other needs within the network.

APT (advanced persistent threat or advanced persistent tool)

APTs are network attacks that remain and continue undetected for long periods.

ARIN (American Registry for Internet Numbers)

ARIN is a nonprofit that directs the distribution of public IP addresses for the North American continent as well as several island chains like the Caribbean. It also serves what few public IP addresses Antarctica needs.

ARP (Address Resolution Protocol)

ARP is a core protocol in the TCP/IP protocol. It is categorized in the Data Link layer of the OSI model. ARP, combined with IPv4, can discover the MAC address of any nodes on the local network. It also manages a database that maps local IP addresses to their respective MAC addresses.

AS (autonomous system)

Autonomous systems are several networks, likely on the same domain, that are managed and used by the same organization.

ASP (application service provider)

A business that provides software services over the Internet.

ATM (Asynchronous Transfer Mode)

This WAN technology operates primarily within Layer 2 of the OSI model. It delivers data with fixed-size packets called cells.


The loss of a signal’s strength as it travels away from its source.

AUP (acceptable use policy)

AUP is a small part of a network security statement that explains to the network’s users what they are and are not allowed to do when accessing certain resources on the network. It will also detail the consequences of failing to adhere to the restrictions.


Authentication is a security technique where a user’s inputted security credentials are matched with the credentials stored within a database. If they match, the user will be able to log onto the network.


This security technique determines what the user is allowed to do with network resources.


Availability is how consistently and reliably a device, connection, or file can be accessed.


Back Door

A flaw in the software of a program’s security that allows unauthorized users access to data and the system as a whole.


The central part of a network connecting all parts of it including router, switches and serves, the backbone is also referred to as “a network of networks.”


The central part of a network connecting all parts of it including router, switches and serves, the backbone is also referred to as “a network of networks.”


A specific frequency range on the wireless spectrum.


Bandwidth is the theoretical maximum amount of data that could be transmitted within a specific amount of time.

Bandwidth Speed Tester

A website responsible for testing current upload and download speeds on a WAN connection.

Best Path

Best Path is a term used to define the most efficient route data can take from one node to another

BGP (Border Gateway Protocol)

BGP is also known as the “protocol of the Internet.” This broad term is used because it is the only path-vector routing protocol that is an EGP. It can use many factors in its routing metrics.


Biometrics are security clearance type that relies on the physical characteristics of a user. Things like the iris or fingerprints are most often used.

Bit Rate

Bit Rate is the measure of throughput and bandwidth in digital transmissions. It is written as bits transmitted per second.


Bluetooth provides close-range communication between multitudes of devices like PCs, smartphones, tablets, and other smart accessories. It is defined as a low-power, wireless technology.

BootP (Boot Protocol/Bootstrap Protocol)

This IP network protocol is responsible for automatically boosting systems and assigning IP addresses.

Border Router

Also known as an edge router, border routers connect a network or system to an outside network.

BPDU (Bridge Protocol Data Unit)

BPDUs transmit STP information between switches.

Bridged Mode

Bridged mode is a network connection type where a vNIC (virtual NIC) can access a physical network through its host machine’s NIC. The vNIC receives its default gateway, unique IP address, and subnet mask from the physical DHCP server.


Broadband is when service cables and bandwidth are shared between many users at once. It is most commonly used in WANs


A message that is read by every node on a network.

Broadcast Domain

Broadcast Domains are rigidly defined by logically grouped nodes capable of communicating directly through broadcast transmissions. Switches and hubs, among other repeating devices, extend broadcast domains by default—devices operating on Layer 3 of the OSI Model, such as routers, separate broadcast domains.

Brute Force Attack

Brute force attacks are crude, but strong, attempts to acquire encryption keys and passwords by entering every possible character combination until access is granted.

Bus Topology

A topology in which a single cable connects all nodes on a network without intervening connectivity devices.


CA (certificate authority)

This organization is responsible for issuing and maintaining digital certificates as part of the PKI (public-key infrastructure).

Cable Broadband

Cable Broadband provides Internet access over the coaxial wiring used for TV signals.

Cable Modem

This device is capable of modulating and demodulating signals for transmission and reception within cable wiring.

Cable Performance Tester

This troubleshooting tool tests cables for continuity. It also measures attenuation, impedance, and crosstalk. It can pinpoint the location of errors. It stores and can print its test results. It is also called the line tester, a certifier, or a network tester.

CAN (campus area network)

CANs are a specialized LAN where multiple networks connect over the geographical area of a university campus.

Captive Portal

A captive portal is the first page shown by a user’s browser when connecting to a guest network. This page generally needs the user to accept some terms and conditions before acquiring full access to the network.

CARP (Common Address Redundancy Protocol)

This protocol is capable of letting several computers or interfaces share one IP addresses.

Carrier Ethernet

This WAN technology is capable of sending Ethernet traffic across long distances.

Catastrophic Failure

A failure that destroys a component beyond use.

CCTV (closed-circuit TV)

CCTV is a video surveillance system responsible for monitoring activity within a secure area.

CDMA (Code Division Multiple Access)

This cellular standard uses spread-spectrum technology, which means a signal is spread over as wide a bandwidth as possible so multiple users can use the same channel.


Cells, as defined within ATM technology, are packets of a fixed size at 48 bytes of data. They also have a 5-byte header.

CET (Carrier-Ethernet Transport)

This Ethernet-based transport method is known for overcoming the weaknesses of using Ethernet outside of a strict LAN environment.

CHAP (Challenge Handshake Authentication Protocol)

CHAP is an authentication protocol that encrypts usernames and passwords for transmission and operates over PPP.


Checksums are a way to check if a received data unit matches the data unit initially sent from the source.

CIDR (Classless Interdomain Routing)

CIDR is a shorthand way of parsing out the network and host portions of an IP address.

CIDR block

Using CIDR notation, the forward slash and the number following it are the CIDR block. They represent the number of bits used for the network ID. Ex:, the CIDR block is /17.

Cipher Lock

Locks that require a code to open them.


This type of switching requires a bandwidth-based, established connection between two nodes before any data can be transmitted.

Classful Addressing

Classful Addressing is an IP address convention based on network class differences. Class A addresses utilize the first 8 bits of an IP address as the network portion, Class B uses the first 16 bits, and Class C uses the first 24 bits.

Classless Addressing

Classless Addressing breaks away from Classful Addressing when breaking apart traditional IPv4 addresses into smaller subnets on a network.

CLI (command-line interface)

Similar to the Command Prompt in Windows, this graphics-free user interface allows technicians to enter commands more efficiently and powerfully than within a GUI.


Clients are any computers or applications on a computer that make requests for data or information from another computer or application.

Client-Server Application

Data or a service requested by one computer from another.

Cloud Computing

Utilizing the cloud (non-local data storage or applications) to provide services over the Internet in a flexible, easy manner.


Clustering is a term describing several devices grouped together to appear as one entity to the rest of the network.

Coaxial Cable

Coaxial Cables are a type of cable with a central metal conducting core encased with an insulator, shielding, and a protective, flexible outer cover. More commonly known as “coax”, these cables are used to connect cable Internet and TV systems.


Collision occurs when one node’s data transmission interferes with another node’s data transmission when within the same segment.

Collision Domain

Essentially, Collision Domain is the range of an Ethernet network where a collision can occur. This issue is solved today because switches and routers separate potential collision domains.

Connectionless Protocol

Connectionless Protocol is when a request is given for data, but no established session is required, and there is no guarantee the data arrives safely. Protocols using this are in the Transport layer of the OSI model.

Connection-Oriented Protocol

Connection-Oriented Protocol is when a request is given for data, but an established session is required, and the data is guaranteed to arrive safely. Protocols using this are in the Transport layer of the OSI model.

Console Port

A port on a router generally used for direct communication with the router.

Console Router

A device that provides centralized management of all linked devices.

Console Server

A device that provides centralized management of all linked devices.

Content-Filtering Firewall

This firewall is capable of filtering and directly blocked user-customized types of traffic from entering the network.


The ability of a cable to carry a signal to its destination.


The Core is the central part of a cable whose job is to carry signals back and forth. Examples of this include glass or plastic fibers within fiberoptic cables or the flexible strands of copper within twisted-pair cables.

CoS (Class of Service)

CoS is quality control techniques enacted within Layer 2 of the OSI Model. They primarily operate on Ethernet frames.

CPU (central processing unit)

This part of a computer is responsible for nearly all the data processing needs of a computer.


This tool is used to attach a connector onto the end of a cable, causing the internal RJ-45 pins to pierce the wires’ insulation, thus creating contact between the conductors at each wire.


Crosstalk is a form of interference that signals traveling on a nearby wire cause.

CSMA/CD (Carrier Sense Multiple Access with Collision Detection)

IEEE 802.3 requires the use of this network access method within Ethernet networks. This protocol dictates that each node on a network must wait its turn to transmit data to minimize the chance of interferences like collisions occurring.


D channel

This channel employs packet switching techniques that carry data around an ISDN connection.

DAC (discretionary access control)

DAC is when the user has full control over who has access to their resources.

Data breach

Unauthorized access or use of sensitive data.

Data frame

This 802.11 frame is responsible for getting data from station to station.

Data Link layer

The Data Link layer is the second within the OSI model. It is responsible for connecting the Physical Layer hardware to the processes and protocols of the Network Layer.

Data plane

Data planes are the contact physical devices and digital transmissions make as data packets and messages travel through a network.


A UDP message at the Transport layer.

dB (decibel)

A unit of sound intensity, signal attenuation, SNR, or antenna gain.

DDoS (distributed DoS) attack

This type of attack occurs when a multitude of hosts flood the target host with simultaneous requests, overloading the target and rendering it unable to function.

Deauth (deauthentication) attack

This type of attack is when the hacker sends fake deauthentication frames to the client or AP to knock one or more of the users off the wireless network.


Decapsulation is when a header or trailer is removed from a lower OSI layer.

Default gateway

A device on the private network that the network’s nodes turn to first to access outside networks or the Internet.

Default route

This route is a backup used when a router cannot find a path to a packet’s intended destination.

Demarc (demarcation point)

A demarc is where a telecommunication company’s network ends, and a building’s network begins.

Device hardening

Methods used to secure a device from network or software based attacks.

DHCP (Dynamic Host Configuration Protocol)

DHCP is a TCP/IP protocol that dynamically distributes IP addresses to devices on a network. It resides at the Application Layer of the OSI model.

DHCP pool

This pool consists of a predefined range of IP addresses DHCP can give to any device on its network.

DHCP snooping

This security feature, present on switches, enables the checking and filtering of all DHCP messages on a network.

Differential backup

This backup method only records data that is different when compared to the current version of the backup in storage.

DiffServ (Differentiated Services)

A technique for ensuring QoS by prioritizing traffic.

Digital certificate

A digital certificate contains verified information on a user’s identification and their public key.

Distance-vector routing protocol

This method is the simplest way of determining the most efficient path for data to get to its destination. It based on the “distance” to its endpoint.

DLC (Data Link Control)

DLC is a Data Link Layer protocol that manages data frames, error detection, and flow control.

DLP (data loss prevention)

This security technique ensures confidential data is not in any way taken off the network by unauthorized users.

DNAT (Destination Network Address Translation)

The gateway can assign any of the IP addresses to devices that request access an outside network, provided that IP address is not already in use by another device on the network.

DNS (Domain Name System or Domain Name Service)

Invented in the mid-1980s, DNS is a hierarchical method of recording domain names and their public addresses.

DNS poisoning

DNS poisoning is an attack that changes the DNS records on a server. This change will redirect any Internet traffic to a phishing site rather than the real website.

DNS spoofing

DNS spoofing is an attack where name server records are forged in an attempt to appear as a different user or host.


Within the context of Windows Server NOSes, domains are coalitions of users that share servers, devices, and other resources that have the same account and security policies.

Domain name

Domain names are a company identifier within an FQDN, typically consisting of the last two parts.

DoS (denial-of-service) attack

This type of attack occurs when the attacker floods a system with thousands of requests per second, overloading its processing power due to the volume.

DR (designated router)

Within the context of OSPF, a Designated Router is automatically selected to be a central router for passing information through a network.

DRDoS (distributed reflection DoS) attack

This type of DoS attack occurs when the flood of request comes from a multitude of infected computers, thereby masking the location and address of the real attacker.

Dual stacked

This type of network is capable of supporting IPv4 and IPv6 traffic types.


This type of transmission is capable of supporting signals traveling in both directions along a cable or other medium simultaneously.

Dynamic IP address

DHCP protocols automatically assign this type of IP address upon the request of a device on the network. Dynamic IP addresses are often changed when the configurable DHCP lease either expires or is terminated.

Dynamic routing

This type of routing is very efficient. It automatically calculates the shortest path between two networks and keeps track of this information on a routing table.


EAP (Extensible Authentication Protocol)

EAP is the framework for authenticating both clients and servers. EAP does not have encryption capabilities and cannot truly authenticate users on its own but provides a platform for encryption and authentication protocols and helps them verify the identity of clients and servers.

EAPoL (EAP over LAN)

See 802.1X. EAP-TLS – A form of EAP that uses TLS encryption to protect communications.

Edge router

Edge routers connect systems with outside networks. A good example of this is a router that connects a business’ network to its ISP (Internet Service Provider)

EF (Expedited Forwarding)

This DiffServ application is a forwarding specification that gives every packet of data sent off a minimum departure rate from each node.

EGP (exterior gateway protocol)

Edge and exterior routers use this routing protocol to distribute data outside of their networks. They are rather outdated, BGP being the only modern example of an exterior gateway protocol.

EIGRP (Enhanced Interior Gateway Routing Protocol)

Developed by Cisco, EIGRP is an advanced distance-vector calculation protocol. It mashes together many of the features of a link-state protocol with several new features. Because of this, it is often called a hybrid protocol.

Elevated Command Prompt

A Command Prompt window with administrative privileges.

EMI (electromagnetic interference)

Electromagnetic Interference can affect data transfer and can be caused by motors, copiers, televisions, power lines, fluorescent lights, and other electrical devices.


Encapsulation occurs when a header is added to a data packet inherited from a higher layer in the OSI model.


Encryption is a method of keeping information private. It utilizes different algorithms to scramble and mess up data into a format that is unreadable by any human. The algorithm must be reversed to unscramble the data.

Entrance facility

An entrance facility is where incoming network services (like phones, long-distance service, or Internet) enter buildings and connect with the backbone of the building’s network.

Error rate

Error rate, in networking, is the percentage of data that is damaged in transit to its destination.

ESP (Encapsulating Security Payload)

This type of encryption provides authentication of the IP packet’s data payload utilizing public-key techniques. It then encrypts the entire data packet for extra security.

ESS (extended service set)

Multiple access points and stations are all connected to and using the same LAN.

Ethernet II

Ethernet II is the current standard used today. Ethernet II is different from all other Ethernet types because it contains a 2-byte type field to identify any upper-layer protocol within its frame.

Ethernet port

The type of port that connects devices on a LAN; it uses an RJ-45 connector.

EUI-64 (Extended Unique Identifier-64)

This IEEE standard is responsible for defining 64-bit physical addresses. The EUI-64 scheme ensures the OUI portion of the address is exactly 24 bits long. The 40-bit extension is the personal part of the physical address, identifying the specific machine to which the address refers.

Event log

This service records events on Windows-based operating systems.

Event Viewer

The event viewer allows a user to look back on recorded events the event log took note of and to sort them based on certain criteria.

Evil twin

Evil twin is an exploit where a rogue access point pretends to be a legitimate access point. It uses the same SSID at the least and often other identical settings.

Exhausted DHCP scope

An exhausted DHCP scope has run out of all available IP addresses on a network. This incident means that no new devices can receive an IP address until one is freed up.


To exploit something in networking means to take advantage of a vulnerability, whether in security or in something programming, for personal gain. Exploiting something does not always have malicious intent, but does always made things easier for the user that finds them.

Extension identifier

An extension identifier is a unique string of characters emblazoned on each NIC by its manufacturer.

Exterior router

An exterior router is a router that controls and directs data between networks. Routers on the Internet’s backbone are a great example of this.


Fast Ethernet

This type of Ethernet is capable of a throughput of 100-Mbps.


The malfunction of one component of a system.

Fault management

When a fault occurs, fault management is categorizing and signaling the system of the error, whether it be a physical device, link, or component that malfunctioned.

Fault tolerance

Fault tolerance is the ability of a system to continue to perform at a relatively high level when a hardware or software malfunction occurs.

FC (Fibre Channel)

FC is a storage architecture that runs entirely separately from Ethernet networks. It maximizes the speed of data storage and ease of access.

FCS (frame check sequence)

FCS is the data frame section that ensures data carried within the frame arrives intact to its destination.

FDM (frequency division multiplexing)

FDM is a method of multiplexing where unique frequency bands are assigned to a unique communications subchannel. These signals are then modulated with different carrier frequencies and then multiplexed so they can travel over a single channel simultaneously.

Fiber-optic cable

Fiber-optic cables contain at least one plastic or glass fibers at their core. Data is transmitted across fiber-optic cables by pulsing light signals sent from lasers or LED lights through the central fiber.

FIM (file integrity monitoring)

FIM is a security technique that ensures any changes made to files that should always remain the same, like operating system files, are sent as an alert to the system.


Firewalls very selectively filter or block traffic based on highly configurable settings. Firewalls can be hardware like a router or be software-based.


Programs embedded into hardware devices.

FM (frequency modulation)

FM is a type of data modulation where the carrier signal frequency inherently changed by the application of a data signal.

FQDN (fully qualified domain name)

FQDN consists of the host name combined with the domain name to identify a unique device or place on a network.


This Network layer service divides large packets into smaller packets when they exceed the maximum size allowed for the network.


The entire Data Link layer message, including the header, payload, and trailer.

Frame relay

Frame relays are several Data Link layer protocols that parse data into variable-length frames. These frames are sent from one node to another with no verification or processing applied.

FTP (File Transfer Protocol)

FTP is a TCP/IP protocol used to send and receive files. It resides on the Application layer of the OSI model.

FTP bounce

FTB bouncing is a type of attack where an FTP client gives a different destination for the requested data. By giving a different destination, the hacker can send replacement data to the intended destination and transmit malicious code.

FTPS (FTP Security or FTP Secure)

FTPS is a version of FTP with TLS and SSL for extra security.

Full backup

Full backups record everything on the system being backed up, regardless of whether it already has some of the data in its storage or not.



Gateways are routers, computers, or other devices that hosts use to access outside networks. They operate at multiple layers of the OSI model because they perform connectivity, data translation, and session management.

Gateway of last resort

This router accepts all messages deemed unroutable.

Gbps (Gigabits per second)

This unit measures data transfer rate.


This authentication protocol that uses a client’s geographical location to enforce a virtual security perimeter.

Gigabit Ethernet

In computer networking, Gigabit Ethernet (GbE or 1 GigE) is the term applied to transmitting Ethernet frames at a rate of a gigabit per second (1 billion bits per second).

GLBP (Gateway Load Balancing Protocol)

A Cisco proprietary protocol that attempts to overcome the limitations of existing redundant router protocols by adding basic load balancing functionality.

Group Policy (gpedit.msc)

This windows utility is capable of controlling what users to and how the system can be manipulated.

Guest network

A separate wireless network created through a Wi-Fi router or access point to protect a private network while still providing guests with access to the Internet.


HA (high availability)

Any system that can reliable function nearly all of the time.


In a traditional sense, hackers are people who master all aspects of a computer in order to better understand them. In popular culture, hackers are those who break into systems and networks, most commonly with malicious intent.

Handshake protocol

This SSL protocol allows the client and server “introduce” themselves to each other and ensure data is exchanged securely between them


Hashing is transforming data utilizing different algorithms in such a manner that the amount of space needed for the data to be stored is reduced. Its primary purpose it to keep the data’s integrity.

HDMI (High-Definition Multimedia Interface)

HDMI is a standard connector cable. Its primary use is in audio or video settings.


Headers are located at the beginning of any type of data payload. It is where any and all control information is added by protocols.

HIPS (host-based intrusion prevention system)

HIPS is meant for a single computer, meaning it will protect only that one computer against any unwanted intrusion.


Honeypots are traps for hackers with malicious intent. They are systems isolated from anything important and are created with deliberate security exploits to lure in any hackers attempting to reach their systems.


A hop is a single unit of travel a packet of data can take. A hop occurs between two nodes.

Hop limit

Packets have limitations on how many times they can hop. Hop limits are intended for IPv6 packets and are extremely similar to the TTL protocol in IPv4 packets.


A host can be one of two things. First, a host can be any computer or device that runs any application or requires any sort of data (essentially a computer). Second, a host can be the computer on which a virtual machine runs and operates.

Host ID

This part of an IP address shows who the host is on a network.

Host name

A host name is the first part of an FQDN (like www) and identifies unique devices on a network.

HTTP (Hypertext Transfer Protocol)

HTTP is responsible for the connection between clients (hosts) and servers they are trying to gain access to. HTTP operates on the Application Layer of the OSI model


HTTPS (yes, the https on a web address) indicates that the connection and thus data transference between a client and a server is secure. It is secure because the HTTP is utilizing SSL or TLS encryption.


Hubs are ancient connectivity devices. They were responsible for retransmitting any incoming data signals to any ports connected to it.

Hz (Hertz)

Hertz are units of frequency. One Hertz equals one wave cycle per second.



Jitters occur when packets experience a superior amount of delay and arrive out of order.



Jitters occur when packets experience a superior amount of delay and arrive out of order.


Kbps (Kilobits per second)

A unit for measuring data transfer rate.


Kerberos is an authentication protocol that verifies client identity with key encryption. It also uses this encryption to safely transmit or exchange information after the user successfully logs into the network.


A series of characters that is combined with a block of data during that data’s encryption.

KVM (keyboard, video, and mouse) switch

This device allows control of a whole rack of equipment from a single console.


L2TP (Layer 2 Tunneling Protocol)

A VPN tunneling protocol that encapsulates PPP data for use on VPNs.

LACP (Link Aggregation Control Protocol)

LACP is a protocol defined by IEEE’s 802.1AX. It coordinates communications between two or more users dynamically. It does so on aggregated conditions.

LAN (local area network)

LANs and their subsets are networks of differing geographical sizes. LANs specifically are confined to a relatively small area like a single building. All nodes on a LAN can directly communicate with other nodes on a LAN


The delay between the transmission of a signal and its receipt.

LDAP (Lightweight Directory Access Protocol)

A standard protocol for accessing network directories.

LDAPS (Lightweight Directory Access Protocol over SSL)

This version of LDAP comes with SSL built in to it. SSL encrypts all communication done through LDAPS and secures any data transferred through it.


Any LAN (local area network) bounded by routers.

Link aggregation

To aggregate a bunch a links is to seamlessly combine at least two, often more, network interfaces or more to act as one single logical interface.

Link local address

A link local address is an IP address automatically assigned by a local operating system. This IP address is assigned if and only if the node has a need to communicate over its own local subnet, but no routable IP address is available.

Logic bomb

Logic bombs are malicious software designed to begin only when certain conditions within the hardware or software they infect are met.

Logical topology

Logical topology has to do with data is transmitted between nodes and the way it does so. Logical topology also governs how specific resources are utilized by the nodes on a network and access control as well. Logical topology often, if not always, differs from its physical topology.

LTE (Long-Term Evolution)

LTE is a 4G cellular network technology. In its latest form is can, theoretically give the user access to a 1 Gbps throughput, though true speeds realistically are often significantly less.


MAC (Media Access Control) address

MAC addresses are 48 or 64-bit identifiers that are essentially the physical address for a computer on a network. MAC addresses include two parts, the OUI, each company have its own unique one, and the extension identifier which is unique to the NIC of each machine.

MAC address table

MAC address tables are databases that store all MAC addresses that are allowed on the network. They can be configured manually or dynamically.

MAC filtering

MAC filtering prevents any MAC address not listed on a MAC address table as an approved device from joining the network.

MAC reservation

MAC reservation is when a node, identified by its MAC address, has a specific IP address set aside for it by a DHCP server.


A program or piece of code designed to intrude upon or harm a system or its resources.

MAN (metropolitan area network)

MANS are a type of LAN stretched over a larger geographical area. Essentially MANS are multiple connected LANS stretched over a large metropolitan area.

Mesh topology

Mesh topology is a topology type where no single node has full communications control over the network. All nodes are directly interconnected as well.

Metro (Metropolitan) Ethernet

A WAN technology that sends Ethernet traffic across MAN connections.

MIMO (multiple input-multiple output)

MIMO, within the boundaries of 802.11n, is the ability for access points to utilize two or roe antennas to issue many signals to different stations. This ability multiplies a signal’s strength and increases its range and data-carrying capacity.

MitM (man-in-the-middle) attack

A MitM attack must occur over intercepted transmission. In all cases of this attack, data in transit is either redirected or directly captured by the attacker.

MLA (master license agreement)

MLAs are contracts that give licenses from the creator, producer, or developer to a third party to sell their product to customers. This third party sell the product either as a stand alone or as a part of another product based on the discretion of the creator and the wording of the agreement.


A modulation/demodulation device that converts between digital and analog signals.

MS-CHAP (Microsoft Challenge Handshake Authentication Protocol)

MC-CHAP uses a three-way handshake to authenticate client credentials. It is provided on Windows OS’s and also encrypts all passwords with challenge text.

MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol, version 2)

Version two of MS-CHAP essentially just has stronger encryption that utilizes more complex keys during transmission and reception. Version 2 also requires mutual authentication between the two communicating computers.


Transmissions in which one host sends messages to multiple hosts.


A form of transmission that allows multiple signals to travel simultaneously over one medium.


NAC (network access control)

NAC balances the needing network access with demands of network security. NAC does this through using a set of network policies to change the level and type of access a device is given when it joins a network.

Name resolution

The process of discovering the IP address of a host when the FQDN is known.

NAT (Network Address Translation)

NAT occurs when a private IP address on a private network needs a public IP address made to a network outside of their.

NAT mode

NAT mode is needed when a virtual NIC (vNIC) uses its host machine to perform NAT functions. The virtualization software acts as a DHCP server.

Native VLAN

An untagged VLAN on a switch that will automatically receive all untagged frames.

NCP (Network Control Protocol)

An obsolete ARPANET protocol that provides remote access and data transfer.

NDA (non-disclosure agreement)

This part of a security policy defines what cannot be disclosed to others regarding a product or company.

NetBEUI (network basic input/output extended)

NetBEUI, as an extension of NetBIOS, gives standardization for the format of all frames used during the transportation of data across small networks.

NetBIOS (network basic input/output system)

A protocol that associates NetBIOS names with workstations.


A network is a group of nodes (devices) connected together that can share and exchange data through this connection, whether that connection be a cable, atmosphere, or wire.

Network-based firewall

A firewall configured and positioned to protect an entire network.

Network ID

The portion of an IP address common to all nodes on the same network or subnet.

Network layer

The Network Layer is the Third Layer of the OSI model. It is responsible for moving all messages between different networks. It is also called the Internet Layer.

NIC (network interface card or network interface controller)

NICs are hardware that allow the device they are embedded in to access the network and thereby communicate with other nodes on the network. NICs have very stringent requirements, changing per the type of machine they are used in. NICs are also known as network adapters.

NIC teaming

NIC teaming occurs when several network interfaces or ports, specifically on Windows devices, seamlessly act as a logical interface.


Nmap is a tool designed to scan large networks quickly. It can provide comprehensive, detailed information regarding all aspects of a network.


A node is a machine connected to a network that can be accessed and communicated with by other machines on the network.

NOS (network operating system)

This software allows servers to manage users, security, groups, data, and applications.

Nslookup (name space lookup)

Nslookup allows a technician to search the DNS database from any computer on the network. With this TCP/IP utility, the user can find the full host name of any network node through specifying its IP address. The reverse is also true. Nslookup is often used to help troubleshoot DNS resolution issues.

NTP (Network Time Protocol)

NTP is a simple protocol designed to sync up the clocks of devices on a network.



One of 4 bytes that are separated by periods and together make up an IPv4 address.


Off-boarding involves the removal of any programs that give a node special permissions in regards to the network.


A process of configuring clients for wireless access to a network or granting them special permissions.

Open circuit

A circuit in which necessary connections are missing, such as occurs when a wire breaks.

Open source

Software whose code is publicly available for use and modification.

OS (operating system)

Software that controls a computer.

OSHA (Occupational Safety and Health Administration)

This federal agency is responsible for the regulation of health and safety within a workplace.

OSI (Open Systems Interconnection) reference model

This model is a standard one used to help develop, understand, and troubleshoot all computer-to-computer communications. It was developed in the 1980s by ISO. The OSI model has seven layers: Physical, Data Link, Network, Transport, Sessions, Presentation, and Application.

OTDR (optical time domain reflectometer)

OTDR is capable of measuring the performance of fiber-optic networks. It accurately measures the length of the fiber, find any faults, among several other things.

OUI (Organizationally Unique Identifier)

An OUI is the beginning part of a NIC’s identifier and specifies who its manufacturer is. This sequence is 24-bits in length.


P2P (peer-to-peer) network model

P2P networks allow each computer on them to communicate directly with the others. No computer has more authority than another on a P2P, at least by default.


Packets consist of the entire message when at the Network Layer. Packets include all headers and parts from previous layers, including the segment (TCP) or datagram (UDP) from the Transport Layer.

Packet analysis

The process of ensuring the data within packets is what it is supposed to be and to test if it is free of error or misconfigurations.

Packet drop

When a packet is damaged beyond use, is not allowed through a certain interface, or arrives after it has expired, it undergoes a packet drop and is resent.

Packet sniffer

A software tool that can capture packets moving around in a network.

PAN (personal area network)

A PAN is a tiny form of a LAN restricted to devices like a cell phone, laptop, and Bluetooth devices like earbuds.

PAT (Port Address Translation)

PAT assigns separate TCP ports to each ongoing conversation between a local host on the network and an outside host on the Internet.


This Windows utility combines tracert and ping. It gives a much quantity of detailed information regarding a network and any issues it has along a certain route.


Payloads are any amount of data applications pass between themselves and the operating system. This includes control information.

PDoS (permanent DoS) attack

This type of attack has the goal of rendering the device irreparable and permanently unusable.

PDU (protocol data unit)

A unit of data at any layer of the OSI model.

Penetration testing

A process of scanning a network for vulnerabilities and investigating potential security flaws.


Phishing is a bad practice where a person attempts to get access to or gain authentication information by posing as someone who both needs that information and has the credentials to access it.

Physical layer

The lowest layer of the OSI model. The Physical Layer is fairly simple, it is essentially just the hardware responsible for sending the physical bits of data.

Physical topology

Physical topology has to do with how things are physically laid out and organized in a network. It only has to do with physical placement and location and does not deal with configuration, device types, or connectivity methods.

Ping (Packet Internet Groper)

Pings are a TCP/IP troubleshooting tool. Pings are used to ensure TCP/IP is configured correctly on a node and that it is communicating with the network. ICMP is utilized to get a ping to send an echo request and receive and echo reply message back from the receiver.

POP3 (Post Office Protocol, version 3)

POP3 is another protocol designed to aid the user in retrieving messages from an email server. Unlike IMAP, messages, when accessed, are downloaded directly to the user’s computer and summarily deleted from the mail server.


Ports are numbers that delineate a certain process running on a computer. Two types of ports exist: TCP and UDP. They both ensure data gets to the correct process its needs to go to on a computer that runs dozens of processes at once.

PPP (Point-to-Point Protocol)

This communications protocol allows a workstation, using a serial connection like DSL, to connect to a server. PPP is a Data Link Layer protocol.

Presentation layer

The Presentation Layer is the sixth layer in the OSI model. This layer’s protocols reformat, compress, and if need be, encrypt data so any applications or protocols on the receiving end of the message can read it.

Private IP address

A private IP address can be used by any node on a private network but not when they need to access the Internet.


A standard method or format for communication between network devices.

Public cloud

The public cloud is managed by service providers and delivered through public transmission lines like the Internet. All data storage, services, and applications are shared on the public cloud.

Public IP address

An IP address that is valid for use on public networks, such as the Internet.


QoS (quality of service)

A group of techniques for adjusting the priority a network assigns to various types of transmissions.


RADIUS (Remote Authentication Dial-In User Service)

A popular protocol for providing centralized AAA services for multiple users.


The range of a signal is the geographical area it reaches when issued from antenna or wireless system in which the signal can consistently and accurately be received.


Ransomware is a virus the locks up a computer until a ransom is paid to the hacker.

RDP (Remote Desktop Protocol)

RDP is a TCP/IP utility used to send graphical components of programs as well as bulk text quickly over a remote client-host connection. RDP also handles licensing, encryption, and session information. RDP resides on the Application Layer of the OSI model.

Recursive query

A DNS query that demands a resolution or the response that the information can’t be found.


Redundancy, when practiced in a network, is the usage of more than one identical component, device, or connection type to ensure continued uptime of the network.


In wireless signaling, when an electromagnetic wave bounces back to its source due to meeting an impassable obstacle.


In wireless signaling, when the direction a wave travels, its wavelength, or its speed is changed due to passing through different mediums.

Registered port

Registered TCP/IP ports have numbers from 1024 to 49,151. These ports are assigned to processes as needed, those that are not considered standard. They can also be used by network users as needed.

Remote access

When a user logs onto a server or LAN from a place geographically different than the physical location of the network.

Remote application

A remote application is one not installed and executed locally on the host machine, but rather on a server and accessed by the user remotely.


A repeater is used to strengthen the signal back to its original state.

Ring topology

Ring topology is when the nodes of a network are connected to the two nodes nearest to them. The network is then laid out in a rough ring, hence the name. Data can only be transmitted in up to two direction around the ring, passing through each node on the way to its destination.

RIP (Routing Information Protocol)

RIP is one of the most widely used routing protocols. It is also one of the oldest. RIP utilizes hop counts as its routing metric. It only allows for 15 hops.

RIPv2 (Routing Information Protocol version 2)

This updated version of RIP generates less broadcast traffic and is much more secure than its ancestor. Its hop limit is still 15.


Rollbacks occur when a user reverts a piece of software to a previous version after an upgrade or patch attempt was made.


Routers use logical addresses like MAC and IP addresses to transmit data between networks. They aid in finding the best path for data to take to get from their start point to their endpoint. Routers operate on the Network Layer of the OSI model.

Routing table

A routing table is responsible for maintaining information regarding the digital location of hosts as well as the most efficient path to forward packets along to them.


SaaS (Software as a Service)

Software as a service operates through providing applications through an online user interface. These application need be compatible with as many devices and operating systems as possible due to this service.

SAN (storage area network)

SANs are formed with multiple storage devices are networked together and are capable of communicating with each other, as well as outside networks.


A network is scalable when network administrators can easily add or subtract nodes from the network.


The process by which a wireless station finds an access point.

SDN (software-defined networking)

This approach to networking removes nearly all the decision-making ability network devices once possessed. It then gives this functionality to the application running at a software level.

Security token

A security token is used to store authentication information. It can also generate information used to authenticate the user’s ID. This information takes the form of a string of letters and numbers and should only be known to its assigned user.


A segment can be one of two things, a TCP message at the Transport Layer of the OSI model or a small part of a network.


Any computer or application that provides a service, such as data or other resources, to other devices.


An ongoing conversation between two hosts.

Session layer

The Session Layer of the OSI model is the fifth layer. This layer is responsible for accurately describing the process for recovering and syncing data sent between applications if that data does not arrive at its intended destination.

SFTP (Secure File Transfer Protocol)

SFTP is the secure version of FTP that utilizes SSH when copying files between hosts.


Signatures are identifiable, repeatable patterns in code. These patterns are known for their specific vulnerabilities, exploits, or indications of unwanted or suspicious traffic.

SIP (Session Initiation Protocol)

SIP is used to make initial connections between hosts. SIP does nothing during the transference of data once the session is established.

SMS (short message service)

A service that transmits text messages.

SMTP (Simple Mail Transfer Protocol)

SMTP is responsible for getting messages transferred safely from one email server to another. SMTP operates on the Application Layer of the OSI model.


Snapshots are incremental backups of software’s of data’s state at specific points in time. Snapshots often have information on any changes made since the most recent backup. Most of the time, they are not capable of restoring lost data.

SNMP (Simple Network Management Protocol)

SNMP is a TCP/IP protocol used to manage and monitor devices on a network. SNMP operates on the Application Layer of the OSI model.

Social engineering

Using techniques like manipulation and flattery to garner access to a system and subvert network security measures.


Sockets are logical addresses that contain IP addresses of different hosts as well as the port number of an application running on the host. The two values are separated by a colon.

SOHO (small office/home office) network

A network consisting of fewer than 10 workstations.

SPB (Shortest Path Bridging)

This IEEE 802.1aq standard is a descendent of the Spanning Tree Protocol. It keeps any potential paths data can take active and prevent loops by managing the flow of data across these paths.


When fields of data in transit are faked. A good example of this is when a source IP address is impersonated in a DRDoS attack.

SSH (Secure Shell)

SSH provides authentication and encryption services. The connection utility can be used to safely log onto a remote host, execute complex commands while using the remote host, and execute file transfers or copy information to or from the host.

SSID (service set identifier)

A unique character string used to identify an access point on an 802.11 network.

SSL (Secure Sockets Layer)

SSL utilizes public key encryption technology to secure TCP/IP transmissions between clients and servers

Star topology

Star topology is when each node is connected to a central device, thus connecting all the nodes together.

Star-bus topology

This hybrid topology combines the star and bus topologies together. Nodes are connected to their central device to form multiple star topologies. The central devices of the stars are then connected together in a bus topology fashion.

Static IP address

Static IP addresses do not change unless modified manually. They also must be manually assigned, DHCP playing no part in their assignment.


Subnets are sub networks. All nodes share a network addressing component and a fixed, rigid amount of bandwidth.

Subnet ID

Subnet IDs are an IPv6 feature. They consist of one block (16 bits) within the IPv6 address used to identify a subnet on larger networks.

Subnet mask

Subnet masks are a 32-bit number that allows a computer to differentiate between the host portion of the IPv4 address and the network portion. This feature allows computers to find each other even on complex subdivided subnets.


Switches logically subdivide networks into smaller, individual collision domains.


The determination of how connections are created between nodes on a network.


TACACS+ (Terminal Access Controller Access Control System Plus)

A Cisco proprietary protocol that provides AAA services.

TCP (Transmission Control Protocol)

TCP is a core protocol of TCP/IP. It is responsible for making a connection with the recipient host, ensures data is received, and resends the data if it was corrupted or lost on the way.

TCP/IP (Transmission Control Protocol/Internet Protocol)

This group of networking protocols includes TCP, IP, UDP, and many other essential protocols. TCP/IP is the foundation for data transmission across the Internet.


A terminal emulation protocol used to log on to remote hosts using the TCP/IP protocol.

TFTP (Trivial File Transfer Protocol)

TFTP is most often used by computers, and increasingly rarely by humans. Computers use this protocol when booting up to request configuration files from another node. TFTP is not a TCP oriented protocol. Instead, it utilizes a UDP port connection on port 69, operating on the Transport Layer of the OSI model.

Three-way handshake

This three step process initiates communications between Transport layer protocols and establishes an initial connection between nodes.


Throughput is the measurement of data a medium and transmit within a strict period of time. Throughput is generally measure in Mbps.

TLS (Transport Layer Security)

TLS is very similar to SSL, it differs only slightly in the encryption methods it uses. TLS was standardized by the IETF (Internet Engineering Task Force).


This TCP/IP troubleshooting utility sends UDP messages to random ports on the recipient. It does this to trace the path data takes from one node to another. It records all hops made during the journey. Traceroute is available in Linux, UNIX, and macOS.


Tracert is the Windows version of traceroute. It utilizes ICMP to send echo requests (similar to ping) to find the path data takes between two nodes and records all hops made on intermediary nodes.

Transport layer

The Transport Layer is the fourth layer of the OSI model. The Transport layer is in charge of getting Application Layer payloads from one application to another.

TTL (Time to Live)

TTL represents how long a IPv4 packet can exist in transit before it is discarded. Originally, TTL was meant to be represented by actual units of time. Today, TTL is represented by the maximum number of hops a data packet can take before it is discarded.


UDP (User Datagram Protocol)

UDP is one of the core protocols of TCP/IP. Unlike TCP, It does not guarantee delivery of the data packets it sends. No guarantee exists because UDP does not ensure a connection is made and does not check to see if the data was received or not.

Unicast address

A type of IPv6 address that represents a single node on a network.

URL (Uniform Resource Locator)

A string of text that uniquely identifies a file available on a network.

USB (universal serial bus)

A connector used for peripheral devices.

UTM (Unified Threat Management)

This security strategy groups as many layers of security software, technology, and hardware into a single safety net.


VIP (virtual IP address)

A single IP address that represents a cluster of devices.


The emulation of all or part of a computer or network.


A virus is a piece of malicious software designed to replicate itself (like an actual virus) and spread through as many computers as possible. Viruses do this through network connections by piggybacking along legitimate data transfers. They can also proliferate through exchanged external storage devices. Viruses range from harmless, annoying contrivances to deadly programs that can permanently destroy a system.

VLAN (virtual local area network or virtual LAN)

A VLAN is a network formed within another network. It is logically defined through grouping ports on a switch. This technique forces much of the local traffic through a router, limiting the broadcast domain and creating a VLAN.

VoIP (Voice over IP)

The provision of telephone service over a packet-switched network running the TCP/IP protocol suite.

VoIP gateway

A VoIP gateway is responsible for converting signals from analog phone equipment into data capable of being transmitted over the Internet. It can also convert VoIP data originating from a private IP network to a form capable of traveling over a phone company’s analog telephone lines.

VPN (virtual private network)

VPNs provide a host a virtual connection to a remote network or networks. It remotely provides network resources.


Vulnerabilities are any weaknesses present in current protocols or software applications that can be exploited to gain access to formerly secure information or unauthorized access to a network.


WAF (web application firewall)

An Application layer firewall that monitors web traffic on a server.

WAN (wide area network)

A network that spans a long distance and connects two or more LANs.

WAP (Wireless Application Protocol)

A standard that defines how mobile devices access data over a mobile wireless network.

War driving

War driving is when a laptop configured to capture wireless data transmissions is driving around an area.

Well-known port

Well-known ports are numbered 0 to 1023. They are all assigned to near universal, popular protocols and applications.


The IEEE standards and their amendments, extensions, and corrections for wireless networking.

Wireless bridge

An access point used to create remote wired access to a network.

Wireless spectrum

A continuum of electromagnetic waves used for data and voice communication.

Wiring schematic

A graphical representation of a network’s wired infrastructure.

WLAN (wireless local area network)

A LAN that uses wireless connections for some or all of its transmissions.

WPA (Wi-Fi Protected Access or Wireless Protected Access)

WPA dynamically assigns keys to every transmission.


WPA2 improves on WPA by incorporating AES, a stronger encryption protocol.

WPAN (wireless PAN)

A purely wireless version of a PAN.


XFP (10 Gigabit small form-factor pluggable)

This type of SFP can send and receive a maximum of 10 Gbps of data.

XML (eXtensible Markup Language)

XML is a good alternative to HTML that has more rules for formatting and modifying documents.


Zeroconf (zero configuration)

An automatically configured IP network.

Zero-day exploit

Zero-day exploits are attacks that strike at a software vulnerability that has so recently surfaced that not patch or fix is feasibly available.