| Authentication, Authorization, Accounting, Auditing |
| |
| Advanced Encryption Standard |
| |
| |
| |
| Automatic Private IP Addressing |
| Advanced Persistent Threat |
| Address Resolution Protocol |
| |
| |
| British Naval Connector
Bayonet Neill–Concelman |
| |
| Content Addressable Memory (Table) |
| |
| Common Address Redundancy Protocol |
| Code Division Multiple Access |
| Confidentiality, Integrity, Availability |
| Classless Inter-Domain Routing basis of allocating and routing classless addresses, not restricting subnet masks to /8, /16, or /24, which classful addressing did.
|
| |
| |
| Class of Service implements packet tagging in a LAN. tags the different types of traffic, such as video streaming or VoIP. the tag is a value between 0 and 8, with 0 being the highest priority
|
| |
| |
| Carrier-Sense Multiple Access with Collision Avoidance Access method used only on Wireless Networks. they first listen for traffic, if the transmitting host does not hear any traffic, it will transmit its frame. it will then listen for an acknowledgement frame from the receiving host before it sends. if the transmitting host does not hear the acknowledgement, it will wait for a randomly determined period of time and try again.
|
| Carrier-Sense Multiple Access with Collision Detection obsolete access method that Ethernet systems used in wired LAN technologies, enabling frames of data to flow through the network and ultimately reach address locations. hosts first listened to hear if there was any data on the wire. if there was none, the hosts sent out data. if a collision occurred, then both hosts waited for a randomly determined time period before retransmitting the data. Full-Duplex Ethernet made CSMA/CD obsolete.
|
| |
| Common Vulnerabilities and Exposures a database that many vulnerability scanners use to find software that needs to be updated or replaced. is an element of the Security Content Automation Protocol (SCAP) that provides a standard nomenclature for describing security flaws or vulnerabilities.
|
| Coarse Wavelength Division Multiplexing |
| |
| |
| Distributed Denial-of-Service multicomputer assault on a Network resource that attempts, with sheer overwhelming quantity of requests, to prevent regular users from receiving services (denial) from the resource. can be used to crash systems usually executed using botnets consisting of compromised systems referred to as zombies
|
| Dynamic Host Configuration Protocol automatically assigns an IP address whenever a computer connects to the Network. UDP Port 67 & 68 Dynamic/Pooled = Leased Times DHCP Reservations are assigned by MAC Address through the DHCP Server
|
| Data Loss Prevention can mean alot of things, from redundant hardware and backups, to access levels to data. DLP policy takes into consideration many of these factors and helps minimize the risk of loss or theft of essential company data.
|
| |
| |
| |
| |
| Dense Wavelength Division Multiplexing |
| Extensible Authentication Protocol EAP-PSK (Pre-Shared Key): EAP-TLS EAP with Transport Layer Security, defines the use of a RADIUS Server as well as mutual authentication, requiring certificates on both the server and every client. Very robust, but the client-side certificate requirement is an administrative challenge. Only used in Wireless
EAP-TTLS EAP-MS-CHAPv2 Commonly known as Protected EAP (PEAP), uses a password function and is encrypted with TLS. The most common implementation of EAP
EAP-MD5 LEAP EAP-FAST Flexible Authentication via Secure Tunneling Cisco's replacement for LEAP. All current OS support EAP-FAST with the right software installed.
|
| Electronic Industries Association ceased operations in 2011 but groups like Telecommunications Industry Association (TIA) maintain the structured cabling standards. TIA/EIA 568A (Green+White and Green in the first 2 slots.) TIA/EIA 568B (Orange+White and Orange in the first 2 slots.)
|
| Enhanced Interior Gateway Routing Protocol Cisco proprietary has aspects of both distance vector and link state protocols, known as a Hybrid. advanced distance vector protocol
|
| Effective Isotropic Radiated Power |
| Encapsulating Security Payload |
| Extended Unique Identifier Just another name for MAC Addresses. Originally the IEEE called MAC Addresses MAC-48, which simply meant that the MAC Address is 48 Bits. EUI is the current term for this naming/numbering space (EUI-48)
|
| Fiber Channel over Ethernet |
| First Hop Redundancy Protocol method of ensuring high data availability by taking multiple routers and grouping them into a virtual router with a single virtual IP address that clients use as a default gateway. Common FHRP Protocols: Virtual Router Redundancy Protocol (VRRP) and Cisco's proprietary Hot Standby Router Protocol (HSRP) and Gateway Load Balancing Protocol (GLBP).
|
| File Transfer Protocol TCP Port 20 = Active Mode/Data TCP Port 21 = Control Process SFTP = Secure File Transfer Protocol TFTP = Trivial File Transfer Protocol
|
| Gigabit Interface Converter |
| Generic Routing Encapsulation Cisco-developed, paired with IPsec for encryption. GRE can be used to make point-to-point tunnel connections that carry all sorts of traffic over Layer 3, including multicast and IPv6 traffic. multipoint GRE (mGRE) protocol for dynamically configured tunnels and tunnels to go to multiple destinations.
|
| Global System for Mobile Communications |
| |
| High-Definition Multimedia Interface
|
| Hot Standby Router Protocol |
| Hypertext Transfer Protocol |
| Hypertext Transfer Protocol Secure (Over SSL/TLS) TCP Port 443 over TLS/SSL Encryption TLS = Transport Layer Security SSL = Secure Socket Layer
|
| Heating, Ventilation, and Air Conditioning |
| Infrastructure as a Service Large-scale global infrastructure providers like AWS enable you to set up and tear down infrastructure, building blocks, On-Demand. Charges what you use. Bottom layer of the Service Levels cake.
|
| Internet Control Message Protocol works at Layer 3 (Network) handles low-level housekeeping tasks such as host unreachable messages and router advertisements. ping utility works by sending a single ICMP message called an echo request to an IP address you specify
|
| Industrial Control System |
| Intermediate Distribution Frame |
| Intrusion Detection System an application (often running on a dedicated IDS Box) that inspects packets, looking for active intrusions. functions inside a network knows how to find attacks that a firewall might miss, such as viruses, illegal logon attempts, and other well-known attacks. can discover internal threats promiscuous mode - inspects a copy of every packet on a network
|
| Internet Group Management Protocol |
| Internet Message Access Protocol |
| |
| |
| Internet Protocol (IP) Address Management refers to a method of IP scanning, IP addressing tracking, and managing the information associated with a network's Internet Protocol address space and IPAM system. IPAM simplifies and automates the administration of many tasks involved in IP space management, including writing DNS records and configuring DHCP settings. additional functionality, such as controlling reservations in DHCP as well as other data aggregation and reporting capability
|
| Internet Protocol Security |
| Internet Protocol version 4 |
| Internet Protocol version 6 Created to eventually replace IPv4 Solves the problem that IPv4 ran out of addresses a long time ago. 128 bit address uses link local addresing for communicating on local networks doesn't use octets like IPv4 colon separates 8 quartets or hextets. hexadecimal between 0 and f ex: 2001:0DB8:0000:0000:0800:200C:00CF:1234 Shorthand ex: 2001:DB8::800:200C:CF:1234
|
| Internet Security Association Key Management Protocol |
| Internet Small Computer System Interface |
| Intermediate System to Intermediate System Intermediate System to Intermediate System is a routing protocol designed to move information efficiently within a computer network, a group of physically connected computers or similar devices. It accomplishes this by determining the best route for data through a packet switching network.
|
| Internet Service Provider |
| Link Aggregation Control Protocol |
| |
| |
| Lightweight Directory Access Protocol For accessing and maintaining distributed Directory information services over an Internet Protocol Network. TCP Port 389, Standard LDAP TCP Port 663 over SSL Encryption, Nonstandard LDAP
|
| Lightweight Directory Access Protocol Secure For accessing and maintaining distributed Directory information services over an Internet Protocol Network. TCP Port 663 over SSL Encryption, Nonstandard LDAP TCP Port 389, Standard LDAP
|
| Light-Emitting Diode Solid-state device that emits photons at luminous freequencies when current is applied Link Lights - LED Status Indicators Fiber Optic Cable that uses LEDs is known as Multimode Fiber (MMF)
|
| |
| Media Access Control
Medium Access Control |
| Metropolitan Area Network |
| |
| Medium Dependent Interface Crossover |
| Multipoint Generic Routing Encapsulation |
| Management Information Base categorizes the data that can be queried and subsequently analyzed in Simple Network Management Protocol (SNMP) is a collection of definitions which define the properties of the managed object within the device to be managed (such as a router, switch, etc.).
|
| Multiple Input, Multiple Output |
| Multiuser-Multiple Input, Multiple Output |
| Memorandum of Understanding a document that defines an agreement between two parties in situations where a legal contract wouldn't be appropriate. defines the duties the parties commit to perform for each other and a time frame to complete. common between companies that have only occasional business relations with each other.
|
| Multiprotocol Label Switching a router feature that labels certain data to use a desired connection. it works with any type of packet switching (even ethernet) to force certain types of data to use a certain path. routing technique in telecommunications Networks that directs data from one node to the next based on short path labels rather than long Network Addresses, thus avoiding complex lookups in a Routing Table and speeding traffic flows.
|
| Mean Time Between Failure the amount of time between one failure to the next applies to hardware typically represents the manufacturer's best guess regarding how much time will pass between major failures assumes that more than one failure will occur, which means the component will be repaired rather than replaced.
|
| Mechanical Transfer-Registered Jack are always duplex, meaning both the send and receive cables are attached gained popularity with Cisco and is still common
|
| Mean Time To Repair the amount of time from failure to repair includes time to replace components, repair parts, and restore the system to its fully functional state
|
| Maximum Transmission Unit |
| |
| Network Access Control defines a newer series of protection applications that combine the features of what traditionally was done by separate applications. usually prevents computers lacking anti-malware and patches from accessing the network. also create policies that define what individual systems can do on the network, including network access, segregation of portions of the network, etc.
|
| Network Attached Storage dedicated file server used in many networks refers to a generally much smaller dedicated network appliance with two, four, six, or eight hard disk drives configured into some sort of storage array.
|
| Network Address Translation |
| |
| Network Function Virtualization is a network architecture, not an actual feature that you can implement. the first and biggest piece of NFV architecture is the Network Function Virtualization Infrastructure (NFVI).
|
| |
| |
| |
| |
| |
| Open Systems Interconnection Physical Data Link Network Transport Session Presentation Application
|
| Open Shortest Path First is the most commonly used Interior Gateway Protocol (IGP) in the world most large enterprises use OSPF on their internal networks. converges dramatically faster and is much more efficient than Routing Internet Protocol (RIP). Dynamic Routing Protocol
|
| Optical Time Domain Reflectometer in FIBER - determines continuity and, if there's a break, will tell you exactly how far down the cable to look for the break. OPTICAL = Fiber TDR = Time Domain Reflectometer = Copper Cable
|
| Platform as a Service gives you some form of infrastructure, but the true purpose is in the platform it provides a complete deployment and management system to handle every aspect of meeting some goal Middle Service Model Cake Layer Typically for developers Heroku an early PaaS Provider
|
| |
| |
| |
| Power over Ethernet Usually found with Wireless Access Points (WAPs) and it means that the power for the WAP to function is provided through the same Ethernet Cable it's connected to. 802.3af was the original PoE Standard 802.3at or PoE+ 802.3bt or PoE++ or 4PPoE
|
| Post Office Protocol version 3 For Receiving Email from Email Servers Plain simple Email Receiving TCP Port 110 TCP Port 995 over TLS Encryption
|
| Point-to-Point Tunneling Protocol an obsolete method for implementing Virtual Private Networks (VPN) many well known security issues can use MS-CHAPv1 or MS-CHAPv2 for authentication but it's not a safe option either. PPTP is fast because it doesn't deal with encryption
|
| Pre-Shared Key nothing more than a shared secret code that's stored on both the Wireless Access Point and the Wireless Client, encrypted using the powerful AES encryption Found in EAP-PSK and WPA2-PSK/WPA2-Personal and other encryption techniques.
|
| Pointer Record reverses the functions of A or AAAA records. found only in reverse lookup zones they use an IP address for their names and hold the Frequently Qualified Domain Name (FQDN) of a host at that address. PTR Record, is also "a domain name pointer" or "pointer PTR".
|
| Quality of Servce policies that prioritize traffice based on certain rules and priorities these rules control how much bandwith a protocol, PC, user, VLAN, or IP address may use. also uses the Class of Service (CoS) tag to determine which traffic gets priority, but QoS does NOT implement the tags. Layer 3 technology
|
| Quad Small Form-Factor Pluggable |
| Router Advertisements contain important information about routers available on a local network. routers announce their presence peridically, but they'll also send router advertisement in response to a router solicitation. router advertisements are sent to all-nodes multicast address or, in certain circumstances, to a unicast address carry not only the MAC and link-local address of the router but also information about how hosts on the network should get a global unicast address.
|
| Remote Authentication Dial-In User Service created to support ISPs with hundreds if not thousands of modems in hundreds of computers to connect to a single central database. consists of three devices: the RADIUS Server that has access to a database of usernames and passwords, a number of Network Access Servers (NAS) that control the modems, and a group of systems that dial into the Network.
|
| Redundant Array of Inexpensive (Independent) Disks |
| |
| |
| Radio Frequency enables special devices that use RF to communicate with each other wirelessly RFID Chips/Cards RFI = Radio Frequency Interference: big problem for wireless networks, slowdowns.
|
| |
| |
| Routing Information Protocol the granddaddy of all distance vector routing protocols. RIP, RIPv1, RIPv2 RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from source to destination. The largest number of hops allowed for RIP is 15, which limits the size of networks that RIP can support. UDP PORT/s 520 (Messages) and 521 (Updates)
|
| |
| |
| Realtime Transfer Protocol Used for Unified Communications Transport in Real Time Provides for improved streaming audio/video delivery over the Internet. Often used in audio/video delivery of real-time data requiring QoS and tight sequencing.
|
| |
| |
| Received Signal Strength Indication |
| Real Time Streaming Protocol |
| |
| |
| Standard Connector/Subscriber Connector today, it is called a Physical Contact (PC) connector. these connectors replace that older flat-surface connector that left a little gap between the connection points due to imperfections in the glass.
|
| Supervisory Control and Data Acquisition SCADA is a system that is a subset of a Industrial Control System (ICS) designed for large-scale, distribution processes such as power grids, pipelines, and railroads. must function with the idea that remote devices may or may not have ongoing communication with the central control.
|
| |
| |
| Software-Defined Wide Area Network enables traffic over the Internet that incorporates a lot of the features of Multiprotocol Label Switching (MPLS), with efficient addressing and routing for alot of traffic. maintains high security as well. relies on virtualization technologies
|
| Small Form-Factor Pluggable |
| Secure File Transfer Protocol |
| Security Information and Event Management |
| Session Initiation Protocol Setup and manage Voice over IP (VoIP) sessions can be used with video conf, instant messaging, file transfer, etc. VoIP Signaling TCP Ports 5060 & 5061
|
| |
| Stateless Address Auto-Configuration |
| Server Message Block Microsoft Windows File Sharing, Printer Sharing Also called CIFS (Common Internet File System) Direct communication over TCP without the NetBIOS Transport. TCP Port 445
|
| Simple Mail Transfer Protocol |
| Simple Network Management Protocol Gathers statistics from Network Devices Version 1 = "In the Clear" = No Encryption Version 2 = Still "In the Clear" = No Encryption, but allowed Bulk Transfers Version 3 = Encrypted, allows Authentication, and Message Integrity UDP Port 161 UDP Port 162 = SNMP Traps, alerts and notifications from SNMP managed Network devices.
|
| |
| |
| Sarbanes-Oxley Sarbanes-Oxley Act of 2002 is a law the US Congress passed on July 30th 2002 to help protect investors from fraudulent financial reporting by corporations. created strict new rules for accountants, auditors, and corporate officers and imposed more stringent recordkeeping requirements. also added new criminal penalties for violating securities laws.
|
| Structured Query Language
|
| |
| |
| |
| Service Set Identifier sometimes called a Network Name for Wireless Networks 32 bit identification string that's inserted into the header of each frame processed by a Wireless Access Point (WAP) Every WIFI device must share the same SSID to communicate in a single network
|
| Secure Sockets Layer uses encryption to set up a secure private connection requires a server with a certificate when a client requests access to a SSL secured server, the server sends to the client a copy of the certificate. The client checks the certificate and if the certificate checks out, the server is authenticated and the client negotiates a symmetric-key cipher for use in the session.
|
| |
| Straight Tip or Snap Twist For fiber bayonet connectors. used primarily with 2.5 mm, single-mode Fiber uses a push-on, then twist-to-lock mechanical connection (stick and twist)
|
| Spanning Tree Protocol eliminates the problem of accidental Switching Loops using special STP frames known as Bridge Protocol Data Units (BPDUs), switches communicate with other switches to prevent loops from happening is a Layer 2 Protocol on the OSI Model that runs on Bridges and Switches to ensure that you do not create loops when you have REDUNDANT paths in your Network. IEEE Standard 802.1D
|
| |
| Terminal Access Controller Access Control System Plus very similar to RADIUS in function TCP Port 49 by default and separates authorization, authenitcation, and accounting into different parts. uses PAP, CHAP, and MD5 but can also use Kerberos as part of the Authentication scheme.
|
| Transmission Control Protocol |
| Trivial File Transfer Protocol very simple file transfer no authentication not used in Production Systems Transferring non-mission critical stuff UDP Port 69
|
| Telecommunications Industry Association/Electronic Industries Alliance defines the industry termination standard for correct crimping of four-pair Unshielded Twisted Pair (UTP). 2 Standards = TIA/EIA 568A & TIA/EIA 568B 568A = Green in the first 2 slots. 568B = Orange in the first 2 slots.
|
| Temporal Key Integrity Protocol dynamic encryption Key Generation keys are issued on a per-user and per-session basis uses RC4 for cipher initialization, hence it is also known as TKIP-RC4. TKIP is 128-bit encryption that seemed unbreakable when first introduced but was hacked within 4 years.
|
| Transport Layer Security the latest version of Secure Sockets Layer (SSL) encryption techs use TLS and SSL terms interchangeably uses encryption to set up a secure private connection
|
| |
| |
| |
| Uninterruptible Power Supply provides backup power, battery backup acts as an inverter, stores power as direct current in its battery, then inverts that power to alternating current when needed acts as a power monitoring tool so it can report problems when there's any fluctuation in the electrical supply can provide security from power spikes and sags enable you to shut down in an orderly fashion
|
| |
| |
| |
| Virtual Internet Protocol |
| Virtual Local Area Network a common feature among managed Switches that enables a single switch to support multiple Layer 2 Broadcast Domains and provide isolation between hosts on different VLANs. critical for modern network performance and security IEEE Standard 802.1Q
|
| Variable Length Subnet Mask allows greater flexibility in the creation of Sub-Networks, overcoming strict rules of A, B, and C Classes. this Subnet design uses more than one mask in the same network which means more than one mask is used for different subnets of a single class A, B, or C Network.
|
| Virtual Machine a virtual computer accessed through a class of programs called a Hypervisor or Virtual Machine Monitor (VMM). runs inside your actual operating system, essentially enabling you to run two or more operating systems at once
|
| Virtual Network Computing |
| Virtual Network Interface Card |
| Voice over Internet Protocol |
| Virtual Private Cloud the logical division of a service providers public cloud multitenant architecture to support private cloud computing. enables an enterprise to achieve the benefits of private cloud - such as more granular control over virtual networks and an isolated environment for sensitive workloads - while still taking advantage of public cloud resources. Features Agility, Security, Affordability, and Availability.
|
| |
| Virtual Router Redundancy Protocol |
| |
| Wireless Access Point connects wireless network nodes to wireless or wired networks many WAPs are combination devices that act as high-speed hubs, switches, bridges, and routers, all rolled into one
|
| Wavelength Division Multiplexing |
|
Wireless Local Area Network
|
| WIFI Protected Access wireless security protocol that addresses weaknesses and acts as an upgrade to WEP. offers security enhancements such as dyamic encryption key generation, an encryption key integrity check feature, user authentication through the industry standard Extensible Authentication Protocol (EAP), and other advanced features that WEP lacked. WPA replaced by WPA2
|