Net+ Acronyms

802.11a WiFi Standard

5 GHz band only; Max speed 54 Mbps; Short range due to high frequency; Immune to 2.4 GHz interference.

802.11b WiFi Standard

2.4 GHz band only; Max speed 11 Mbps; Long range but highly susceptible to interference from household devices (microwaves, baby monitors).

802.11g WiFi Standard

2.4 GHz band only; Max speed 54 Mbps; Backward compatible with 802.11b; Uses OFDM modulation.

802.11n (Wi-Fi 4)

2.4 GHz and 5 GHz bands; Max speed 600 Mbps; Introduced MIMO (Multiple Input, Multiple Output) to bounce signals off walls.

802.11ac (Wi-Fi 5)

5 GHz band only; Max speed 6.9 Gbps; Introduced wider channel bonding (80/160 MHz) and MU-MIMO (Multi-User MIMO).

802.11ax (Wi-Fi 6)

2.4 GHz, 5 GHz, and 6 GHz bands; Max speed 9.6 Gbps; Uses OFDMA (Orthogonal Frequency-Division Multiple Access) for high-density clients.

OSPF (Open Shortest Path First)

Interior Gateway Link-State Routing Protocol; Uses Cost (based on bandwidth) as its metric; Administrative Distance (AD) is 110.

EIGRP (Enhanced Interior Gateway Routing Protocol)

Interior Gateway Advanced Distance-Vector Protocol; Uses a composite metric (Bandwidth and Delay); AD is 90 (internal) or 170 (external).

RIP (Routing Information Protocol)

Interior Gateway Distance-Vector Protocol; Uses Hop Count as its metric (maximum 15 hops; 16 is unreachable); AD is 120.

BGP (Border Gateway Protocol)

Exterior Gateway Path-Vector Protocol; Powers the global Internet; Uses path attributes as metrics; AD is 20 (External eBGP) or 200 (Internal iBGP).

Administrative Distance (AD)

The measure of trustworthiness of a routing source. Lower values are preferred. If a router learns a route from multiple protocols, it selects the route with the lowest AD.

AD of a Directly Connected Interface

AD is 0. This is the absolute most trusted path a router can have.

AD of a Static Route

AD is 1. Highly trusted because it was manually entered by an administrator.

HSRP (Hot Standby Router Protocol)

Cisco proprietary First Hop Redundancy Protocol (FHRP); Group of routers acts as a single virtual default gateway; One active router, one standby router.

VRRP (Virtual Router Redundancy Protocol)

Open standard First Hop Redundancy Protocol (FHRP); Functions similarly to HSRP; One Master router, others are Backup routers.

GLBP (Gateway Load Balancing Protocol)

Cisco proprietary FHRP that actively load-balances traffic across multiple redundant physical routers simultaneously using a virtual MAC structure.

DNS "A" Record

Maps an IPv4 domain/hostname to a 32-bit IPv4 address (e.g., example.com to 93.184.216.34).

DNS "AAAA" Record

Maps a domain/hostname to a 128-bit IPv6 address.

DNS "CNAME" Record

Canonical Name Record; Acts as an alias mapping one domain name to another (e.g., www.example.com to example.com).

DNS "MX" Record

Mail Exchanger Record; Identifies the mail servers responsible for receiving email for a domain.

DNS "TXT" Record

Text Record; Used to hold human-readable or machine-readable text data (often leveraged for security policies like SPF and DKIM).

DNS "SRV" Record

Service Record; Identifies the hostname and port number of specific services (like VoIP, LDAP, or Active Directory) on a network.

DNS "NS" Record

Name Server Record; Directs traffic to the authoritative DNS servers responsible for managing the domain.

DNS "SOA" Record

Start of Authority Record; Contains administrative info about the DNS zone, including the primary name server, serial number, and refresh intervals.

DNS "PTR" Record

Pointer Record; Used for reverse DNS lookups (resolves an IP address back to its corresponding domain/hostname).

DNS SPF (Sender Policy Framework) Record

A TXT record that lists all authorized IP addresses allowed to send emails on behalf of a domain to prevent email spoofing.

DNS DKIM (DomainKeys Identified Mail) Record

A TXT record containing a public cryptographic key used to verify that an email was not tampered with in transit.

DNS DMARC Record

TXT record containing rules instructing the receiving mail server on how to handle emails that fail SPF or DKIM checks (none, quarantine, reject).

TCP Port 20 / 21 (FTP)

File Transfer Protocol; Port 21 is for control/commands, Port 20 is for data transfer. Connection-oriented (TCP).

TCP Port 22 (SSH / SFTP)

Secure Shell (remote CLI access) and SSH File Transfer Protocol. Cryptographically secures remote terminal sessions and file movements.

TCP Port 23 (Telnet)

Insecure, cleartext remote command-line interface. Should be avoided because passwords are sent in the clear.

TCP Port 25 (SMTP)

Simple Mail Transfer Protocol; Used to send email from a client to a server, or between email servers.

TCP/UDP Port 53 (DNS)

Domain Name System; UDP 53 is used for standard small client queries; TCP 53 is used for zone transfers between servers.

UDP Port 67 / 68 (DHCP)

Dynamic Host Configuration Protocol; Port 67 is listened to by DHCP servers; Port 68 is used by DHCP clients.

UDP Port 69 (TFTP)

Trivial File Transfer Protocol; Very lightweight file transfer system with no authentication; Used for bootstrapping network equipment.

TCP Port 80 (HTTP)

Hypertext Transfer Protocol; Used to transmit unencrypted web page data.

TCP Port 110 (POP3)

Post Office Protocol version 3; Downloads email from a mail server to a client and deletes it from the server by default.

UDP Port 123 (NTP)

Network Time Protocol; Synchronizes the clocks of network devices to a common atomic time reference.

TCP Port 143 (IMAP)

Internet Message Access Protocol; Retrieves email from a server while keeping the messages stored on the server so they can be viewed across multiple devices.

UDP Port 161 (SNMP Queries)

Simple Network Management Protocol; Used by network management stations to query and configure status information on devices (agents).

UDP Port 162 (SNMP Traps)

Used by managed agents to send unsolicited status alerts/warnings to a network management station.

TCP Port 389 (LDAP)

Lightweight Directory Access Protocol; Used to query directory services (like Active Directory) for user, group, and computer records.

TCP Port 443 (HTTPS)

Hypertext Transfer Protocol Secure; Web traffic encrypted using SSL/TLS protocols.

UDP Port 514 (Syslog)

System Logging Protocol; Standard port used to aggregate log messages from routers, switches, and firewalls to a central server.

TCP Port 636 (LDAPS)

LDAP over SSL/TLS; Encrypted directory queries.

TCP Port 1720 (H.323)

A signaling and call control protocol used to initiate and manage VoIP media sessions.

UDP Port 1812 / 1813 (RADIUS)

Centralized authentication (1812) and accounting (1813) protocol for network access.

UDP Port 2427 / 2727 (MGCP)

Media Gateway Control Protocol; Used to control telephony gateways during VoIP sessions.

TCP Port 3389 (RDP)

Remote Desktop Protocol; Microsoft standard for graphical remote control of desktop operating systems.

TCP/UDP Port 5060 / 5061 (SIP)

Session Initiation Protocol; Used to set up, maintain, and tear down VoIP audio and video calls. Port 5061 is secure SIP (SIPS).

TCP Port 445 (SMB)

Server Message Block; Used for sharing files, printers, and serial ports over Windows local networks.

UDP Port 500 (ISAKMP / IKE)

Internet Security Association and Key Management Protocol; Sits in Layer 4 to negotiate and establish Security Associations (SAs) for IPsec VPNs.

802.1X Authentication Standard

Port-based network access control; Forces a client connected to a switchport or Wi-Fi network to successfully authenticate before the port opens.

EAP-FAST (Flexible Authentication via Secure Tunneling)

Cisco standard; Uses a Protected Access Credential (PAC) to establish a TLS tunnel without requiring digital certificates on the server.

EAP-TLS (Transport Layer Security)

Strongest Wi-Fi security standard; Requires digital certificates on both the server AND every single client device.

EAP-TTLS (Tunneled TLS)

Requires a digital certificate only on the server; The client authenticates using a standard password tunneled securely inside the TLS session.

PEAP (Protected EAP)

Similar to EAP-TTLS; Encapsulates EAP inside a secure TLS tunnel created by a server-side certificate. Very common in enterprise networks.

Kerberos Protocol

Network authentication protocol that uses cryptographic 'tickets' to provide single-sign on (SSO) inside secure local networks (like Active Directory domains). Runs on TCP/UDP Port 88.

SAML (Security Assertion Markup Language)

An XML-based open standard used to exchange authentication and authorization data between an identity provider and a service provider for Web SSO.

RADIUS Protocol characteristics

Uses UDP; Encrypts only the user password in packets; Combines authentication and authorization functions.

TACACS+ Protocol characteristics

Cisco proprietary alternative to RADIUS; Uses TCP (Port 49); Encrypts the entire packet payload; Completely separates authentication, authorization, and accounting.

SIEM (Security Information & Event Management)

A security solution that aggregates, analyzes, parses, and correlates event logs from firewalls, switches, and endpoints to detect anomalies.

SOAR (Security Orchestration, Automation, and Response)

A security platform that takes logs/alerts and uses automated playbooks to automatically execute active response steps (like blocking an IP address at the firewall).

IDS (Intrusion Detection System)

A passive monitoring device that sniffs a copy of network traffic (via a SPAN port or TAP) to detect malicious activity and generate alerts; cannot stop the attack.

IPS (Intrusion Prevention System)

An active, in-line security device that sits in the path of traffic to actively detect, alert, and block/drop malicious packets in real-time.

NGFW (Next-Generation Firewall)

An advanced firewall combining traditional packet filtering with deep packet inspection (DPI), application awareness, and integrated IPS capabilities.

UTM (Unified Threat Management)

An all-in-one security appliance designed for smaller offices; combines a firewall, anti-virus, web content filtering, and IPS into a single physical box.

LACP (Link Aggregation Control Protocol)

Open standard (802.3ad/802.1ax) protocol that bundles multiple physical network links into a single logical channel to increase bandwidth and provide redundancy.

LACP Active Mode

A configuration state where a switchport actively broadcasts negotiation packets to form an EtherChannel.

LACP Passive Mode

A configuration state where a switchport sits quietly, listening for LACP packets, and only joins the channel if the other side initiates negotiation.

LACP On Mode

Forces EtherChannel grouping on the port without any dynamic LACP negotiation packets; both ends must be set to 'On' for this to function.

PAgP (Port Aggregation Protocol)

Cisco proprietary link aggregation protocol. Uses 'Auto' and 'Desirable' modes to negotiate EtherChannels.

PAgP Desirable Mode

Cisco proprietary EtherChannel state where the interface actively initiates negotiation with the other side.

PAgP Auto Mode

Cisco proprietary EtherChannel state where the interface listens for PAgP packets and only joins if the other side initiates negotiation.

802.1Q (Dot1q)

IEEE standard for VLAN tagging over a trunk link. Inserts a 4-byte header into the standard Ethernet frame.

VTP (VLAN Trunking Protocol)

Cisco proprietary protocol used to distribute and synchronize VLAN databases across a network of connected switches automatically.

NDP (Neighbor Discovery Protocol)

IPv6 protocol operating at the Link Layer. Replaces IPv4's ARP. Uses ICMPv6 messages to discover physical addresses of neighbors on the local link.

SLAAC (Stateless Address Autoconfiguration)

IPv6 mechanism allowing devices to generate their own unique IPv6 address without needing a stateful DHCPv6 server.

IPv6 Router Solicitation (RS)

ICMPv6 type 133 packet sent by an IPv6 host to request an immediate Router Advertisement (RA) from local routers.

IPv6 Router Advertisement (RA)

ICMPv6 type 134 packet sent periodically or in response to an RS by an IPv6 router. Contains local prefix information and default gateway details.

IPv6 Neighbor Solicitation (NS)

ICMPv6 type 135 packet used to discover a neighbor's MAC address (acting as an ARP Request in IPv6) or to verify link uniqueness.

IPv6 Neighbor Advertisement (NA)

ICMPv6 type 136 packet sent in response to an NS, confirming local physical MAC-to-IPv6 address bindings (acting as an ARP Reply in IPv6).

IPsec AH (Authentication Header)

IPsec sub-protocol (IP Protocol 51) providing data integrity and origin authentication, but does NOT encrypt payload data.

IPsec ESP (Encapsulating Security Payload)

IPsec sub-protocol (IP Protocol 50) providing data integrity, authentication, and robust encryption (confidentiality) for payload data.

PPPoE (Point-to-Point Protocol over Ethernet)

Tunneling protocol commonly used by ISPs to wrap PPP frames inside Ethernet frames, enabling authentication (CHAP/PAP) and IP assignment over broadband (DSL) links.

GRE (Generic Routing Encapsulation)

A lightweight Cisco tunneling protocol (IP Protocol 47) used to wrap any Layer 3 protocol inside virtual point-to-point links. Does not natively support encryption.

iSCSI Storage Protocol

Block-level storage transmission protocol over standard TCP/IP network interfaces (typically running on TCP Port 3260). No specialized HBAs required.

Fibre Channel (FC)

High-speed optical SAN technology requiring specialized Host Bus Adapters (HBAs) and unique Fibre Channel switches to establish point-to-point connections.

FCoE (Fibre Channel over Ethernet)

SAN technology encapsulating Fibre Channel frames directly inside lossless Ethernet networks, requiring Converged Network Adapters (CNAs).

TKIP (Temporal Key Integrity Protocol)

Legacy WPA encryption wrapper. Dynamically changes keys per packet. Highly insecure now.

CCMP (Counter Mode Cipher Block Chaining Message Authentication Code Protocol)

Robust AES-based encryption protocol designed for WPA2 wireless security to replace WEP and TKIP.

GCMP (Galois/Counter Mode Protocol)

High-performance, secure cryptographic encryption standard utilized natively within WPA3 wireless configurations for enterprise environments.

SAE (Simultaneous Authentication of Equals)

Dragonfly-handshake secure key exchange mechanism powering WPA3 Personal security. Replaces vulnerable WPA2 Pre-Shared Keys to defeat offline brute-force attacks.