Comprehensive N008 Network+ Acronyms

AAAA

Authentication, Authorization, Accounting and Address - is another type of DNS Record that points a domain or subdomain to an IPv6 address, so that when someone types that domain or subdomain in the address bar, the browser knows where to go.

ACL

Access Control List

Allow or disallow traffic based on

- Groupings of categories

- Source IP, Destination IP, port number, time of day, application, etc

AES

Advanced Encryption Standard

- Symmetric block cipher chosen by the U.S. government to protect classified information

AH

Authentication Header

Data integrity • Origin authentication • Replay attack protection • Keyed-hash mechanism • No confidentiality/encryption

AP

Access Point

Not a wireless router - A wireless router is a router and an access point in a single device

• An access point is a bridge - Extends the wired network onto the wireless network - OSI layer 2 device

APC

Angled Physical Contact (Angle-Polished Connectors)

Ferrule end-face radius polished at an eight degree angle - Lower return loss, generally higher insertion loss than UPC (Fiber)

APIPA

Automatic Private Internet Protocol Addressing

• A link-local address - No forwarding by routers • IETF has reserved 169.254.0.1 - through 169.254.255.254 - First and last 256 addresses are reserved - Functional block of 169.254.1.0 through 169.254.254.255

ARP

Address Resolution Protocol

the protocol used to associate the IP address to a MAC address. When a host wants to send a packet to another host, say IP address 10.5. 5.1, on its local area network (LAN), it first sends out (broadcasts) an ARP packet

AUP

Acceptable Use Policy

What is acceptable use of company assets? - Detailed documentation - May be documented in the Rules of Behavior • Covers many topics - Internet use, telephones, computers, mobile devices, etc. • Used by an organization to limit legal liability - If someone is dismissed, these are the well-documented reasons why

BGP

Border Gateway Protocol

Determines route based on paths, network policies, or configured rule-sets

BNC

British Naval Connector/Bayonet Neill-Concelman

BYOD

Bring Your Own Device

• Bring Your Own Device or Bring Your Own Technology • Employee owns the device - Need to meet the company's requirements • Difficult to secure - It's both a home device and a work device - How is data protected? - What happens to the data when a device is sold or traded in?

CAM

Content Addressable Memory (table)

a system memory construct used by Ethernet switch logic which stores information such as MAC addresses available on physical ports with their associated VLAN Parameters. Switch table

CAN

Campus Area Network

Corporate Area Network • Limited geographical area - A group of buildings • LAN technologies - Fiber connected, high speed Ethernet • Your fiber in the ground - No third-party provider

CDMA

Code Division Multiple Access

- Everyone communicates at the same time - Each call uses a different code - The codes are used to filter each call on the receiving side • Used by Verizon and Sprint - Handsets are controlled by the network provider - Not much adoption elsewhere. CDMA (Code-Division Multiple Access) refers to any of several protocols used in second-generation (2G) and third-generation (3G) wireless communications. As the term implies, CDMA is a form of multiplexing, which allows numerous signals to occupy a single transmission channel, optimizing the use of available bandwidth.

CIA

Confidentiality, Integrity, and Availability

Combination of principles - The fundamentals of security

• Confidentiality - Prevent disclosure of information to unauthorized individuals or systems

• Integrity - Messages can't be modified without detection

• Availability - Systems and networks must be up and running

CIDR

Classless Inter-Domain Routing

a method of assigning Internet Protocol (IP) addresses that improves the efficiency of address distribution and replaces the previous system based on Class A, Class B and Class C networks.

CLI

Command-Line Interface

Study command line tools

CNAME

Canonical Name

A name is an alias of another, canonical name - One physical server, multiple services

CRC

Cyclic Redundancy Check

Error indicates when data is corrupted. Calculating from all data, CRC validates packets of information sent by devices and verifies it against the data extracted, ensuring its accuracy.

CSMA/CA

Carrier-Sense Multiple Access with Collision Avoidance

CSMA/CD

Carrier-Sense Multiple Access with Collision Detection

Listen for an opening - Don't transmit if the network is already busy • Send a frame of data - You send data whenever you can - There's no queue or prioritization • If a collision occurs - Transmit a jam signal to let everyone know a collision has occurred - Wait a random amount of time, then retry

CSU

Channel Service Unit

is a hardware device about the size of an external modem that converts a digital data frame from the communications technology used on a local area network (LAN) into a frame appropriate to a wide-area network (WAN) and vice versa. For example, if you have a Web business from your own home and have leased a digital line (perhaps a T-1 or fractional T-1 line) to a phone company or a gateway at an Internet service provider, you have a CSU/DSU at your end and the phone company or gateway host has a CSU/DSU at its end.

CVE

Common Vulnerabilities and Exposures

A community managed list of vulnerabilities - Sponsored by the U.S. Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA)

CWDM

Coarse Wavelength Division Multiplexing

10GBASE-LX4 uses four 3.125 Gbit/sec carriers at four different wavelengths

DaaS

Desktop as a Service

Basic application usage - Applications actually run on a remote server - Virtual Desktop Infrastructure (VDI), Desktop as a Service (DaaS) - Local device is a keyboard, mouse, and screen.

• Minimal operating system on the client - No huge memory or CPU needs

• Network connectivity - Big network requirement - Everything happens across the wire

DDoS

Distributed Denial-of-Service

Botnet attack

DHCP

Dynamic Host Configuration Protocol

IPv4 address configuration used to be manual

- IP address, subnet mask, gateway, DNS servers, NTP servers, etc.

• Dynamic Host Configuration Protocol - Provides automatic addresses and IP configuration for almost all devices

DLP

Data Loss Prevention

• Where's your data? - Social Security numbers, credit card numbers, medical records

• Detailed policies needed to define what is allowed - How is sensitive data transferred? - Is the data encrypted? How?

• DLP solutions can watch and alert on policy violations - Often requires multiple solutions in different places

DNS

(Domain Name System) The Internet's system for converting alphabetic names into numeric IP addresses.

DoS

Denial-of-Service

Attack meant to shut down a machine or a network

DSL

Digital Subscriber Line

ADSL (Asymmetric Digital Subscriber Line) - Uses telephone lines • Download speed is faster than the upload speed (asymmetric) - ~10,000 foot limitation from the central office (CO) - 200 Mbit/s downstream / 20 Mbit/s upstream are common - Faster speeds may be possible if closer to the CO

DSU

Data Service Unit

is a hardware device about the size of an external modem that converts digital data frames from the communications technology used on a local area network (LAN) into frames appropriate to a wide-area network (WAN) and vice versa.

DWDM

Dense Wavelength Division Multiplexing

Multiplex multiple OC carriers into a single fiber - Add 160 signals, increase to 1.6 Tbit/s

EAP

• Extensible Authentication Protocol (EAP) - An authentication framework

• Many different ways to authenticate based on RFC standards - Manufacturers can build their own EAP methods

• EAP integrates with 802.1X - Prevents access to the network until the authentication succeeds

EIA

Electronic Industries Association

• ANSI/TIA/EIA 606 - Administration Standard for the Telecommunications - Infrastructure of Commercial Buildings • Presentation of information - Reports, drawings, work orders • Pathway, space, grounding - Identifiers, Labeling • Cables - Identifiers, labels, color coding, bar coding

EIGRP

Enhanced Interior Gateway Routing Protocol

is a network protocol that enables routers to exchange information more efficiently than earlier network protocols, such as Interior Gateway Routing Protocol (IGRP) or Border Gateway Protocol (BGP).

EIRP

Effective Isotropic Radiated Power

the total radiated power from a transmitter antenna times the numerical directivity of the antenna in the direction of the receiver, or the power delivered to the antenna times the antenna numerical gain.

ESP

Encapsulating Security Payload

Data confidentiality (encryption)

• Limited traffic flow confidentiality

• Data integrity

• Anti-replay protection

EUI

Extended Unique Identifier

allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the world of IPv4.

FCoE

Fibre Channel over Ethernet

a method of supporting converged Fibre Channel (FC) and Ethernet traffic on a data center bridging (DCB) network. FCoE encapsulates unmodified FC frames in Ethernet to transport the FC frames over a physical Ethernet network.

FHRP

First Hop Redundancy Protocol

- Your computer is configured with a single default gateway - We need a way to provide availability if the default gateway fails

FTP

File Transfer Protocol

tcp/20 (active mode data), tcp/21 (control) - Transfers files between systems - Authenticates with a username and password - Full-featured functionality (list, add, delete, etc.)

GBIC

Gigabit Interface Converter

a transceiver that converts electric currents (digital highs and lows) to optical signals, and optical signals to digital electric currents.

GRE

Generic Routing Encapsulation - The "tunnel" between two endpoints • Encapsulate traffic inside of IP - Two endpoints appear to be directly connected to each other - No built-in encryption

GSM

Global System for Mobile Communications

HA

High Availability

IaaS

Infrastructure as a Service

Sometimes called Hardware as a Service (HaaS) - Outsource your equipment • You're still responsible for the management - And for the security • Your data is out there, but more within your control • Web server providers

ICMP

Internet Control Message Protocol

- "Text messaging" for your network devices • Another protocol carried by IP - Not used for data transfer • Devices can request and reply to administrative requests - Hey, are you there? / Yes, I'm right here. • Devices can send messages when things don't go well - That network you're trying to reach is not reachable from here - Your time-to-live expired, just letting you know

ICS

Industrial Control System

command and control networks and systems designed to support industrial processes. The largest subgroup of ICS is SCADA

IDF

Intermediate Distribution Frame

Extension of the MDF - A strategic distribution point • Connects the users to the network - Uplinks from the MDF - Workgroup switches - Other local resources • Common in medium to large organizations - Users are geographically diverse

IDS

Intrusion Detection System

• Intrusions - Exploits against operating systems, applications, etc. - Buffer overflows, cross-site scripting, other vulnerabilities • Detection vs. Prevention - Detection - Alarm or alert - Prevention - Stop it before it gets into the network

IGMP

Internet Group Management Protocol

- Hosts and routers use IGMP to direct multicast transmissions

IMAP

Internet Message Access Protocol v4 - tcp/143 - Manage email inbox from multiple clients

IPS

Intrusion Prevention System

• Intrusions - Exploits against operating systems, applications, etc. - Buffer overflows, cross-site scripting, other vulnerabilities • Detection vs. Prevention - Detection - Alarm or alert - Prevention - Stop it before it gets into the network

IPSec

Internet Protocol Security

Security for OSI Layer 3 - Authentication and encryption for every packet • Confidentiality and integrity/anti-replay - Encryption and packet signing • Very standardized - Common to use multi-vendor implementations • Two core IPSec protocols - Authentication Header (AH) - Encapsulation Security Payload (ESP)

IPv4

Internet Protocol version 4

IPv6

Internet Protocol version 6

iSCSI

Internet Small Computer Systems Interface

Internet Small Computer Systems Interface - Send SCSI commands over an IP network - Created by IBM and Cisco, now an RFC standard • Makes a remote disk look and operate like a local disk - Like Fibre Channel • Can be managed quite well in software - Drivers available for many operating systems - No proprietary topologies or hardware needed

ISP

Internet Service Provider

LACP

Link Aggregation Control Protocol

is a standards-based method to control the bundling of several physical network links together to form a logical channel for increased bandwidth and redundancy purposes.

LAN

Local Area Network

LC

Local Connector

a small form factor (SFF) connector, which is designed to join LC fibers where a connection or disconnection is required.

LDAP

Lightweight Directory Access Protocol

Protocol for reading and writing directories over an IP network - An organized set of records, like a phone directory

• X.500 specification was written by the International Telecommunications Union (ITU) - They know directories!

• DAP ran on the OSI protocol stack - LDAP is lightweight, and uses TCP/IP (tcp/389 and udp/389)

• LDAP is the protocol used to query and update an X.500 directory - Used in Windows Active Directory, Apple OpenDirectory, OpenLDAP, etc.

• Hierarchical structure - Builds a tree • Container objects - Country, organization, organizational units

• Leaf objects - Users, computers, printers, files

LDAPS

Lightweight Directory Access Protocol (over SSL)

- A non-standard implementation of LDAP over SSL - Still in use today

LED

Light-Emitting Diode

LTE

Long-Term Evolution

4G

MAC

Media Access Control/Medium Access Control

a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment.

MAN

Metropolitan Area Network

MDF

Main Distribution Frame

Central point of the network - Usually in a data center • Termination point for WAN links - Connects the inside to the outside • Good test point - Test in both directions • This is often the data center - The central point for data

MDIX

Medium Dependent Interface Crossover

is a type of Ethernet port connection that uses twisted-pair cabling to link two networked devices.

mGRE

Multipoint Generic Routing Encapsulation

Multipoint Generic Router Encapsulation - Used extensively for Dynamic Multipoint VPN (DMVPN) - Common on Cisco routers • Your VPN builds itself - Remote sites communicate to each other • Tunnels are built dynamically, on-demand - A dynamic mesh

MIB

Management Information Base

is a Simple Network Management Protocol (SNMP) flat-file, nonrelational database that describes devices being monitored. Network management platforms monitor nodes by reading the value of the managed resources in the MIB.

MIMO

- Multiple-input multiple-output

- Multiple transmit and receive antennas

802.11n uses

MU-MIMO

Multi-User MIMO

used by 802.11ac and 802.11ax

MOU

Memorandum of Understanding (MOU) - Both sides agree on the contents of the memorandum - Usually includes statements of confidentiality - Informal letter of intent; not a signed contract

MPLS

Learning from ATM and Frame Relay • Packets through the WAN have a label - Routing decisions are easy • Any transport medium, any protocol inside - IP packets, ATM cells, Ethernet frames - OSI layer 2.5 (!) • Increasingly common WAN technology - Ready-to-network

MTBF

• Mean time between failures (MTBF) - Predict the time between outages

MT-RJ

- Mechanical Transfer Register Jack.

- A fiber optic cable connector that is very popular for small form factor devices due to its small size.

- Smallest connector

MTTR

• Mean time to repair (MTTR) - Time required to fix the issue

MTU

maximum transmission unit - The largest data unit a network (for example, Ethernet or token ring) will accept for transmission.

MX

Mail exchanger record (MX) • Determines the host name for the mail server - this isn't an IP address; it's a name

NAC

Network Access Control (NAC) • IEEE 802.1X - Port-based Network Access Control (NAC) - You don't get access until you authenticate • We're talking about physical interfaces - Not TCP or UDP ports • Makes extensive use of EAP and RADIUS - Extensible Authentication Protocol / Remote Authentication Dial In User Service • Administrative enable/disable - Disable your unused ports • Duplicate MAC address checking - Stop the spoofers

NAS

• Network Attached Storage (NAS) - Connect to a shared storage device across the network - File-level access

NAT

- Network Address Translation (NAT), dynamic routing. conserves IP addresses by enabling private IP networks using unregistered IP addresses to go online.

NDA

Non-disclosure agreement (NDA) • Confidentiality agreement between parties - Information in the agreement should not be disclosed • Protects confidential information - Trade secrets, business activities - Anything else listed in the NDA • Unilateral or bilateral (or multilateral) - One-way NDA or mutual NDA • Formal contract - Signatures are usually required

NFV

Network function virtualization (NFV) • Replace physical network devices with virtual versions - Manage from the hypervisor • Same functionality as a physical device - Routing, switching, load balancing, firewalls, etc. • Quickly and easily deploy network functions - Click and deploy from the hypervisor • Many different deployment options - Virtual machine, container, fault tolerance, etc.

NGFW

A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software. It is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.

NIC

The network interface card (NIC) or network card is the hardware device most essential to establishing communication between computers.

NS

Network Simulator (NS) is simply a discrete event-driven network simulation tool for studying the dynamic nature of communication networks. Network Simulator 2 (NS2) provides substantial support for simulation of different protocols over wired and wireless networks.

NTD

The Network Termination Device (NTD) or NBN Connection Box has several ports on the bottom to deliver telephone (if included in your plan) and internet services.

OID

OIDs stands for Object Identifiers. OIDs uniquely identify managed objects in a MIB hierarchy. This can be depicted as a tree, the levels of which are assigned by different organizations.

OSI

OSPF

Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol

OTDR

An Optical Time Domain Reflectometer (OTDR) is a device that tests the integrity of a fiber cable and is used for the building, certifying, maintaining, and troubleshooting fiber optic systems.

PaaS

is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.

PAN

Personal Area Network

PAT

Port Address Translation (PAT) is an extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses.

PDU

A protocol data unit (PDU) is an open-system interconnection (OSI) term used in telecommunications that refers to a group of information added or removed by a layer of the OSI model

PoE

Power over Ethernet (PoE) is technology that passes electric power over twisted-pair Ethernet cable to powered devices (PD), such as wireless access points, IP cameras, and VoIP phones in addition to the data that cable usually carries.