CIT - 118 Operating Systems Key Terms Chapters 9, 11, 13-15

bridge

a data-link layer device used to interconnect multiple networks using the same protocol.

bus topology

network architecture to connect elements together along a single line.

circuit switching

a communication model in which a dedicated communication path is established between two hosts and on which all messages travel.

distributed operating system

an operating system that provides control for a distributed computing system, allowing its resources to be accessed in a unified way.

Domain Name Service (DNS)

a general-purpose, distributed, replicated data query service.

gateway

a communications device or program that passes data between networks having similar functions but different protocols.

International Organization for Standardization (ISO)

a voluntary, nontreaty organization responsible for creating international standards in many areas, including computers and communications.

local area network (LAN)

a data network intended to serve an area covering only a few square kilometers or less.

metropolitan area network (MAN)

a data network intended to serve an area approximating that of a large city.

network

a collection of loosely coupled processors interconnected by communications links using cables, wireless technology, or a combination of both.

network operating system (NOS)

the software that manages network resources for a node on a network, and may provide security and access control.

open shortest path first (OSPF)

a protocol designed for use in Internet Protocol (IP) networks, concerned with tracking the operational state of every network interface.

open systems interconnection (OSI) reference model

a seven-layer conceptual structure describing computer network architectures and the ways in which data passes through them.

packet switching

a communication model in which messages are individually routed between hosts, with no previously established communication path.

protocol

a set of rules to control the flow of messages through a network.

ring topology

a network topology in which each node is connected to two adjacent nodes.

routing information protocol (RIP)

a routing protocol used by IP, based on a distance-vector algorithm.

star topology

a network topology in which multiple network nodes are connected through a single, central node.

token bus

a type of local area network with nodes connected to a common cable using a CSMA/CA protocol.

token ring

a type of local area network with stations wired into a ring network.

topology

in a network, the geometric arrangement of connections (cables, wireless, or both) that link the nodes.

Transmission Control Protocol/Internet Protocol (TCP/IP)

a suite of transport-layer and application-layer protocols that operate over the Internet Protocol.

tree topology

a network architecture in which elements are connected in a hierarchical structure.

wide area network (WAN)

a network usually constructed with long-distance, point-to-point lines, covering a large geographic area.

wireless local area network (WLAN)

a local area network with wireless nodes.

access control

the control of user access to a network or computer system.

adware

a blended security threat that covertly collects data from system users and uses that data to target them with personalized advertisements and marketing messages.

antivirus software

software that is designed to detect and recover from attacks by viruses and worms. It is usually part of a system protection software package.

authentication

the means by which a system verifies that the individual attempting to access the system is authorized to do so.

backup

the process of making long-term archival file storage copies of files on the system.

blended threat

a system threat that combines into one program the characteristics of other attacks, including a virus, a worm, Trojans, spyware, and other malicious code.

biometrics

the science and technology that identifies authorized users based on their biological characteristics.

cleartext

in cryptography, a method of transmitting data without encryption in text that is readables by anyone by anyone who sees it.

cryptography

the science of coding messages or text so that unauthorized users cannot read them.

denial of service (DoS) attacks

an attack on a network that makes the network unavailable to perform the functions it was designed to do. This can be done by flooding the server with meaningless requests or information.

dictionary attack

the technique by which an intruder attempts to guess user passwords by trying words found in a dictionary.

encryption

the translation of a message or data item from its original form to an encoded form, thus hiding its meaning and making it unintelligible without the key to decode it.

ethics

the rules or standards of behavior that individuals are expected to follow, demonstrating the principles of right and wrong.

firewall

a set of hardware and software that disguises the internal network address of a computer or network to control how clients from outside can access an organization’s internal servers.

packet filtering

reviewing incoming and outgoing Internet packets to verify that the source address, destination address, and protocol are correct.

packet sniffers

software that intercepts Internet data packets sent in cleartext, and searches them for information, such as passwords.

passwords

a user-access authentication method. Typically, it is a series of keystrokes that a user enters in order to be allowed to log on to a computer system.

phishing

a technique used to trick consumers into revealing personal information by appearing as a legitimate way.

picture passwords

a sequence of strokes over a picture or graphic that is used to authenticate access to a computer system.

private key

a tool that’s used to decrypt a message that was encrypted using a public key.

proxy server

a server positioned between an internal network and an external network or the Internet to screen all requests and for information, and prevent unauthorized access to network resources.

public key

a tool that’s used to decrypt a message, to be decoded later using a private key.

social engineering

a technique whereby system intruders gain access to information about a legitimate user to learn active passwords, sometimes by calling the user and posing as a system technician.

spoofing

the creation of false IP addresses in the headers of data packets sent over the Internet, sometimes with the intent of gaining access when it would not otherwise be granted.

spyware

a security threat that covertly steals data from the system and sends it to a designated repository.

system survivability

the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents.

Trojan

a malicious computer program with side effects that are not intended by the user who executes the program.

virus

a program that replicates itself by incorporating itself into other programs that are shared among other computer systems, including programs in secondary storage.

worm

a computer program that replicates itself, and is self-propagating in main memory.

argument

a value or option placed in the command that modifies how the command is to be carried out.

child process

a subordinate process that is created and controlled by a parent process.

CPU-bound

a job or process that requires a great deal of nonstop processing before issuing an interrupt; a CPU-bound job can tie up the CPU for an extended time.

device drivers

a device-specific program module that controls a particular type of device.

device independent

programs that can work with a variety of computers and devices in spite of their electronic variations.

directory

a logical storage unit that may contain files.

I/O-bound

a job or process that requires a large number of input/output operations, resulting in a lot of free time for the CPU.

kernel

the part of the operating system that resides in main memory at all times, and performs the most essential tasks, such as managing memory and handling disk input and output.

parent process

a process that creates and controls one or more child processes.

Portable Operating System Interface for Computer Environments (POSIX)

a set of IEEE standards that defines the standard user and programming interfaces for operating systems so that developers can port programs from one operating system to another.

script

a series of executable commands written in plain text that can be executed by the operating system in sequence as a single procedure.

sharable code

executable code in the operating system that can be shared by several processes.

Active Directory

Microsoft Windows’ directory service that offers centralized administration of application serving, authentication, and user registration for distributed networking systems.

cache manager

a component of the I/O system that manages the part of virtual memory known as cache. The cache expands or shrinks dynamically depending on the amount of memory available.

compatibility

the ability of an operating system to execute programs written for other operating systems or for earlier versions of the same system.

Domain Name System

a general-purpose, distributed, replicated, data query service. Its principal function is the resolution of Internet addresses based on fully qualified domain names, such as .com (for a commercial entity) or .edu (for an educational institution).

extensibility

one of an operating system’s design goals: to be easily enhanced as market requirements change.

fetch policy

the rules used by the Virtual Memory Manager to determine when a page is copied from disk to memory.

Kerberos

an authentication system that allows network managers to administer and manage user authentication at the network level.

kernel mode

the name given to indicate that processes are granted privileged access to the processor. Therefore, all machine instructions are allowed and system memory is accessible. This is contrasted with the more restrictive user mode.

Lightweight Directory Access Protocol (LDAP)

a protocol that defines a method for creating searchable directories of resources on a network.

New Technology File System (NTFS)

the file system introduced with Windows NT that offers file management services, such as permission management, compression, transaction logs, and the ability to create a single volume spanning two or more physical disks.

placement policy

the rules used by the Virtual Memory Manager to determine where the virtual page is to be loaded in memory.

portability

the ability to move an entire operating system to a machine based on a different processor or configuration with as little recoding as possible.

POSIX

Portable Operating System Interface for UNIX; an operating system application program interface developed by the IEEE to increase the portability of application software.

reliability

the ability of an operating system to respond predictably to error conditions, even those caused by hardware failures; or the ability of an operating system to actively protect itself and its users from accidental or deliberate damage by user programs.r

replacement policy

the rules used by the Virtual Memory Manager to determine which virtual page must be removed from memory to make room for a new page.

ticket granting ticket

a virtual ticket given by a Kerberos server indicating that the user holding the ticket can be granted access to specific application servers. The user sends this encrypted ticket to the remote application server, which can then examine it to verify the user’s identity and authenticate the user.

user mode

the name given to indicate the processes are not granted privileged access to the processor. Therefore, certain instructions are not allowed and system memory isn’t accessible.