Networking and Security Acronyms - Video Notes Review

Vocabulary-style flashcards listing each acronym or term with its definition from the video notes.

A (Address)

Record used to resolve a host name to an IPv4 address.

AAAA

Record used to resolve a host name to an IPv6 address.

ACL

Collection of access control entries (ACEs) that determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access to the object and the privileges given (read-only, read/write, and so on).

AH

IPSec protocol that provides authentication for the origin of transmitted data as well as integrity and protection against replay attacks.

AP

A device that provides a connection between wireless devices and can connect to wired networks, implementing an infrastructure mode WLAN.

API

Methods exposed by a script, program, or web application that allow other scripts or apps to interact with it.

APIPA Automatic Private Internet Protocol Addressing

Mechanism for Windows hosts configured to obtain an address automatically that cannot contact a DHCP server to revert to using an address from the range 169.254.x.y (AKA link local address).

ARP

Broadcast mechanism by which the hardware MAC address of an interface is matched to an IP address on a local network segment.

AUP

A set of rules that outline how a service or technology can be used.

BGP Border Gateway Protocol

Path vector exterior gateway routing protocol used principally by ISPs to establish routing between autonomous systems.

BNC Bayonet Neill-Concelman

Twist and lock connector for coaxial cables.

BSSID

MAC address of an access point supporting a basic service area.

BYOD Bring Your Own Device

Security framework and tools to facilitate use of personally owned devices to access corporate networks and data.

CAM Content-Addressable Memory

Optimized for searching, enables faster data retrieval.

CDN Content Delivery Network

Distributing and replicating the components of any service (web pages, media, and storage) across all the key service areas needing access to the content.

CDP Cisco Discovery Protocol

Proprietary protocol used by Cisco network appliances to discover layer 2 adjacent devices or neighbors.

CIA Confidentiality, Integrity, and Availability

Three principles of security control and management, information security triad.

CIDR Classless Inter-Domain Routing

Using network prefixes to aggregate routes to multiple network blocks ('supernetting'). Replaced old method of assigning class-based IP addresses based on network size.

CLI Command Line Interface

Program that accepts text input to execute OS functions.

CNAME Canonical Name Record

Type of DNS record that maps an alias name to a true or canonical domain name.

CPU Central Processing Unit

Primary component of a computer that performs most of the processing. Executes instructions from programs.

CRC Cyclic Redundancy Check

Calculation of a checksum based on the contents of a frame used to detect errors.

DAC Direct Attach Copper

Factory-terminated twinax patch cords used for 10+ Gbps Ethernet connections, typically between rack-mounted appliances.

DAS Direct-Attached Storage

A type of storage that is directly attached to a computer without going through the network. Internal or external hard drives.

DCI Data Center Interconnect

Technologies and methods used to connect two or more data centers.

DDoS Distributed Denial-of-Service

Attack involving the use of internet-connected computers and devices to disrupt the normal flow of traffic by overwhelming the target.

DHCP Dynamic Host Configuration Protocol

Used to automatically assign IP addressing information to hosts.

DLP Data Loss Prevention

Security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data.

DNS Domain Name Service

Service that maps fully qualified domain name labels to IP addresses on most TCP/IP networks.

DNSSEC Domain Name System Security Extensions

Security protocol that provides authentication of DNS data and upholds DNS data integrity.

DoH DNS over HTTPS

Mitigates risks from snooping and modification when a client queries a DNS server by encapsulating DNS traffic within an HTTPS session.

DoS Denial of Service

Any type of physical, application, or network attack that affects the availability of managed resource.

DoT DNS over TLS

Mitigates risks from snooping and modification when a client queries a DNS server by encapsulating DNS traffic within a TLS session.

DR Disaster Recovery

Process by which an organization prepares for and recovers from technology-related disasters.

EAPoL Extensible Authentication Protocol over LAN

Used in IEEE 802.1X; provides framework for authenticating and controlling access of devices to a network infrastructure.

EIGRP Enhanced Interior Gateway Routing Protocol

Advanced distance vector dynamic routing protocol using bandwidth and delay metrics to establish optimum forwarding paths.

EOL End of Life

Product life cycle phase where mainstream vendor support is no longer available.

EOS End of Support

Manufacturer will no longer provide support for the product (updates, patches, assistance).

ESP Encapsulating Security Payload

IPSec sub-protocol that enables encryption and authentication of header and payload of data packet.

ESSID Extended Service Set Identifier

Network name configured on multiple access points to form an extended service area.

EULA End User License Agreement

Contract between owner and users to grant permission to use the software under specified conditions.

FC Fibre Channel

High-speed network communications protocol used to implement SANs.

FHRP First Hop Redundancy Protocol

Provisioning failover routers to serve as the default gateway for a subnet.

FTP File Transfer Protocol

Used to transfer files between network hosts. Variants = SFTP, FTPS/FTPES, TFRP; Ports 20 and 21.

GDPR General Data Protection Regulation

Provisions and requirements protecting the personal data of EU citizens; transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations.

GRE Generic Routing Encapsulation

Tunneling protocol allowing the transmission of encapsulated frames or packets from different types of network protocol over an IP network.

GUI Graphic User Interface

Provides an easy-to-use, intuitive interface for a computer OS.

HTTP Hypertext Transfer Protocol

Used to provide web content to browsers; port 80.

HTTPS - HTTP Secure

Provides encrypted transfers using TLS; Port 443.

IaaS Infrastructure as a Service

Renting needed components on an as-need basis (Azure VMs, Amazon EC2).

IaC Infrastructure as Code

Provisioning architecture in which deployment of resources is performed by scripted automation and orchestration.

IAM Identity and Message protocol

A security process that provides identification, authentication, and authorization mechanisms for users, computers, and other entities to work with organizational assets such as networks, OSs, and applications.

ICMP Internet Control Message Protocol

IP level protocol for reporting errors and status information supporting the function of troubleshooting utilities.

ICS Industrial Control System

Network managing embedded devices; control systems used to manage and automate industrial processes; integrates hardware/software to monitor and control physical processes in industries.

IDF Intermediate Distribution Frame

Passive wiring panel providing a central termination point for cabling; an optional layer of distribution frame hierarchy that cross-connects 'vertical' backbone cabling to an MDF to 'horizontal' wiring to wall ports on each floor of a building or each building of a campus network.

IDS Intrusion Detection System

A security appliance or software that analyzes data from a packet sniffer to identify traffic that violates policies or rules.

IoT Internet of Things

Devices that can report state and configuration data and be remotely managed over IP networks.

IIoT Industrial IoT

integration of internet-connected devices and sensors in industrial environments.

IKE Internet Key Exchange

Framework for creating a Security Association (SA) used with IPSec. SA establishes that two hosts trust one another (authenticate) and agree on secure protocols and cipher suites to use to exchange data.

IP Internet Protocol

identifier for a protocol working over the IP: TCP, UDP, ICMP.

IPAM Internet Protocol Address Management

Software consolidating management of multiple DHCP and DNS services to provide oversight into IP address allocation across an enterprise network.

IPS Intrusion Prevention System

Security appliance or software that combines detection capabilities with functions that can actively block attacks.

IPSec Internet Protocol Security

Network protocol suite used to secure data through authentication and encryption as the data travels across the network or the Internet.

IS-IS Intermediate System to Intermediate System

Routing protocol; designed to move information efficiently within a computer network.

LACP Link Aggregation Control Protocol

A data link layer protocol; IEEE 802.3ad; bundle physical links and form a logical link from different vendor devices.

LAN Local Area Network

Network scope restricted to a single geographical location and owned/managed by a single organization.

LC Local Connector

Small form factor push-pull fiber optic connector; simplex and duplex.

LDAP Lightweight Directory Access Protocol

Used to access network directly databases, which store information about authorized users and their privileges.

LDAPS LDAP over SSL

Ensuring that data cannot be intercepted by third parties while in transit.

LLDP Link Layer Discovery Protocol

Standards-based protocol used by network appliances to discovery layer 2 devices or neighbors.

MAC Media Access Control

Hardware address that uniquely identifies each network interface at layer 2; 48 bits long, first half representing manufacturing OUI.

MDF Main Distribution Frame

Passive wiring panel providing central termination for cabling. Backbone or vertical wiring through a building and connections to external access provider networks.

MDIX Medium Dependent Interface Crossover

System that distinguishes transmits and receive pins on different interface types. Interfaces on an end system is MDI while that on an intermediate system is MDI-X.

MFA Multifactor Authentication

Authentication scheme that requires the user to present at least two different factors as credentials.

MIB Management Information Base

Database that stores Simple Network Management Protocol (SNMP) properties and values of a network device and its components.

MPO Multifiber Push On

Fiber optic cable type that terminates multiple strands to a single compact connector, supporting parallel links.

MTBF Mean Time Between Failure

A metric for a device or component that predicts the expected time between failures.

MTTR Mean Time To Repair

A metric representing average time taken for a device or component to be repaired, replaced, or otherwise recover from a failure.

MTU Maximum Transmission Unit

Maximum size in bytes of a frame’s payload cannot be encapsulated within a single frame at the Data Link Layer, it must be fragmented.

MX Mail Exchange

A record used to identify an email server for the domain.

NAC Network Access Control

A general term for the collected protocols, polices, and hardware that authenticate and authorize access to a network at the device level.

NAS Network-Attached Storage

Storage device enclosure with network port and an embedded OS that supports typical network file access protocols.

NAT Network Address Translation

Routing mechanism that conceals internal addressing schemes from the public Internet by translating between a single public address on the external side of a router and private, non-routable addresses internally.

NFV Network Functions Virtualization

Provisioning virtual network appliances (switches, routers, firewalls) via VMs and containers.

NIC Network Interface Cards

Adapter card that provides one or more Ethernet ports for connecting hosts to a network so that they can exchange data over a link.

NS Name Server

A specialized server that handles queries about the location of a domain name’s services. It translates humanly meaningful, text-based identifiers to numeric addresses.

NTP Network Time Protocol

Application protocol allowing machines to synchronize to the same time clock that runs over UDP port 123.

NTS Network Time Security

Method of securing NTP queries and responses using TLS. TCP port 3443.

OS Operating System

Software that facilitates the control and configuration of the computer device via device drivers, services, and one or more user interfaces.

OSPF Open Shortest Path First

Dynamic routing protocol that uses a link state algorithm and a hierarchical topology.

OSI Open Systems Interconnection

Assigns network and hardware components and functions to seven discrete layers: Physical, Data Link, Network, Transport, Session, Presentation, Application.

OT Operational Technology

A communications network designed to implement an industrial control system rather than data networking.

PaaS Platform as a Service

A cloud service model that provisions application and database services as a platform for development of apps.

PAT Port Address Translation

Maps private host IP addresses onto a single public IP address. Each host is tracked by assigning it a random high TCP port for communications.

PCI DSS Payment Card Industry Data Security Standards

The information security standard for organizations that process credit or bank card payments.

PDU Power Distribution Unit

Advanced strip socket that provides filtered output voltage. A managed unit supports remote administration.

PKI Public Key Infrastructure

A framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validation subject identities.

PoE Power over Ethernet

Specification allowing power to be supplied via switch ports and ordinary data cabling to devices such as VoIP handsets and wireless access points. Draw up to 13W or 25W for PoE+.

PSK Pre-Shared Key

A wireless network authentication mode where a passphrase-based mechanism is used to allow group authentication to a wireless network. Passphrase is used to derive an encryption key.

PTP Precision Time Protocol

Provides clock synchronization to network devices to a higher degree of accuracy that NTP.