Network Plus 2005 In Depth
.pdf
772 Glossary
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)—A network access method specified for use by IEEE 802.3 (Ethernet) networks. In CSMA/CD, each node waits its turn before transmitting data, to avoid interfering with other nodes’ transmissions. If a node’s NIC determines that its data has been involved in a collision, it immediately stops transmitting. Next, in a process called jamming, the NIC issues a special 32-bit sequence that indicates to the rest of the network nodes that its previous transmission was faulty and that those data frames are invalid. After waiting, the NIC determines if the line is again available; if it is available, the NIC retransmits its data.
CSU (channel service unit)—A device used with T-carrier technology that provides termination for the digital signal and ensures connection integrity through error correction and line monitoring. Typically, a CSU is combined with a DSU in a single device, a CSU/DSU.
CSU/DSU—A combination of a CSU (channel service unit) and a DSU (data service unit) that serves as the connection point for a T1 line at the customer’s site. Most modern CSU/DSUs also contain a multiplexer. A CSU/DSU may be a separate device or an expansion card in another device, such as a router.
cut-through mode—A switching mode in which a switch reads a frame’s header and decides where to forward the data before it receives the entire packet. Cut-through mode is faster, but less accurate, than the other switching method, store and forward mode.
Cyclic Redundancy Check—See CRC.
D channel—In ISDN, the “data” channel is used to carry information about the call, such as session initiation and termination signals, caller identity, call forwarding, and conference calling signals.
daisy chain—A group of connectivity devices linked together in a serial fashion.
Data Encryption Standard—See DES.
Data Link layer—The second layer in the OSI Model. The Data Link layer bridges the networking media with the Network layer. Its primary function is to divide the data it receives from the Network layer into frames that can then be transmitted by the Physical layer.
data packet—A discrete unit of information sent from one node on a network to another.
data port—A port on a connectivity device to which network nodes are connected.
data propagation delay—The length of time data takes to travel from one point on the segment to another point. On Ethernet networks, CSMA/CD’s collision detection routine cannot operate accurately if the data propagation delay is too long.
data service unit—See DSU.
DB-9 connector—A connector containing nine pins that is used on STP-based Token Ring networks.
DC (domain component)—In LDAP naming conventions, the name of any one of the domains to which an object belongs.
dedicated—A continuously available link or service that is leased through another carrier. Examples of dedicated lines include ADSL, T1, and T3.
default gateway—The gateway that first interprets a device’s outbound requests, and then interprets its inbound requests to and from other subnets. In a Postal Service analogy, the default gateway is similar to a local post office.
default router—See default gateway.
Glossary 773
demarcation point (demarc)—The point of division between a telecommunications service carrier’s network and a building’s internal network.
demultiplexer (demux)—A device that separates multiplexed signals once they are received and regenerates them in their original form.
denial-of-service attack—A security attack caused by a deluge of traffic that disables the victimized system.
dense wavelength division multiplexing—See DWDM.
DES (Data Encryption Standard)—A popular private key encryption technique that was developed by IBM in the 1970s.
device driver—The software that enables an attached device to communicate with the computer’s operating system.
Device ID—The second set of six characters that make up a network device’s MAC address. The Device ID, which is added at the factory, is based on the device’s model and manufacture date.
DHCP (Dynamic Host Configuration Protocol)—An Application layer protocol in the TCP/IP suite that manages the dynamic distribution of IP addresses on a network. Using DHCP to assign IP addresses can nearly eliminate duplicate-addressing problems.
dial return—A satellite Internet access connection in which a subscriber receives data from the Internet via the satellite link, but sends data to the satellite via an analog modem (dial-up) connection. With dial return, downstream throughputs are rated for 400–500 Kbps, whereas upstream throughputs are practically limited to 53 Kbps and are usually lower. Therefore, dial return satellite Internet access is an asymmetrical technology.
dial-up—A type of connection in which a user connects to a distant network from a computer and stays connected for a finite period of time.
dial-up networking—The process of dialing into a remote access server to connect with a network, be it private or public.
dictionary attack—A technique in which attackers run a program that tries a combination of a known user ID and, for a password, every word in a dictionary to attempt to gain access to a network.
differential backup—A backup method in which only data that has changed since the last full or incremental backup is copied to a storage medium, and in which that same information is marked for subsequent backup, regardless of whether it has changed. In other words, a differential backup does not uncheck the archive bits for files it backs up.
Diffie-Hellman—The first commonly used public, or asymmetric, key algorithm. Diffie-Hellman was released in 1975 by its creators, Whitfield Diffie and Martin Hellman.
diffraction—In the context of wireless signal propagation, the phenomenon that occurs when an electromagnetic wave encounters an obstruction and splits into secondary waves. The secondary waves continue to propagate in the direction in which they were split. If you could see wireless signals being diffracted, they would appear to be bending around the obstacle. Objects with sharp edges—including the corners of walls and desks—cause diffraction.
774 Glossary
dig (domain information groper)—A TCP/IP utility that queries the DNS database and provides information about a host given its IP address or vice versa. Dig is similar to the nslookup utility, but provides more information, even in its simplest form, than nslookup can.
digital—As opposed to analog signals, digital signals are composed of pulses that can have a value of only 1 or 0.
digital certificate—A password-protected and encrypted file that holds an individual’s identification information, including a public key and a private key. The individual’s public key is used to verify the sender’s digital signature, and the private key allows the individual to log on to a third-party authority who administers digital certificates.
digital PBX—See IP-PBX.
digital subscriber line—See DSL.
digital versatile disc—See DVD.
DIP (dual inline package) switch—A small plastic toggle switch on a circuit board that can be flipped to indicate either an “on” or “off ” status, which translates into a parameter setting.
direct sequence spread spectrum—See DSSS.
directional antenna—A type of antenna that issues wireless signals along a single direction, or path.
directory—In general, a listing that organizes resources and correlates them with their properties. In the context of network operating systems, a method for organizing and managing objects.
DirXML—A Novell tool for integrating eDirectory and Windows Active Directory or Windows NT domain data.
disaster recovery—The process of restoring critical functionality and data to a network after an enter- prise-wide outage that affects more than a single system or a limited group of users.
disk duplexing—A storage fault-tolerance technique in which data is continually copied from one disk to another when it is saved, just as in disk mirroring. In duplexing, however, a separate disk controller is used for each different disk.
disk mirroring—A RAID technique in which data from one disk is automatically copied to another disk as the information is written.
disk striping—A simple implementation of RAID in which data is written in 64-KB blocks equally across all disks in the array.
diskless workstation—A workstation that doesn’t contain a hard disk, but instead relies on a small amount of read-only memory to connect to a network and to pick up its system files.
distinguished name—See DN.
distributed backbone—A type of backbone in which a number of connectivity devices (usually hubs) are connected to a series of central connectivity devices, such as hubs, switches, or routers, in a hierarchy.
DN (distinguished name)—A long form of an object’s name in Active Directory that explicitly indicates the object name, plus the names of its containers and domains. A distinguished name includes a DC (domain component), OU (organizational unit), and CN (common name). A client uses the distinguished name to access a particular object, such as a printer.
Glossary 775
DNS (Domain Name System or Domain Name Service)—A hierarchical way of tracking domain names and their addresses, devised in the mid-1980s. The DNS database does not rely on one file or even one server, but rather is distributed over several key computers across the Internet to prevent catastrophic failure if one or a few computers go down. DNS is a TCP/IP service that belongs to the Application layer of the OSI Model.
DNS spoofing—A security attack in which an outsider forges name server records to falsify his host’s identity.
domain—A group of users, servers, and other resources that share account and security policies through a Windows Server 2003 network operating system.
domain account—A type of user account on a Windows Server 2003 network that has privileges to resources across the domain onto which it is logged.
domain component—See DC.
domain controller—A Windows Server 2003 computer that contains a replica of the Active Directory database.
domain information groper—See dig.
domain local group—A group on a Windows Server 2003 network that allows members of one domain to access resources within that domain only.
domain model—In Microsoft terminology, the type of client/server network that relies on domains, rather than workgroups.
domain name—The symbolic name that identifies a domain. Usually, a domain name is associated with a company or other type of organization, such as a university or military unit.
Domain Name Service—See DNS.
Domain Name System—See DNS.
domain tree—A group of hierarchically arranged domains that share a common namespace in the Windows Server 2003 Active Directory.
dotted decimal notation—The shorthand convention used to represent IP addresses and make them more easily readable by humans. In dotted decimal notation, a decimal number between 0 and 255 represents each binary octet. A period, or dot, separates each decimal.
downlink—A connection from an orbiting satellite to an earth-based receiver.
downstream—A term used to describe data traffic that flows from a carrier’s facility to the customer. In asymmetrical communications, downstream throughput is usually much higher than upstream throughput. In symmetrical communications, downstream and upstream throughputs are equal.
driver—See device driver.
DS0 (digital signal, level 0)—The equivalent of one data or voice channel in T-carrier technology, as defined by ANSI physical layer standards. All other signal levels are multiples of DS0.
DSL (digital subscriber line)—A dedicated WAN technology that uses advanced data modulation techniques at the Physical layer to achieve extraordinary throughput over regular phone lines. DSL comes in several different varieties, the most common of which is asymmetric DSL (ADSL).
776 Glossary
DSL access multiplexer—See DSLAM.
DSL modem—A device that demodulates an incoming DSL signal, extracting the information and passing it to the data equipment (such as telephones and computers) and modulates an outgoing DSL signal.
DSLAM (DSL access multiplexer)—A connectivity device located at a telecommunications carrier’s office that aggregates multiple DSL subscriber lines and connects them to a larger carrier or to the Internet backbone.
DSSS (direct sequence spread spectrum)—A transmission technique in which a signal’s bits are distributed over an entire frequency band at once. Each bit is coded so that the receiver can reassemble the original signal upon receiving the bits.
DSU (data service unit)—A device used in T-carrier technology that converts the digital signal used by bridges, routers, and multiplexers into the digital signal used on cabling. Typically, a DSU is combined with a CSU in a single device, a CSU/DSU.
duplex—See full-duplex.
DVD (digital versatile disc)—A type of optical disk capable of storing large amounts of data, including audio and video files. Several DVD standards exist, but all have a minimum storage capacity of 4.7 GB.
DWDM (dense wavelength division multiplexing)—A multiplexing technique used over single-mode or multimode fiber-optic cable in which each signal is assigned a different wavelength for its carrier wave. In DWDM, little space exists between carrier waves, in order to achieve extraordinary high capacity.
dynamic address—An IP address that is assigned to a device through DHCP and may change when the DHCP lease expires or is terminated.
dynamic ARP table entry—A record in an ARP table that is created when a client makes an ARP request that cannot be satisfied by data already in the ARP table.
Dynamic Host Configuration Protocol—See DHCP
dynamic IP address—An IP address that is assigned to a device upon request and may change over time. BOOTP and DHCP are two ways of assigning dynamic IP addresses.
Dynamic Ports—TCP/IP ports in the range of 49152 through 65535, which are open for use without requiring administrative privileges on a host or approval from IANA.
dynamic routing—A method of routing that automatically calculates the best path between two nodes and accumulates this information in a routing table. If congestion or failures affect the network, a router using dynamic routing can detect the problems and reroute data through a different path. Modern networks primarily use dynamic routing.
E1—A digital carrier standard used in Europe that offers 30 channels and a maximum of 2.048-Mbps throughput.
E3—A digital carrier standard used in Europe that offers 480 channels and a maximum of 34.368-Mbps throughput.
EAP (Extensible Authentication Protocol)—A Data Link layer protocol defined by the IETF that specifies the dynamic distribution of encryption keys and a pre-authentication process in which a client and server exchange data via an intermediate node (for example, an access point on a wireless LAN).
Glossary 777
Only after they have mutually authenticated can the client and server exchange encrypted data. EAP can be used with multiple authentication and encryption schemes.
ECC (error correction code)—An algorithm used to detect and correct errors. In RAID Levels 3 and 5, for example, a type of ECC known as parity error checking is used.
echo reply—The response signal sent by a device after another device pings it.
echo request—The request for a response generated when one device pings another device.
eDirectory—The database of objects and their attributes in NetWare 6.x.
EEPROM (electrically erasable programmable read-only memory)—A type of ROM that is found on a circuit board and whose configuration information can be erased and rewritten through electrical pulses.
EIA (Electronic Industries Alliance)—A trade organization composed of representatives from electronics manufacturing firms across the United States that sets standards for electronic equipment and lobbies for legislation favorable to the growth of the computer and electronics industries.
EIGRP (Enhanced Interior Gateway Routing Protocol)—A routing protocol developed in the mid1980s by Cisco Systems that has a fast convergence time and a low network overhead, but is easier to configure and less CPU-intensive than OSPF. EIGRP also offers the benefits of supporting multiple protocols and limiting unnecessary network traffic between routers.
electrically erasable programmable read-only memory—See EEPROM.
electromagnetic interference—See EMI.
Electronic Industries Alliance—See EIA.
EMI (electromagnetic interference)—A type of interference that may be caused by motors, power lines, televisions, copiers, fluorescent lights, or other sources of electrical activity.
encapsulate—The process of wrapping one layer’s PDU with protocol information so that it can be interpreted by a lower layer. For example, Data Link layer protocols encapsulate Network layer packets in frames.
Encapsulating Security Payload—See ESP.
encrypted virus—A virus that is encrypted to prevent detection.
encryption—The use of an algorithm to scramble data into a format that can be read only by reversing the algorithm—decrypting the data—to keep the information private. The most popular kind of encryption algorithm weaves a key into the original data’s bits, sometimes several times in different sequences, to generate a unique data block.
enhanced Category 5—See CAT 5e.
enhanced Category 6—See CAT 6e.
Enhanced Interior Gateway Routing Protocol—See EIGRP.
enterprise—An entire organization, including local and remote offices, a mixture of computer systems, and a number of departments. Enterprise-wide computing takes into account the breadth and diversity of a large organization’s computer needs.
error correction code—See ECC.
778 Glossary
ESP (Encapsulating Security Payload)—In the context of IPSec, a type of encryption that provides authentication of the IP packet’s data payload through public key techniques. In addition, ESP also encrypts the entire IP packet for added security.
Ethernet—A networking technology originally developed at Xerox in the 1970s and improved by Digital Equipment Corporation, Intel, and Xerox. Ethernet, which is the most common form of network transmission technology, follows the IEEE 802.3 standard.
Ethernet_II—The original Ethernet frame type developed by Digital, Intel, and Xerox, before the IEEE began to standardize Ethernet. Ethernet_II contains a 2-byte type field to identify the upper-layer protocol contained in the frame. It supports TCP/IP, AppleTalk, IPX/SPX, and other higher-layer protocols.
expansion board—A circuit board used to connect a device to a computer’s motherboard.
expansion card—See expansion board.
expansion slot—A receptacle on a computer’s motherboard that contains multiple electrical contacts into which an expansion board can be inserted.
explicit one-way trust—A type of trust relationship in which two domains that belong to different NOS directory trees are configured to trust each other.
ExpressCard—A PCMCIA standard that allows external devices to connect to portable computers through a 26-pin interface, with data transfer rates of 250 MBps in each direction (for a total of 500 MBps), similar to the PCI Express expansion board specification. ExpressCard modules come in two sizes: 34 mm and 54 mm wide. Over time, PCMCIA expects the ExpressCard standard to replace the CardBus standard.
ext3—The name of the primary file system used in most Linux distributions.
extended network prefix—The combination of an IP address’s network ID and subnet information. By interpreting the address’s extended network prefix, a device can determine the subnet to which an address belongs.
extended schema—In NetWare, a set of object classes and attributes that is different from the base schema.
Extensible Authentication Protocol—See EAP.
exterior router—A router that directs data between nodes outside a given autonomous LAN, for example, routers used on the Internet’s backbone.
external disk drive—A storage device that can be attached temporarily to a computer.
external network number—Another term for the network address portion of an IPX/SPX address.
extranet—A network that uses browser-based services to exchange information within an organization and with certain, authorized users outside of that organization.
fading—A change in a wireless signal’s strength as a result of some of the electromagnetic energy being scattered, reflected, or diffracted after being issued by the transmitter.
fail-over—The capability for one component (such as a NIC or server) to assume another component’s responsibilities without manual intervention.
Glossary 779
failure—A deviation from a specified level of system performance for a given period of time. A failure occurs when something doesn’t work as promised or as planned.
Fast Ethernet—A type of Ethernet network that is capable of 100-Mbps throughput. 100BASE-T and 100BASE-FX are both examples of Fast Ethernet.
FAT (file allocation table)—The original PC file system designed in the 1970s to support floppy disks and, later, hard disks. FAT is inadequate for most server operating systems because of its partition size limitations, naming limitations, and fragmentation and speed issues.
FAT16 (16-bit file allocation table)—A file system designed for use with early DOSand Windowsbased computers that allocates file system space in 16-bit units. Compared to FAT32, FAT16 is less desirable because of its partition size, file naming, fragmentation, speed, and security limitations.
FAT32 (32-bit file allocation table)—An enhanced version of FAT that accommodates the use of long filenames and smaller allocation units on a disk. FAT32 makes more efficient use of disk space than the original FAT.
fault—The malfunction of one component of a system. A fault can result in a failure.
fault management—The detection and signaling of device, link, or component faults.
fault tolerance—The capability for a component or system to continue functioning despite damage or malfunction.
FCS (Frame Check Sequence)—The field in a frame responsible for ensuring that data carried by the frame arrives intact. It uses an algorithm, such as CRC, to accomplish this verification.
FDDI (Fiber Distributed Data Interface)—A networking standard originally specified by ANSI in the mid-1980s and later refined by ISO. FDDI uses a dual fiber-optic ring to transmit data at speeds of 100 Mbps. It was commonly used as a backbone technology in the 1980s and early 1990s, but lost favor as Fast Ethernet technologies emerged in the mid-1990s. FDDI provides excellent reliability and security.
feasibility study—A study that determines the costs and benefits of a project and attempts to predict whether the project will result in a favorable outcome (for example, whether it will achieve its goal without imposing excessive cost or time burdens on the organization).
Fedora Core—A popular version of the Linux operating system packaged and distributed by Red Hat, Inc.
ferrule—A short tube within a fiber-optic cable connector that encircles the fiber strand and keeps it properly aligned.
FHSS (frequency hopping spread spectrum)—A wireless signaling technique in which a signal jumps between several different frequencies within a band in a synchronization pattern known to the channel’s receiver and transmitter.
Fiber Distributed Data Interface—See FDDI.
fiber-optic cable—A form of cable that contains one or several glass or plastic fibers in its core. Data is transmitted via pulsing light sent from a laser or light-emitting diode (LED) through the central fiber (or fibers). Fiber-optic cables offer significantly higher throughput than copper-based cables. They may be single-mode or multimode and typically use wave-division multiplexing to carry multiple signals.
780 Glossary
Fibre Channel—A distinct network transmission method that relies on fiber-optic media and its own, proprietary protocol. Fibre Channel is capable of up to 2-Gbps throughput.
file access protocol—A protocol that enables one system to access files on another system.
file allocation table—See FAT.
File and Print Services for NetWare—The Microsoft application that, when installed on a Windows Server 2003 server, makes the server’s file and print resources appear to NetWare-attached clients as NetWare directory resources. File and Print Services for NetWare is part of the Microsoft Windows Services for NetWare software package.
file globbing—A form of filename substitution, similar to the use of wildcards in Windows and DOS.
file server—A specialized server that enables clients to share applications and data across the network.
file services—The functions of a file server that allow users to share data files, applications, and storage areas.
file system—An operating system’s method of organizing, managing, and accessing its files through logical structures and software routines.
File Transfer Protocol—See FTP.
file-infected virus—A virus that attaches itself to executable files. When the infected executable file runs, the virus copies itself to memory. Later, the virus attaches itself to other executable files.
filtering database—A collection of data created and used by a bridge that correlates the MAC addresses of connected workstations with their locations. A filtering database is also known as a forwarding table.
firewall—A device (either a router or a computer running special software) that selectively filters or blocks traffic between networks. Firewalls are commonly used to improve data security.
FireWire—A peripheral bus standard developed by Apple Computer and codified by the IEEE as the IEEE 1394 standard. Traditional FireWire connections support a maximum throughput of 400 Mbps, but a newer version supports potential throughput rates of over 3 Gbps. In addition to connecting peripherals, FireWire can be used to network computers directly in a bus fashion.
firmware—A combination of hardware and software. The hardware component of firmware is a ROM (read-only memory) chip that stores data established at the factory and possibly changed by configuration programs that can write to ROM.
fixed—A type of wireless system in which the locations of the transmitter and receiver are static. In a fixed connection, the transmitting antenna focuses its energy directly toward the receiving antenna. This results in a point-to-point link.
flashing—A security attack in which an Internet user sends commands to another Internet user’s machine that cause the screen to fill with garbage characters. A flashing attack causes the user to terminate her session.
flavor—The term used to refer to the different implementations of a particular UNIX-type of system. For example, different flavors of Linux include Red Hat’s Fedora Core, SUSE, and Mandrake.
flow control—A method of gauging the appropriate rate of data transmission based on how fast the recipient can accept data.
Glossary 781
FM (frequency modulation)—A method of data modulation in which the frequency of the carrier signal is modified by the application of the data signal.
forest—In the context of Windows Server 2003, a collection of domain trees that use different namespaces. A forest allows for trust relationships to be established between trees.
Format Prefix—A variable-length field at the beginning of an IPv6 address that indicates what type of address it is (for example, unicast, anycast, or multicast).
forwarding table—See filtering database.
fox and hound—Another term for the combination of devices known as a tone generator and a tone locator. The tone locator is considered the hound because it follows the tone generator (the fox).
fractional T1—An arrangement that allows a customer to lease only some of the channels on a T1 line.
fragmentation—A Network layer service that subdivides segments it receives from the Transport layer into smaller packets.
frame—A package for data that includes not only the raw data, or “payload,” but also the sender’s and recipient’s addressing and control information. Frames are generated at the Data Link layer of the OSI Model and are issued to the network at the Physical layer.
Frame Check Sequence—See FCS.
Frame Relay—A digital, packet-switched WAN technology whose protocols operate at the Data Link layer. The name is derived from the fact that data is separated into frames, which are then relayed from one node to another without any verification or processing. Frame Relay offers throughputs between 64 Kbps and 45 Mbps. A Frame Relay customer chooses the amount of bandwidth he requires and pays for only that amount.
freely distributable software—See open source software.
frequency—The number of times that a signal’s amplitude changes over a fixed period of time, expressed in cycles per second, or hertz (Hz).
frequency hopping spread spectrum—See FHSS.
frequency modulation—See FM.
FTP (File Transfer Protocol)—An Application layer protocol used to send and receive files via TCP/IP.
F-Type connector—A connector used to terminate coaxial cable used for transmitting television and broadband cable signals.
full backup—A backup in which all data on all servers is copied to a storage medium, regardless of whether the data is new or changed. A full backup unchecks the archive bit on files it has backed up.
full mesh WAN—A version of the mesh topology WAN in which every site is directly connected to every other site. Full mesh WANs are the most fault-tolerant type of WAN.
full-duplex—A type of transmission in which signals may travel in both directions over a medium simultaneously. May also be called, simply, “duplex.”
Gantt chart—A popular method of depicting when projects begin and end along a horizontal timeline.