By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
1-phase power: Designed for moderate power requirements, this type of AC power is normally used in households. 1U: Unit of height measurement for racks and rack-mounted equipment. 1U equals 1-3/4 inch. 3G: Third-generation wireless telecommunications network. 3-phase power: Designed for demanding power requirements, this type of AC power is normally used in industrial environments and data centers. 4G: Fourth-generation wireless telecommunications network; speeds are faster than 3G, and it supports more broadband applications. 6to4: An IPv6 transition technology that allows IPv6 traffic over the IPv4 Internet. Routers on both ends must support IPv6, and each must have an IPv6 address configured on its internal interface. A: Domain Name Service (DNS) record type that resolves fully qualified domain names (FQDNs) to IPv4 addresses. AAAA: DNS record type that resolves FQDNs to IPv6 addresses. access control list (ACL): A list of entities such as users and groups that are granted or denied permission to access a resource such as a file. access control vestibule: See mantrap. Active Directory Domain Services (AD DS): Microsoft’s Lightweight Directory Access Protocol (LDAP)–compliant network database containing objects such as users, groups, and computers. The database is replicated between domain controller servers and is used for authentication, centralized Group Policy settings, and storage of some network application configurations including Domain Name System (DNS) and activation keys. Active Directory Federation Services (ADFS): Microsoft’s Identify Federation solution used for web Single Sign-On (SSO). ADFS can be configured with user and device claim types that are consumed by trusting applications. Claims are digitally signed by ADFS using a private key; trusting applications verify the signature with the related public key. Advanced Encryption Standard (AES): A symmetric block cipher available in 128-bit, 192-bit, and 256-bit cipher strengths. It supersedes the Data Encryption Standard (DES). Advanced Intelligent Tape (AIT): A magnetic tape storage medium used with tape backup and archiving systems. Advanced RISC Machine (ARM): A 32-bit and 64-bit multicore processor type used in small computing devices such as smartphones. air-gapped network: A type of network that does not have a connection to the Internet either wirelessly or using a wired connection. This isolated network can be used for testing purposes or highly sensitive networks. alternating current (AC): A type of power that uses small variations in voltage and current; it is available from power outlets and consumed by power supplies. AMD Virtualization (AMD-V): AMD’s virtualization firmware support that is required by some Type 1 and Type 2 hypervisors. anycast: Similar to multicasting, this IPv6 transmission method attempts to find the nearest receiver of a multicast group. application server: A server configured to serve a specific business need beyond core functionality, such as a generic file server or database server. asynchronous replication: A data replication method in which a delay occurs after the initial data write before the secondary write takes place. Automatic Private IP Address (APIPA): A self-assigned unique LAN IPv4 address that Windows devices use when the Dynamic Host Configuration Protocol (DHCP) server is unreachable. APIPA devices can communicate only with other APIPA devices on the LAN. autoscaling: An IT service configuration, normally for load balancing, that can add virtual machines (scaling out) or remove virtual machines (scaling in) based on a schedule or metric threshold configuration. bare metal: A term used to describe installation or disaster recovery scenarios in which a computer system has no operating system installed. baseboard management controller (BMC): An interface between server management tools and the physical server hardware being managed. The BMC also monitors the state of servers and is often used with blade servers. battery-backed write caching: Used with disk array controllers upon restart for data not yet written to disk. Because it is cached (it is not lost during a power cycle), data gets written to disk. binary: Numeric system consisting of 0’s and 1’s. biometric authentication: Uses a personal identifying characteristic for proof of identity, such as a fingerprint or retinal scan. BIOS: Basic input-output system; the firmware instructions embedded on a motherboard that provide basic hardware functionality including the initial power on self test (POST) sequence when the machine is powered on. BitLocker: Microsoft’s disk volume encryption tool. Although it can be used without the Trusted Platform Module (TPM), it is designed to use TPM functionality. blade enclosure: Blade servers (essentially server motherboards) are placed into a blade enclosure, which is mounted into a rack. Since each blade does not have its own cooling, networking, and power, this is supplied through the enclosure. blade server: A thin server that is placed into a blade enclosure that provides cooling, networking, and power. Blade servers increase server density in data centers compared to rack-mounted and tower servers. botnet: A group of infected computers under centralized malicious user control. The malicious user can provide instructions for the group of computers, much like an army general ordering soldiers to attack an adversary. bring your own device (BYOD): A policy that enables people to bring their own personal computing devices into a business environment. In corporate environments using mobile devices, the company often exercises control over business apps, settings, and data on the device in a separate logical device partition that can be selectively wiped, while leaving personal apps, settings, and data intact. British thermal units (BTUs): A standard way to measure the heat output of computing equipment, which can be used to determine cooling requirements from the HVAC system. broadcast: A transmission received by all network nodes on the LAN. Network broadcasts can apply at the hardware or software level. Routers do not forward broadcasts by default. buffer overflow: An exploit that provides more data than the programmer intended in memory, which can lead to remote escalation attacks. Secure coding practices can prevent this from happening. bus width: Buses are sets of conductors that carry data (bits) around the computer, and a computer consists of various buses. The bus width, or size, is commonly 32 or 64 bits. business continuity plan (BCP): Proactive planning that ensures that business operations continue when negative incidents occur; the plan is not as detailed or specific as a disaster recovery plan. business impact analysis (BIA): Identifies the degree and scope of impact on a business when negative incidents occur. The BIA enables easier prioritization of assets that require protection from threats. cable management arm: In equipment racks, a folding arm that holds cables. When rack equipment is slid out on rack rails, the arm extends to provide longer cable lengths. cache: A small amount of high-speed memory used to fetch recent instructions or data. CAT3: Category 3 copper-wire network cabling that is designed to support up to 10 Mbps. CAT5: Category 5 copper-wire network cabling that is designed to support up to 100 Mbps; also called 100Base-T or Fast Ethernet. CAT5e: Category 5 copper-wire network cabling that is designed to support up to 1000 Mbps (1 Gbps); also called 1000Base-T or Gigabit Ethernet. CAT6: Category 6 copper-wire network cabling that is designed to support up to 10 Gbps. It is more resistant to interference than CAT5 and has more twists per foot in the cable. Also called 10GBase-T. Longer cable distances (approximately 60 to 100 meters) can be run at 1 Gbps. CAT7: Category 7 copper-wire network cabling that is designed to support up to 10 Gbps; uses individual wire pair shielding, which makes it useful in environments with high electromagnetic interference (EMI). central processing unit (CPU): A microprocessor chip on a motherboard that carries out instructions within the system. Modern CPU chips consist of multiple logical CPU cores within a single physical chip. certificate authority (CA): Issuer of digital security certificates in a Public Key Infrastructure (PKI). Companies can create their own CAs or use certificates issued from trusted third-party CAs. checkpoint: Also called a snapshot, a checkpoint takes a point-in-time picture of virtual machine settings and data disks. This can also refer to disk volume snapshots, which copy only disk blocks changed since the previous snapshot. cipher: An algorithm used for encryption, decryption, or hashing mathematical operations. Classless Inter-Domain Routing (CIDR): A shorthand way of referring to the number of bits in a network mask. For example, /24 can be used to represent 255.255.255.0. clock multiplier: Defines a relationship between the external CPU bus speed (MHz) versus the internal CPU speed (GHz). cloud: Pooled computing resources that can be self-provisioned rapidly, usually over the Internet. IT resource usage is metered so that consumers pay for only what they use. Cloud computing resources must be available from anywhere, at any time, using any type of device. CMOS: Complementary metal oxide semiconductor; battery-powered firmware used to retain hardware settings available in the BIOS. cold aisle: In data centers, cold aisles feed cool air to equipment intake fans to manage airflow for equipment and for cost optimization. cold site: An alternate data center space that can be used in the event of a disaster at the original site. The site has power and communications links but no computing equipment, staff, or data. column access strobe (CAS) latency: A memory characteristic that defines how long it takes for requested memory content to leave the actual memory chip on its way to the bus. Command and Control (C&C, C2): A server under malicious user control that provides instructions to hosts infected with malware. Infected hosts (zombies) or collections of zombies (botnets) periodically contact the C&C server for instructions. Common UNIX Printing System (CUPS): The standard UNIX print server software components. community cloud: A cloud deployment model adhering to the five NIST cloud computing characteristics (on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured service) that provides IT services to groups with the same computing needs, such as government agencies or specific industries. CompactFlash: A small storage card used in devices such as cameras and audio recorders, similar to an SD card. The device determines whether SD cards or CompactFlash storage must be used. See also Secure Digital (SD) card. Complex Instruction Set Computing (CISC): A microprocessor design used in larger non-mobile computing devices such as desktops and servers. This type of chip is designed not for energy efficiency but for performance. confidentiality: Provided by encryption, confidentiality prevents the disclosure of sensitive information to unauthorized users. continuous data protection (CDP): Real-time replication (synchronous) often used for data between data centers. converged network adapter (CNA): Server expansion card that combines Ethernet and Fibre Channel functionalities. CPU cache: High-speed memory used to keep recently executed data or CPU instructions readily available for subsequent use. cross-over cable: Cable used to link two network computing devices directly together, in which receive and transmit wires are reversed on either end. This type of cable can also be required by older network equipment—to link two old Ethernet switches together, for example. crosstalk: Interference caused by electronic signals on adjacent wires. It can be reduced with wire shielding and by twisting wire pairs together a specific amount of times per foot. The more twists per foot, the less crosstalk, which means transmissions at higher frequencies are possible. customer replaceable units (CRUs): Components provided under warranty by a vendor that are installed by the customer. daemon: A background process on a UNIX or Linux system not tied to a user session. Examples include the sshd daemon for remote management and the syslogd daemon for logging. data center: A facility dedicated to housing computing equipment. Special designs enforce security; control HVAC; improve resistance to floods, fire, and earthquakes; and have backup power and communications solutions. Data Collector Set (DCS): A Microsoft Windows Performance Monitor configuration that enables the addition of multiple metrics that can be scheduled to monitor hosts for a period of time; useful for establishing Windows host performance baselines. data deduplication: A storage mechanism designed to save storage space by removing redundant data blocks. data loss prevention (DLP): A solution that prevents sensitive data from leaving the organization or prevents intellectual property from becoming available to unauthorized users. daughter card: An expansion circuit board that gets plugged into a motherboard. Unlike a normal expansion card, daughter cards have direct access to CPU and memory resources. DDR3: Double Data Rate Type 3 memory; a type of dynamic RAM supported by some motherboards. DDR transmits data on the rise and fall of computer clock signals. DDR4: Double Data Rate Type 4 memory; a type of dynamic RAM supported by some motherboards where speeds are faster than DDR3. DDR transmits data on the rise and fall of computer clock signals. deep packet inspection: Ability to access data beyond packet header fields for application-specific data. Packet payloads can be examined, often for the purposes of security or performance. Also called OSI Layer 7 inspection. default gateway: The IP address of a router interface on the LAN, which is used by nodes to transmit data to remote networks. demilitarized zone (DMZ): A network whose hosts are exposed to the Internet with controlled access to an internal network. Services that must be reached from the Internet such as virtual private networks (VPNs) and public web sites should be placed in the DMZ. An alternative is to use a reverse proxy in the DMZ that listens for requests and forwards them to the actual servers located on a protected internal network. Also called a screened subnet. denial-of-service (DoS) attack: An attack that prevents the legitimate use of a computing resource—for example, by flooding a host with specially crafted packets to cause the host to crash. Desired State Configuration (DSC): A Microsoft PowerShell method of centrally configuring and hardening Windows and Linux hosts. differential backup: A backup method in which changed items since the last full or differential backup are copied. The archive bit is not cleared with this type of backup. Digital Linear Tape (DLT): The industry standard for tape backup media, DLT is often used for long-term archiving. DLT cartridges should be placed in protective cases to ensure long-term data storage. digital rights management (DRM): A solution that ensures that only valid subscribers have access to protected intellectual properties such as movies, music, games, and so on. digital signature: A unique value generated by a private key along with data such as an e-mail message. The signature is verified on the receiving end with the mathematically related public key and can be used to assure the recipient that the sender is who they say they are and that the transmission has not been tampered with. direct-attached storage (DAS): Local storage available to a server. If the server does not have to communicate with storage over some kind of network, it is DAS. direct current (DC): As opposed to alternating current (AC) from power outlets, DC provides a consistent voltage and amperage to sensitive digital components. Batteries and power supplies provide DC. disaster recovery (DR) plan: A plan that is specific to an IT system that includes a step-by-step procedure for recovering an IT system as quickly and efficiently as possible after a disaster occurs. discretionary access control list (DACL): A file system permissions model whereby the data custodian sets file system permissions in accordance with policies set by the data owner. disk mirroring: Also called RAID 1, data written to one disk is also written to a second disk in case the first disk fails. With RAID 1, 50 percent of the storage capacity is usable, and it is considered a fault-tolerant disk solution. disk scrubbing: A method of removing data from a disk to ensure that data remnants cannot be resurrected and data reconstructed. This method normally uses multiple passes to write useless random data to the hard disk. disk striping: Also called RAID 0, this distributes written data across multiple disks with the result being improved performance. Other RAID variations use different forms of striping along with parity, or recovery information, to gain the additional benefit of fault tolerance; an example of this is RAID 5. distributed denial-of-service (DDoS): Very similar to a DoS, this attack prevents the legitimate use of a computing resource. For example, flooding a host with specially crafted packets could cause the host to crash, but what makes a DDoS attack different from a DoS attack is that multiple hosts under malicious user control are involved in executing the attack against the victim host or network. DNS forward lookup: The most common type of lookup. Queries for the IP address given a fully qualified domain name (FQDN) (such as www.fakesite.com) are received by the DNS server, and the IP address is returned to the query originator. DNS reverse lookup: Queries a reverse zone for a FQDN given the IP address, and the FQDN is returned to the query originator. domain controller (DC): A Windows server that holds a replica of the Active Directory database. The server is discovered in Domain Name Service (DNS) through service location records and performs authentication and replication with other domain controllers, and it provides Group Policy settings. Domain Name Service (DNS): A network service that listens on UDP port 53 for client queries. A forward DNS lookup is the most common type of query, in which the client has a FQDN but needs the corresponding IP address. Multiple DNS servers can be used for high availability and better performance. Microsoft Active Directory requires DNS. double data rate (DDR): A feature of memory chips in which data is transmitted on the rise and fall of a timing signal. Dual Inline Memory Module (DIMM): A common type of memory circuit board with multiple memory chips that plug into sockets on a motherboard. DIMMs can have 168, 184, or 240 pins. Dynamic Access Control (DAC): A feature that enables administrators to grant permissions to a resource if certain conditions are met. Conditions can be expression-based, such as “full-time employees only,” or “users must be members of two specific groups and be based in Chicago,” for example, as opposed to users simply being members of a group and thus receiving group permissions. Dynamic Host Configuration Protocol (DHCP): A network management protocol in which centralized IPv4 and IPv6 settings are deployed to DHCP clients. Clients initially discover DHCP servers using software broadcasts that cannot traverse routers, in which case a DHCP relay agent would be required. dynamic random access memory (DRAM): A classification for memory that requires constant electricity to retain data stored in memory cells. This is the most common type of main system memory. Edison plug: A type of electrical plug that is standard in American households and is more rounded than NEMA (National Electrical Manufacturers Association) plugs, but like NEMA, it has three prongs. electromagnetic interference (EMI): Also called radiofrequency interference. Some equipment, or even adjacent wires within a cable, can emit this electrical noise, which can interfere with other electronic transmissions in close proximity. electrostatic discharge (ESD): Differences in electrical potential between two items result in electrons flowing to the lesser charge in an attempt to equalize voltage. This exchange can damage sensitive electronic circuits and can be reduced with ESD wrist straps or ESD mats. Encrypting File System (EFS): Microsoft file and folder encryption. Unlike BitLocker, EFS does not rely on Trusted Platform Module (TPM). EFS decryption is dependent upon the user being successfully authenticated. BitLocker disk volume encryption is in no way related to user accounts. encryption: Scrambling of data using a mathematical algorithm with a key to change plaintext into cipher text (encrypted data). Encryption ensures that only authorized users (those with the decryption key) can access private data. error correcting code (ECC): A type of memory chip often used in servers that can detect and also correct certain types of data corruption errors in memory. Ethernet switch: A network device with multiple physical ports where network nodes such as servers, desktops, and routers can be plugged in. Multiple switches can be linked together with a straight-through cable, although older switches may require a cross-over cable. Layer 3 switches add routing capabilities. Most switches are manageable over the network using Telnet, SSH, HTTP, or HTTPS. exabyte: One quintillion, or 1018, bytes. execute disable (XD): A CPU option that, when enabled, flags specific areas of memory where data can reside and code cannot execute. EXT3: The Extended File System, a UNIX and Linux file system. This journaled file system is used with many Linux distributions. EXT4: A journaled UNIX and Linux file system. Compared to EXT3, EXT4 supports larger files and file system sizes, and journaling can be disabled. Extended File Allocation Table (exFAT): A Microsoft file system often used with Secure Digital (SD) cards and USB flash drives. External SATA (eSATA): Similar to SATA, except that the interface connector is external to the device; some devices have a built-in eSATA port. See also Serial AT Attachment (SATA). failover cluster: Two or more servers that offer the same IT service to maintain constant communication. When a cluster node fails, users are redirected to a remaining node that offers the same network service. fiber-optic cable: A type of cable that transmits pulses of light rather than electrical signals through tiny glass or plastic tubes. Signals can travel much farther on fiber-optic cable than copper wires before degrading, and additional security is provided because it is difficult to wiretap fiber-optic cables. Single-mode fiber (SMF) is often used for longer distances; multi-mode fiber (MMF) is used for shorter distances. See also multi-mode fiber (MMF) and single-mode fiber (SMF). Fibre Channel (FC): Enterprise-class, high-speed network connecting servers to storage. FC uses special equipment such as FC host bus adapter cards in servers and FC switches, to name a few. FC does not require the use of fiber-optic cables, although this is common. Fibre Channel host bus adapter (FC HBA): Servers that access storage over a Fibre Channel storage network require at least one FC HBA. Multiple FC HBAs enable multiple paths from the server to network storage and provide fault tolerance. Fibre Channel over Ethernet (FCoE): A standard designed to place disk commands into Ethernet frames as opposed to using higher level IP packets, which introduce more overhead. Special equipment is required. field replaceable units (FRUs): A computer component that can be quickly and easily removed from a computer or other piece of electronic equipment and replaced by the user or a technician without having to send the entire product or system to a repair facility. Certified technicians follow proper procedures when replacing failed components such as Fibre Channel HBAs or motherboards. File Allocation Table 32 (FAT32): A Microsoft file system from the 1990s. Although rarely used for hard disks, it is still used occasionally for smaller USB flash drives. file encryption key (FEK): A bulk encryption key used with Microsoft EFS. User private keys (after successful authentication) are used to decrypt the FEK, which is then used to decrypt EFS-encrypted files or folders. file integrity: See hashing. File Transfer Protocol (FTP): A network protocol used to transfer files between servers and clients on a network. FTP servers normally listen on TCP ports 20 and 21. firewall: A hardware or software solution that controls network traffic into or out of an individual host or an entire network. firmware: Software stored in a chip. form factor: An aspect that defines the physical size and shape of a component. front side bus (FSB): A communications interface that carries data between the CPU and the northbridge. FTPS (FTP Secure): An extension of FTP that supports the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. full backup: A backup in which all selected files and folders are backed up. The archive bit is normally cleared. full-duplex: Transmission of data in two directions; information can be sent and received simultaneously. full wipe: All information on the system is completely deleted. fully qualified domain name (FQDN): The complete domain name of a specific computer/host on the Internet, such as www.mheducation.com. geofencing: A virtual barrier of geographic boundaries created by a feature in a program using GPS. This is often used to control mobile device apps or web sites. gigabit (Gb): A unit of digital information equivalent to 125 megabytes. gigabyte (GB): A unit of digital information equivalent to about 1 billion bytes, or 1000 megabytes. grandfather-father-son (GFS): A backup rotation method that uses three backup sets such as daily, weekly, and monthly, where each tape gets rotated on a schedule. You could use quarters and years as backup cycles for even longer term archiving. graphics processing unit (GPU): A specialized processor designed to handle computationally intensive graphic operations, thereby freeing up the CPU(s) in the server to process other instructions. Group Policy: A Windows feature that defines user, security, and network policies. Group Policy can be configured locally on a single host or centrally through Group Policy Objects (GPOs). Group Policy Object (GPO): An Active Directory object that contains specific policy settings for defined groups of users or computers. guest: A virtualized OS running on a hypervisor host. GUID Partition Table (GPT): A layout of the partition table on a storage device such as a hard disk drive or a solid-state drive that uses globally unique identifiers (GUIDs). GPT provides up to 128 disk partitions compared to the master boot record (MBR) maximum of 4. half-duplex: A system in which information can be both sent and received, but not at the same time. hard disk drive (HDD): A magnetic data storage device that stores information on rigid, rotating platters. hardening: Securing a system by reducing its attack surface, usually by removing unneeded services or programs and applying patches. hardware compatibility list (HCL): A list of hardware that is compatible with a specific operating system. hashing: A process in which mathematical algorithms are used with data to result in a unique value, or hash. Hashing can be done on a file or transmission at a future time to detect whether the file or transmission was modified since the last hash. Modifications result in a different hash. Health Insurance Portability and Accountability Act (HIPAA): A piece of legislation passed in the United States in 1996. Title II of this legislation deals with how digital healthcare/patient information should be stored, as well as privacy and security rules regarding this digital information. heating, ventilation, air conditioning (HVAC): A system that provides comfort and acceptable air quality indoors and in vehicles, including heat, ventilation, and air conditioning, as well as humidity control. This is especially critical in data centers that house hundreds or thousands of computing devices. hexadecimal: A numerical system made up of 16 symbols (base 16) from 0 to 9, A to F, where A = 10 and F = 15. high availability: Continuous access to data or IT systems. Disk mirroring, backups, and failover clustering provide high availability. host: The software that is installed on a system that interfaces with the underlying hardware directly. This term is often used to refer to a virtualization server. host bus adapter (HBA): A circuit board that connects a host to other storage and network devices. host intrusion detection system (HIDS): A system that monitors a computer system, logs suspicious activity, and alerts administrators. A HIDS must be tweaked for a specific environment and can be configured against a baseline of normal activity. host intrusion prevention system (HIPS): A system that monitors a computer system, logs suspicious activity, and alerts administrators, but it also has the ability to stop the activity from continuing. A HIPS must be tweaked for a specific environment and can be configured against a baseline of normal activity. HOSTS file: A file on network devices used to map hostnames to IP addresses. The HOSTS file is checked before DNS servers. hot aisle: A row in a data center in which the exhaust fans of server racks are facing one another. Cool air from the cold aisle is supplied to equipment intake fans. The goal is to keep equipment cool and energy costs down. hot site: A duplicate of an original network equipment site that would enable a business to continue computer and network operations during a disaster. Power, communications equipment, software, data, and staff are ready to go. This relies on data replication from the original site to the hot site. hot spare: An extra component that can be used immediately when a primary component fails. human interface device (HID): A computer device that interfaces directly and takes input from people, such as a stylus, mouse, or keyboard. hybrid cloud: A cloud deployment model that combines public and private clouds. See also private cloud and public cloud. Hypertext Markup Language (HTML): A set of markup tags that are used to create web documents. Hypertext Transfer Protocol (HTTP): An application protocol for distributed information systems. Web servers use HTTP to deliver HTML content to web browsers and normally listen on TCP port 80 or 443 for secured connections. Hypertext Transfer Protocol Secure (HTTPS): HTTP communication that is encrypted with Transport Later Security (TLS) or Secure Sockets Layer (SSL), which requires the web server to be configured with a Public Key Infrastructure (PKI) certificate. The server normally listens on TCP port 443 for this type of connection. hypervisor: A program that enables multiple guest operating systems running in virtual machines to share the resources of a single host. Type 1 hypervisors interact directly with underlying hardware, whereas Type 2 hypervisors require an existing operating system and do not interact directly with hardware. identity federation: A centralized and trusted identity store. Apps don’t have to handle authentication themselves; instead, they consume trusted security tokens from the identity provider (IDp). identity provider (IDp): A centralized and trusted identity store that digitally signs authorization tokens after successful authentication. These tokens are then consumed by apps configured to trust the IDp. IEEE 802.1X: An Institute of Electrical and Electronics Engineers (IEEE) standard that defines port-based network access control, which controls device access to a network. Wireless access points, network switches, and VPN devices are examples of devices that can be 802.1X-compliant. incremental backup: A backup of files that have changed since the last full or incremental backup. This type of backup clears the archive bit and takes the least amount of time to back up but the most amount of time to restore. Information Technology Infrastructure Library (ITIL): A service management and delivery methodology that strives for the continuous improvement and efficiency of provided IT services. Infrastructure as a Service (IaaS): A cloud service model in which providers offer infrastructure such as virtual machines and storage as a self-provisioned service to subscribers. Subscribers can rapidly provision and deprovision these services and pay for only what they use. input/output operations per second (IOPS): A unit of measurement for the maximum number of reads and writes a storage device can perform per second. Integrated Dell Remote Access Controller (iDRAC): A platform designed to enable administrators to connect to remote servers at the hardware level, even using a friendly web browser interface. This requires an additional IP configuration because the server OS does not have to be running. Integrated Lights Out (ILO) management: A technology from Hewlett-Packard that offers secure remote management capabilities, as well as server monitoring and alerting capabilities. Intel Virtualization Technology (Intel VT): Intel’s hardware virtualization support required by some hypervisors. Intelligent Platform Management Interface (IPMI): A remote server management solution commonly used with various vendors’ blade enclosures. IPMI also provides server monitoring and inventory functionality. Internet Control Message Protocol (ICMP): A protocol of the TCP/IP suite used to check for network connectivity issues. Tools such as ping and tracert use ICMP. Internet Message Access Protocol (IMAP): An e-mail protocol that stores e-mails while also enabling the end user to view and change the e-mails from multiple devices. IMAP normally listens on TCP port 143 or 993 if enabled for Secure Sockets Layer (SSL) or Transport Layer Security (TLS). Internet Protocol (IP): The primary communications protocol for relaying datagrams between networks. This protocol maps to Layer 3 (the network layer) of the OSI model. Intra-Site Automatic Tunnel Addressing Protocol (ISATAP): Allows IPv6 traffic on an internal IPv4 network. The IPv4 address is embedded within the IPv6 address. intrusion detection system (IDS): A device or program that monitors a network or system for security violations or malicious activity. intrusion prevention system (IPS): A device or program that monitors network traffic for security violations or malicious activity and can prevent the activity from continuing. IPSec (IP Security): Network security that works with IPv4 and IPv6; it enables encryption and authentication of network packets without application-specific configurations. IPv4: The fourth revision of the Internet Protocol. Still used by the majority of networks today, although all free addresses have been exhausted. IPv4 uses a 32-bit address space where addresses are expressed in decimal form, such as 192.168.1.1. IPv6: The sixth revision of the Internet Protocol. Gaining traction, it is a 128-bit address space where addresses are expressed in hexadecimal form, such as 2000:1:234::1. iSCSI (Internet Small Computer Systems Interface): iSCSI disk commands are placed into IP packets; this enables servers to connect to network storage using standard network equipment. iSCSI initiators consume disk space over the network from iSCSI targets. Kerberos: A network authentication protocol that uses tickets to identify computers over a nonsecure network; used by Active Directory. key management service (KMS): A Microsoft Windows server that issues and tracks licenses for an entire site. keyboard, video, mouse (KVM): A switch used to connect a single keyboard, video, and mouse to multiple servers. Newer solutions enable KVM over IP. kilobyte (KB): A unit of digital information equivalent to about 1000 bytes. kilowatt (kW): A unit of electrical power that equals 1000 watts, often used for UPS power ratings, although sometimes the rating is in volt-amperes (VA). L1 cache: Level 1 cache, the fastest cache available to the CPU. Located on the CPU die. L2 cache: Level 2 cache, the next fastest cache available to the CPU after L1 cache. Located on the CPU die. L3 cache: Level 3 cache, the next fastest cache available to the CPU after L2 cache. Located on the CPU die. large form factor (LFF): A 3-1/2-inch hard disk drive. See also small form factor (SFF). Layer 2 Tunneling Protocol with IP Security (L2TP/IPSec): A VPN solution in which IPSec encrypts data using a variety of sources for keys, including a symmetric key, PKI certificates, Kerberos, and so on. lights-out management (LOM): The use of a dedicated management channel that enables administrators to monitor servers even when they are powered off. Lightweight Directory Access Protocol (LDAP): A protocol for using and maintaining a distributed directory information service over a network. Microsoft Active Directory is LDAP-compliant. Linear Tape-Open (LTO): Magnetic storage media that uses the Linear Tape File System (LTFS). Linux: A UNIX-like operating system that was created and is maintained under the free and open-source software development and distribution model. logical unit number (LUN): A number that identifies available storage on a storage area network (SAN). LT connector: Fiber-optic snap-in connector commonly used with single-mode fiber. mail exchanger (MX) record: A resource record in DNS that specifies a mail server responsible for a specific domain. main distribution frame (MDF): Cable racks that organize data cabling from intermediary distribution frames (IDFs), which organize cables plugged into equipment. malware: Malicious software such as a virus, worm, and spyware. management information base (MIB): A database of configuration settings and statistics present on most network devices; queries from a Simple Network Management Protocol (SNMP) management console. mandatory access control (MAC): A permissions model whereby the operating system determines resource access based on configured policies. Operating systems such as Security Enhanced Linux (SELinux) support this access control model. mantrap: A room with two sets of interlocking doors; the first set of doors must be closed and locked before the second set will open to allow a person through. master boot record (MBR): A type of boot sector at the beginning of PC partitioned storage devices. media access control (MAC) address: A unique 48-bit hexadecimal address assigned to a network interface either by the vendor or through software. megabit (Mb): A unit of digital information equivalent to 125 kilobytes. megabyte (MB): A unit of digital information equivalent to about 1 million bytes, or 1000 kilobytes. midplane: A printed circuit board (PCB) with server blades that connect on one side (the front) and other components are accessible on the other side (the back). mobile device management (MDM): The administration of mobiles devices, such as tablets or smartphones, using a centralized tool. multicast: A method of sending IP datagrams to all interested listeners in a single transmission. Interested listeners must be registered with the multicast group address to receive transmissions. multifactor authentication (MFA): A method of computer access authentication that relies on at least two of the following: something you know, something you have, and something you are. multihoming: A host with two or more network interfaces. multi-mode fiber (MMF): A type of optical fiber used to communicate over short distances. most recently used (MRU): A computing technique used in many different ways, in which a previously used path or memory address is consulted first before trying other options. MRU can also refer to keeping recent instructions or data in memory, but removing the oldest entries to free up memory space for current instructions or data. Nano Server: A version of Microsoft Windows Server with a small footprint that is optimized for remote access and cloud services. near-field communication (NFC): A set of protocols that enables two devices to communicate when within approximately 4 centimeters (about 2 inches) of each other. NEMA connector: The standard two-prong (or three-prong with ground) electrical plug used in North America. network address translation (NAT): A way of remapping one IP address space into another. The most common use is to enable internal hosts to gain Internet access where the source IP address for outgoing transmissions is translated to the NAT router’s public interface IP address. Network File System (NFS): A UNIX file sharing protocol that enables a computer to access files over a network. network interface card (NIC): A device that connects a computing device to a network. NICs have unique hardware, or Media Access Control (MAC), addresses. network intrusion detection (NID) system: A system that is placed in a network to monitor network traffic for attacks. network intrusion prevention (NIP) system: A system used to detect and prevent exploits or attacks on networks. network load balancing (NLB): A process that takes inbound traffic for a network service and distributes it to the least busy and running back-end server hosting the service. With NLB, the end user experiences better performance when accessing the network service in busy environments. Network Time Protocol (NTP): A protocol for clock synchronization between computers on a network over UDP port 123. NIC balancing: See NIC teaming. NIC bonding: See NIC teaming. NIC teaming: Combining multiple network cards for redundancy or performance. northbridge: Also known as a host bridge; communicates with the CPU directly through the front-side bus. This chipset connects the southbridge and other performance-sensitive components of the motherboard to the CPU. NTFS (New Technology File System): The file system that Windows NT operating systems use to store files on a storage device. NTFS supports auditing, compression, local file system permissions, encryption, and disk space quotas. one-time password (OTP): A unique numeric value used for a single authentication session; often used as an additional authentication factor. Open Shortest Path First (OSPF): A router protocol that finds the best path for packets as they pass through a series of connected networks. Open Systems Interconnection (OSI) model: An effort to standardize computer networking, as with the seven-layer OSI model. optical time domain reflectometer (OTDR): A device used to certify the performance of fiber-optic links. out-of-band management: The use of a dedicated channel for managing devices outside of normal communication methods. Payment Card Industry Data Security Standard (PCI DSS): A proprietary global security standard for companies that handle cardholder information. PCI Express (PCIe): The serial transmission–based PCI Express standard that supersedes both PCI and PCI eXtended (PCI-X) with more bandwidth, which is especially useful with video, storage, and network cards. The bandwidth will vary depending upon the specific version of PCIe and how many lanes (channel of communication) are used. PCI eXtended (PCI-X): A 64-bit parallel transmission standard that runs at various frequencies (often the case with expansion slots and cards), which influences the data transmission speed. Superseded by PCIe. Peripheral Component Interconnect (PCI): A standard parallel-based bus that is used to attach hardware devices to a computer. physical-to-virtual (P2V): A process by which a software agent running in a physical host operating system is used to re-create the host in a virtualization environment. Platform as a Service (PaaS): A cloud computing service that enables subscribers to run and manage applications without dealing with the difficulties of creating and maintaining the underlying infrastructure; often used by developers to quickly deploy database platforms used by applications. plug-and-play (PnP): A device that can be automatically discovered and used when installed while the computer is still powered on. The BIOS, operating system, and device must all support PnP. Point-to-Point Tunneling Protocol (PPTP): Microsoft’s standard VPN solution that uses Microsoft Point-to-Point Encryption (MPPE) for encryption. Unlike other VPN solutions, limited configuration options for encryption are available. Port Address Translation (PAT): An extension of NAT that enables the mapping of multiple internal IP addresses to a single public IP address. See also network address translation (NAT). port aggregation: A network switch port configuration that groups ports together, often for the purpose of server NIC teaming. Post Office Protocol (POP): A protocol used by e-mail clients to retrieve messages from a server over TCP port 110 or 995 if secured with SSL or TLS. power on self test (POST): A process run by firmware immediately after a computer is powered on, which verifies basic power and hardware functionality. power supply unit (PSU): A computer component that transforms AC power supplied by the power company to lower voltage DC power for internal components. Preboot Execution Environment (PXE): An interface that enables a computer to boot from a server prior to booting the OS; it requires DHCP, a PXE boot server, and a PXE-enabled NIC. principle of least privilege: A policy that states that every user, process, or program is granted access only to resources that are necessary to complete a specific task, and nothing more. printed circuit board (PCB): An insulating sheet of material on which conductive leads of conducting materials are placed to create electric circuits. private branch exchange (PBX): A telephone system used to switch calls between users on local lines while enabling users to share a limited number of external phone lines. With PBX, calls to a single phone number can ring at multiple extensions internally. private cloud: A cloud deployment model adhering to the five NIST cloud computing characteristics (on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured service), where the physical equipment is owned and used by a single organization. PTR record: A record that resolves an IP address to a domain; used for reverse DNS lookups. public cloud: A cloud deployment model adhering to the five NIST cloud computing characteristics (on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured service), which is available to anybody over the Internet. Users must first create an account with the cloud service provider. public key authentication: Authentication that uses a related public key and private key pair instead of the standard username and password. The public key is normally stored on the device (usually a server), while the private key is stored by the user. Public Key Infrastructure (PKI): A hierarchy of security certificates issued by a certificate authority to users, devices, and services. Each certificate contains many items, including a unique public and private key pair, as well as an expiry date. quality of service (QoS): A defined measure of performance used to prioritize different types of network traffic over others. For example, Voice over IP (VoIP) traffic is normally given a higher priority than Simple Mail Transfer Protocol (SMTP) traffic on a network. Quad Small Form-Factor Pluggable (QSFP): A network transceiver with four transmit and receive channels normally used for 100-Gbps fiber-optic networks. rack-mounted server: A server designed to be placed in a rack with other servers and equipment in a server room or data center; takes less space than tower servers. radiofrequency identification (RFID): A way of using radiofrequencies to identify and track tags attached to objects. random access memory (RAM): Computer memory that retains information only when connected to a power source; thus it is considered volatile. Hard disks are considered nonvolatile memory because they retain information even with no power. recovery point objective (RPO): The maximum tolerable amount of data loss normally expressed in time, such as hours. If the RPO is four hours, for example, backups must occur at least every four hours. recovery time objective (RTO): The maximum amount of time that can be tolerated for an IT service to be down before it has a negative impact on the business. Reduced Instruction Set Computer (RISC): A CPU with a simplified instruction set. The few instructions that are available can be executed quickly. Redundant Array of Independent Disks (RAID): A configuration that combines multiple physical disks into a single unit for redundancy and/or performance purposes. RAID can be configured within an operating system or using the more reliable hardware RAID controller solution. There are many RAID levels, and each uses a different disk configuration to achieve fault tolerance and optimal performance. ReiserFS: A journaled file system that is supported on Linux. Remote Authentication Dial-In User Service (RADIUS): A protocol that provides authentication, authorization, and accounting management to users who use a network service. Edge devices such as VPN appliances and wireless access points can be configured to forward authentication requests to a central RADIUS server. Remote Desktop Protocol (RDP): A Microsoft protocol used to provide a GUI to connect to another computer over a network; uses TCP port 3389. Remote Installation Services (RIS): A service that enables computers with PXE to install Microsoft operating systems remotely; superseded by Windows Deployment Services (WDS, or WinDS). Remote Server Administration Tools (RSAT): A Windows Server feature that enables remote management of other computers running the Windows Server OS. Resilient File System (ReFS): A Microsoft file system designed to succeed NTFS eventually. ReFS allows disk volume corruption repair even while the volume is mounted. resizing: The modification of a virtual machine or cloud service to include more or less compute power in terms of virtual CPUs and RAM. reverse proxy: A server that listens for client connections to a target network service such as a web server. The reverse proxy forwards these requests to a different host where the network service actually resides. revolutions per minute (RPM): Used to determine access time and read/write speed of spinning physical media such as CDs, DVDs, and hard disks. RJ-11: A standard connector for twisted-wire pairs that is commonly used in telephony. Also used by modems. RJ-45: A standard connector for twisted-wire pairs that is used in Ethernet networks. rollover cable: A cable used to connect a computer directly to a router’s console port. rotational latency: The amount of time it takes for the desired part of the disk to pass under the read/write heads of a hard disk drive. Routing and Remote Access Service (RRAS): A Microsoft Server service that enables the configuration of routing protocols, NAT, and VPNs. Routing Information Protocol (RIP): A protocol that uses hop counts as a routing metric. Each packet that passes through a router constitutes one hop. RSA token: Used for VPN authentication, this device is synchronized with the VPN device and has a small display showing a numeric value that changes periodically, every 90 seconds, for instance. runaway process: A process that does not respond to the system and enters an infinite loop, consuming resources and causing other resources to be unavailable until some intervention stops the process. Samba: This term stems from Microsoft’s Server Message Block (SMB) protocol; it is an open-source product that provides Windows file and print services on various UNIX and Linux platforms. sandbox: A tightly controlled area and set of resources in which a program can be run without risking harm to the host operating system or computer. Serial Advanced Technology Attachment (SATA): Common hard disk interface that transmits data serially instead of using parallel bit transmission. There are three SATA standards: SATA I, SATA II, and the newest, SATA III, which has a maximum throughput of approximately 6 Gb/s. SC connector: Subscriber connector; a snap-in, fiber-optic cable connector that is somewhat square in shape. scale out: To add more nodes to a system. scale up: To add more resources to a single node. screened subnet: See demilitarized zone (DMZ). Secure Boot: A technology that checks the system boot loader’s cryptographic key against a list of authorized keys that are stored in firmware. Secure Copy Protocol (SCP): A network protocol that uses Secure Shell (SSH) for data transfers between hosts on a network. Secure Digital (SD) card: A small data storage card used in devices such as cameras and audio recorders. Secure File Transfer Protocol (SFTP): FTP over SSH, which provides file access, transfer, and management over a secured connection. Secure Shell (SSH): A network protocol that provides administrators a secure way to access remote systems; uses TCP port 22. Secure Sockets Layer (SSL): An application-specific security technology for providing an encrypted link between a server and a client; requires a PKI certificate for the server. Security as a Service (SECaaS): A business model in which a large service provider integrates its security services with a corporate infrastructure on a subscription basis. security information and event management (SIEM): A centralized repository for logs, audit events, and security device alerts to detect and notify admins of suspicious activity. seek time: The time it takes for a disk drive to access the location of stored data that is to be read. selective wipe: A technique in which application data on mobile devices is removed, or wiped, if access to the data has been revoked, while leaving personal apps, settings, and data untouched. serial-attached SCSI (SAS): A serial protocol that moves data between computer storage devices and tape drives. SAS supersedes older SCSI standards that use parallel transmission. server: A computer designed and configured to be accessed concurrently by multiple users. server core: A minimal server installation of a Windows Server OS that does not include GUI components. Server Message Block (SMB): A protocol implemented in Windows for network file sharing. service level agreement (SLA): A contract between the end user and the service provider that dictates what is expected of both parties. SFP (small form-factor pluggable) connector: A network connector that is most often used with 1-Gbps fiber-optic networks but can be used with copper cable networks. SFP+ is used with 10-Gbps networks. shielded twisted pair (STP): A type of twisted-pair cable with an additional outer covering to protect against outside interference. Simple Mail Transfer Protocol (SMTP): An Internet standard for e-mail transmission between servers; uses TCP port 25 or 465 if secured with SSL or TLS. Simple Network Management Protocol (SNMP): A protocol for collecting and analyzing information about devices and configuring this information to affect the devices’ behaviors over a network. SNMP management tools can access MIBs on devices over UDP port 161. An SNMP agent must be running on network devices. single data rate (SDR) memory: A computer bus that transfers data only once every clock cycle. single-mode fiber (SMF): Optical fiber designed to transmit light over long distances. Single Sign-On (SSO): An authentication process that enables a user to enter a single username/password combination to access multiple applications. small form factor (SFF): A computer form factor designed to reduce the size of a desktop computer; also a smaller hard disk size (2-1/2 inches) than a large form factor (3-1/2 inches) disk. See also large form factor (LFF). snapshot: See checkpoint. Software as a Service (SaaS): A software licensing and delivery model in which the software is hosted at a central location and provided on a subscription basis. solid-state drive (SSD): A storage device that stores data in flash memory, as opposed to storing data on magnetic rotating disk platters. solid-state hybrid drive (SSHD): A combination of hard disk and solid-state technology in the same package. southbridge: The second chip of the chipset on a computer motherboard. It generally handles buses or interfaces that do not need direct access to the CPU or that do not need much bandwidth, such as PCI. ST (straight tip) connector: A fiber-optic connector that is rounded and elongated and commonly used with multi-mode fiber (MMF). start of authority (SOA): A type of DNS record that contains information about a DNS zone such as the serial number, zone refresh interval, and so on. static random access memory (SRAM): A type of volatile memory. Unlike DRAM, the information in memory does not need to be constantly refreshed. It is both faster and more expensive than DRAM and is typically used for CPU cache. storage area network (SAN): A network that provides access to block-level data storage as opposed to servers having their own dedicated local storage. storage tier: Two or more types of storage that are differentiated by various attributes such as frequency of access. Frequently accessed data is often stored on faster media. straight-through cable: The type of cable with the RJ-45 connectors at each end having the same pinout; normally used to connect computing devices to network switches. subnet mask: A mask that is used to determine what subnet an IP address is from. When compared against an IP address, it separates the network portion of the IP address from the host portion. The mask can be expressed in decimal, such as 255.255.0.0, or in CIDR format, such as /16. SuperDLT: A standard for tape backup media that supports larger capacities and transfer rates than DLT. See also Digital Linear Tape (DLT). symmetric multiprocessing (SMP): An architecture in which two or more identical physical processors with centralized memory operate under a single operating system. The motherboard must have multiple CPU sockets. synchronous replication: Occurs when data is written to a primary location and another location without delay. Telnet: A protocol used to access a computer system remotely. Its only form of security is a password that is sent in clear text over the network. Telnet listens on TCP port 23. terabyte (TB): A unit of digital information equivalent to 1 million million (1012) bytes, or 1000 gigabytes. Teredo: A technology that enables IPv6 traffic to pass over the IPv4 Internet through NAT. The Teredo server must reside on the IPv4 Internet. Public Teredo servers and relays are available. Terminal Access Controller Access-Control System (TACACS): A protocol that enables a remote access server to forward a user password to an authentication server. thin provisioning: A technology that enables storage to be configured without knowing the size required. Disk volumes grow over time as needed. time-domain reflectometer (TDR): A device that determines the quality of metallic cables by observing reflected waveforms. top-level domain (TLD): A domain at the highest level of the domain name system of the Internet, such as .com or .uk. tower server: A computer intended to be a server in an upright case that can stand alone. transfer rate: The speed at which data can be transmitted from one device to another. Usually measured in megabits per second (Mbps) or gigabits per second (Gbps). Transmission Control Protocol (TCP): A TCP/IP suite transport protocol that establishes a connection between two hosts before transmitting. TCP requires an acknowledgment from the recipient for every sent packet. Transmission Control Protocol/Internet Protocol (TCP/IP): A suite of protocols that map to different layers of the OSI model. Transport Layer Security (TLS): A cryptographic protocol that provides secure communications over a computer network. TLS supersedes SSL. Trivial File Transfer Protocol (TFTP): A simple version of FTP, used when user authentication is not required, such as with PXE boot. Trusted Platform Module (TPM): A firmware standard for a secure cryptoprocessor that is used to secure hardware by integrating cryptographic keys into devices. unicast: Communication on a network between a single sender and a single receiver. unified extensible firmware interface (UEFI): A replacement for the BIOS. A specification that defines an interface between an OS and the platform’s firmware. uninterruptible power supply (UPS): A device that provides emergency battery power when an input power source fails. The purpose is not to provide long-term power, but rather to provide enough power to enable equipment to shut down properly. unit identification (UID): LED lights on the front and back of a rack-mounted server that blink when the server is being managed remotely or when the UID button is physically pressed on a server. This is useful when technicians must access the back of a rack-mounted server and want to ensure that they are working on the correct server. universal serial bus (USB): A standard serial bus that is used as a connector between computer peripherals and computers. universally unique identifier (UUID): A unique 128-bit firmware identifier used for asset tracking. UNIX: A family of multitasking, multiuser operating systems derived from the original AT&T Unix. unshielded twisted pair (UTP): A type of twisted-pair cable that has no additional protection or shielding against outside interference. User Account Control (UAC): A security feature in versions of Windows from Vista onward. When a program requires administrative privileges, a prompt appears asking whether the user does or does not agree to give the program administrative privileges; this prevents scripts and programs from executing without user consent. User Datagram Protocol (UDP): An alternate transport protocol to TCP that is used for establishing low-latency and loss-tolerant connections, such as online video gaming. Unlike TCP, there is no session establishment or acknowledgment of sent packets. virtual CPU (vCPU): A physical CPU that is assigned to a virtual machine. virtual hard disk (VHD): A file format that contains the disk partitions and file system of a virtual machine. virtual local area network (VLAN): A broadcast domain that is isolated at the data link layer. VLANs are configured within switches and are used to create multiple networks for the purposes of security or network performance. virtual network interface card (vNIC): A NIC used by a virtual machine as its network interface. virtual private network (VPN): A private network that extends over a public network or the Internet using an encrypted tunnel. virtual server: A server operating system running within a virtual machine on a hypervisor. virtualization: The ability to create a virtual version of something, such as an operating system, hard disk, or application. Voice over IP (VoIP): A group of technologies used to deliver voice communications and multimedia sessions over IP networks. volt-ampere (VA): The “apparent power” that is the product of the voltage applied to the equipment multiplied by the current drawn by the equipment. Wake-on-LAN (WoL): A standard that enables a computer to be turned on over a network when it receives a specially formed packet. warm site: An alternate site that is stocked with hardware that can run business operations in the event of a disaster at the original site. To be fully functional, a warm site needs the last backups of the original site, along with personnel. Wi-Fi: A technology that enables computing devices to connect wirelessly using the IEEE 802.11 standard. Wi-Fi Protected Access (WPA): A security protocol used to secure IEEE 802.11 networks. There are two versions: WPA and WPA2. They are the successors of Wired Equivalent Privacy (WEP). Windows: A line of client operating systems developed and supported by Microsoft. Windows Imaging Format (WIM): A file-based disk imaging format developed by Microsoft to help deploy versions of Windows from Vista onward. Windows Internet Name Service (WINS): An implementation of the NetBIOS Name Service by Microsoft that enables computers to map hostnames to IP addresses using a centralized service. Windows Server Update Services (WSUS): A program developed by Microsoft that enables administrators to deploy updates selectively to computers in a corporate environment. Windows System Image Manager (Windows SIM): A tool included with the Windows Assessment and Deployment Kit that aids in creating unattended installation answer files to automate OS deployment. Wired Equivalent Privacy (WEP): A security algorithm for IEEE 802.11 wireless networks that is superseded by WPA and WPA2, which provide better security. World Wide Name (WWN): A unique identifier used in Fibre Channel, ATA, and SAS, as well as other storage technologies. Write Once Read Many (WORM): A data storage device that can be written to only once. X.509: A standard that specifies formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm. XFS: A 64-bit journaling file system created by Silicon Graphics, Inc. (SGI) and used in Linux. zero-day: A vulnerability in a program that is unknown to the vendor. ZFS: A file system and logical volume manager developed by Sun Microsystems and used by Solaris, OpenSolaris, and FreeBSD, among others. zombie net: See botnet. zone transfer: The process of DNS servers replicating DNS zone records using TCP port 53. Microsoft Active Directory–integrated zones replicate with Active Directory and do not use zone transfers.
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.