Acronyms 3

verickle's version from 2016-11-16 23:43

Chapter 11

Question Answer Column 3
NMSNetwork Management Systema set of hardware and/or software tools that allow an IT professional to supervise the individual components of a network within a larger network management framework
SNMPSimple Network Management Protocola popular protocol for network management
BERBit Error RateBit errors / Bits transmitted
BERTBit Error Rate Testercontains both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is synchronized with the pattern generator and can determine the number of bit errors) and can calculate a BER for the tested transmission link
RDPRemote Desktop Protocola proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection
SNIPSSystem and Network Integrated Polling SoftwareA system and network monitoring software tool that runs on UNIX devices
TDRTime Domain Reflectometeran electronic instrument that uses time-domain reflectometry to characterize and locate faults in metallic cables
OTDROptical Time Domain Reflectometerthe optical equivalent of an electronic time domain reflectometer
PPDIOOPrepare Plan Design Implement Operate OptimizeCisco Lifecycle Services maintenance model
CMConfiguration Managementmaintaining up-to-date documentation of a network's configuration
BYODBring Your Own Devicea new initiative which allows employees to bring their own personal devices to their workplaces
MIBManagement Information Basea database used for managing the entities in a communication network
SIMSecurity Information Managementthe practice of collecting, monitoring and analyzing security-related data from computer logs
SEMSecurity Event Managementcomputerized tools used on data networks to centralize the storage and interpretation of logs, or events, generated by other software running on the network
SIEMSecurity Information and Event Managementa combination of the formerly different product categories of Security Information Management (SIM) and Security Event Management (SEM)

Chapter 12

Question Answer Column 3
ACLAccess Control Listidentifies a trustee and specifies the access rights allowed, denied, or audited for that trustee
DESData Encryption Standardan older encryption algorithm (developed in the mid 1970s) using a 56-bit key. It is considered weak by today's standards.
3DESTriple DESdeveloped in the late 1990s, uses three 56-bit DES keys (for a total of 168 bits) and is usually considered a strong encryption algorithm
AESAdvanced Encryption Standardreleased in 2001, is typically considered the preferred symmetric encryption algorithm
PGPPretty Good Privacyuses both symmetric and asymmetric algorithms
GPGGNU Privacy GuardA free variant of PGP
PKIPublic Key Infrastructurea set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption
CACertificate Authorityan entity that issues digital certificates
MD5Message Digest 5Creates 128-bit hash digests
SHA-1Secure Hash Algorithm 1Creates 160-bit hash digests
HMACHash Based Message Authentication Codeuses an additional secret key in the calculation of a hash value
MitMMan in the MiddleIf an attacker can get in the direct path between a client and a server, the attacker can then eavesdrop on their conversation.
DoSDenial of Servicesending the target system a flood of data or requests that consume the target system's resources
DDoSDistributed Denial of Servicean attacker compromises multiple systems, and those compromised systems, called zombies or botnets, can be instructed by the attacker to simultaneously launch an attack
SPSStandby Power Supplya lower-end version of an uninterruptible power supply
DRDisaster Recoveryfocuses on getting critical applications back online
BCBusiness Continuityfocuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster
MSDSMaterials Safety Data Sheetdescribes the melting point, boiling point, flash point, and the potential health risks that a material poses
AUPAcceptable Use Policyidentifies what users of a network are and are not allowed to do on a network
RASRemote Access ServerMicrosoft Windows Server feature that allows Microsoft Windows clients to remotely access a Microsoft Windows network
RDPRemote Desktop ProtocolMicrosoft protocol that allows a user to view and control the desktop of a remote computer
PPPoEPoint-to-Point Protocol over Ethernetallows an Ethernet connection to leverage the features of PPP, such as authentication
PPPPoint-to-Point Protocola common Layer 2 protocol that offers features such as multilink interface, looped link detection, error detection, and authentication
ICAIndependent Computing Architecturea Citrix Systems proprietary protocol that allows an application running on one platform (for example, Microsoft Windows) to be seen and controlled from a remote client, independent of the client platform (for example, UNIX)
SSHSecure Shella protocol used to securely connect to a remote host (typically via a terminal emulator)
AAAAuthentication, Authorization, and Accountingallows a network to have a single repository of user credentials
RADIUSRemote Authentication Dial-In User Servicea UDP-based protocol used to communicate with a AAA server
TACACS+Terminal Access Controller Access-Control System Plusa Cisco proprietary TCP-based AAA protocol
NACNetwork Admission Controlcan permit or deny access to a network based on characteristics of the device seeking admission, rather than just checking user credentials
CHAPChallenge-Handshake Authentication Protocolauthentication is performed through a three-way handshake
MS-CHAPMicrosoft Challenge-Handshake Authentication Protocola Microsoft-enhanced version A CHAP, offering a collection of additional features not present with CHAP, including two-way authentication
EAPExtensible Authentication Protocolspecifies how authentication is performed by IEEE 802.1X
TFATwo Factor Authenticationrequires two types of authentication from a user seeking admission to a network
SSOSingle Sign-Onallows a user to authenticate only once to gain access to multiple systems, without requiring the user to independently authenticate with each system
DMZDemilitarized Zoneoften contains servers that should be accessible from the public Internet
UTMUnified Threat Managementthe evolution of the traditional firewall into an all-inclusive security product able to perform multiple security functions within one single system
NGFNext Generation Firewallan integrated network platform that is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities
ISAKMPInternet Security Association and Key Management ProtocolNegotiates parameters for an IPsec session.
XAUTHExtended Authentication
AHAuthentication Headera protocol and part of the Internet Protocol Security (IPsec) protocol suite, which authenticates the origin of IP packets (datagrams) and guarantees the integrity of the data
ESPEncapsulating Security Payloadprovides authentication, integrity, and confidentiality, which protect against data tampering and, most importantly, provide message content protection
GREGeneric Routing Encapsulationa tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol network
SSLSecure Sockets Layerprovides cryptography and reliability for upper layers (Layers 5–7) of the OSI model
L2TPLayer 2 Tunneling Protocola VPN protocol that lacks security features, such as encryption
L2FLayer 2 Forwardinga VPN protocol designed (by Cisco Systems) with the intent of providing a tunneling protocol for PPP
PPTPPoint-to-Point Tunneling Protocolan older VPN protocol (which supported the dial-up networking feature in older versions of Microsoft Windows)
TLSTransport Layer Securityhas largely replaced SSL as the VPN protocol of choice for providing cryptography and reliability to upper layers of the OSI model
TTLSTunneled Transport Layer Securityprovides authentication as strong as TLS without the requirement of issuing each user a certificate
HIPSHost-based Intrusion Prevention Systema computer running intrusion prevention software for the purpose of protecting the computer from attacks
IDSIntrusion Detection Systemcan recognize the signature of a well-known attack and respond to stop the attack
IPSIntrusion Prevention Systemresides in-line with the traffic flow, unlike an IDS sensor
NIDSNetwork-based Intrusion Detection Systema network appliance dedicated to the purpose of acting as an IDS sensor
NIPSNetwork-based Intrusion Prevention Systema network appliance dedicated to the purpose of acting as an IPS sensor
SASecurity AssociationAn agreement between the two IPsec peers about the cryptographic parameters to be used in an ISAKMP session.

Chapter 13

Question Answer Column 3
MDIXMedium Dependent Interface Crossoverallows a switch port to properly configure its leads as transmit (Tx) or receive (Rx) leads