. 14
( 19)


example of a catenet.
The CCX program for WLAN devices is an
CATV evolving set of specification for interoper-
cable television abililty, which facilitates testing of vendor
Communication system where multiple chan- clients and provides tested compatibility with
nels of programming material are transmitted to licensed Cisco infrastructure innovations.
homes using broadband coaxial cable. For-
merly called Community Antenna Television.
carrier detect
CBDS Signal that indicates whether an interface is ac-
Connectionless Broadband Data Service. tive. Also, a signal generated by a modem indi-
European high-speed, packet-switched, data- cating that a call has been connected.
gram-based WAN networking technology. Sim-
ilar to SMDS.
Copper Distributed Data Interface
CBR Implementation of FDDI protocols over STP
constant bit rate and UTP cabling. CDDI transmits over rela-
QOS class defined by the ATM Forum for ATM tively short distances, about 325 feet (100 m),
networks. CBR is used for connections that de- providing data rates of 100 Mbps using a dual-
pend on precise clocking to ensure undistorted ring architecture to provide redundancy. Based
delivery. Compare with ABR, UBR, and VBR. on the ANSI Twisted-Pair Physical Medium
Glossary 313

Dependent (TPPMD) standard. Compare with cell loss priority

CDDI/FDDI workgroup concentrator cell payload scrambling
See Cisco Workgroup Concentrator. Technique used on the LightStream 2020 ATM
switch to maintain framing on some medium-
speed edge and trunk interfaces.
Cisco Discovery Protocol
Media- and protocol-independent device-dis- cell relay
covery protocol that runs on all Cisco-manufac- Network technology based on the use of small,
tured equipment including routers, access fixed-size packets, or cells. Because cells are
servers, bridges, and switches. Using CDP, a fixed-length, they can be processed and
device can advertise its existence to other de- switched in hardware at high speeds. Cell relay
vices and receive information about other de- is the basis for many high-speed network proto-
vices on the same LAN or on the remote side of cols including ATM, IEEE 802.6, and SMDS.
a WAN. Runs on all media that support SNAP,
cells per second
including LANs, Frame Relay, and ATM media.
See cps.
Cellular Digital Packet Data
Cellular Digital Packet Data
Open standard for two-way wireless data com-
munication over high-frequency cellular tele-
cellular radio
phone channels. Allows data transmissions
Technology that uses radio transmissions to ac-
between a remote cellular link and a NAP. Op-
cess telephonecompany networks. Service is
erates at 19.2 Kbps.
provided in a particular area by a low-power
cell delay variation tolerance
Parameter defined by the ATM Forum for ATM
circuit emulation access card
traffic management. In CBR transmissions, de-
T1 or E1 circuit emulation card in the Light-
termines the level of jitter that is tolerable for
Stream 2020 ATM switch.
the data samples taken by the PCR.
central office
See CO.
1) The basic unit for ATM switching and multi-
plexing. Cells contain identifiers that specify Centrex
the data stream to which they belong. Each cell AT and T PBX that provides direct inward dial-
consists of a 5-byte header and 48 bytes of pay- ing and automatic number identification of the
load. See also cell relay. calling PBX.
2) In wireless technology, a cell is the area of
radio range or coverage in which the wireless
See Cisco FRAD.
devices can communicate with the base station.
The size of the cell depends upon the speed of the
transmission, the type of antenna used, and the
Cisco Group Management Protocol
physical environment, as well as other factors.
A Cisco-developed protocol that runs between
Cisco routers and Catalyst switches to leverage
cell delay variation tolerance
IGMP information on Cisco routers to make
Layer 2 forwarding decisions on Catalyst
cell line card switch ports that are attached to interested re-
See CLC. ceivers.
314 CCNA Security Course Booklet, Version 1.0

CGS end. The router or access server then deter-
mines whether that user is allowed access.
Compact Gateway Server
Compare to PAP.
Cisco midrange multiprotocol router designed
for medium to small regional and district envi-
chat script
ronments. The CGS is a 2-slot router that sup-
String of text that defines the login “conversa-
ports up to four interfaces (all of the same
tion” that occurs between two systems. Con-
sists of expect-send pairs that define the string
Challenge Handshake Authentication that the local system expects to receive from
Protocol the remote system and what the local system
See CHAP. should send as a reply.

channel Cheapernet
1) A communication path. Multiple channels Industry term used to refer to the IEEE 802.3
can be multiplexed over a single cable in cer- 10BASE2 standard or the cable specified in that
tain environments. standard. Compare with Thinnet.
2) In IBM, the specific path between large
computers (such as mainframes) and attached
1) Method for checking the integrity of trans-
peripheral devices.
mitted data. A checksum is an integer value
Channel Interface Processor computed from a sequence of octets taken
See CIP. through a series of arithmetic operations. The
value is recomputed at the receiving end and
channel service unit compared for verification.
See CSU. 2) Calculated checksum of the header and data
Pertaining to attachment of devices directly by choke packet
data channels (input/output channels) to a com- Packet sent to a transmitter to tell it that con-
puter. gestion exists and that it should reduce its send-
ing rate.
channelized E1
Access link operating at 2.048 Mbps that is CIA
subdivided into 30 B-channels and 1 D-chan- Specification for running IP over ATM in a
nel. Supports DDR, Frame Relay, and X.25. manner that takes full advantage of the features
Compare with channelized T1. of ATM. Defined in RFC 1577.
channelized T1 CICNet
Access link operating at 1.544 Mbps that is Regional network that connects academic, re-
subdivided into 24 channels (23 B-channels and search, nonprofit, and commercial organiza-
1 D-channel) of 64 Kbps each. The individual tions in the Midwestern United States. Founded
channels or groups of channels connect to dif- in 1988, CICNet was a part of the NSFNET
ferent destinations. Supports DDR, Frame and was funded by the NSF until the NSFNET
Relay, and X.25. Compare with channelized dissolved in 1995.
Channelized T1 is also known as fractional T1.
classless interdomain routing
CHAP Technique supported by BGP4 and based on
Challenge Handshake Authentication Protocol route aggregation. CIDR allows routers to
Security feature supported on lines using PPP group routes together in order to cut down on
encapsulation that prevents unauthorized ac- the quantity of routing information carried by
cess. CHAP does not itself prevent unautho- the core routers. With CIDR, several IP net-
rized access, it merely identifies the remote
Glossary 315

works appear to networks outside the group as and with message switching and packet switch-
a single, larger entity. ing as a switching technique.

CIO Cisco 1000
Cisco Information Online Any of the Cisco 1000 series LAN Extenders
Online service available to Cisco customers and routers. The Cisco 1000 series are easy-to-
that provides electronic services and online in- install, inexpensive, multiprotocol access prod-
formation relating to Cisco products. CIO serv- ucts designed for small offices and other remote
ices include product information, software sites. The Cisco 1000 series includes an ISDN
updates, release notes, technical tips, configura- router, an asynchronous router, and LAN exten-
tion notes, brochures, and download offerings. ders.

CIP Cisco 2500
Channel Interface Processor Any of the Cisco 2500 series routers and access
Channel attachment interface for Cisco 7000 servers, including single LAN routers; mission-
series routers. The CIP is used to connect a host specific, low-end routers; router/hub combina-
mainframe to a control unit, eliminating the tions; access servers; and dual LAN routers.
need for an FEP for channel attachment. The Cisco 2500 is designed for small offices
and other remote sites and runs the Cisco IOS
CIR software.
committed information rate The Cisco 2500 series is also known as Cisco
The rate at which a Frame Relay network Access Server 2500 series.
agrees to transfer information under normal
Cisco 4000
conditions, averaged over a minimum incre-
ment of time. CIR, measured in bits per second, Any of the Cisco 4000 series routers designed
is one of the key negotiated tariff metrics. for a wide variety of network computing envi-
ronments. The Cisco 4000 series routers run the
circuit Cisco IOS software and can be optimized for
Communications path between two or more particular environments with custom configura-
points. tions.
circuit emulation access card Cisco 5100
See CEMAC. Cisco data communications platform that com-
bines the functions of a Cisco access server
circuit group
with analog and digital modems, CSUs, and T1
Grouping of associated serial lines that link two
channel banks. The Cisco 5100 is optimized for
bridges. If one of the serial links in a circuit
high-speed modem access and is well-suited for
group is in the spanning tree for a network, any
dial-up applications, including host access,
of the serial links in the circuit group can be
electronic mail, file transfer, and dial-in access
used for load balancing. This load-balancing
to a LAN.
strategy avoids data ordering problems by as-
Cisco 5100 is also kknown as Cisco Access
signing each destination address to a particular
Server 5100.
serial link.
Cisco 7000
circuit switching
Any of the Cisco 7000 series of routers (the
Switching system in which a dedicated physical
Cisco 7000 or the Cisco 7010), a high-end
circuit path must exist between sender and re-
router platform that supports a wide range of
ceiver for the duration of the “call.” Used heav-
network interfaces and media types and is de-
ily in the telephone company network. Circuit
signed for use in enterprise networks. Cisco
switching can be contrasted with contention
7000 series routers run the Cisco IOS software
and token passing as a channel-access method,
and support online software reconfiguration,
OIR, fast boot, environmental monitoring, self-
316 CCNA Security Course Booklet, Version 1.0

diagnostics, redundant power supplies, and support for a wide variety of protocols, media,
Flash memory. services, and platforms.

Cisco 7500 Cisco LightStream 100
Any of the Cisco 7500 series of routers, a high- Cisco LightStream 100 ATM switch
end multiprotocol router platform designed for A fully nonblocking ATM switch operating at
use in enterprise networks. Cisco 7500 series up to 2.4 Gbps and supporting multiple ATM
routers run the Cisco IOS software and imple- lines of 155-Mbps data speed as well as a vari-
ment a distributed multiprocessor architecture ety of LAN and WAN interfaces. The Light-
consisting of the CyBus, the RSP, and the VIP. Stream 100 switch can serve as part of an ATM
workgroup or small campus backbone connect-
Cisco Access Server 2500 ing a number of ATM routers, multilayer LAN
See Cisco 2500. switches, and high-performance servers and
Cisco Access Server 5100
See Cisco 5100. Cisco LightStream 2020
Cisco LightStream 2020 Enterprise ATM
Cisco Discovery Protocol
See CDP.
For campus and wide-area applications. The
LightStream 2020 ATM switch supports trunks
Cisco Extended Bus
operating at T1/E1 data rates and provides a
See CxBus.
migration path through T3/E3 into a
Cisco FRAD SONET/SDH OC-3 trunk. The LightStream
Cisco Frame Relay access device 2020 intelligent edge modules support a variety
Cisco product that supports Cisco IOS Frame of services including frame forwarding, Frame
Relay SNA services and can be upgraded to be Relay, ATM UNI, and LAN internetworking.
a full-function multiprotocol router. The Cisco
Cisco Workgroup Adapter
FRAD connects SDLC devices to Frame Relay
Series of Cisco workgroup adapters that allow
without requiring an existing LAN. However,
workstations to connect to CDDI or FDDI in-
the Cisco FRAD does support attached LANs
terfaces operating at 100 Mbps.
and can perform conversion from SDLC to Eth-
ernet and Token Ring.
Cisco Workgroup Concentrator
Series of Cisco workgroup concentrators that
Cisco Frame Relay access device
combines the compact form factor of work-
See Cisco FRAD.
group concentrators with the versatility of mod-
Cisco Information Online ular hubs. Supports from 4 to 32 combinations
See CIO. of CDDI or FDDI ports.
Cisco Internetwork Operating System soft- ciscoBus controller
ware See SP.
See Cisco IOS software.
Cisco IOS software Cisco internetworking architecture that “fuses”
Cisco Internetwork Operating System software together the scalability, stability, and security
Cisco system software that provides common advantages of the latest routing technologies
functionality, scalability, and security for all with the performance benefits of ATM and
products under the CiscoFusion architecture. LAN switching, and the management benefits
The Cisco IOS software allows centralized, in- of VLANs.
tegrated, and automated installation and man-
agement of internetworks, while ensuring
Glossary 317

CiscoView prefix value that indicates the number of bits
used for the network portion.
GUI-based device-management software appli-
cation that provides dynamic status, statistics,
and comprehensive configuration information
Common Link Access for Workstations
for Cisco internetworking devices. In addition
Data link layer protocol used by channel-at-
to displaying a physical view of Cisco device
tached RISC System/6000 series systems and
chassis, CiscoView also provides device moni-
by IBM 3172 devices running TCP/IP off-load.
toring functions and basic troubleshooting ca-
CLAW improves efficiency of channel use and
pabilities, and can be integrated with several
allows the CIP to provide the functionality of a
leading SNMP-based network management
3172 in TCP/IP environments and support di-
rect channel attachment. The output from
CiscoWorks TCP/IP mainframe processing is a series of IP
datagrams that the router can switch without
Series of SNMP-based internetwork manage-
ment software applications. CiscoWorks in-
cludes applications for monitoring router and
access server status, managing configuration
cell line card
files, and troubleshooting network problems.
Card on the LightStream 2020 ATM switch
CiscoWorks applications are integrated on sev-
that, in conjunction with an access card, sup-
eral SNMP-based network management plat-
ports up to two OC-3c edge ports or one OC-3c
forms, including SunNet Manager, HP
trunk port. A CLC can be configured as an edge
OpenView, and IBM NetView.
card or a trunk card.
Clear To Send
Cisco Key Integrity Protocol
See CTS.
CKIP is the Cisco implementation of PPK.
Class A station
Competitive Local Exchange Carrier
See DAS.
A company that builds and operates communi-
Class B station cation networks in metropolitan areas and pro-
vides its customers with an alternative to the
See SAS.
local telephone company.
class of service
See COS.
command-line interface
Class-based weighted fair queueing The command-line interface on the Light-
See CBWFQ. Stream 2020 that runs on NPs and Sun SPARC-
stations and is used to monitor and control an
classfull network
ATM network.
Network that uses traditional IP network ad-
dresses of class A, class B, and class C. client
1) Node or software program (front-end device)
classical IP over ATM
that requests services from a server. See also
See CIA.
back end, front end, and server.
2) In wireless technology, a client is a radio de-
classless interdomain routing
vice that uses the services of an Access Point to
communicate wirelessly with other devices on a
classless network local area network.
Network that does not use the traditional IP
network addressing (class A, class B, and class
C), but defines the network boundary using a
318 CCNA Security Course Booklet, Version 1.0

client-server computing 0 are insured traffic, which is unlikely to be
dropped. Cells with CLP = 1 are best-effort
Term used to describe distributed computing
traffic, which might be dropped in congested
(processing) network systems in which transac-
conditions in order to free up resources to han-
tion responsibilities are divided into two parts:
dle insured traffic.
client (front end) and server (back end). Both
terms (client and server) can be applied to soft-
cluster controller
ware programs or actual computing devices.
1) Generally, an intelligent device that provides
Compare with peer-to-peer computing.
the connections for a cluster of terminals to a
Client-server computing is also known as dis-
data link.
tributed computing.
2) In SNA, a programmable device that con-
client-server model trols the input/output operations of attached de-
vices. Typically, an IBM 3174 or 3274 device.
Common way to describe network services and
the model user processes (programs) of those
services. Examples include the
coded mark inversion
nameserver/nameresolver paradigm of the DNS
ITU-T line coding technique specified for STS-
and fileserver/file-client relationships such as
3c transmissions. Also used in DS-1 systems.
NFS and diskless hosts.
Cisco Message Integrity Check
Connectionless Network Protocol
The Cisco implementation of MIC.
Protocol stack developed originally as a re-
placement for TCP/IP with the anticipation that CMIP
this OSI suite would take over being based Common Management Information Protocol
upon the standard OSI 7-layer model. This has OSI network management protocol created and
not happened, however one protocol within standardized by ISO for the monitoring and
CLNP called IS-IS has become very popular control of heterogeneous networks.
within the Internet community due to its scala-
bility as the Internet grows.
Common Management Information Services
OSI network management service interface cre-
Connectionless Network Service ated and standardized by ISO for the monitor-
The OSI network layer service similar to bare ing and control of heterogeneous networks.
IP service. A CLNS entity communicates over
Connectionless Network Protocol (CLNP) with
its peer CLNS entity. CLNP is the OSI equiva- Connection-Mode Network Service
lent of IP. CLNP provides the interface between Extends local X.25 switching to a variety of
CLNS and upper layers. CLNS does not per- media (Ethernet, FDDI, Token Ring).
form connection setup or termination because
paths are determined independently for each
connection management
packet that is transmitted through a network. In
FDDI process that handles the transition of the
addition, CLNS provides best-effort delivery,
ring through its various states (off, active, con-
which means that no guarantee exists that data
nect, and so on), as defined by the ANSI
will not be lost, corrupted, miss-ordered, or du-
X3T9.5 specification.
plicated. CLNS relies on transport layer proto-
cols to perform error detection and correction. CO
central office
Local telephone company office to which all
cell loss priority
local loops in a given area connect and in
Field in the ATM cell header that determines
which circuit switching of subscriber lines oc-
the probability of a cell being dropped if the
network becomes congested. Cells with CLP =
Glossary 319

coaxial cable The command-line interface on the Light-
Stream 2020 that runs on NPs and Sun SPARC-
Cable consisting of a hollow outer cylindrical
stations and is used to monitor and control an
conductor that surrounds a single inner wire
ATM network.
conductor. Two types of coaxial cable are cur-
rently used in LANs: 50-ohm cable, which is
Committed Burst
used for digital signaling, and 75-ohm cable,
See Bc.
which is used for analog signal and high-speed
digital signaling. committed information rate
See CIR.
code bits
Control functions, such as setup and termina- common carrier
tion of a session. Licensed, private utility company that supplies
communication services to the public at regu-
lated prices.
Device that typically uses PCM to transform common channel signaling
analog signals into a digital bit stream, and dig- See CCS.
ital signals back into analog.
Common Link Access for Workstations
coded mark inversion
See CMI.
Common Management Information Protocol
Common Management Information Services
Electrical techniques used to convey binary sig-
common mode
Term used to describe problems involving ei-
collapsed backbone
ther the hot or neutral wires and the safety
Nondistributed backbone in which all network ground wire on a power line.
segments are interconnected by way of an inter-
Common Programming Interface for
networking device. A collapsed backbone
might be a virtual network segment existing in
See CPI-C.
a device such as a hub, a router, or a switch.

Transmission of information.
In Ethernet, the result of two nodes transmitting
simultaneously. The frames from each device
communication controller
impact and are damaged when they meet on the
In SNA, a subarea node (such as an IBM 3745
physical media.
device) that contains an NCP.
collision detection
communication server
Communications processor that connects asyn-
collision domain chronous devices to a LAN or WAN through
network and terminal emulation software. Per-
In Ethernet, the network area within which
forms only asynchronous routing of IP and
frames that have collided are propagated. Re-
IPX. Compare with access server.
peaters and hubs propagate collisions; LAN
switches, bridges and routers do not.

command-line interface
command-line interface
320 CCNA Security Course Booklet, Version 1.0

communications line conductor
The physical link (such as wire or a telephone Any material with a low resistance to electrical
circuit) that connects one or more devices to current. Any material capable of carrying an
one or more other devices. electrical current.

community configuration management
In SNMP, a logical group of managed devices One of five categories of network management
and NMSs in the same administrative domain. defined by ISO for management of OSI net-
works. Configuration management subsystems
Community Antenna Television are responsible for detecting and determining
Now known as CATV. See CATV. the state of a network.
community string configuration register
Text string that acts as a password and is used In Cisco routers, a 16-bit, user-configurable
to authenticate messages sent between a man- value that determines how the router functions
agement station and a router containing an during initialization. The configuration register
SNMP agent. The community string is sent in can be stored in hardware or software. In hard-
every packet between the manager and the ware, the bit position is set using a jumper. In
agent. software, the bit position is set by specifying a
hexadecimal value using configuration com-
Compact Gateway Server
See CGS.
Traffic in excess of network capacity.
Contraction derived from the opposite
processes of compression and expansion. Part congestion avoidance
of the PCM process whereby analog signal val- See CA.
ues are logically rounded to discrete scale-step
connection management
values on a nonlinear scale. The decimal step
number is then coded in its binary equivalent See CMT.
prior to transmission. The process is reversed at
the receiving terminal using the same nonlinear
Term used to describe data transfer without the
scale. Compare with compression and expan-
existence of a virtual circuit. Compare with
Compressed Serial Link Internet Protocol
Connectionless Broadband Data Service
Connectionless Network Protocol
The running of a data set through an algorithm
that reduces the space required to store or the
bandwidth required to transmit the data set. Connectionless Network Service
Compare with companding and expansion.
Computer Science Network
Connection-Mode Network Service
See hub.
Term used to describe data transfer that re-
quires the establishment of a virtual circuit.

Connection-Oriented Network Protocol
Glossary 321

CONP ripheral networks must pass on its way to other
peripheral networks.
Connection-Oriented Network Protocol
OSI protocol providing connection-oriented op-
Corporation for Open Systems
eration to upper-layer protocols.
See COS.
Corporation for Research and Educational
DTE through which commands are entered into
a host.
constant bit rate
See CBR.
1) class of service. Indication of how an upper-
layer protocol requires that a lower-layer proto-
Consultative Committee for International
Telegraph col treat its messages. In SNA subarea routing,
COS definitions are used by subarea nodes to
determine the optimal route to establish a given
content-addressable memory session. A COS definition comprises a virtual
See associative memory. route number and a transmission priority field.
Also known as type of service (TOS).
2) Corporation for Open Systems. Organization
Access method in which network devices com-
that promulgates the use of OSI protocols
pete for permission to access the physical
through conformance testing, certification, and
medium. Contrast with circuit switching and
related activities.
token passing.
ControlStream traffic management
Arbitrary value, typically based on hop count,
Traffic management scheme used by the Light-
media bandwidth, or other measures, that is as-
Stream 2020 ATM switch. Includes congestion
signed by a network administrator and used to
avoidance, traffic shaping, and traffic policing,
compare various paths through an internetwork
and allows links to operate at high levels of uti-
environment. Cost values are used by routing
lization by scaling back lower-priority, delay-
protocols to determine the most favorable path
tolerant traffic at the edge of the network when
to a particular destination: the lower the cost,
congestion begins to occur.
the better the path.
Cost is also known as path cost.
The speed and ability of a group of internet-
count to infinity
working devices running a specific routing pro-
Problem that can occur in routing algorithms
tocol to agree on the topology of an
that are slow to converge, in which routers con-
internetwork after a change in that topology.
tinuously increment the hop count to particular
networks. Typically, some arbitrary hop-count
limit is imposed to prevent this problem.
In SNA, an LU 6.2 session between two trans-
action programs.
customer premises equipment
Copper Distributed Data Interface
Terminating equipment, such as terminals, tele-
phones, and modems, supplied by the telephone
core gateway company, installed at customer sites, and con-
The primary routers in the Internet. nected to the telephone company network.
core router CPI-C
In a packet-switched star topology, a router that Common Programming Interface for Commu-
is part of the backbone and that serves as the nications
single pipe through which all traffic from pe-
322 CCNA Security Course Booklet, Version 1.0

Platform-independent API developed by IBM Media-access mechanism wherein devices
and used to provide portability in APPC appli- ready to transmit data first check the channel
cations. for a carrier. If no carrier is sensed for a spe-
cific period of time, a device can transmit. If
cps two devices transmit at once, a collision occurs
cells per second and is detected by all colliding devices. This
collision subsequently delays retransmissions
from those devices for some random length of
central processing unit
time. CSMA/CD access is used by Ethernet and
The part of a computer that controls all the
IEEE 802.3.
other parts. It fetches instructions from memory
and decodes them. This may cause it to transfer CSNET
data to or from memory or to activate peripher- Computer Science Network
als to perform input or output. Large internetwork consisting primarily of uni-
versities, research institutions, and commercial
concerns. CSNET merged with BITNET to
custom queuing
form CREN.
Queuing method that is used to guarantee band-
width for traffic by assigning queue space to CSU
each protocol. channel service unit
Digital interface device that connects end-user
equipment to the local digital telephone loop.
cyclic redundancy check
Often referred to together with DSU, as
Error-checking technique in which the frame
recipient calculates a remainder by dividing
frame contents by a prime binary divisor and csumon
compares the calculated remainder to a value Tool available on the LightStream 2020 ATM
stored in the frame by the sending node. switch, accessible from the bash shell. Csumon
allows connection to an external CSU/DSU on
a low-speed line for monitoring and control
Corporation for Research and Educational Net-
purposes, and can display statistics on the inter-
nal CSU/DSU of a medium-speed line.
The result of a merger of BITNET and CSNET.
CREN is devoted to providing Internet connec- CTS
tivity to its members, which include the alumni, Clear To Send. Circuit in the EIA/TIA-232
students, faculty, and other affiliates of partici- specification that is activated when DCE is
pating educational and research institutions, via ready to accept data from DTE.
custom queuing
cross talk See CQ.
Interfering energy transferred from one circuit
customer premises equipment
to another.
See CPE.
cut sheet
Compressed Serial Link Internet Protocol
Extension of SLIP that, when appropriate, al- A rough diagram indicating where cable runs
lows just header information to be sent across a are located and the numbers of rooms they lead
SLIP connection, reducing overhead and in- to.
creasing packet throughput on SLIP lines.
cut-through packet switching
CSMA/CD Packet switching approach that streams data
carrier sense multiple access/collision detect through a switch so that the leading edge of a
packet exits the switch at the output port before
Glossary 323

the packet finishes entering the input port. A data circuit-terminating equipment
device using cut-through packet switching See DCE.
reads, processes, and forwards packets as soon
data communications equipment
as the destination address is looked up, and the
See DCE.
outgoing port determined. Contrast with store
and forward packet switching.
Data Encryption Standard
Cut-through packet switching is also known as
See DES.
on-the-fly packet switching.
data flow control layer
Layer 5 of the SNA architectural model. This
Cisco Extended Bus
layer determines and manages interactions be-
Data bus for interface processors on Cisco 7000
tween session partners, particularly data flow.
series routers that operates at 533 Mbps.
Corresponds to the session layer of the OSI
1.067-Gbps data bus for interface processors.
data link control layer
Used in the Cisco 7500 series routers.
Layer 2 in the SNA architectural model. Re-
sponsible for the transmission of data over a
cycles per second
particular physical link. Corresponds roughly to
See hertz.
the data link layer of the OSI model.
cyclic redundancy check
data link layer
See CRC.
Layer 2 of the OSI reference model. This layer
D channel provides reliable transit of data across a physi-
data channel cal link. The data link layer is concerned with
1) Full-duplex, 16-kbps (BRI) or 64-kbps (PRI) physical addressing, network topology, line dis-
ISDN channel. Compare to B channel, E chan- cipline, error notification, ordered delivery of
nel, and H channel. frames, and flow control. The IEEE has divided
2) In SNA, a device that connects a processor this layer into two sublayers: the MAC sublayer
and main storage with peripherals. and the LLC sublayer. Sometimes simply called
link layer. Roughly corresponds to the data link
D4 framing
control layer of the SNA model.
See SF.
Data Movement Processor
See DMP.
Defense Advanced Research Projects Agency
U.S. government agency that funded research data service unit
for and experimentation with the Internet. See DSU.
Evolved from ARPA, and then, in 1994, back to
data set ready
See DSR.
DARPA Internet
data sink
Obsolete term referring to the Internet. See In-
Network equipment that accepts data transmis-
data stream
Upper-layer protocol data.
All data transmitted through a communications
data bus connector line in a single read or write operation.
See DB connector.
data terminal equipment
data channel See DTE.
See D channel.
324 CCNA Security Course Booklet, Version 1.0

data terminal ready DCE
See DTR. data communications equipment
Data communications equipment (EIA expan-
datagram sion) or data circuit-terminating equipment
Logical grouping of information sent as a net- (ITU-T expansion). The devices and connec-
work layer unit over a transmission medium tions of a communications network that com-
without prior establishment of a virtual circuit. prise the network end of the user-to-network
IP datagrams are the primary information units interface. The DCE provides a physical connec-
in the Internet. The terms frame, message, tion to the network, forwards traffic, and pro-
packet, and segment are also used to describe vides a clocking signal used to synchronize
logical information groupings at various layers data transmission between DCE and DTE de-
of the OSI reference model and in various tech- vices. Modems and interface cards are exam-
nology circles. ples of DCE.
data-link connection identifier dCEF
See DLCI. Cisco Express Forwarding
Advanced Layer 3 IP forwarding technology
data-link switching
designed to optimize network performance and
See DLSw.
Distributed Data Management
The ratio between two signal levels. It is a unit-
Software in an IBM SNA environment that pro-
less physical measurement of signal strength.
vides peer-to-peer communication and file
sharing. One of three SNA transaction services.
DB connector
data bus connector
Type of connector used to connect serial and
Defense Data Network
parallel cables to a data bus. DB connector
U.S. military network composed of an unclassi-
names are of the format DB-x, where x repre-
fied network (MILNET) and various secret and
sents the number of (wires) within the connec-
top-secret networks. DDN is operated and
tor. Each line is connected to a pin on the
maintained by DISA.
connector, but in many cases, not all pins are
assigned a function. DB connectors are defined DDR
by various EIA/TIA standards. dial-on-demand routing
Technique whereby a Cisco router can automat-
ically initiate and close a circuit-switched ses-
A ratio of decibels to an isotropic antenna that
sion as transmitting stations demand. The
is commonly used to measure antenna gain.
router spoofs keepalives so that end stations
The greater the dBi value, the higher the gain,
treat the session as active. DDR permits routing
and the more acute the angle of coverage.
over ISDN or telephone lines using an external
ISDN terminal adaptor or modem.
direct current
Electrical current that travels in only one direc-
discard eligible. See tagged traffic.
tion. Direct current is generally used in elec-
tronic circuits. de facto standard
Standard that exists by nature of its widespread
use. Compare with de jure standard.
Defense Communications Agency
U.S. government organization responsible for
DDN networks such as MILNET.
DCA is now known as DISA.
Glossary 325

de jure standard default route
Standard that exists because of its approval by Routing table entry that is used to direct frames
an official standards body. Compare with de for which a next hop is not explicitly listed in
facto standard. the routing table.

decibels Defense Advanced Research Projects Agency
See dB. See DARPA.

DECnet Defense Communications Agency
Digital Equipment Corporation Network See DCA.
Group of communications products (including
Defense Data Network
a protocol suite) developed and supported by
See DDN.
Digital Equipment Corporation. DECnet/OSI
(also called DECnet Phase V) is the most recent Defense Information Systems Agency
iteration and supports both OSI protocols and
proprietary Digital protocols. Phase IV Prime
supports inherent MAC addresses that allow Defense Intelligence Agency
DECnet nodes to coexist with systems running See DIA.
other protocols that have MAC address restric-
1) The time between the initiation of a transac-
DECnet routing tion by a sender and the first response received
Digital Equipment Corporation Network rout- by the sender.
ing 2) The time required to move a packet from
Proprietary routing scheme introduced by Digi- source to destination over a given path.
tal Equipment Corporation in DECnet Phase
demand priority
III. In DECnet Phase V, DECnet completed its
Media access method used in 100VG-AnyLAN
transition to OSI routing protocols (ES-IS and
that uses a hub that can handle multiple trans-
mission requests and can process traffic accord-
decorative raceway ing to priority, making it useful for servicing
Type of wall-mounted channel with removable time-sensitive traffic such as multimedia and
cover used to support horizontal cabling. Deco- video. Demand priority eliminates the overhead
rative raceway is big enough to hold two ca- of packet collisions, collision recovery, and
bles. broadcast traffic typical in Ethernet networks.
decryption demarc
The reverse application of an encryption algo- Demarcation point between carrier equipment
rithm to encrypted data, thereby restoring that and CPE.
data to its original, unencrypted state.
dedicated LAN Process of returning a modulated signal to its
Network segment allocated to a single device. original form. Modems perform demodulation
Used in LAN switched network topologies. by taking an analog signal and returning it to its
original (digital) form.
dedicated line
Communications line that is indefinitely re- demultiplexing
served for transmissions, rather than switched The separating of multiple input streams that
as transmission is required. have been multiplexed into a common physical
signal back into multiple output streams.

dense mode PIM
See PIM dense mode.
326 CCNA Security Course Booklet, Version 1.0

Department of Defense cuit group for a given circuit-group configura-
See DoD.

Deutsche Industrie Norm
Department of Defense Intelligence
Information Systems See DIN.
Deutsche Industrie Norm connector
Dependent LU See DIN connector.
See DLU.
DES See node.
Data Encryption Standard
Standard cryptographic algorithm developed by
Dynamic Frequency Selection
the U.S. NBS.
DFS dynamically instructs a transmitter to
designated bridge switch to another channel whenever a particular
The bridge that incurs the lowest path cost condition (such as the presence of a radar sig-
when forwarding a frame from a segment to the nal) is met. Prior to transmitting, the DFS
route bridge. mechanism of a device monitors its available
operating spectrum, listening for a radar signal.
Designated Intermediate System If a signal is detected, the channel associated
See DIS. with the radar signal is vacated or flagged as
unavailable for use by the transmitter.
designated router
OSPF router that generates LSAs for a multiac- DIA
cess network and has other special responsibili- Document Interchange Architecture
ties in running OSPF. Each multiaccess OSPF Defines the protocols and data formats needed
network that has at least two attached routers for the transparent interchange of documents in
has a designated router that is elected by the an SNA network. One of three SNA transaction
OSPF Hello protocol. The designated router en- services.
ables a reduction in the number of adjacencies
dial backup
required on a multiaccess network, which in
turn reduces the amount of routing protocol Feature supported by Cisco routers that pro-
traffic and the size of the topological database. vides protection against WAN downtime by al-
lowing the network administrator to configure a
destination address backup serial line through a circuit-switched
Address of a network device that is receiving connection.
dial-on-demand routing
destination MAC See DDR.
dial-up line
destination port Communications circuit that is established by a
Number of the called port. switched-circuit connection using the telephone
company network.
destination service access point
See DSAP. differential encoding
Digital encoding technique whereby a binary
deterministic load distribution
value is denoted by a signal change rather than
Technique for distributing traffic between two
a particular signal level.
bridges across a circuit group. Guarantees
packet ordering between source-destination
pairs and always forwards traffic for a source-
destination pair on the same segment in a cir-
Glossary 327

differential Manchester encoding directionality
Digital coding scheme where a mid-bit-time The coverage around the antenna. An omnidi-
transition is used for clocking, and a transition rectional WLAN antenna transmits and receives
at the beginning of each bit time denotes a zero. signals in all horizontal directions equally. A
The coding scheme used by IEEE 802.5 and directional antenna focuses the signal from the
Token Ring networks. access point into a smaller coverage area result-
ing in a stronger signal in this direction.
Diffusing Update Algorithm
directory services
Services that help network devices locate serv-
Digital Network Architecture ice providers.
See DNA.
digital signal Designated Intermediate System
Language of computers comprising only two Elected and will conduct the flooding over the
states, on and off which are indicated by a se- media. The DIS is analogous to the designated
ries of voltage pulses. router in Open Shortest Path First (OSPF) Pro-
tocol, even though the details including election
digital signal level 0
process and adjacencies within a multi-access
See DS-0.
media differ significantly. The DIS is elected by
priority. The highest priority becomes the DIS.
digital signal level 1
This is configurable on an interface basis. In
See DS-1.
the case of a tie, the router with the highest
digital signal level 3 SNPA (MAC) address will become the DIS.
See DS-3.
Dijkstra™s algorithm Defense Information Systems Agency
See SPF. U.S. military organization responsible for im-
plementing and operating military information
systems, including the DDN.
Deutsche Industrie Norm
German national standards organization. discard eligible
See DE.
DIN connector
Deutsche Industrie Norm connector disk assembly
Multipin connector used in some Macintosh The combination of a hard disk drive, a floppy
and IBM PC-compatible computers, and on disk drive, and a disk power supply on a Light-
some network processor panels. Stream 2020 ATM switch. Each NP card in a
LightStream 2020 chassis has its own disk as-
A type of low-gain (2.2-dBi) antenna consisting
of two (often internal) elements. Compare with Distance Vector Multicast Routing Protocol
isotropic. See DVMRP.
direct memory access distance vector routing algorithm
See DMA. Class of routing algorithms that iterate on the
number of hops in a route to find a shortest-
directed search
path spanning tree. Distance vector routing al-
Search request sent to a specific node known to
gorithms call for each router to send its entire
contain a resource. A directed search is used to
routing table in each update, but only to its
determine the continued existence of the re-
neighbors. Distance vector routing algorithms
source and to obtain routing information spe-
can be prone to routing loops, but are computa-
cific to the node. See also broadcast search.
328 CCNA Security Course Booklet, Version 1.0

tionally simpler than link state routing algo- functionality to increase the overall scalability
rithms. of data-link switching.
Distance vector routing algorithm is also
known as Bellman-Ford routing algorithm.
dependent logical unit
distortion delay An LU that depends on the SSCP to provide
Problem with a communication signal resulting services for establishing sessions with other
from nonuniform transmission speeds of the LUs.
components of a signal through a transmission
medium. Also called group delay.
direct memory access
distributed computing (processing) The transfer of data from a peripheral device,
See client-server computing. such as a hard disk drive, into memory without
that data passing through the microprocessor.
Distributed Data Management DMA transfers data into memory at high
See DDM. speeds with no processor overhead.
Distributed Queue Dual Bus DMAC
See DQDB. Destination MAC
The MAC address specified in the Destination
Distributed Weighted Fair Queuing
Address field of a packet. Compare with
See dWFQ.
data-link connection identifier
Data Movement Processor
Value that specifies a PVC or SVC in a Frame
Processor on the Catalyst 5000 that, along with
Relay network. In the basic Frame Relay speci-
the multiport packet buffer memory interface,
fication, DLCIs are locally significant (con-
performs the frame-switching function for the
nected devices might use different values to
switch. The DMP also handles translational
specify the same connection). In the LMI ex-
bridging between the Ethernet and FDDI inter-
tended specification, DLCIs are globally signif-
faces, IP segmentation, and intelligent bridging
icant (DLCIs specify individual end devices).
with protocol-based filtering.
Data-Link Switching
Digital Network Architecture
Interoperability standard, described in RFC
Network architecture developed by Digital
1434, that provides a method for forwarding
Equipment Corporation. The products that em-
SNA and NetBIOS traffic over TCP/IP net-
body DNA (including communications proto-
works using data link layer switching and en-
cols) are collectively referred to as DECnet.
capsulation. DLSw uses Switch-to-Switch
Protocol (SSP) instead of SRB, eliminating the DNIS
major limitations of SRB, including hop-count Dialed Number Identification Service
limits, broadcast and unnecessary traffic, time- DNIS is also known as called number.
outs, lack of flow control, and lack of prioriti-
zation schemes.
Domain Naming System
DLSw+ System used in the Internet for translating
Data Link Switching Plus names of network nodes into addresses.
Cisco implementation of the DLSw standard
for SNA and NetBIOS traffic forwarding.
DLSw+ goes beyond the standard to include Domain Naming System Application Level
the advanced features of the current Cisco Gateway
RSRB implementation, and provides additional
Glossary 329

Protocol that can be used in NAT-PT transla- downlink station
tions to map network addresses dynamically See ground station.
based on DNS queries. Compare with NAT-PT
downstream physical unit
and SIIT.
Department of Defense Intelligence Informa-
Distributed Queue Dual Bus
tion System Network Security for Information
Data link layer communication protocol, speci-
fied in the IEEE 802.6 standard, designed for
Collection of security requirements for net-
use in MANs. DQDB, which permits multiple
working defined by the U.S. Defense Intelli-
systems to interconnect using two unidirec-
gence Agency.
tional logical buses, is an open standard that is
Document Interchange Architecture designed for compatibility with carrier trans-
See DIA. mission standards, and is aligned with emerg-
ing standards for BISDN. SMDS Interface
Protocol (SIP) is based on DQDB.
Department of Defense
U.S. government organization that is responsi- DRAM
ble for national defense. The DoD has fre- Dynamic random-access memory
quently funded communication protocol RAM that stores information in capacitors that
development. must be periodically refreshed. Delays can
occur because DRAMs are inaccessible to the
processor when refreshing their contents. How-
1) In the Internet, a portion of the naming hier- ever, DRAMs are less complex and have
archy tree that refers to general groupings of greater capacity than SRAMs.
networks based on organization-type or geogra-
phy. drop
2) In SNA, an SSCP and the resources it con- Point on a multipoint channel where a connec-
trols. tion to a networked device is made.
3) In IS-IS, a logical set of networks.
drop cable
4) Networking system developed by Apollo
Generally, a cable that connects a network de-
Computer (now part of Hewlett-Packard) for
vice (such as a computer) to a physical
use in its engineering workstations.
medium. A type of AUI.
Domain Naming System
DS-0 or DS0
See DNS.
digital signal level 0
domain specific part Framing specification used in transmitting digi-
See DSP. tal signals over a single channel at 64-kbps on a
T1 facility. Compare with DS-1 and DS-3.
dot address
Refers to the common notation for IP addresses DS-1
in the form <a.b.c.d> where each number a rep- digital signal level 1
resents, in decimal, 1 byte of the 4-byte IP ad- Framing specification used in transmitting digi-
dress. tal signals at 1.544-Mbps on a T1 facility (in
Dot address is also known as dotted notation or the United States) or at 2.108-Mbps on an E1
four-part dotted notation. facility (in Europe). Compare with DS-0 and
dotted notation
See dot address. DS-1 domestic trunk interface
See DS-1/DTI.
330 CCNA Security Course Booklet, Version 1.0

DS-1/DTI Device used in digital transmission that adapts
the physical interface on a DTE device to a
digital signal level 1/domestic trunk interface
transmission facility such as T1 or E1. The
Interface circuit used for DS-1 applications
DSU is also responsible for such functions as
with 24 trunks.
signal timing. Often referred to together with
Digital signal level 3
Framing specification used for transmitting dig-
Cross-connection point for DS-1 signals.
ital signals at 44.736-Mbps on a T3 facility.
Compare with DS-0 and DS-1.
DSAP data terminal equipment
Device at the user end of a user-network inter-
destination service access point
face that serves as a data source, destination, or
The SAP of the network node designated in the
both. DTE connects to a data network through a
Destination field of a packet. Compare to
DCE device (for example, a modem) and typi-
cally uses clocking signals generated by the
DSP DCE. DTE includes such devices as computers,
domain specific part protocol translators, and multiplexers. Compare
The part of a CLNS address that contains an with DCE.
area identifier, a station identifier, and a selec-
tor byte.
dual tone multifrequency
DSPU Use of two simultaneous voice-band tones for
downstream physical unit dialing (such as touch tone).
1) In SNA, a PU that is located downstream
from the host.
data terminal ready
2) Cisco IOS software feature that enables a
EIA/TIA-232 circuit that is activated to let the
router to function as a PU concentrator for SNA
DCE know when the DTE is ready to send and
PU 2 nodes. PU concentration at the router sim-
receive data.
plifies the task of PU definition at the upstream
host while providing additional flexibility and
mobility for downstream PU devices. This fea-
Diffusing Update Algorithm
ture is sometimes referred to as DSPU concen-
Convergence algorithm used in Enhanced IGRP
tration. See also PU and SNA.
that provides loop-free operation at every in-
DSPU concentration stant throughout a route computation. Allows
routers involved in a topology change to syn-
See DSPU and PU.
chronize at the same time, while not involving
DSR routers that are unaffected by the change.
data set ready
dual counter-rotating rings
EIA/TIA-232 interface circuit that is activated
Network topology in which two signal paths,
when DCE is powered up and ready for use.
whose directions are opposite one another, exist
DSSS in a token-passing network. FDDI and CDDI
Direct Sequence Spread Spectrum are based on this concept.
DSSS is one of the modulation techniques pro-
dual homing
vided for by the IEEE 802.11 and the one cho-
Network topology in which a device is con-
sen by the 802.11 Working Group for the
nected to the network by way of two independ-
widely used IEEE 802.11b devices.
ent access points (points of attachment). One
DSU access point is the primary connection, and the
data service unit
Glossary 331

other is a standby connection that is activated in ITU-T ISDN specification, but was dropped in
the event of a failure of the primary connection. the 1988 specification. Compare with B chan-
nel, D channel, and H channel.
Dual IS-IS
See Integrated IS-IS.
ITU-T recommendation for international
dual stack telecommunication numbering, especially in
A common transition mechanism to enable a ISDN, BISDN, and SMDS. An evolution of
smooth integration of IPv4 to IPv6. Compare standard telephone numbers.
with IPv6-over-IPv4 tunnels.
dual tone multifrequency Wide-area digital transmission scheme used
See DTMF. predominantly in Europe that carries data at a
rate of 2.048 Mbps. E1 lines can be leased for
dual-homed station
private use from common carriers. Compare
Device attached to multiple FDDI rings to pro-
with T1.
vide redundancy.
Wide-area digital transmission scheme used
Distance Vector Multicast Routing Protocol
predominantly in Europe that carries data at a
Internetwork gateway protocol, largely based
rate of 34.368 Mbps. E3 lines can be leased for
on RIP, that implements a typical dense mode
private use from common carriers. Compare
IP multicast scheme. DVMRP uses IGMP to
with T3.
exchange routing datagrams with its neighbors.
Extensible Authentication Protocol
Distributed Weighted Fair Queuing
Universal authentication framework frequently
Special high-speed version of WFQ that pro-
used in wireless networks defined by RFC
vides bandwidth allocations and delay bounds
3748. Although the EAP protocol is not limited
to specified IP traffic sources by segregating the


. 14
( 19)