. 16
( 19)


that together allow you to connect a Light-
insured traffic
Stream 2020 ATM switch to other devices.
Traffic within the insured rate specified for the
PVC. This traffic should not be dropped by the interface processor
network under normal network conditions.
Any of a number of processor modules used in
the Cisco 7000 series routers.
Integrated IS-IS
Integrated Intermediate System-to-Intermediate interference
Unwanted communication channel noise.
Routing protocol based on the OSI routing pro-
tocol IS-IS, but with support for IP and other Interim Local Management Interface
protocols. Integrated IS-IS implementations See ILMI.
send only one set of routing updates, making it
Glossary 351

Interior Gateway Protocol “culture” that focuses on research and standard-
ization based on real-life use. Many leading-
See IGP.
edge network technologies come from the
Interior Gateway Routing Protocol Internet community. The Internet evolved in
See IGRP. part from ARPANET. At one time, called the
DARPA Internet. Not to be confused with the
intermediate cross connect
general term internet. See also ARPANET.
See ICC.
2) internet. Not to be confused with the Inter-
net. See internetwork.
intermediate distribution facility
See IDF.
Internet address
See IP address.
intermediate routing node
See IRN.
Internet Architecture Board
See IAB.
intermediate system
See IS.
Internet Assigned Numbers Authority
Intermediate System Hello
See ISH.
Internet Control Message Protocol
Intermediate System-to-Intermediate
Internet Engineering Steering Group
See IS-IS.
Intermediate System-to-Intermediate
Internet Engineering Task Force
System Hello
See IIH.
Internet Group Management Protocol
International Data Number
See X.121.
Internet Network Operations Center
International Electrotechnical Commission
See IEC.
Internet Protocol
International Federation for Information
1) See IP.
2) Any protocol that is part of the TCP/IP pro-
tocol stack. See TCP/IP.
International Organization for
Internet Research Steering Group
See ISO.
Internet Research Task Force
International Standards Organization
Erroneous expansion of the acronym ISO. See
Internet Society
International Telecommunication Union
See ITU-T.
Collection of networks interconnected by
routers and other devices that functions (gener-
ally) as a single network.
1) Internet. Term used to refer to the largest
global internetwork, connecting tens of thou-
sands of networks worldwide and having a
352 CCNA Security Course Booklet, Version 1.0

The term internetwork is also known as inter- host number. The network and subnetwork
net, which is not to be confused with the Inter- numbers together are used for routing, while
net. the host number is used to address an individual
host within the network or subnetwork. A sub-
Internetwork Packet Exchange net mask is used to extract network and subnet-
See IPX. work information from the IP address. IP
address is also known as an Internet address.
2) Command used to establish the logical net-
General term used to refer to the industry that
work address of this interface. See also IP and
has arisen around the problem of connecting
subnet mask.
networks together. The term can refer to prod-
ucts, procedures, and technologies. IP datagram
Fundamental unit of information passed across
the Internet. Contains source and destination
Organization that serves the Internet commu-
addresses along with data and a number of
nity by supplying user assistance, documenta-
fields that define such things as the length of
tion, training, registration service for Internet
the datagram, the header checksum, and flags
domain names, and other services.
to indicate whether the datagram can be (or
InterNIC was formerly known as Network In-
was) fragmented.
formation Center (NIC).
IP multicast
Routing technique that allows IP traffic to be
Ability of computing equipment manufactured
propagated from one source to a number of
by different vendors to communicate with one
destinations or from many sources to many des-
another successfully over a network.
tinations. Rather than sending one packet to
each destination, one packet is sent to a multi-
Inter-Switching System Interface
cast group identified by a single IP destination
group address.
intra-area routing
IP options
Term used to describe routing within a logical
Field within an IP datagram that deals with net-
area. Compare with interarea routing.
work testing, debugging, security, and others.
Inverse Address Resolution Protocol
See Inverse ARP.
Internet Protocol next generation. See IPv6.
Inverse ARP
Inverse Address Resolution Protocol
IP Security Option
Method of building dynamic routes in a net-
U.S. government specification that defines an
work. Allows an access server to discover the
optional field in the IP packet header that de-
network address of a device associated with a
fines hierarchical packet security levels on a per
virtual circuit.
interface basis.
See Cisco IOS software.
Internet Protocol version 4
IP address Network layer protocol in the TCP/IP stack of-
1) 32-bit address assigned to hosts using fering a connectionless internetwork service.
TCP/IP. An IP address belongs to one of five IPv4 provides features for addressing, type-of-
classes (A, B, C, D, or E) and is written as 4 service specification, fragmentation and re-
octets separated with periods (dotted decimal assembly, and security. Documented in RFC
format). Each address consists of a network 791.
number, an optional subnetwork number, and a
Glossary 353

Internet Protocol version 6 intermediate system
Network layer IP standard used by electronic Router which participates in routing IS-IS in-
devices to exchange data across a packet- formation.
switched internetwork. It follows IPv4 as the
second version of the Internet Protocol to be
Industry-Standard Architecture
formally adopted for general use. IPv6 includes
16-bit bus used for Intel-based personal com-
support for flow ID in the packet header, which
can be used to identify flows.
IPv6 was formerly known as IP next generation isarithmic flow control
Flow control technique in which permits travel
through the network. Possession of these per-
IPv6-over-IPv4 tunnels
mits grants the right to transmit. Isarithmic flow
See 6to4.
control is not commonly implemented.
Internetwork Packet Exchange
Intra-Site Automatic Tunnel Addressing Proto-
NetWare network layer (Layer 3) protocol used
for transferring data from servers to worksta-
Allows an IPv4 private intranet (which may or
tions. IPX is similar to IP and XNS.
may not be using RFC 1918 addresses) to in-
IPXWAN crementally implement IPv6 nodes without up-
Internetwork Packet Exchange grading the network.
Protocol that negotiates end-to-end options for
new links. When a link comes up, the first IPX
Integrated Services Digital Network
packets sent across are IPXWAN packets nego-
Communication protocol, offered by telephone
tiating the options for the link. When the
companies, that permits telephone networks to
IPXWAN options have been successfully deter-
carry data, voice, and other source traffic.
mined, normal IPX transmission begins. De-
fined by RFC 1362. ISH
Intermediate System Hello
ISH packets are a type of a hello packet. ISH is
ICMP Router Discovery Protocol
part of the ES-IS spec 9542; similar to IRDP in
Enables a host to determine the address of a
TCP/IP; used for ISs and ESs to detect each
router that it can use as a default gateway. Simi-
other. ISH packets are sent out to all IS-IS-en-
lar to ESIS, but used with IP.
abled interfaces. On LANs they are sent out pe-
IRN riodically, destined to a special multicast
intermediate routing node address. Routers will become neighbors when
In SNA, a subarea node with intermediate rout- they see themselves in their neighbor™s hello
ing capability. packets and link authentication information
Internet Research Steering Group
Group that is part of the IAB and oversees the Intermediate System-to-Intermediate System
activities of the IRTF. OSI link-state hierarchical routing protocol
based on DECnet Phase V routing whereby ISs
IRTF (routers) exchange routing information based
Internet Research Task Force on a single metric to determine network topol-
Community of network experts that consider ogy. Compare with Integrated IS-IS.
Internet-related research topics. The IRTF is
IS-IS Hello
governed by the IRSG and is considered a sub-
sidiary of the IAB. See IIH.
354 CCNA Security Course Booklet, Version 1.0

IS-IS Interdomain Routing Protocol ISODE
See IDRP. International Organization for Standardization
development environment
ISM Large set of libraries and utilities used to de-
Industrial, Scientific, and Medical velop upper-layer OSI protocols and applica-
The 900-MHz and 2.4-GHz bands are referred tions.
to as the ISM bands.
ISO An antenna that radiates its signal in a spherical
International Organization for Standardization pattern. Compare with dipole.
International organization that is responsible
for a wide range of standards, including those
relevant to networking. ISO developed the OSI Inter-Switching System Interface
reference model, a popular networking refer- Standard interface between SMDS switches.
ence model.
ISO 3309 International Telecommunication Union
HDLC procedures developed by ISO. ISO Telecommunication Standardization Sector
3309:1979 specifies the HDLC frame structure International Telecommunication Union
for use in synchronous environments. ISO Telecommunication Standardization Sector
3309:1984 specifies proposed modifications to (ITU-T) (formerly the Committee for Internati-
allow the use of HDLC in asynchronous envi- ional Telegraph and Telephone ([CCITT]). An
ronments as well. international organization that develops com-
munication standards.
ISO 9000
Set of international quality-management stan-
dards defined by ISO. The standards, which are 1) Error condition in which a network device
not specific to any country, industry, or product, continually transmits random, meaningless data
allow companies to demonstrate that they have onto the network.
specific processes in place to maintain an effi- 2) In IEEE 802.3, a data packet whose length
cient quality system. exceeds that prescribed in the standard.

ISO development environment JANET
See ISODE. Joint Academic Network
X.25 WAN connecting university and research
ISOC institutions in the United Kingdom.
Internet Society
Japan UNIX Network
International nonprofit organization, founded in
1992, that coordinates the evolution and use of See JUNET.
the Internet. In addition, ISOC delegates au-
thority to other groups related to the Internet,
Analog communication line distortion caused
such as the IAB. ISOC is headquartered in Re-
by the variation of a signal from its reference
ston, Virginia, U.S.A.
timing positions. Jitter can cause data loss, par-
isochronous transmission ticularly at high speeds.
Asynchronous transmission over a synchronous
John von Neumann Computer Network
data link. Isochronous signals require a con-
See JvNCnet.
stant bit rate for reliable transport. Compare
with asynchronous transmission, plesiochro- Joint Academic Network
nous transmission, and synchronous transmis-
Glossary 355

jumper kilobits per second
1) Term used for patchcords found in a wiring A bit rate expressed in thousands of bits per
closet. second. Abbreviated kbps.
2) Electrical switch consisting of a number of
pins and a connector that can be attached to the
Approximately 1,000 bytes. Abbreviated KB.
pins in a variety of different ways. Different
circuits are created by attaching the connector kilobytes per second
to different pins.
A bit rate expressed in thousands of bytes per
second. Abbreviated KBps.
Japan UNIX Network LAN
Nationwide, noncommercial network in Japan,
local-area network
designed to promote communication between
High-speed, low-error data network covering a
Japanese and other researchers.
relatively small geographic area (up to a few
thousand meters). LANs connect workstations,
peripherals, terminals, and other devices in a
John von Neumann Computer Network
single building or other geographically limited
Regional network, owned and operated by
area. LAN standards specify cabling and sig-
Global Enterprise Services, Inc., composed of
naling at the physical and data link layers of the
T1 and slower serial links providing midlevel
OSI model. Ethernet, FDDI, and Token Ring
networking services to sites in the Northeastern
are widely used LAN technologies. Compare
United States.
with MAN and WAN.
Karn™s algorithm
LAN emulation
Algorithm that improves round-trip time esti-
mations by helping transport layer protocols
distinguish between good and bad round-trip LAN Emulation Client
time samples.
See LEC.
keepalive interval
LAN Emulation Configuration Server
Period of time between each keepalive message
sent by a network device.
LAN Emulation Server
keepalive message
See LES.
Message sent by one network device to inform
another network device that the virtual circuit LAN Extender
between the two is still active. Any of the products in the Cisco 1000 series.
Cisco LAN Extenders provide a transparent
connection between a central site and a remote
Popular file-transfer and terminal-emulation
site, logically extending the central network to
include the remote LAN. LAN Extender prod-
ucts support all standard network protocols and
are configured and managed through a host
Kernel trap logging facility. Process that runs
router at the central site, requiring no technical
on each NP of every LightStream 2020 ATM
expertise at the remote end. See also Cisco
switch in a network. KERN converts LynxOS
kernel messages, sent to the console, into
SNMP messages. LAN Manager
Distributed NOS, developed by Microsoft, that
supports a variety of protocols and platforms.
Approximately 1,000 bits. Abbreviated kb.
356 CCNA Security Course Booklet, Version 1.0

LAN Manager for UNIX LAPF
See LM/X. Link Access Procedure for Frame Relay
The international draft standard that defines the
LAN Network Manager structure of frame relay frames. All frame relay
See LNM. frames entering a frame relay network automat-
ically conform to this structure.
LAN Server
Server-based NOS developed by IBM and de- LAPM
rived from LNM. Link Access Procedure for Modems
ARQ used by modems implementing the V.42
LAN switch
protocol for error correction.
High-speed switch that forwards packets be-
tween data-link segments. Most LAN switches laser
forward traffic based on MAC addresses. This light amplification by stimulated emission of
variety of LAN switch is sometimes called a radiation
frame switch. LAN switches are often catego- Analog transmission device in which a suitable
rized according to the method they use to for- active material is excited by an external stimu-
ward traffic: cut-through packet switching or lus to produce a narrow beam of coherent light
store-and-forward packet switching. Multilayer that can be modulated into pulses to carry data.
switches are an intelligent subset of LAN Networks based on laser technology are some-
switches. An example of a LAN switch is the times run over SONET.
Cisco Catalyst 5000. Compare with multilayer
local-area transport
LANE A network virtual terminal protocol developed
LAN emulation by Digital Equipment Corporation.
Technology that allows an ATM network to
function as a LAN backbone. The ATM net-
work must provide multicast and broadcast sup- local access and transport area
port, address mapping (MAC-to-ATM), SVC Geographic telephone dialing area serviced by
management, and a usable packet format. a single local telephone company. Calls within
LANE also defines Ethernet and Token Ring LATAs are called “local calls.” There are well
ELANs. over 100 LATAs in the United States.

LAPB latency
Link Access Procedure, Balanced 1) Delay between the time a device requests ac-
Data link layer protocol in the X.25 protocol cess to a network and the time it is granted per-
stack. LAPB is a bit-oriented protocol derived mission to transmit.
from HDLC. 2) Delay between the time when a device re-
ceives a frame and the time that frame is for-
LAPD warded out the destination port.
Link Access Procedure on the D channel
ISDN data link layer protocol for the D chan-
nel. LAPD was derived from the LAPB proto- line card control
col and is designed primarily to satisfy the Process that runs on the NP for each CLC,
signaling requirements of ISDN basic access. LSC, and MSC of a LightStream 2020 ATM
Defined by ITU-T Recommendations Q.920 switch. LCC establishes VCCs, maintains the
and Q.921. link management protocol for the line card,
continually monitors line quality on each trunk
using TUD, and performs other functions.
Glossary 357

logical channel identifier. See VCN. light emitting diode
Semiconductor device that emits light produced
LCN by converting electrical energy. Status lights on
logical channel number. See VCN. hardware devices are typically LEDs.
link control protocol LAN Emulation Server
Protocol that establishes, configures, and tests Entity that implements the control function for
data-link connections for use by PPP. a particular ELAN. There is only one logical
LES per ELAN, and it is identified by a unique
leaf internetwork
ATM address.
In a star topology, an internetwork whose sole
access to other internetworks in the star is Level 1 IS
through a core router. Level 1 intermediate system
Provides routing within an area. It keeps track
learning bridge
of the routing within its own area. For a packet
Bridge that performs MAC address learning to
destined for another area, a Level 1 IS sends the
reduce traffic on the network. Learning bridges
packet to the nearest Level 2 IS in its own area,
manage a database of MAC addresses and the
regardless of what the destination area is.
interfaces associated with each address.
Level 1 router
leased line
Device that routes traffic within a single DEC-
Transmission line reserved by a communica-
net or OSI area.
tions carrier for the private use of a customer. A
leased line is a type of dedicated line. Level 2 IS
Level 2 intermediate system
Provides routing between Level 1 areas and
1) LAN Emulation Client. Entity in an end sys-
form an intradomain routing backbone. It keeps
tem that performs data forwarding, address res-
track of the paths to destination areas. A level 1
olution, and other control functions for a single
must go through a level 2 IS to communicate
ES within a single ELAN. A LEC also provides
with another area.
a standard LAN service interface to any higher-
layer entity that interfaces to the LEC. Each Level 2 router
LEC is identified by a unique ATM address, Device that routes traffic between DECnet or
and is associated with one or more MAC ad- OSI areas. All Level 2 routers must form a con-
dresses reachable through that ATM address. tiguous network.
See also ELAN and LES.
Level 3 IS
2) local exchange carrier. Local or regional
telephone company that owns and operates a Level 3 intermediate system
telephone network and the customer lines that Provides routing between separate domains.
connect to it.
light amplification by stimulated emission of
See laser.
LAN emulation configuration server
Entity that assigns individual LANE clients to
light emitting diode
particular ELANs by directing them to the LES
See LED.
that corresponds to the ELAN. There is logi-
cally one LECS per administrative domain, and lightweight access point
this serves all ELANs within that domain. A lightweight access point is the type of access
point used in a centralized WLAN solution
358 CCNA Security Course Booklet, Version 1.0

where a wireless controller monitors and man- LINF
ages the access points. Line Interface
Interface card used on the LightStream 100
limited resource link
ATM switch. The LINF receives cells sent over
Resource defined by a device operator to re- a line, checks them for errors, and forwards
main active only when being used. them toward their destination.
line link
1) In SNA, a connection to the network. Network communications channel consisting of
2) See link. a circuit or transmission path and all related
equipment between a sender and a receiver.
line card
Most often used to refer to a WAN connection.
Card on a LightStream 2020 ATM switch that,
A link is also known as a line or a transmission
together with its access card, provides I/O serv-
ices for the switch. There are four types of line
cards: CLC, LSC, MSC, and PLC. Link Access Procedure for Frame Relay
line card control
See LCC. Link Access Procedure for Modems
line code type
One of a number of coding schemes used on se- Link Access Procedure on the D channel
rial lines to maintain data integrity and reliabil- See LAPD.
ity. The line code type used is determined by
the carrier service provider. Link Access Procedure, Balanced
line conditioning
Use of equipment on leased voice-grade chan- link layer
nels to improve analog characteristics, thereby See data link layer.
allowing higher transmission rates.
link state routing algorithm
line driver Routing algorithm in which each router broad-
Inexpensive amplifier and signal converter that casts or multicasts information regarding the
conditions digital signals to ensure reliable cost of reaching each of its neighbors to all
transmissions over extended distances. nodes in the internetwork. Link state algorithms
create a consistent view of the network and are
Line Interface
therefore not prone to routing loops, but they
See LINF. achieve this at the cost of relatively greater
computational difficulty and more widespread
line of sight
traffic (compared with distance vector routing
Characteristic of certain transmission systems
algorithms). Compare with distance vector
such as laser, microwave, and infrared systems
routing algorithm.
in which no obstructions in a direct path be-
tween transmitter and receiver can exist. link-layer address
See MAC address.
line printer daemon
See LPD. link-local address
IPv6 uses link-local addresses to identify inter-
line turnaround
faces on a link that are meant to stay within a
Time required to change data transmission di-
given broadcast domain. They may also be
rection on a telephone line.
thought of as the “host portion” of an IPv6 ad-
dress. These addresses are used for features
such as stateless Autoconfiguration. Link-local
Glossary 359

addresses start with the prefix FE80::/10, and LMT
then include an interface ID. Compare with See LMI.
site-local unicast address.
link-state advertisement LAN Network Manager
See LSA. SRB and Token Ring management package
provided by IBM. Typically running on a PC, it
link-state packet
monitors SRB and Token Ring devices, and can
See LSA. pass alerts up to NetView.
link-state PDU database load balancing
See LSPD. In routing, the ability of a router to distribute
traffic over all its network ports that are the
same distance from the destination address.
Method of storing or transmitting data in which
Good load-balancing algorithms use both line
the least significant bit or byte is presented
speed and reliability information. Load balanc-
first. Compare with big-endian.
ing increases the utilization of network seg-
LLC ments, thus increasing effective network
logical link control
Higher of the two data link layer sublayers de-
local access and transport area
fined by the IEEE. The LLC sublayer handles
error control, flow control, framing, and MAC-
sublayer addressing. The most prevalent LLC local acknowledgment
protocol is IEEE 802.2, which includes both Method whereby an intermediate network
connectionless and connection-oriented variants. node, such as a router, responds to acknowledg-
ments for a remote end host. Use of local ac-
knowledgments reduces network overhead and,
Connection-oriented OSI LLC-sublayer proto-
therefore, the risk of time-outs.
Local acknowledgment is also known as local
LLQ termination.
Low Latency Queueing
local bridge
Brings strict priority queueing to Class-Based
Bridge that directly interconnects networks in
Weighted Fair Queueing (CBWFQ).
the same geographic area.
local exchange carrier
LAN Manager for UNIX
See LEC.
Monitors LAN devices in UNIX environments.
local loop
Line from the premises of a telephone sub-
Local Management Interface
scriber to the telephone company CO.
Set of enhancements to the basic Frame Relay
specification. LMI includes support for a Local Management Interface
keepalive mechanism, which verifies that data See LMI.
is flowing; a multicast mechanism, which pro-
vides the network server with its local DLCI local termination
and the multicast DLCI; global addressing, See local acknowledgment.
which gives DLCIs global rather than local sig-
local traffic filtering
nificance in Frame Relay networks; and a status
Process by which a bridge filters out (drops)
mechanism, which provides an on-going status
frames whose source and destination MAC ad-
report on the DLCIs known to the switch.
dresses are located on the same interface on the
LMI is known as LMT in ANSI terminology.
360 CCNA Security Course Booklet, Version 1.0

bridge, thus preventing unnecessary traffic from lossy
being forwarded across the bridge. Defined in Characteristic of a network that is prone to lose
the IEEE 802.1 standard. packets when it becomes highly loaded.

local unicast address Low Latency Queueing
An IPv6 address whose scope is configured to a See LLQ.
single link. The address is unique only on this
low-speed line card
link and it is not routable off the link. Compare
See LSC.
with a global unicast address.
local-area network
Line Printer Daemon
See LAN.
Protocol used to send print jobs between UNIX
local-area transport systems.
See LAT.
logical address link-state advertisement
See network address. Broadcast packet used by link-state protocols
that contains information about neighbors and
logical channel
path costs. LSAs are used by the receiving
Nondedicated, packet-switched communica- routers to maintain their routing tables.
tions path between two or more network nodes. Link-state advertisement is also known as link-
Packet switching allows many logical channels state packet (LSP).
to exist simultaneously on a single physical
channel. LSC
low-speed line card
logical channel identifier
Card on the LightStream 2020 ATM switch that
See LCI. can be configured as an edge or a trunk card.
An LSC, in conjunction with an access card,
logical channel number
supports eight trunk or edge ports (Frame Relay
See LCN.
or frame forwarding) at individual port speeds
Logical Link Control up to 3.584 Mbps, or an aggregate rate of 6
Mbps per line card.
See LLC.

Logical Link Control, type 2
link-state packet
See LLC2.

logical unit
link-state PDU database
See LU.
Database maintained by each router running a
logical unit 6.2 link-state routing protocol. It provides a global
See LU 6.2. view of the area itself and the exit points to
neighboring areas.
Route where packets never reach their destina- LU
tion, but simply cycle repeatedly through a con- logical unit
stant series of network nodes. Primary component of SNA, an LU is an NAU
that enables end users to communicate with
loopback test
each other and gain access to SNA network re-
Test in which signals are sent and then directed
back toward their source from some point along
the communications path. Loopback tests are
often used to test network interface usability.
Glossary 361

LU 6.2 MAC-layer address
logical unit 6.2 See MAC address.
In SNA, an LU that provides peer-to-peer com-
main cross connect
munication between programs in a distributed
See MCC.
computing environment. APPC runs on LU 6.2
devices. main distribution facility
See MDF.
Lightweight Access Point Protocol Maintenance Operation Protocol
LWAPP encapsulates and encrypts (with AES)
See MOP.
control traffic between access points and wire-
less controllers. The data traffic between the ac- MAN
cess points and controllers is also encapsulated metropolitan-area network
by LWAPP, but not encrypted. Network that spans a metropolitan area. Gener-
ally, a MAN spans a larger geographic area
than a LAN, but a smaller geographic area than
Real-time, UNIX-like operating system that
a WAN. Compare with LAN and WAN.
runs on the NP of a LightStream 2020 ATM
switch. managed object
In network management, a network device that
can be managed by a network management pro-
Media Access Control
Lower of the two sublayers of the data link
layer defined by the IEEE. The MAC sublayer Management Information Base
handles access to shared media, such as See MIB.
whether token passing or contention will be
Management Information Base collection
See MIB collection.
MAC address
Management Information Base reporting
Media Access Control address
See MIB reporting.
Standardized data link layer address that is re-
quired for every port or device that connects to
management services
a LAN. Other devices in the network use these
SNA functions distributed among network
addresses to locate specific ports in the network
components to manage and control an SNA
and to create and update routing tables and data
structures. MAC addresses are 6 bytes long and
are controlled by the IEEE. Compare with net- Manchester encoding
work address. Digital coding scheme, used by IEEE 802.3 and
MAC address is also known as hardware ad- Ethernet, in which a mid-bit-time transition is
dress, MAC-layer address, or physical address. used for clocking, and a 1 is denoted by a high
level during the first half of the bit time.
MAC address learning
Service that characterizes a learning bridge, in Manufacturing Automation Protocol
which the source MAC address of each re- See MAP.
ceived packet is stored so that future packets
destined for that address can be forwarded only
Manufacturing Automation Protocol
to the bridge interface on which that address is
Network architecture created by General Mo-
located. Packets destined for unrecognized ad-
tors to satisfy the specific needs of the factory
dresses are forwarded out every bridge inter-
floor. MAP specifies a token-passing LAN sim-
face. This scheme helps minimize traffic on the
ilar to IEEE 802.4.
attached LANs. MAC address learning is de-
fined in the IEEE 802.1 standard.
362 CCNA Security Course Booklet, Version 1.0

mask MBONE
See address mask and subnet mask. multicast backbone
The multicast backbone of the Internet.
master management agent MBONE is a virtual multicast network com-
See MMA. posed of multicast LANs and the point-to-point
tunnels that interconnect them.
media attachment unit MCA
Device used in Ethernet and IEEE 802.3 net- Micro Channel Architecture
works that provides the interface between the Bus interface commonly used in PCs and some
AUI port of a station and the common medium UNIX workstations and servers.
of the Ethernet. The MAU, which can be built
into a station or can be a separate device, per-
forms physical layer functions including the main cross-connect
conversion of digital data from the Ethernet in- Wiring closet that serves as the most central
terface, collision detection, and injection of bits point in a star topology and where LAN back-
onto the network. Sometimes referred to as a bone cabling connects to the Internet.
media access unit, also abbreviated MAU, or as
a transceiver. In Token Ring, a MAU is known
Multiport Communications Interface
as a multistation access unit and is usually ab-
Card on the AGS+ that provides two Ethernet
breviated MSAU to avoid confusion.
interfaces and up to two synchronous serial in-
maximum burst terfaces. The MCI processes packets rapidly,
Specifies the largest burst of data above the in- without the interframe delays typical of other
sured rate that will be allowed temporarily on Ethernet interfaces.
an ATM PVC, but will not be dropped at the
edge by the traffic policing function, even if it
minimum cell rate
exceeds the maximum rate. This amount of
Parameter defined by the ATM Forum for ATM
traffic will be allowed only temporarily; on av-
traffic management. MCR is defined only for
erage, the traffic source needs to be within the
ABR transmissions, and specifies the minimum
maximum rate. Specified in bytes or cells.
value for the ACR.
Compare with insured burst.
maximum rate
Message Digest 5
Maximum total data throughput allowed on a
Algorithm used for message authentication in
given virtual circuit, equal to the sum of the in-
SNMP v.2. MD5 verifies the integrity of the
sured and uninsured traffic from the traffic
communication, authenticates the origin, and
source. The uninsured data might be dropped if
checks for timeliness.
the network becomes congested. The maximum
rate, which cannot exceed the media rate, repre- MDF
sents the highest data throughput the virtual cir-
main distribution facility
cuit will ever deliver, measured in bits or cells
Primary communications room for a building.
per second. Compare with excess rate and in-
Central point of a star networking topology
sured rate.
where patch panels, hub, and router are located.
maximum transmission unit
See MTU.
The various physical environments through
which transmission signals pass. Common net-
work media include twisted-pair, coaxial and
megabits per second
fiber-optic cable, and the atmosphere (through
A megabit per second is a unit of data transfer
rate equal to 1,000,000 bits per second.
Glossary 363

which microwave, laser, and infrared transmis- Message Digest 5
sion occurs). See MD5.
Media is also known as physical media. Media
message handling system
is the plural of medium.
See MHS.
Media Access Control
Message Queuing Interface
See MAC.
See MQI.
Media Access Control Address
message switching
See MAC address.
Switching technique involving transmission of
media access unit messages from node to node through a net-
See MAU. work. The message is stored at each node until
such time as a forwarding path is available.
media attachment unit
Contrast with circuit switching and packet
See MAU. switching.
media interface connector message unit
See MIC. Unit of data processed by any network layer.
media rate metering
Maximum traffic throughput for a particular See traffic shaping.
media type.
See routing metric.
See media.
metropolitan-area network
medium-speed line card
See MAN.
See MSC.
message handling system
Abbreviated Mb. ITU-T X.400 recommendations that provide
message handling services for communications
megabits per second
between distributed applications. NetWare
See Mb/s.
MHS is a different (though similar) entity that
megabyte also provides message-handling services.
Abbreviated MB.
mesh Management Information Base
Database of network management information
Network topology in which devices are organ-
that is used and maintained by a network man-
ized in a manageable, segmented manner with
agement protocol such as SNMP or CMIP. The
many, often redundant, interconnections strate-
value of a MIB object can be changed or re-
gically placed between network nodes.
trieved using SNMP or CMIP commands. MIB
message objects are organized in a tree structure that in-
Application layer (Layer 7) logical grouping of cludes public (standard) and private (propri-
information, often composed of a number of etary) branches.
lower-layer logical groupings such as packets.
The terms datagram, frame, packet, and seg-
1) media interface connector. FDDI is the de
ment are also used to describe logical informa-
facto standard connector.
tion groupings at various layers of the OSI
2) message integrity check. MIC is a method
reference model and in various technology cir-
use to overcome the exploitation of encryption
keys by utilizing integrity checks.
364 CCNA Security Course Booklet, Version 1.0

micro channel architecture MMA
See MCA. master management agent
SNMP agent that runs on the NP of a Light-
microcode Stream 2020 ATM switch. MMA translates be-
Translation layer between machine instructions tween an external network manager using
and the elementary operations of a computer. SNMP and the internal switch management
Microcode is stored in ROM and allows the ad- mechanisms.
dition of new machine instructions without re-
Mobile IP
quiring that they be designed into electronic
circuits when new instructions are needed. An IETF standard for IPv4 and IPv6 which en-
ables mobile devices to move without breaking
microsegmentation current connections. In IPv6, mobility is built
Division of a network into smaller segments, in, which means that any IPv6 node can use it
usually with the intention of increasing aggre- as needed.
gate bandwidth to network devices.
microwave modulator-demodulator
Electromagnetic waves in the range 1 to 30 Device that converts digital and analog signals.
GHz. Microwave-based networks are an evolv- At the source, a modem converts digital signals
ing technology gaining favor due to high band- to a form suitable for transmission over analog
width and relatively low cost. communication facilities. At the destination, the
analog signals are returned to their digital form.
Military Network
Modems allow data to be transmitted over
voice-grade telephone lines.
millions of instructions per second
See mips.
Any of several techniques for combining user
information with a transmitter™s carrier signal.
It is a process by which the characteristics of
Military Network
electrical signals are transformed to represent
Unclassified portion of the DDN. Operated and
information. Types of modulation include AM,
maintained by the DISA.
FM, and PAM.
minimum cell rate
See MCR.
See modem.
MultiChannel Interface Processor
Management tool on the LightStream 2020
Interface processor on the Cisco 7000 series
ATM switch that allows a user to examine indi-
routers that provides up to two channelized T1
vidual nodes in the network and learn the status
or E1 connections via serial cables to a CSU.
of interface modules and power supplies. The
The two controllers on the MIP can each pro-
monitor is an HP OpenView-based application
vide up to 24 T1 or 30 E1 channel-groups, with
that runs on an NMS.
each channel-group presented to the system as
a serial interface that can be configured individ-
monomode fiber
See single-mode fiber.
millions of instructions per second
Maintenance Operation Protocol
Number of instructions executed by a processor
Digital Equipment Corporation protocol, a sub-
per second.
set of which is supported by Cisco, that pro-
vides a way to perform primitive maintenance
Glossary 365

operations on DECnet systems. For example, the Token Ring interface of, for example, a
MOP can be used to download a system image Cisco 7000 TRIP.
to a diskless station. MSAU is also abbreviated MAU.

Mosaic MSC
Public-domain WWW browser, developed at medium-speed line card
the National Center for Supercomputing Appli- Card on the LightStream 2020 ATM switch that
cations (NCSA). can be configured as an edge or a trunk card.
The MSC, in conjunction with an access card,
MP-BGP supports two trunk or edge (UNI) ports at data
Multiprotocol - Border Gateway Protocol rates up to T3 or E3.
Used to enable BGP4 to carry information of
other protocols, for example, Multiprotocol
Label Switching (MPLS) and IPv6. maximum transmission unit
Maximum packet size, in bytes, that a particu-
MPLS lar interface can handle.
Multiprotocol Label Switching
Labeling technique used to increase the speed
of traffic flow. Each packet is tagged with the North American companding standard used in
path sequence to the destination. This saves conversion between analog and digital signals
time by not have to do a lookup of the routing in PCM systems. Similar to the European alaw.
table. In another word packet switching is done
multiaccess network
at layer 2 instead of layer 3. MPLS support
Network that allows multiple devices to con-
multiple protocols such as IP, ATM, and frame
nect and communicate simultaneously.
Single packets copied by the network and sent
Multiprotocol Label Switching/Traffic Engi-
to a specific subset of network addresses. These
addresses are specified in the destination ad-
Provides a way to integrate TE capabilities
dress field. Compare with broadcast and uni-
(such as those used on Layer 2 protocols like
ATM) into Layer 3 protocols (IP). MPLS TE
uses an extension to existing protocols (Re- multicast address
source Reservation Protocol (RSVP), IS-IS,
Single address that refers to multiple network
Open Shortest Path First (OSPF))to calculate
devices. Synonymous with group address.
and establish unidirectional tunnels that are set
Compare with broadcast address and unicast
according to the network constraint. Traffic
flows are mapped on the different tunnels de-
pending on their destination. multicast backbone
Message Queuing Interface multicast group
International standard API that provides func- Dynamically determined group of IP hosts
tionality similar to that of the RPC interface. In identified by a single IP multicast address.
contrast to RPC, MQI is implemented strictly at
multicast router
the application layer.
Router used to send IGMP query messages on
MSAU their attached local networks. Host members of
multistation access unit a multicast group respond to a query by send-
Wiring concentrator to which all end stations in ing IGMP reports noting the multicast groups
a Token Ring network connect. The MSAU to which they belong. The multicast router
provides an interface between these devices and takes responsibility for forwarding multicast
366 CCNA Security Course Booklet, Version 1.0

datagrams from one multicast group to all other Multiport Communications Interface
networks that have members in the group. See MCI.

multicast server Multiprotocol BGP
Establishes a one-to-many connection to each See MP-BGP.
device in a VLAN, thus establishing a broad-
Multiprotocol Label Switching (MPLS)
cast domain for each VLAN segment. The mul-
ticast server forwards incoming broadcasts only
to the multicast address that maps to the broad-
Multiprotocol Label Switching/Traffic
cast address. Engineering
MultiChannel Interface Processor
See MIP. multistation access unit
multihomed host
Host attached to multiple physical network seg- NAC
ments in an OSI CLNS network.
Network Admission Control
Method of controlling access to a network in
order to prevent the introduction of computer
Addressing scheme in IS-IS routing that sup-
viruses. Using a variety of protocols and soft-
ports assignment of multiple area addresses.
ware products, NAC assesses the condition of
multilayer switch hosts when they attempt to log onto the net-
Switch that filters and forwards packets based work, and handles the request based on the
on MAC addresses and network addresses. A host™s condition, called its posture. Infected
subset of LAN switch. The Catalyst 5000 is an hosts can be placed in quarantine; hosts without
example of a multilayer switch. Compare with up-to-date virus protection software can be di-
LAN switch. rected to obtain updates, and uninfected hosts
with up-to-date virus protection can be allowed
multimode fiber onto the network.
Optical fiber supporting propagation of multi-
Nagle™s algorithm
ple frequencies of light.
Actually two separate congestion control algo-
multipath distortion rithms that can be used in TCP-based networks.
The echoes created as a radio signal bounces One algorithm reduces the sending window; the
off of physical objects. Multipath distortion oc- other limits small datagrams.
curs when an RF signal has more than one path
between a receiver and a transmitter. RF waves
can take more than one path when going from a negative acknowledgment
transmitting to a receiving antenna. These mul- Response sent from a receiving device to a
tiple signals arrive at the receiving antenna at sending device indicating that the information
different times and phases which causes distor- received contained errors. Compare to ACK.
tion of the signal.
name caching
multiple domain network Method by which remotely discovered host
SNA network with multiple SSCPs. names are stored by a router for use in future
packet-forwarding decisions to allow quick ac-
multiplexing cess.
Scheme that allows multiple logical signals to
name resolution
be transmitted simultaneously across a single
physical channel. Compare with demultiplex- Generally, the process of associating a name
ing. with a network location.
Glossary 367

name server NAU
Server connected to a network that resolves network addressable unit
network names into network addresses. SNA term for an addressable entity. Examples
include LUs, PUs, and SSCPs. NAUs generally
NAP provide upper-level network services. Compare
network access point with path control network.
Location for interconnection of Internet service
providers in the United States for the exchange
of packets. nearest active upstream neighbor
In Token Ring or IEEE 802.5 networks, the
narrowband closest upstream network device from any
See baseband. given device that is still active.
Narrowband ISDN NBMA
See N-ISDN. nonbroadcast multiaccess
Term describing a multiaccess network that ei-
ther does not support broadcasting (such as
Network Address Translation
X.25) or in which broadcasting is not feasible
Only globally unique in terms of the public in-
(for example, an SMDS broadcast group or an
ternet. A mechanism for translating private ad-
extended Ethernet that is too large).
dresses into publicly usable addresses to be
used within the public internet. An effective NBS
means for hiding actual device addressing National Bureau of Standards
within a private network. Organization that was part of the U.S. Depart-
Network Address Translation is also known as ment of Commerce.
Network Address Translator. National Bureau of Standards is now known as
National Institute of Standards and Technology
National Bureau of Standards
See NBS.
National Institute of Standards and
native client interface architecture
SNA applications-access architecture, devel-
oped by Cisco, that combines the full function-
National Science Foundation ality of native SNA interfaces at both the host
and client with the flexibility of leveraging
See NSF.
TCP/IP backbones. NCIA encapsulates SNA
National Science Foundation Network traffic on a client PC or workstation, thereby
See NSFNET. providing direct TCP/IP access while preserv-
ing the native SNA interface at the end-user
native client interface architecture
level. In many networks, this capability obvi-
ates the need for a standalone gateway and can
provide flexible TCP/IP access while preserv-
ing the native SNA interface to the host.
Network Address Translation - Protocol Trans-
Translation mechanism that sits between an
Network Control Protocol
IPv6 network and an IPv4 network. The job of
In SNA, a program that routes and controls the
the translator is to translate IPv6 packets into
flow of data between a communications con-
IPv4 packets and vice versa. Compare with
troller (in which it resides) and other network
Stateless IP/Internet Control Message Protocol
(ICMP) Translation (SIIT) algorithm and DNS
368 CCNA Security Course Booklet, Version 1.0

NCP/Token Ring Interconnection network layer of the IS itself (0 means no trans-
port layer). For this reason, the NSAP of a
router is always referred to as a NET.
neighborhood discovery
NetBIOS Extended User Interface
Process that runs on the NP of each Light-
Enhanced version of the NetBIOS protocol
Stream 2020 ATM switch in the ATM network.
used by network operating systems such as
For call routing purposes, every node in the net-
LAN Manager, LAN Server, Windows for
work needs to know about changes in network
Workgroups, and Windows NT. NetBEUI for-
topology, such as trunks and ports going up or
malizes the transport frame and implements the
down. ND learns about such changes at the
OSI LLC2 protocol.
chassis level and forwards this information to
the GID process, which sends the information
throughout the network.
Network Basic Input/Output System
Neighborhood discovery is also known as
API used by applications on an IBM LAN to
neighborhood discovery daemon (NDD).
request services from lower-level network
NDD processes. These services might include session
establishment and termination, and information
Neighborhood discovery daemon.
network driver interface specification
IBM network management architecture and re-
Specification for a generic, hardware- and pro-
lated applications. NetView is a VTAM applica-
tocol-independent device driver for NICs. Pro-
tion used for managing mainframes in SNA
duced by Microsoft.
nearest active upstream neighbor
Popular distributed NOS developed by Novell.
NEARNET Provides transparent remote file access and nu-
Regional network in New England (United merous other distributed network services.
States) that links Boston University, Harvard
NetWare Link Services Protocol
University, and MIT. Now part of BBN Planet.
negative acknowledgment
NetWare Loadable Module
See NAK.
See NLM.
neighborhood discovery
See ND.
1) Collection of computers, printers, routers,
neighborhood discovery daemon switches, and other devices that are able to
See ND. communicate with each other over some trans-
mission medium.
neighboring routers
2) Command that assigns a NIC-based address
In OSPF, two routers that have interfaces to a
to which the router is directly connected.
common network. On multiaccess networks,
3) Command that specifies any directly con-
neighbors are dynamically discovered by the
nected networks to be included.
OSPF Hello protocol.
network access point
See NAP.
network entity title
NSAP with an n-selector of zero. All router network access server
NETs have an n-selector of zero, implying the See access server.
Glossary 369

network address network interface card
Network layer address referring to a logical, See NIC.
rather than a physical, network device. Com-
network layer
pare with MAC address.
Layer 3 of the OSI reference model. This layer
Network address is also known as protocol ad-
provides connectivity and path selection be-
tween two end systems. The network layer is
network addressable unit the layer at which routing occurs. Corresponds
See NAU. roughly with the path control layer of the SNA
network administrator
network management
Person responsible for the operation, mainte-
nance, and management of a network. Generic term used to describe systems or ac-
tions that help maintain, characterize, or trou-
Network Admission Control bleshoot a network.
See NAC.
Network Management Processor
network analyzer See NMP.
Network monitoring device that maintains sta-
network management system
tistical information regarding the status of the
network and each device attached to it. More See NMS.
sophisticated versions using artificial intelli-
network management vector transport
gence can detect, define, and fix problems on
the network.
network number
Network Basic Input/Output System
Part of an IP address that specifies the network
See NetBIOS.
to which the host belongs.
Network byte order
network operating system
Internet-standard ordering of the bytes corre-
See NOS.


. 16
( 19)