This sysadmin glossary is built for bookmarking. Whether you're onboarding a new team member, writing a script, or troubleshooting at 2 a.m., it’s your go-to reference for the IT terms that matter — quick, clear, and alphabetized from ACL to VPN.
A - E
A
ACL (access control list)
An ACL is a set of rules that define which users or systems can access specific digital resources and what actions they can perform. These lists improve security and help control network traffic.
Active Directory (AD)
Active Directory, or AD, is a Microsoft service that manages users, devices, and access across a Windows domain network using a structured hierarchy. It supports centralized administration and policy enforcement.
Antivirus
Antivirus software detects, blocks, and removes malware like viruses, ransomware, and spyware to protect systems. It runs continuously in the background to prevent infections.
API (application programming interface)
An API is a set of protocols that lets software systems communicate and share functionality, streamlining development. APIs enable faster integration between tools and platforms.
Applets
An applet is a small application, often written in Java, that runs within a web browser to perform a specific task. Applets enhance interactivity on websites.
Application
An application is a program designed to help users complete tasks like browsing, word processing, or managing data. Applications can be desktop- or cloud-based.
ASCII (American Standard Code for Information Interchange)
ASCII is a coding standard that converts English characters into numbers, enabling data exchange between computers. It includes 128 standardized character codes.
Attack surface management
Attack surface management is the process of identifying and reducing all possible entry points an attacker could exploit in a system. It helps strengthen cybersecurity posture.
AWS (Amazon Web Services)
AWS is a suite of cloud computing tools from Amazon that includes storage, hosting, and application development services. It supports scalable, on-demand infrastructure.
B
Backup
Copy or archive of data stored on computers, phones, or other devices that is taken and stored in a secondary location. Backups are used to restore original information in the event of data loss, corruption, or deletion.
Bandwidth Maximum
Bandwidth is the maximum amount of data that can be transmitted over a network in a given time, measured in Mbps (megabits per second). Higher bandwidth allows for faster data transfers.
Bash
Bash is a Unix shell and command language commonly used in Linux for automation and scripting tasks. It enables complex operations using scripts.
Batch file (.bat)
A batch file, or .bat file, is a text file that runs a sequence of command-line instructions automatically in Windows or DOS. It’s often used for automation and administrative tasks.
BIOS (basic input/output system)
BIOS is firmware that initializes hardware and loads the operating system when a computer starts. It also manages device settings and boot order.
Bridge (networking)
A bridge is a device that connects LAN segments and forwards traffic based on MAC addresses to create a unified network. It reduces traffic and isolates collisions.
BYOD (Bring your own device)
BYOD is a policy that allows employees to use personal devices like phones or laptops to access company systems. It improves flexibility but introduces security challenges.
C
Cache
A cache is a temporary storage area that holds frequently accessed data for quick retrieval. It improves performance by reducing data fetch time.
Chkdsk
Chkdsk is a Windows utility that scans and repairs file system errors on a disk. It can also detect and isolate bad sectors.
CIM (Common Information Model)
CIM is a standard model for managing and describing IT resources across platforms using a common data structure. It supports interoperability among management tools.
Client (networking)
A client is a device or program that requests services or resources from a server. Clients are part of the client-server architecture.
Client-server model
The client-server model is a network design where clients send requests and servers respond with data or services. It enables centralized resource management.
Cloud computing
Cloud computing is the delivery of services like storage, applications, and processing power over the internet. It reduces reliance on local infrastructure.
CLR (Common Language Runtime)
CLR, or Common Language Runtime, is the core of the .NET Framework that manages code execution and provides services like memory management. It ensures safe execution of .NET applications.
CMD
CMD is the command-line interface in Windows used to run system commands and scripts. It enables advanced administrative and troubleshooting operations.
Command-line interface (CLI)
A command-line interface, or CLI is a text-based interface for interacting with software or the operating system using typed commands. It allows for automation and fine-grained control.
Computer virus
A computer virus is malicious code that replicates by infecting programs and can damage systems or steal data. It often spreads through downloads or email attachments.
Cookie
A cookie is a small file stored on a user’s device by a website to remember preferences and session data. Cookies support user authentication and personalization.
CPU (central processing unit)
The CPU, or central processing unit, is the primary chip in a computer that executes instructions and performs processing tasks. It’s often referred to as the brain of the computer.
CSV (comma-separated values)
A CSV file, or comma-separated values file, is a file format that uses commas to separate values, often used for importing and exporting structured data. It’s widely supported across applications.
Cybersecurity
Cybersecurity encompasses practices and technologies that protect systems, networks, and data from unauthorized access or attacks. It includes prevention, detection, and response.
D
Database
A database is an organized collection of data that enables easy access, management, and updating. Databases are used for storing structured information.
DCOM (Distributed Component Object Model)
DCOM, or Distributed Component Object Model, is a Microsoft protocol that allows software components to communicate over a network. It supports distributed computing environments.
Deployment (IT)
Deployment is the process of making hardware or software ready for use in a live environment. It includes installation, configuration, and testing.
DevOps
DevOps is a set of practices that combines software development and IT operations to improve delivery and collaboration. It emphasizes automation and continuous integration.
DFS (distributed file system)
DFS, or distributed file system, is a file system that enables file access and sharing across multiple networked computers. It provides redundancy and load balancing.
DHCP (Dynamic Host Configuration Protocol)
DHCP, or Dynamic Host Configuration Protocol, is a protocol that automatically assigns IP addresses and configurations to devices on a network. It simplifies device connectivity.
Disaster recovery (DR)
Disaster recovery, or DR, involves strategies and tools used to restore IT operations and data after a system failure or disaster. It is critical to business continuity.
DLP (data loss prevention)
DLP, or data loss prevention, refers to security measures that detect and prevent unauthorized sharing or loss of sensitive data. It helps ensure compliance and data integrity.
DMTF (distributed management task force)
DMTF, or distributed management task force, is an organization that develops standards for interoperable IT management. It supports unified management across different platforms.
DNS (Domain Name System)
DNS, or Domain Name System, is a system that translates domain names into IP addresses for locating internet resources. It’s a core component of web browsing.
DOM (Document Object Model)
The DOM, or Domain Object Model, is an interface that represents web documents as a tree structure for easy content manipulation. It allows scripts to dynamically update content.
DoS (denial of service)
A DoS, or denial of service, attack is a cyberattack that floods systems with traffic, making services unavailable to users. It targets system performance and availability.
E
Encryption
Encryption is the process of converting data into a secure format to prevent unauthorized access. It’s a foundational element of cybersecurity.
Ethernet
Ethernet is a standard for connecting devices in a local area network (LAN) using wired communication. It provides reliable, high-speed data transfer.
Event Viewer
Event Viewer is a Windows tool that logs system events, helping troubleshoot errors and monitor system activity. It’s essential for diagnostics.
Executable file
An executable file is a file that performs programmed tasks when opened, usually ending in .exe or .bat. These files launch applications or scripts.
F - J
F
Failover
Failover is the process of automatically switching to a standby system when the primary system fails. It helps maintain uptime and service continuity.
FAT (file allocation table)
FAT, or file allocation table, is a file system that maps files on a disk and tracks where they are stored. It's widely used on flash drives and portable devices.
Firewall
A firewall is a security system that monitors and controls incoming and outgoing network traffic. It creates a barrier between trusted and untrusted networks.
FTP (File Transfer Protocol)
FTP, or File Transfer Protocol, is a standard protocol for transferring files between computers over a network. It's commonly used for uploading and downloading data.
G
Gateway
A gateway is a device that connects different networks and translates communication protocols between them. It enables interoperability across network systems.
Group policy
Group policy is a Microsoft Windows feature that lets administrators manage user and computer settings in Active Directory environments. It simplifies centralized control.
H
Hardware
Hardware includes the physical components of a computer system, like CPU, RAM, and hard drives. These components perform input, processing, storage, and output functions.
Hashing
Hashing is a process that transforms input data into a fixed-length string of characters. It's used for data integrity checks and password security.
Host
A host is any device connected to a network that offers or uses services. Hosts can be servers, workstations, or other devices with an IP address.
HTTP (Hypertext Transfer Protocol)
HTTP, or Hypertext Transfer Protocol, is a protocol used to transfer web content over the internet. It defines how messages are formatted and transmitted between clients and servers.
Hyper-V
Hyper-V is a Microsoft virtualization tool that allows users to create and manage virtual machines. It's commonly used for testing and server consolidation.
I
icacls (Integrity Control Access Control List)
icacls, or Integrity Control Access Control List, is a Windows command-line utility that displays, modifies, and backs up access control lists. It replaces older tools like cacls and works with file permissions.
ICANN (Internet Corporation for Assigned Names and Numbers)
ICANN, or Internet Corporation for Assigned Names and Numbers, is a nonprofit that oversees internet infrastructure, including IP address allocation and domain name management. It ensures a stable and secure internet.
IIS (Internet Information Services)
IIS, or Internet Information Services, is a flexible and secure Microsoft web server for hosting websites and applications. It supports features like authentication and custom error pages.
Imaging
Imaging is the process of creating a complete copy of a system's disk or partition. It's used for deployments, backups, and system recovery.
IP address
An IP address is a unique numerical label assigned to each device on a network. It identifies the device's location and enables communication.
ISP (internet service provider)
An ISP, or internet service provider, is a company that provides individuals and businesses with access to the internet. They may also offer email, hosting, and other services.
K - O
K
Kerberos
Kerberos is a network security protocol that authenticates service requests between clients and servers on untrusted networks. It uses encrypted tickets instead of passwords to verify identity.
L
LAN (local area network)
A LAN, or local area network, is a network that connects computers within a limited area, like a home or office. It typically uses Ethernet or Wi-Fi for communication.
Latency
Latency is the delay between sending a request and receiving a response over a network. Lower latency means faster data transmission.
LDAP (Lightweight Directory Access Protocol)
LDAP is an open protocol for accessing and managing directory information over a network. It enables authentication and communication with directory services.
Localhost
Localhost, also called Hostname or default name, refers to the current computer, using the loopback address 127.0.0.1. It is often used for testing software locally.
Logs
Logs are detailed records of events and messages from software and systems. They help troubleshoot issues and monitor performance.
M
MAC address
A MAC address is a unique identifier assigned to a network interface card. It helps locate and manage devices on a network.
Mainframe
A mainframe is a high-performance computer used for large-scale data processing. It’s essential for industries that require reliability and speed.
Malware
Malware is software designed to harm or exploit systems. Examples include viruses, worms, spyware, and ransomware.
MDT (Microsoft Deployment Toolkit)
MDT, or Microsoft Deployment Toolkit, is a free Microsoft tool for automating deployment of Windows operating systems. It’s used for creating reference images and full installations.
Microsoft Azure
Microsoft Azure is a cloud platform with over 200 services for building, deploying, and managing applications. It supports a pay-as-you-go model.
Microsoft Endpoint Configuration Manager (formerly SCCM)
Microsoft Endpoint Configuration manager is a tool for deploying and managing software and updates across networks. Formerly SCCM, it supports multiple platforms including Windows, Unix, and iOS.
MOF (Managed object format)
MOF, or Managed object format, is a language used to define CIM classes and instances. It simplifies modification of CIM repositories in enterprise environments.
Multi-factor authentication (MFA)
MFA, or multi-factor authentication, is a security method that requires users to provide multiple forms of identification. It improves protection against unauthorized access.
N
Network domain
A network domain is a group of computers that share user account management via a domain controller. It centralizes security and access control.
Network monitoring
Network monitoring tracks the performance and health of IT infrastructure. It alerts admins to failures or anomalies in real time.
Network packet
A network packet is a small unit of data sent over a network. It includes headers and payload to support routing and delivery.
Network security
Network security includes technologies and policies to prevent unauthorized access to data and systems. It safeguards integrity and confidentiality.
Network switch
A network switch is a device that routes data between devices on a local network. It improves speed and reduces congestion.
NTFS (New technology file system)
NTFS, or new technology file system, is the default Windows file system that supports large files and advanced features like compression and permissions.
O
Onboarding
Onboarding is the process of integrating new employees into an organization. It includes training, system access, and policy education.
On-premises (on-prem)
On-prem, or on-premises software is installed locally on company-owned hardware. It offers greater control but requires in-house maintenance.
OS (operating system)
An operating system, or OS, is software that manages hardware, applications, and user interactions. Common OS examples include Windows, macOS, and Linux.
OSI (Open Systems Interconnection)
OSI, or Open System Interconnection, is a conceptual model that standardizes communication across network systems. It divides communication into seven layers.
OU (organizational unit)
An OU, or organizational unit, is a container within Active Directory used to group objects like users or devices. It supports delegation of administrative tasks.
P - T
P
Pagefile.sys
Pagefile.sys is a virtual memory file in Windows that stores data when physical RAM is full. It acts as overflow storage to keep the system responsive.
Patch
A patch is a software update that fixes bugs or improves features. It’s essential for maintaining security, stability, and functionality.
Patch management
Patch management is the process of applying software updates to fix vulnerabilities and enhance performance. It supports cybersecurity and system reliability.
Patch Tuesday
Patch Tuesday is an informal term for Microsoft’s monthly release of security patches. It occurs on the second Tuesday of each month.
Penetration testing
Penetration testing is a simulated cyberattack used to identify and exploit vulnerabilities in a system. It helps improve organizational security.
Permissions
Permissions control what resources a user or group can access on a system. They determine actions like read, write, or execute.
Phishing
Phishing is a social engineering attack where attackers impersonate legitimate entities to steal personal or financial information via email or text.
PowerShell
PowerShell is a task automation and configuration management framework from Microsoft. It combines a command-line shell and scripting language.
Privilege escalation
Privilege escalation is an attack where users gain access to elevated system permissions. It can be either vertical or horizontal in nature.
Programming
Programming is the process of writing instructions that a computer follows to perform tasks. It uses languages like Python, Java, or C++.
Protocol
A protocol is a standardized set of rules that defines how devices communicate over a network. It ensures proper data exchange.
PSRemoting (PowerShell Remoting)
PSRemoting, or PowerShell Remoting, allows users to run PowerShell commands on remote computers. It supports secure, remote system management.
R
Ransomware
Ransomware is malicious software that encrypts files and demands payment to unlock them. It’s a major threat to data security.
RCE (Remote code execution)
RCE, or Remote code execution, is a type of cyberattack that lets attackers run code on a remote system. It often leads to full system compromise.
RDP (Remote Desktop Protocol)
RDP, or Remote Desktop Protocol, is a Microsoft protocol that enables remote desktop access to another computer. It’s widely used for remote work and IT support.
Redundancy
Redundancy is the duplication of critical system components to ensure availability during failures. It improves resilience and uptime.
Remote management and monitoring (RMM)
RMM, or remote management and monitoring, is a set of tools that lets IT providers manage and monitor systems remotely. It supports proactive maintenance and troubleshooting.
Replication
Replication is the real-time copying of data between systems to ensure consistency. It’s used for backups and high availability.
Router
A router is a device that directs network traffic between systems. It connects local networks to the internet securely and efficiently.
S
SaaS (software as a service)
SaaS, or software as a service, is a software delivery model where applications are hosted in the cloud and accessed via a browser. It reduces local maintenance.
Script
A script is a list of commands executed by a program or interpreter. It automates repetitive tasks and system processes.
SDK (Software development kit)
An SDK, or Software development kit, is a collection of tools for building applications for a specific platform. It includes compilers, debuggers, and libraries.
Server
A server is a system or program that provides services to clients over a network. It handles tasks like data storage or application hosting.
SMB (Server Message Block)
SMB, or Server Message Block, is a network protocol that enables file and printer sharing between devices. It’s common in Windows-based networks.
SMTP (Simple Mail Transfer Protocol)
SMTP, or Simple Mail Transfer Protocol, is a communication protocol for sending emails. It transfers messages from client software to mail servers.
Software
Software is a collection of programs and instructions that tell a computer how to perform tasks. It includes both system and application types.
Spear-phishing
Spear-phishing is a targeted phishing attack aimed at specific individuals or organizations. It often uses personalized information to increase credibility.
SSD (solid state drive)
An SSD, or solid state drive, is a fast, durable storage device with no moving parts. It uses flash memory for quicker data access and better shock resistance.
SSL (Secure Sockets Layer)
SSL, or Secure Sockets Layer, is a protocol that encrypts data exchanged over networks. Now replaced by TLS (Transport Layer Security), it protects websites and online communication.
SSO (single sign-on)
SSO, or single sign-on, allows users to log into multiple systems with one set of credentials. It streamlines authentication and improves security.
Switching hub
A switching hub is a network device that directs data packets to the correct port. It increases network speed and reduces traffic.
Sysadmin (system administrator)
A sysadmin, or system administrator, manages and maintains an organization’s IT systems and infrastructure. They handle configuration, support, and troubleshooting.
Systems management
Systems management oversees the IT infrastructure of an organization. It includes monitoring, maintenance, and standardization of resources.
T
TCP (Transmission Control Protocol)
TCP, or Transmission Control Protocol, is a protocol that ensures reliable data transfer between devices. It works with IP to maintain order and accuracy in communication.
TCP/IP (Transmission Control Protocol/Internet Protocol)
TCP/IP, or Transmission Control Protocol/Internet Protocol, is a suite of protocols for transmitting data over the internet. It standardizes communication between devices and networks.
Thick client
A thick client is a computer that performs most processing locally. It relies less on server resources compared to thin clients.
Thin client
A thin client is a lightweight computer that depends on a central server for processing. It’s often used in virtual desktop environments.
TPM (Trusted Platform Module)
TPM, or Trusted Platform Module, is a hardware-based security chip used to store cryptographic keys. It’s embedded in many devices to enhance hardware-level security.
Two-factor authentication (2FA)
2FA, or two-factor authentication, is a security method requiring two forms of identification. It adds an extra layer of protection beyond just passwords.
U - Z
U
UAC (User Account Control)
UAC, or User Account Control, is a Windows feature that prevents unauthorized system changes. It requires admin approval for high-level operations.
Updates
Updates are software changes that improve functionality, fix bugs, or enhance security. They are typically provided by vendors at no cost.
V
Virtual machine (VM)
A virtual machine, or VM, is a software-based emulation of a physical computer. It runs an OS and applications isolated from the host system.
VPN (virtual private network)
A VPN, or virtual private network, encrypts internet connections to secure data and privacy. It’s commonly used for secure remote access to networks.
Vulnerability scanner
A vulnerability scanner checks systems for known security flaws. It helps identify weak points before attackers can exploit them.
W
WAN (wide area network)
A WAN, or wide area network, connects networks over large geographic areas, like cities or countries. The internet is the largest example of a WAN.
Windows Registry
The Windows Registry is a hierarchical database of configuration settings for the Windows OS and applications. It stores user and system-level information.
Windows Server Update Service (WSUS)
WSUS, or Windows Server Update Service, is a Microsoft tool for managing Windows update distribution across networks. It ensures systems are consistently patched.
WinRM (Windows Remote Management)
WinRM, or Windows Remote Management, is Microsoft’s implementation of a remote management protocol. It enables secure data exchange and command execution over networks.
WMI (Windows Management Instrumentation)
WMI, or Windows Management Instrumentation, is a framework for managing Windows devices and applications. It allows for local and remote scripting and system queries.
X
XML (Extensible Markup Language)
XML, or Extensible Markup Language, is a markup language for storing and transporting structured data. It is both human-readable and machine-readable, commonly used in web services.
Whether you’re new to sysadmin work or brushing up on acronyms you’ve heard a thousand times, having a solid glossary can save time, reduce errors, and improve communication. Bookmark this guide for easy reference, and check back as we update it with more IT essentials.
Want more IT tips, tools, and sysadmin shenanigans? Join the PDQ Discord community to connect with fellow IT pros, subscribe to PDQ on YouTube for how-tos and product updates, and catch our weekly webcast every Thursday for live demos, hot takes, and more.
