ACL (access control list)
List of permissions specifying access to digital objects like files, directories, and networks. ACLs list which users or processes have access and the operations allowed and may be used to control traffic and improve network security and performance.
Microsoft directory service developed for Windows domain networks. Active Directory helps manage permissions and access to network resources. It stores data on applications, devices, groups, and users and stores in a hierarchal structure.
Software designed to search for, detect, and delete any threats to the computers system. Antivirus software runs in the background and continuously works to prevent attacks from viruses, spyware, ransomware, adware, and other malware.
API (application programming interface)
Set of definitions and protocols for integrating and building applications. They help products communicate with one another and can simplify app development by giving developers the ability to move quickly.
Small, portable programs—often plug-ins—that run in an internet browser. Applets, which are mostly written in Java and called Java applets, provide interactive features on web pages and perform single, specific tasks.
Program or set of programs designed to allow users to perform specific tasks. Desktop and mobile applications, or apps, run inside the operating system while open. They may be bundled with the computer or device or published independently.
ASCII (American Standard Code for Information Interchange)
Code used to convert English characters into a standard digital format. ASCII assigns each of 128 English characters a number from 0 to 127. The standardization allows computers to communicate with each other and share data.
AWS (Amazon Web Services)
Portfolio of cloud computing products and services offered by Amazon. AWS scalable, secure solutions include application and website hosting, backup and storage, content delivery, databases, mobile development, security, and enterprise IT.
Copy or archive of data stored on computers, phones, or other devices that is taken and stored in a secondary location. Backups are used to restore original information in the event of data loss, corruption, or deletion.
Volume of data transmitted over a network or internet connection in a given amount of time, calculated in megabits per second (Mbps). Bandwidth is the max amount of data at a specific moment, not the max rate at which data travels.
Command language, or shell, for the GNU operation system. Bash is a command processor that generally runs in a text window. It was written by Brian Fox and released in 1989 and is the default login shell for most Linux distributions.
Batch file (.bat)
Text file in DOS, OS/2, and Microsoft Windows that includes a series of commands to be run in sequence, usually for an operating system. A batch file, or .bat, is a plain text file that is executed line by line by the command-line interpreter.
BIOS (basic input/output system)
Pre-installed software, or firmware, used to start a computer system after the system is powered on. BIOS has two major processes once in use: determining the available peripheral devices and loading the operating system (OS) into main memory.
Networking device that connects two or more local area network (LANs) or network segments to create a single network. A bridge, or network bridge, uses MAC address information to forward only the necessary data to the adjacent network segment.
BYOD (Bring your own device)
An IT policy that allows employees to use their personal devices to access the organization’s data and systems. The “device” in bring your own device (BYOD) can include laptops, tablets, portable hard drives, smartphones, or other computing devices.
Temporary storage location that stores data so it can be accessed quickly. A cache allows for efficient reuse of previously computed data for applications, websites, and browsers. Caching can also help devices run faster.
Utility tool that scans a disk’s file system, checks its integrity, and tries to fix logical file system errors. Chkdsk—short for “check disk”—looks for errors like corrupt entries in a master file table or files with misaligned timestamps.
CIM (Common Information Model)
Cross-platform model that specifies how data is described and accessed across an enterprise. The CIM models hardware and software elements. It offers a hierarchal set of core classes and consists of a specification and a schema.
Program that manages requests to access services from a server. A user interacts with a client interface to make a request. The client sends the request to the server and displays the results. Web browsers and email programs are examples of clients.
Distributed application structure that divides tasks between servers and clients on a network. In the client-server model, clients request data and servers deliver the requested data. Client-server model examples include network printing and email.
The delivery of services like data storage, networking, analytics, and software over the internet, or “the cloud.” Cloud computing uses the internet—instead of a user’s device—to store and manage date on remote servers and allows users remote access
CLR (Common Language Runtime)
Virtual machine component, or programming, of the Microsoft .NET Framework that manages the execution of any .NET program. Common Language Runtime (CLR) converts managed code into machine language instructions that are then executed on the CPU.
Windows program that acts as a command-line interpreter. CMD (cmd.exe or Command Prompt) acts as a user interface and is used to execute various commands, such as automating tasks, performing advanced administrative functions, and troubleshooting.
Command-line interface (CLI)
Enables a user to connect to a program or operating system. Command-line interface (CLI) processes text commands typed on a specific line after a visual prompt from the computer. A command-line interpreter or processor controls the interface.
Malicious code designed to spread from one device to another with the intent to damage the device(s) or steal data. A virus replicates by inserting itself into other programs and modifying the programs to execute its code.
Small files with data specific to a user, computer, and/or website. Cookies are accessed by a web server or user’s computer and enable sites to tailor an experience. Cookies include everything from login information to items place in a shopping cart.
CPU (central processing unit)
Electronic circuitry that sits in a socket on a PC’s motherboard. The CPU fetches and decodes instructions from programs, applications, operating systems, or other components and executes the required operations.
CSV (comma-separated values)
Text file that uses commas to separate values in a list of data. CSV files may also use semicolons to separate values, or fields, in a record. CSV files allow users to export complex data from one application and import it into another.
Technology, processes, and controls that protect devices, data, programs, systems, and networks from unauthorized access or criminal use. Cybersecurity also ensures the confidentiality and integrity of sensitive information.
Collection of organized data stored electronically in a computer system. Databases are specifically structured for easy access, management, modification, and deletion and usually controlled by a database management system (DBMS).
DCOM (Distributed Component Object Model)
Proprietary Microsoft software interface. DCOM allows software components to communicate directly over a network. Computers can request services from—and run programs on—other computers in the network.
Processes and activities required to make a computer, software system, or software update available for use. Deployment often includes a combination of automatic and manual processes. Common activities include installation, testing, monitoring.
Methodology or set of practices that bring together software development and IT operations to help streamline the development process. DevOps improves an organization’s ability to deliver and improve products and services and ensure quality.
DFS (distributed file system)
File system that allows file access, sharing, and storage from multiple hosts connected via a network. A distributed file system (DFS) enables multiple users on multiple devices to share data and storage resources.
DHCP (Dynamic Host Configuration Protocol)
Network protocol that automatically assigns and collects IP addresses. DHCP provides each host on the network an IP address and related configuration information and reallocates unused addresses, preventing duplication and improving efficiency.
Disaster recovery (DR)
Policies, processes, and tools that allow an organization to regain access and functionality of IT infrastructure and critical systems after natural or manmade disasters. Disaster recovery (DR) is an important part of business continuity.
DLP (data loss prevention)
Tools and processes that protect organizations from data breaches, leakage, illicit transfer, and loss. Data loss prevention (DLP) also seeks to improve an organization’s solutions for detecting and preventing such loss or misuse.
DMTF (Distributed management task force)
Nonprofit organization the develops standards, initiatives, and technologies of traditional and new IT infrastructures. DMTF consists of hardware and software developers, system manufacturers and integrators, government agencies, and end users.
DNS (Domain Name System)
Naming system for computers, websites, services, and other resources connected to the internet or private network. The DNS locates a domain name and translates it into the IP address of the server associated with that name.
DOM (Document Object Model)
Programming interface for HTML and XML documents. The DOM represents documents as trees. Each branch ends in a node; each node holds objects. The DOM allows programs access to the tree to navigate document structure or add, modify, or delete content.
DoS (denial of service)
Type of cyber-attack designed to make a host or network inaccessible to users. DoS attacks flood the target—usually a high-profile organization—with traffic or send information that triggers a crash, denying service to intended users.
Process of securing digital data by translating the original (plaintext) into another form (ciphertext) using an algorithm. Encryption doesn’t prevent intrusion, but only those authorized can decipher and access the original data via a special key.
Technology for connecting computers and other network devices in a local area network, or LAN (smaller physical space such as a home, office building, or campus). An ethernet connection enables devices to efficiently communicate and share data.
Microsoft tool that displays event logs from a computer system. Event Viewer shows detailed information on software crashes, driver malfunctions, security issues, warnings, and other events—especially useful for troubleshooting errors.
Computer file that carries out a series of instructions, functions, or operations. An executable file, code, or program is sometimes referred to as simply an executable or binary and includes commons files like .EXE, .COM, .BAT, .APP, and .DMG.
Process of automatically switching to a standby or redundant server, storage, database, or network when the primary one fails. Failover ensures the overarching system continues to operate and is essential to business continuity and disaster recovery.
FAT (file allocation table)
File system used by an operating system to manage files on hard drives. The FAT acts like a table of contents, mapping the locations of directories and files. This system is often found in flash memory, digital cameras, and portable devices.
Network security system—software and/or hardware—that audits and filters incoming and outgoing traffic based on defined security rules. Firewalls set barriers between trusted networks (e.g., internal network) and untrusted ones (e.g., the internet).
FTP (File Transfer Protocol)
Standard communication protocol that is used to transfer files between computers on a network. FTP is built on a client-server model. You can use FTP to upload files to computers, download files from servers, or transfer files between accounts.
Node that allows data to flow among networks or applications with different transmission protocols. Gateways are different from routers or switches because they convert data from one protocol or format to another to connect multiple networks.
Feature of Microsoft Windows operating system that provides centralized management for users and computers. Group Policy is built into Active Directory and allows admins to configure operating systems, settings, and applications across an AD domain.
The physical components of a computer system. The main component types are input, output, processing, and storage—think keyboard, mouse, speaker, monitor, CPU, sound card, and storage. Computer speed is largely determined by the type of hardware.
Process used to transform a key or string into another value. Hashing uses a hash function to map data of any size to fixed-length values, or hash values. These values are used to index a fixed-size table referred to as a hash table.
Computer or other hardware device connected to a network. A host communicates with other hosts on a network and can be a client, server, or other computer. It has a unique identifier (e.g., IP address) that allows other computers to access it.
HTTP (Hypertext Transfer Protocol)
An application-layer protocol used to exchange data, such as HTML documents, over the web. HTTP uses a client-server model. The client (e.g., a web browser on a laptop) initiates a request and waits for a response from the server.
Microsoft hardware emulator that creates virtual machines on Windows x86-64 systems. Hyper-V provides hardware visualization so you can create virtual devices, switches, and hard drives. It was previously known as Windows Server Virtualization.
icacls (Integrity Control Access Control List)
Microsoft Windows command-line utility similar to the cacls command in previous Windows versions. The Integrity Control Access Control List (icacls) command is used to create, modify, display, and back up an Access Control List (ACL).
ICANN (Internet Corporation for Assigned Names and Numbers)
Non-profit organization that manages specific functions that preserve internet stability. ICANN’s responsibilities include maintaining the central IP address archive, managing the domain name system and root servers, and developing internet policies.
IIS (Internet Information Services)
Flexible, secure Microsoft web server that runs on Windows. Internet Information Services (IIS) features an open architecture and allows admins to modify website options like security settings, default and error pages, and performance optimizations.
Process of making an image of an entire hard drive or computer, including operating system, applications, and files. Imaging is used to create backups, restore compromised computers, set up new computers, and deploy things like firmware updates.
Unique numerical label that identifies devices on a network. IP addresses are a string of four sets of numbers, ranging from 0 to 255, separated by periods. They provide location information and allow data to be sent between devices.
ISP (internet service provider)
A company that provides internet access to consumers and businesses. ISPs use connectivity fiber-optics, satellite, and copper wire to connect customers. Many ISPs offer email, domain registration and hosting, and other online services.
Computer network security protocol created to authenticate service requests between client and server on an untrusted network. Kerberos uses tickets, instead of passwords, to authenticate client-server applications and verify user identity.
LAN (local area network)
Group of computers or other devices interconnected within a limited area, such as a home, office building, or campus. A local area network (LAN) typically uses ethernet or Wi-Fi to enable devices to internal and web servers and each other.
The delay, in milliseconds, between an action and a response over a network. Latency is the total time for data to travel (transmitted, processed, received, decoded). Short delays are called low-latency; long delays are called high-latency.
LDAP (Lightweight Directory Access Protocol)
Open, standards-based protocol used to access, search, maintain, store, and authenticate directory information over the internet. LDAP sits atop TCP/IP and allows applications to communicate with other directory services servers.
Hostname, or default name, that refers to the computer currently being used. Localhost uses the loopback address (127.0.0.1) to accesses network services running on the host. It comes in handy for testing programs before taking them live.
Detailed list of events that occur in an operating system or software program or records of messages among users of communication software. Logs use a structured data format and are useful for tracking errors, recovery, and application improvement.
Unique ID, or address, assigned to a network interface card (NIC) when manufactured. A MAC address, also known as a hardware address, offers a secure way to locate devices on a network and can help prevent unwanted network access.
High-performance computer used by large organizations in data processing centers. Mainframes contain large amounts of memory and processors and are highly resilient and agile. They are critical to applications requiring high-volume data processing.
Software, file, or code created specifically to damage computers, systems, servers, or networks or secretly act against the user’s interests. Malware (malicious software) examples include viruses, Trojan horses, ransomware, spyware, and adware.
MDT (Microsoft Deployment Toolkit)
Collection of Microsoft software tools that automate Windows desktop and Windows Server operating systems. Microsoft Deployment Toolkit (MDT) is free, simple, and can be used to create reference images or as a full deployment solution.
Microsoft cloud platform of over 200 products and services. Azure’s pay-per-use model supports multiple programming languages and allows you to build, run, and manage applications across multiple clouds using your preferred tools.
Microsoft Endpoint Configuration Manager
Software tool offering quick, cost-effective deployment of operating systems, applications, and updates. MCEM, formerly System Center Configuration Manager, manages large groups of computers running Windows NT, iOS, Unix, and other operating systems.
MOF (Managed object format)
Language that defines Common Information Model (CIM) elements. Managed Object Format (MOF) establishes a syntax to define CIM classes and instances and offers admins and developers a quick and easy way to modify CIM Repositories.
Multi-factor authentication (MFA)
Electronic authentication method that requires users to prove their identity by providing at least two pieces of evidence. Multi-factor authentication (MFA) helps increase security and decrease the likelihood of a successful cyberattack.
Grouping of connected computers, computer networks, or local hosts that share user account information. A network domain uses a domain controller to manage logins, authentication, access, and network security.
Process or system the monitors a network and its components (routers, servers, firewalls, switches) and notifies network administrators of any issues. Network monitoring provides critical information for maintaining and optimizing networks.
Small units of data carried over a TCP/IP network. Network packets, which contain control information and user data, are data that have been divided into smaller pieces. These formatted units allow a network to accommodate different bandwidths.
Processes and policies designed to detect, prevent, and monitor unauthorized access, theft, or misuse of data and computer networks. Network security also protects the confidentiality, security, and accessibility of network-accessible resources.
Hardware that connects devices—computers, printers, servers—and manages the flow of data across a network. Network switches have multiple output and input ports and use packet switching to direct data, maximizing network security and efficiency
NTFS (New technology file system)
Default Microsoft file system for Windows NT operating system. New Technology File System (NTFS) efficiently stores, organizes, and locates files on a hard disk. It supports extremely large files, using file compression to increase transfer speeds.
Process used to integrate new employees into an organization. Onboarding provides employees with key information (policies, processes, culture), individual training, and the software, tools, and access they need for their new role.
Software installed directly on computers physically located on the premises. On-premises (on-prem) software avoids third-party access, or remote facilities like clouds or server farms, and provides better control over hardware and software.
OS (operating system)
System software that provides functionality for computers and other devices. The operating system (OS) manages the hardware, other software, and peripherals. Windows, macOS, and Linux are the most common OS for desktop computers.
OSI (Open Systems Interconnection)
Conceptual model that enables different computer systems to communicate with each other using standard protocols. OSI divides a communication system into seven abstraction layers, each one serving the layer above and served by the layer below.
OU (organizational unit)
A way to classify objects in directories, organizational units (OUs) are limited to a single domain and contain objects like user accounts, groups, computers, and file shares. OUs can also help delegate authority to create and manage objects.
Windows virtual memory file located on the hard drive. When physical memory (RAM) becomes full, or data isn’t being utilized, Windows places it in the page file (C:\pagefile.sys). When the data is needed, the information is read back in.
Software and operating system updates created to address an issue with a program. A patch is designed to fix or improve security issues, performance, usability, or functionality. Most software programs have several patches after initial release.
Process of keeping computer and network software up to date to fix vulnerabilities and improve resistance to cyberattacks. Patch management, which continuously distributes and applies updates, also helps software run smoothly and support uptime.
Unofficial term that refers to when Microsoft releases security patches. Patch Tuesday was introduced in 2003 to minimize the cost of regularly releasing patches. They’re now accumulated over a month and released on the second Tuesday.
Authorized simulated cyberattack on a computer system. Penetration testing evaluates the security of a system and checks for vulnerabilities in networks, servers, applications, devices, and other potential entry points.
Authorization provided by network administrators that allow users to access files and other resources, such as applications and printers, on a network. Permissions can also define access type and are often called user rights or user privileges.
Type of online scam where attackers pose as legitimate organizations via email, text, or phone to steal sensitive data like social security numbers, bank and credit card details, and login information.
Microsoft configuration management and task automation framework. PowerShell is built on the .NET framework and combines a command-line shell and scripting language. It automates management task and is used to build, test, and deliver solutions.
Attack the exploits a vulnerability, design flaw, or bug to gain elevated access, or privileges, not normally available to a user. Privilege escalation can happen externally or internally and includes two types: horizontal and vertical.
Process of creating a computer program that instructs how a computer, application, or other program runs. Programmers use programming languages to design and build a sequence of instructions to automate a task or accomplish a specific result.
Rules that determine how computers and other devices exchange information. Protocols are established by international or industry organizations and include the type of data, how it will be structured, and how the sides will send and receive it.
PSRemoting (PowerShell Remoting)
Set of PowerShell features that enables connection and authentication of a user on one or more remote computers. PowerShell Remoting (PSRemoting) allows a user to execute commands on a remote computer and return data to the local computer.
Type of malicious software, or malware, that encrypts files on anything from a personal computer to an entire network, rendering them unusable. Ransomware blocks access until a ransom is paid. Once paid, the files are decrypted.
RCE (Remote code execution)
Cyber attack where an attacker remotely runs code or executes commands on someone else’s computing device or server. Remote code execution (RCE) often occurs due to malware, allowing attackers to take over the device with system-level privileges.
RDP (Remote Desktop Protocol)
Microsoft protocol that allows users to connect to other computers over a network connection via a graphical interface. Remote Desktop Protocol (RDP) provides secure, encrypted remote connections between users and devices.
Duplication of critical components and resources, including devices and data, as a backup in case of primary system failure Redundancy can also help improve the reliability of a system or increase system performance.
Remote management and monitoring (RMM)
Set of IT tools that allow managed service providers (MSPs) to remotely monitor client systems. Remote management and monitoring (RMM) provides information to service providers to help resolve any client issues that arise.
Process of continual copying of data changes from a central database (publisher) to one or more databases (subscribers). Replication helps ensure consistency and improve reliability, accessibility, ad failover capability.
Hardware device that routes data to the internet or among networks. Routers read incoming data (files, communications, online interactions) and direct it to a destination. They can also improve internet access and add an extra layer of security.
SaaS (software as a service)
Cloud-based subscription service that allows access to software from any device with an internet connection and browser. SaaS providers host and manage all aspects of the software program, including servers, application code, and databases.
List of commands executed by another program or scripting engine. A script is often an editable text document written using a scripting language. Scripts are used to automate computer processes or generate Web pages.
SDK (Software development kit)
Suite of software tools that enables the development of applications for specific devices or operating systems. Software development kits (SDKs) often include a compiler, debugger, and framework, allowing developers to easily integrate applications.
Computer or program that provides various functionalities (services) to other programs or devices (clients) across a network. Typical servers include database servers, print servers, mail servers, gaming servers, and web servers.
SMB (Server Message Block)
Network protocol that provides computer systems on the same network shared access to files. Server Message Block (SMB) allows computers on the same network to read and write to files as easily as if they were on a local hard drive.
SMTP (Simple Mail Transfer Protocol)
TCP/IP Protocol used to send and receive email over the internet. Simple Mail Transfer Protocol (SMTP) authenticates and directs the transfer of electronic mail between email clients (Outlook, Gmail, Mac OS X Mail) and mail servers.
Set of programs or procedures that instruct a computer how to operate and execute tasks. In contrast, hardware includes the physical components of a computer system that do the work. The two main types of software are system and application.
Type of phishing, or cyberattack, targeting specific individuals, groups, or organizations with the intent to steal data, acquire personal information, or install malware. Spear phishing focuses on precise targets and often involves prior research.
SSD (solid state drive)
Secondary storage device used to store large volumes of data for long periods of time. Unlike a hard drive, an SSD has no moving parts and typically use flash-based memory, making them faster, quieter, and more resistant to physical shock.
SSL (Secure Sockets Layer)
Protocol that establishes a private, encrypted link between two devices connected over the internet or internal network. SSL (currently known as TSL) provides security and data integrity for websites and applications like email and VoIP.
SSO (single sign-on)
Authentication method that allows users to log in with one set of credentials to access several applications and websites. True single sign-on (SSO) enables users to log in a single time and access services without re-authenticating.
Network hub that sends data packets to the appropriate destination computer using the required port. A switching hub, or port-switching hub, works with different technologies and speeds, provides routing capabilities, and expands bandwidth.
Sysadmin (system administrator)
Information technology (IT) professional responsible for configuring and managing an organization’s computer systems or IT infrastructure. System administrators (sysadmins) also support, maintain, and troubleshoot devices, servers, and networks.
Centralized enterprise-wide management of an organization’s information technology (IT). Systems management, usually directed by the chief information officer (CIO), allows admins to help eliminate redundancy by standardizing IT components.
TCP (Transmission Control Protocol)
Internet protocol that enables reliable exchange of messages, or packets, between application programs and computing devices. TCP works on top of Internet Protocol (IP) to solve issues such as lost, duplicate, corrupted, or out-of-order packets.
TCP/IP (Transmission Control Protocol/Internet Protocol)
Suite of communications protocols that allows computers and other devices to transmit data. TCP/IP, short for Transmission Control Protocol/Internet Protocol, specifies standards for sending and receiving data over internet and other networks.
Component in a client-server model that has most of the resources essential for operating the system installed locally. A thick client is connected to the server on a network but doesn’t require server resources to execute applications.
Computer that uses resources on a centralized server to run rather than a local hard drive. A thin client connects remotely to a server-based computing environment. The server launches the applications, stores data, and performs other functions.
TPM (Trusted Platform Module)
International standard for a microcontroller, or secure cryptoprocessor, that secures hardware via cryptographic keys. TPMs are usually embedded on a motherboard and can generate, store, and protect passwords, certificates, and encryption keys.
Two-factor authentication (2FA)
Electronic authentication method that asks for an additional piece of identification when accessing online accounts. Two-factor authentication (2FA) requires a username and password plus a second credential, often biometrics or a code sent via text.
UAC (User Account Control)
Microsoft Windows feature that helps protect an operating system from unauthorized changes by users, applications, viruses, etc. User Account Control (UAC) ensures certain changes are made only when an admin approves them.
Download for a software program, application, or operating system that brings the current version up to date. Software updates can provide security fixes, enhanced features, or improved compatibility and are usually free.
A software-based virtualization of a computer system that runs in an app window on a physical computer. Virtual machines (VMs) behave like an actual computer and have dedicated CPU, memory, and storage obtained from the host computer.
VPN (virtual private network)
An encrypted internet connection that safely transmits sensitive data. A VPN secures personal data, protects privacy online, and prevents unauthorized users from “eavesdropping” on a connection, making it a popular tool for businesses.
WAN (wide area network)
Facilitates communication and data sharing among devices on a computer network or collection of networks that extend over a large geographic area. A WAN is often made up of multiple local area networks (LANs). The internet is the world’s largest WAN.
Hierarchal database that contains settings information for the Microsoft Windows operating system and other programs. The Windows Registry includes configuration information for applications and individual users and is continually referenced.
Windows Server Update Service (WSUS)
Microsoft software application that enables admins to manage distribution of patches and updates for Microsoft products. Windows Server Update Service (WSUS) determines the needed updates and allows admins to manage their distribution to computers.
WinRM (Windows Remote Management)
Microsoft implementation of WS-Management, a remote management protocol that enables computers, systems, and servers to access and exchange management information across a network. WinRM utilizes scripting objects or the built-in command-line tool.
WMI (Windows Management Instrumentation)
Set of Microsoft extensions that provide an infrastructure for consolidating management data and operations for devices and applications on Windows-based operating systems. WMI scripts can also automate admin tasks on remote computers.
XML (Extensible Markup Language)
Markup language used to store and organize data while emphasizing simplicity and usability. XML is a text-based data format that designates rules for encoding, or tagging, text in a digital document so it is human- and machine-readable.