The coding system used by Dolby Digital. A standard for high-quality digital audio that is used for the sound portion of video stored in digital format.

Accelerated Graphics Port (AGP)

A type of expansion slot that is solely for video cards. Designed by Intel and supported by Windows XP Professional, AGP is a dedicated bus that provides fast, high-quality video and graphics performance.

access control entry (ACE)

The entries on the access control list (ACL) that control user account or group access to a resource. The entry must allow the type of access that is requested (for example, Read access) for the user to gain access. If no ACE exists in the ACL, the user cannot gain access to the resource or folder on an NTFS partition. See access control list (ACL).

access control list (ACL)

A list of all user accounts and groups that have been granted access for the file or folder on an NTFS partition or volume, as well as the type of access they have been granted. When a user attempts to gain access to a resource, the ACL must contain an entry, called an access control entry (ACE), for the user account or group to which the user belongs. See access control entry (ACE).

access permissions

Features that control access to shared resources in Windows XP Professional.

access token

A data structure containing security information that identifies a user to the security subsystem on a computer running Windows XP Professional, Windows 2000, or Windows NT. An access token contains a user's security ID, the security IDs for groups that the user is a member of, and a list of the user's privileges on the local computer.


See user account.

account lockout

A Windows XP Professional security feature that locks a user account if a number of failed logon attempts occur within a specified amount of time, based on account policy lockout settings. Locked accounts cannot log on.

account policy

Controls how passwords must be used by all user accounts on an individual computer or in a domain.


See access control entry (ACE).


See access control list (ACL).


See Advanced Configuration and Power Interface (ACPI).

Active Directory service

The directory service included in Windows 2000 Server products. It identifies all resources on a network and makes them accessible to users and applications.

Address Resolution Protocol (ARP)

Determines hardware addresses (MAC addresses) that correspond to an Internet Protocol (IP) address.


See Asymmetric Digital Subscriber Line (ADSL).

Advanced Configuration and Power Interface (ACPI)

An open industry specification that defines power management on a wide range of mobile, desktop, and server components and peripherals. ACPI is the foundation for the OnNow industry initiative that allows system manufacturers to deliver computers that will start at the touch of a keyboard. ACPI design is essential to take full advantage of power management and Plug and Play in Windows XP Professional. Check the manufacturer's documentation to verify that a computer is ACPI-compliant.

Advanced Power Management (APM)

A software interface designed by Microsoft and Intel used between hardware-specific power management software, such as that located in a system BIOS, and an operating system power management driver.


A program that performs a background task for a user and reports to the user when the task is done or when some expected event has taken place.

American National Standards Institute (ANSI)

An organization of American industry and business groups dedicated to the development of trade and communication standards. ANSI is the American representative to the International Organization for Standardization (ISO). See also International Organization for Standardization (ISO).


A system that encodes information using frequency modulation in a nonbinary context. Modems use analog encoding to transmit data through a phone line. An analog signal can be any frequency, allowing many possibilities. Because of this, a device has to interpret the signal, often finding errors. See also digital, modem.

analog line

A communication line that carries information using frequency modulation. See also digital line.


See application programming interface (API).


See Advanced Power Management (APM).

application layer

The top (seventh) layer of the OSI reference model. This layer serves as the window that application processes use to access network services. It represents the services that directly support user applications, such as software for file transfers, database access, and e-mail.

application programming interface (API)

A set of routines that an application program uses to request and carry out lower level services performed by the operating system.

application protocols

Protocols that work at the higher end of the OSI reference model, providing application-to-application interaction and data exchange. Popular application protocols include File Transfer Access and Management (FTAM), a file access protocol; Simple Mail Transfer Protocol (SMTP), a TCP/IP protocol for transferring e-mail; Telnet, a TCP/IP protocol for logging on to remote hosts and processing data locally; NetWare Core Protocol (NCP), the primary protocol used to transmit information between a NetWare server and its clients.


See Address Resolution Protocol (ARP).

ASCII (American Standard Code for Information Interchange)

A coding scheme that assigns numeric values to letters, numbers, punctuation marks, and certain other characters. By standardizing the values used for these characters, ASCII enables computers and programs to exchange information.

Asymmetric Digital Subscriber Line (ADSL)

A recent modem technology that converts existing twisted-pair telephone lines into access paths for multimedia and high-speed data communications. These new connections can transmit more than 8 Mbps to the subscriber and up to 1 Mbps from the subscriber. ADSL is recognized as a physical layer transmission protocol for unshielded twisted-pair media.

asynchronous transfer mode (ATM)

An advanced implementation of packet switching that provides high-speed data transmission rates to send fixed-size cells over local area networks (LANs) or wide area networks (WANs). Cells are 53 bytes-48 bytes of data with 5 additional bytes of address. ATM accommodates voice, data, fax, real-time video, CD-quality audio, imaging, and multimegabit data transmission. ATM uses switches as multiplexers to permit several computers to put data on a network simultaneously. Most commercial ATM boards transmit data at about 155 Mbps, but theoretically a rate of 1.2 Gbps is possible.

asynchronous transmission

A form of data transmission in which information is sent one character at a time, with variable time intervals between characters. Asynchronous transmission does not rely on a shared timer that allows the sending and receiving units to separate characters by specific time periods. Therefore, each transmitted character consists of a number of data bits (which compose the character itself), preceded by a start bit and ending in an optional parity bit followed by a 1-, 1.5-, or 2-stop bit.


See asynchronous transfer mode (ATM).


A process that tracks network activities by user accounts and a routine element of network security. Auditing can produce records of users who have accessed-or attempted to access-specific resources; help administrators identify unauthorized activity; and track activities such as logon attempts, connection and disconnection from designated resources, changes made to files and directories, server events and modifications, password changes, and logon parameter changes.

audit policy

Defines the types of security events that Windows XP Professional records in the security log on each computer.


Verification based on user name, passwords, and time and account restrictions.

automated installation

An unattended setup using one or more of several methods such as Remote Installation Services, bootable CD, and Sysprep.

Automatic Private IP Addressing (APIPA)

A feature of Windows XP Professional that automatically configures a unique Internet Protocol (IP) address from the range to and a subnet mask of when the Transmission Control Protocol/Internet Protocol (TCP/IP) is configured for dynamic addressing and a Dynamic Host Configuration Protocol (DHCP) server is not available.


back end

In a client/server application, the part of the program that runs on the server.


A duplicate copy of a program, a disk, or data, made to secure valuable files from loss.

backup job

A single process of backing up data.


In analog communication, the difference between the highest and lowest frequencies in a given range.

Bandwidth Allocation Protocol (BAP)

A Point-to-Point Protocol (PPP) control protocol that helps provide bandwidth on demand. BAP dynamically controls the use of multilinked lines and is a very efficient mechanism for controlling connection costs while dynamically providing optimum bandwidth.


See Bandwidth Allocation Protocol (BAP).

base I/O port

Specifies a channel through which information is transferred between a computer's hardware, such as the network interface card (NIC) and its CPU.


A measurement derived from the collection of data over an extended period of time. The data should reflect varying but typical types of workloads and user connections. The baseline is an indicator of how individual system resources or a group of resources are used during periods of normal activity.

base memory address

Defines the address of the location in a computer's memory (RAM) that is used by the network interface card (NIC). This setting is sometimes called the RAM start address.

basic disk

A physical disk that contains primary partitions or extended partitions with logical drives used by Windows XP Professional, Windows 2000, and all versions of Windows NT. Basic disks can also contain volume, striped, mirror, or RAID-5 sets that were created using Windows NT 4.0 or earlier versions. As long as a compatible file format is used, basic disks can be accessed by MS-DOS, Windows 95, Windows 98, and all versions of Windows NT.

basic input/output system (BIOS)

The set of essential software routines that tests hardware at startup, assists with starting the operating system, and supports the transfer of data among hardware devices. The BIOS is stored in read-only memory (ROM) so that it can be executed when the computer is started. Although critical to performance, the BIOS is usually invisible to computer users.


A measure of data-transmission speed named after the French engineer and telegrapher Jean-Maurice-Emile Baudot. It is a measure of the speed of oscillation of the sound wave on which a bit of data is carried over telephone lines. Because baud was originally used to measure the transmission speed of telegraph equipment, the term sometimes refers to the data-transmission speed of a modem. However, current modems can send at a speed higher than one bit per oscillation, so baud is being replaced by the more accurate bps (bits per second) as a measure of modem speed.

baud rate

Refers to the speed at which a modem can transmit data. Often confused with bps (the number of bits per second transmitted), baud rate actually measures the number of events, or signal changes, that occur in one second. Because one event can actually encode more than one bit in high-speed digital communication, baud rate and bps are not always synonymous, and the latter is the more accurate term to apply to modems. For example, the 9600-baud modem that encodes four bits per event actually operates at 2400 baud, but transmits at 9600 bps (2400 events times 4 bits per event), and thus should be called a 9600-bps modem.


To associate two pieces of information with one another.


A process that establishes the communication channel between network components on different levels to enable communication between those components-for example, the binding of a protocol driver (such as TCP/IP) and a network adapter.

bisync (binary synchronous communications protocol)

A communications protocol developed by IBM. Bisync transmissions are encoded in either ASCII or EBCDIC. Messages can be of any length and are sent in units called frames, optionally preceded by a message header. Because bisync uses synchronous transmission, in which message elements are separated by a specific time interval, each frame is preceded and followed by special characters that enable the sending and receiving machines to synchronize their clocks.


Short for binary digit: either 1 or 0 in the binary number system. In processing and storage, a bit is the smallest unit of information handled by a computer. It is represented physically by an element such as a single pulse sent through a circuit or small spot on a magnetic disk capable of storing either a 1 or 0. Eight bits make a byte.

bits per second (bps)

A measure of the speed at which a device can transfer data. See also baud rate.

bit time

The time it takes for each station to receive and store a bit.

bootable CD

An automated installation method that runs Setup from a CD-ROM. This method is useful for computers at remote sites with slow links and no local IT department.

boot sector

A critical disk structure for starting your computer, located at sector 1 of each volume or floppy. It contains executable code and data that is required by the code, including information used by the file system to access the volume. The boot sector is created when you format the volume.

boot-sector virus

A type of virus that resides in the first sector of a floppy disk or hard drive. When the computer is booted, the virus executes. In this common method of transmitting viruses from one floppy disk to another, the virus replicates itself onto the new drive each time a new disk is inserted and accessed.


A device or program that significantly degrades network performance. Poor network performance results when a device uses noticeably more CPU time than it should, consumes too much of a resource, or lacks the capacity to handle the load. Potential bottlenecks can be found in the CPU, memory, network interface card (NIC), and other components.


See bits per second (bps).


A transmission sent simultaneously to more than one recipient. In communication and on networks, a broadcast message is one distributed to all stations or computers on the network.

broadcast storm

An event that occurs when there are so many broadcast messages on the network that they approach or surpass the capacity of the network bandwidth. This can happen when one computer on the network transmits a flood of frames, saturating the network with traffic so it can no longer carry messages from any other computer. Such a broadcast storm can shut down a network.


A reserved portion of RAM in which data is held temporarily, pending an opportunity to complete its transfer to or from a storage device or another location in memory.

built-in groups

One type of group account used by Windows XP Professional. Built-in groups, as the name implies, are included with the operating system. Built-in groups have been granted useful collections of rights and built-in abilities. In most cases, a built-in group provides all the capabilities needed by a particular user. For example, if a user account belongs to the built-in Administrators group, logging on with that account gives the user administrative capabilities. See also user account.


Parallel wires or cabling that connect components in a computer.


A unit of information consisting of 8 bits. In computer processing or storage, a byte is often equivalent to a single character, such as a letter, numeral, or punctuation mark. Because a byte represents only a small amount of information, amounts of computer memory are usually given in kilobytes (1024 bytes or 2 raised to the 10th power), megabytes (1,048,576 bytes or 2 raised to the 20th power), gigabytes (1024 megabytes), terabytes (1024 gigabytes), petabytes (1024 terabytes), or exabytes (1024 petabytes).



A special memory subsystem or part of RAM in which frequently used data values are duplicated for quick access. A memory cache stores the contents of frequently accessed RAM locations and the addresses where these data items are stored. When the processor references an address in memory, the cache checks to see whether it holds that address. If it does hold the address, the data is returned to the processor; if it does not, regular memory access occurs. A cache is useful when RAM accesses are slow compared with the microprocessor speed.


See client access license (CAL).


A feature on Windows XP Professional that you can set that causes the remote server to disconnect and call back the client attempting to access the remote server. This reduces the client's phone bill by having the call charged to the remote server's phone number. The callback feature can also improve security by calling back the phone number that you specified.

central processing unit (CPU)

The computational and control unit of a computer; the device that interprets and carries out instructions. Single-chip CPUs, called microprocessors, made personal computers possible. Examples include the 80286, 80386, 80486, and Pentium processors.


A computer that accesses shared network resources provided by another computer, called a server.

client access license (CAL)

A CAL gives client computers the right to connect to computers running one of the Windows Server family of products.


A network architecture designed around the concept of distributed processing in which a task is divided between a back end (server) that stores and distributes data, and a front end (client) that requests specific data from the server.

codec (compression/decompression)

Compression/decompression technology for digital video and stereo audio.

companion virus

A virus that uses the name of a real program but has a different file extension from that of the program. The virus is activated when its companion program is opened. The companion virus uses a .com file extension, which overrides the .exe file extension and activates the virus.

compression state

Each file and folder on an NTFS volume has a compression state, either compressed or uncompressed.

control set

A Windows XP Professional installation contains control sets stored as subkeys in the registry. The control sets contain configuration data used to control the system, such as a list of which device drivers and services to load and start.


See central processing unit (CPU).


database management system (DBMS)

A layer of software between the physical database and the user. The DBMS manages all requests for database action from the user, including keeping track of the physical details of file locations and formats, indexing schemes, and so on. In addition, a DBMS permits centralized control of security and data integrity requirements.

data encryption See encryption.

data encryption standard (DES)

A commonly used, highly sophisticated algorithm developed by the U.S. National Bureau of Standards for encrypting and decoding data. This encryption algorithm uses a 56-bit key, and maps a 64-bit input block to a 64-bit output block. The key appears to be a 64-bit key, but one bit in each of the 8 bytes is used for odd parity, resulting in 56 bits of usable key. See also encryption.

data frames

Logical, structured packages in which data can be placed. Data being transmitted is segmented into small units and combined with control information such as message start and message end indicators. Each package of information is transmitted as a single unit, called a frame. The data-link layer packages raw bits from the physical layer into data frames. The exact format of the frame used by the network depends on the topology. See also frame.

data-link layer

The second layer in the OSI reference model. This layer packages raw bits from the physical layer into data frames. See also Open Systems Interconnection (OSI) reference model.

data stream

An undifferentiated, byte-by-byte flow of data.


See database management system (DBMS).


The process of finding and consolidating fragmented files and folders. Defragmenting involves moving the pieces of each file or folder to one location so that each occupies a single, contiguous space on the hard disk. The system can then access and save files and folders more efficiently.


See data encryption standard (DES).


A generic term for a computer subsystem. Printers, serial ports, and disk drives are referred to as devices.


See Dynamic Host Configuration Protocol (DHCP).


A system that encodes information numerically, such as 0 and 1, in a binary context. Computers use digital encoding to process data. A digital signal is a discrete binary state, either on or off. See also analog, modem.

digital line

A communication line that carries information only in binary-encoded (digital) form. To minimize distortion and noise interference, a digital line uses repeaters to regenerate the signal periodically during transmission. See also analog line.

digital video disc (DVD)

An optical storage medium with higher capacity and bandwidth than a compact disc. A DVD can hold a full-length film with up to 133 minutes of high-quality video, in MPEG-2 format, and audio. Also known as digital versatile disc.

DIP (dual inline package) switch

One or more small rocker or sliding switches that can be set to one of two states-closed or open-to control options on a circuit board.

direct memory access (DMA)

Memory access that does not involve the microprocessor; frequently employed for data transfer directly between memory and an "intelligent" peripheral device such as a disk drive.

direct memory access (DMA) channel

A channel for direct memory access that does not involve the microprocessor, providing data transfer directly between memory and a disk drive.


Stores information about network resources, as well as all the services that make the information available and useful. The resources stored in the directory, such as user data, printers, servers, databases, groups, computers, and security policies, are known as objects. The directory is part of Active Directory.

directory service

A network service that identifies all resources on a network and makes them accessible to users and applications.

disk duplexing

See disk mirroring, fault tolerance.

diskless computers

Computers that have neither a floppy disk nor a hard disk. Diskless computers depend on special ROM to provide users with an interface through which they can log on to the network.

disk mirroring

A technique, also known as disk duplicating, in which all or part of a hard disk is duplicated onto one or more hard disks, each of which ideally is attached to its own controller. With disk mirroring, any change made to the original disk is simultaneously made to the other disk or disks. Disk mirroring is used in situations in which a backup copy of current data must be maintained at all times. See also disk striping, fault tolerance.

disk striping

Divides data into 64K blocks and spreads it equally at a fixed rate and in a fixed order among all disks in an array. However, disk striping does not provide any fault tolerance because there is no data redundancy. If any partition in the set fails, all data is lost. See also disk mirroring, fault tolerance.

distribution server

Stores the distribution folder structure, which contains the files needed to install a product, for example Windows XP Professional.


See direct memory access (DMA).

DMA channel

See direct memory access (DMA) channel.


See Domain Name System (DNS).


For Microsoft networking, a collection of computers and users that share a common database and security policy that are stored on a computer running Windows 2000 Server and configured as a domain controller. Each domain has a unique name. See also workgroup.

domain controller

For Microsoft networking, the Windows 2000 Server-based computer that authenticates domain logons and maintains the security policy and master database for a domain.

domain namespace

The naming scheme that provides the hierarchical structure for the DNS database.

Domain Name System (DNS)

A general-purpose distributed, replicated, data-query service used primarily on the Internet and on private Transmission Control Protocol/Internet Protocol (TCP/IP) networks for translating host names into Internet addresses.


The amount of time a computer system or associated hardware remains nonfunctioning. Although downtime can occur because hardware fails unexpectedly, it can also be a scheduled event, such as when a network is shut down to allow time for maintaining the system, changing hardware, or archiving files.


A software component that permits a computer system to communicate with a device. For example, a printer driver is a device driver that translates computer data into a form understood by the target printer. In most cases, the driver also manipulates the hardware to transmit the data to the device.

duplex transmission

Also called full-duplex transmission. Communication that takes place simultaneously, in both directions. See also full-duplex transmission.


See digital video disc (DVD).

dynamic disk

A physical disk that is managed by Disk Management. Dynamic disks can contain only dynamic volumes, which are created by using Disk Management. Dynamic disks cannot contain partitions or logical drives, nor can they be accessed by MS-DOS.

Dynamic Host Configuration Protocol (DHCP)

A protocol for automatic TCP/IP configuration that provides static and dynamic address allocation and management. See also Transmission Control Protocol/Internet Protocol (TCP/IP).

Dynamic-link library (DLL)

A feature of the Microsoft Windows family of operating systems and the OS/2 operating system. DLLs allow executable routines, generally serving a specific function or set of functions, to be stored separately as files with .dll extensions and to be loaded only when needed by the program that calls them.



See Extensible Authentication Protocol (EAP).


See Extended Binary Coded Decimal Interchange Code (EBCDIC).

effective permissions

The sum of the NTFS permissions assigned to the user account and to all of the groups to which the user belongs. If a user has Read permission for a folder and is a member of a group with Write permission for the same folder, then the user has both Read and Write permission for the folder.


See Extended Industry Standard Architecture (EISA).

Encrypting File System (EFS)

A feature of Windows 2000 and Windows XP Professional that protects sensitive data in files that are stored on disk using the NTFS file system. It uses symmetric key encryption in conjunction with public key technology to provide confidentiality for files. It runs as an integrated system service, which makes it easy to manage, difficult to attack, and transparent to the file owner and applications.


The process of making information indecipherable to protect it from unauthorized viewing or use, especially during transmission or when the data is stored on a transportable magnetic medium. A key is required to decode the information. See also data encryption standard (DES).

Enhanced Small Device Interface (ESDI)

A standard that can be used with high-capacity hard disks and tape drives to enable high-speed communication with a computer. ESDI drivers typically transfer data at about 10 Mbps.


See Enhanced Small Device Interface (ESDI).


An action or occurrence to which a program might respond. Examples of events are mouse clicks, key presses, and mouse movements. Also, any significant occurrence in the system or in a program that requires users to be notified or an entry to be added to a log.


See byte.

Extended Binary Coded Decimal Interchange Code (EBCDIC)

A coding scheme developed by IBM for use with IBM mainframe and personal computers as a standard method of assigning binary (numeric) values to alphabetic, numeric, punctuation, and transmission-control characters.

Extended Industry Standard Architecture (EISA)

A 32-bit bus design for x86-based computers introduced in 1988. EISA was specified by an industry consortium of nine computer companies (AST Research, Compaq, Epson, Hewlett-Packard, NEC, Olivetti, Tandy, Wyse, and Zenith). An EISA device uses cards that are upwardly compatible from ISA. See also Industry Standard Architecture (ISA).

Extensible Authentication Protocol (EAP)

An extension to the Point-to-Point Protocol (PPP) that works with dial-up, PPTP, and L2TP clients. EAP allows for an arbitrary authentication mechanism to validate a dial-up connection. The exact authentication method to be used is negotiated by the dial-up client and the remote access server.



See file allocation table (FAT).


A derivative of the file allocation table file system. FAT32 supports smaller cluster sizes than FAT in the same given disk space, which results in more efficient space allocation on FAT32 drives. See also file allocation table (FAT).

fault tolerance

The ability of a computer or an operating system to respond to an event such as a power outage or a hardware failure in such a way that no data is lost and any work in progress is not corrupted.

Fiber Distributed Data Interface (FDDI)

A standard developed by the ANSI for high-speed, fiber-optic local area networks. FDDI provides specifications for transmission rates of 100 Mbps on networks based on the Token Ring standard.

file allocation table (FAT)

A file system based on a file allocation table (FAT) maintained by some operating systems, including Windows NT, Windows 2000, and Windows XP Professional, to keep track of the status of various segments of disk space used for file storage.

file infector

A type of virus that attaches itself to a file or program and activates any time the file is used. Many subcategories of file infectors exist. See also companion virus, macro virus, polymorphic virus, stealth virus.

File Transfer Protocol (FTP)

A process that provides file transfers between local and remote computers. FTP supports several commands that allow bidirectional transfer of binary and ASCII files between computers. The FTP client is installed with the TCP/IP connectivity utilities. See also ASCII (American Standard Code for Information Interchange), Transmission Control Protocol/Internet Protocol (TCP/IP).


A security system, usually a combination of hardware and software, intended to protect a network against external threats coming from another network, including the Internet. Firewalls prevent an organization's networked computers from communicating directly with computers that are external to the network, and vice versa. Instead, all incoming and outgoing communication is routed through a proxy server outside the organization's network. Firewalls also audit network activity, recording the volume of traffic and information about unauthorized attempts to gain access. See also proxy server


Software routines stored in read-only memory (ROM). Unlike random access memory (RAM), ROM stays intact even in the absence of electrical power. Startup routines and low-level input/output (I/O) instructions are stored in firmware.

flow control

Regulating the flow of data through routers to ensure that no segment becomes overloaded with transmissions.


A grouping or hierarchical arrangement of one or more domain trees that form a disjointed namespace.


The scattering of the parts of a file over different parts of the disk rather than having all parts of the file located in contiguous space. When a hard disk contains numerous fragmented files and folders, the computer takes longer to gain access to files and folders because it requires several additional reads to collect the various pieces. Creating new files and folders also takes longer because the available free space on the hard disk is scattered.


A package of information transmitted on a network as a single unit. Frame is a term most often used with Ethernet networks. A frame is similar to the packet used in other networks. See also data frames, packet.

frame preamble

Header information added to the beginning of a data frame in the physical layer of the OSI reference model.

frame relay

An advanced, fast-packet, variable-length, digital, packet-switching technology. It is a point-to-point system that uses a private virtual circuit (PVC) to transmit variable-length frames at the data-link layer of the OSI reference model. Frame relay networks can also provide subscribers with bandwidth, as needed, that allows users to make nearly any type of transmission.

front end

In a client/server application, the part of the program carried out on the client computer.


See File Transfer Protocol (FTP).

full-duplex transmission

Also called duplex transmission. Communication that takes place simultaneously, in both directions. See also duplex transmission.



A device used to connect networks using different protocols so that information can be passed from one system to the other. Gateways functions at the network layer of the OSI reference model.


See gigabit (Gb).


See gigabyte (GB).

gigabit (Gb)

1,073,741,824 bits. Also referred to as 1 billion bits.

gigabyte (GB)

Commonly, 1000 megabytes. However, the precise meaning often varies with the context. A gigabyte is 1 billion bytes. In the context of computing, bytes are often expressed in multiples of powers of two. Therefore, a gigabyte can also be either 1000 megabytes or 1024 megabytes, where a megabyte is considered to be 1,048,576 bytes (2 raised to the 20th power).

Global Catalog

A service and a physical storage location that contains a replica of selected attributes for every object in Active Directory.

global group

One type of group account used by Windows 2000 Server. Used across an entire domain, global groups are created on domain controllers in the domain in which the user accounts reside. Global groups can contain only user accounts from the domain in which the global group is created. Members of global groups obtain resource permissions when the global group is added to a local group. See also group.


In networking, an account containing other accounts that are called members. The permissions and rights granted to a group are also provided to its members; thus, groups offer a convenient way to grant common capabilities to collections of user accounts. For Windows XP Professional, groups are managed with the Computer Management snap-in. For Windows 2000 Server, groups are managed with the Active Directory Users and Computers snap-in.

Group Policy

An administrator's tool for defining and controlling how programs, network resources, and the operating system operate for users and computers in an organization. In an Active Directory environment, Group Policy is applied to users or components on the basis of their membership in sites, domains, or organizational units.



A term applied to modem-to-modem communication. Refers to the process by which information is transmitted between the sending and receiving devices to maintain and coordinate data flow between them. Proper handshaking ensures that the receiving device will be ready to accept data before the sending device transmits it.

hard disk

One or more inflexible platters coated with material that allows the magnetic recording of computer data. A typical hard disk rotates at up to 7200 revolutions per minute (RPM), and the read/write heads ride over the surface of the disk on a cushion of air 10 to 25 millionths of an inch deep. A hard disk is sealed to prevent contaminants from interfering with the close head-to-disk tolerances. Hard disks provide faster access to data than floppy disks and are capable of storing much more information. Because platters are rigid, they can be stacked so that one hard-disk drive can access more than one platter. Most hard disks have between two and eight platters.


The physical components of a computer system, including any peripheral equipment such as printers, modems, and mouse devices.

Hardware Compatibility List (HCL)

A list of computers and peripherals that have been tested and have passed compatibility testing with the product for which the HCL is being developed. For example, the Windows XP HCL lists products that have been tested and found to be compatible with Windows XP.

hardware loopback

A connector on a computer that is useful for troubleshooting hardware problems, allowing data to be transmitted to a line, then returned as received data. If the transmitted data does not return, the hardware loopback detects a hardware malfunction.


See Hardware Compatibility List (HCL).


See High-Level Data Link Control (HDLC).


In network data transmission, one of the three sections of a packet component. It includes an alert signal to indicate that the packet is being transmitted, the source address, the destination address, and clock information to synchronize transmission.

hertz (Hz)

The unit of frequency measurement. Frequency measures how often a periodic event occurs, such as the manner in which a wave's amplitude changes with time. One hertz equals one cycle per second. Frequency is often measured in kilohertz (KHz, 1000 Hz), megahertz (MHz), gigahertz (GHz, 1000 MHz), or terahertz (THz, 10,000 GHz).

High-Level Data Link Control (HDLC)

A widely accepted international protocol, developed by the International Organization for Standardization (ISO), that governs information transfer. HDLC is a bit-oriented, synchronous protocol that applies to the data-link (message packaging) layer of the OSI reference model. Under the HDLC protocol, data is transmitted in frames, each of which can contain a variable amount of data that must be organized in a particular way. See also data frames, frame.


A chart consisting of horizontal or vertical bars. The widths or heights of these bars represent the values of certain data.


See server.

hot fixing

See sector sparing.


See Hypertext Markup Language (HTML).

Human Interface Device (HID)

A firmware specification standard for input and output devices such as drawing tablets, keyboards, universal serial bus (USB) speakers, and other specialized devices designed to improve accessibility.

Hypertext Markup Language (HTML)

A language developed for writing pages for the World Wide Web. HTML allows text to include codes that define fonts, layout, embedded graphics, and hypertext links. Hypertext provides a method for presenting text, images, sound, and videos that are linked together in a nonsequential web of associations.

Hypertext Transfer Protocol (HTTP)

The method by which World Wide Web pages are transferred over the network.



See Image Color Management (ICM) 2.0


See Internet Control Message Protocol (ICMP).


See Integrated Device Electronics (IDE).


See Institute of Electrical and Electronics Engineers (IEEE).

IEEE 1394 Firewire

A standard for high-speed serial devices such as digital video and digital audio editing equipment.

IEEE Project 802

A networking model developed by the IEEE. Named for the year and month it began (February 1980), Project 802 defines local area network (LAN) standards for the physical and data-link layers of the OSI reference model. Project 802 divides the data-link layer into two sublayers: media access control (MAC) and logical link control (LLC).

Image Color Management (ICM) 2.0

An operating system application programming interface (API) that helps ensure that colors you see on your monitor match those on your scanner and printer.

Industry Standard Architecture (ISA)

An unofficial designation for the bus design of the IBM Personal Computer (PC) PC/XT. It allows various adapters to be added to the system by inserting plug-in cards into expansion slots. Commonly, ISA refers to the expansion slots themselves; such slots are called 8-bit slots or 16-bit slots. See also Extended Industry Standard Architecture (EISA), Micro Channel Architecture.

infrared transmission

Electromagnetic radiation with frequencies in the electromagnetic spectrum in the range just below that of visible red light. In network communications, infrared technology offers extremely high transmission rates and wide bandwidth in line-of-sight communications.

Institute of Electrical and Electronics Engineers (IEEE)

An organization of engineering and electronics professionals; noted in networking for developing the IEEE 802.x standards for the physical and data-link layers of the OSI reference model, applied in a variety of network configurations.

Integrated Device Electronics (IDE)

A type of disk drive interface in which the controller electronics reside on the drive itself, eliminating the need for a separate network interface card. The IDE interface is compatible with the Western Digital ST-506 controller.

Integrated Services Digital Network (ISDN)

A worldwide digital communication network that evolved from existing telephone services. The goal of the ISDN is to replace current telephone lines, which require digital-to-analog conversions, with completely digital switching and transmission facilities capable of carrying data ranging from voice to computer transmissions, music, and video. The ISDN is built on two main types of communications channels: B channels, which carry voice, data, or images at a rate of 64 Kbps (kilobits per second), and a D channel, which carries control information, signaling, and link management data at 16 Kbps. Standard ISDN Basic Rate desktop service is called 2B+D. Computers and other devices connect to ISDN lines through simple, standardized interfaces.


Boundaries that separate layers from each other. For example, in the OSI reference model, each layer provides some service or action that prepares the data for delivery over the network to another computer.

International Organization for Standardization (ISO)

An organization made up of standards-setting groups from various countries. For example, the United States member is the American National Standards Institute (ANSI). The ISO works to establish global standards for communications and information exchange. Primary among its accomplishments is development of the widely accepted OSI reference model. Note that the ISO is often wrongly identified as the International Standards Organization, probably because of the acronym ISO; however, ISO is derived from isos, which means equal in Greek, rather than an acronym.

Internet Control Message Protocol (ICMP)

Used by Internet Protocol (IP) and higher level protocols to send and receive status reports about information being transmitted.

Internet Protocol (IP)

The TCP/IP protocol for packet forwarding. See also Transmission Control Protocol/Internet Protocol (TCP/IP).

Internet Protocol Security (IPSec)

A framework of open standards for ensuring secure private communications over IP networks by using cryptographic security services.

Internet service provider (ISP)

A company that provides individuals or companies access to the Internet and the World Wide Web. An ISP provides a telephone number, a user name, a password, and other connection information, so users can connect their computer to the ISP's computers. An ISP typically charges a monthly or hourly connection fee.


The intercommunication in a network that is made up of smaller networks.

Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)

A protocol stack that is used in Novell networks. IPX is the NetWare protocol for packet forwarding and routing. It is a relatively small and fast protocol on a local area network (LAN), is a derivative of Xerox Network System (XNS), and supports routing. SPX is a connection-oriented protocol used to guarantee the delivery of the data being sent. NWLink is the Microsoft implementation of the IPX/SPX protocol.


The ability of components in one system to work with components in other systems.

interrupt request (IRQ)

An electronic signal sent to a computer's CPU to indicate that an event has taken place that requires the processor's attention.


A network within an organization that uses Internet technologies and protocols but is available only to certain people, such as employees of a company. An intranet is also called a private network.


See Internet Protocol (IP). See also Transmission Control Protocol/Internet Protocol (TCP/IP).

IP address

A 32-bit address used to identify a node on an Internet Protocol (IP) internetwork. Each node on the IP internetwork must be assigned a unique IP address, which is made up of the network ID plus a unique host ID. This address is typically represented with the decimal value of each octet separated by a period (for example, In Windows XP Professional, the IP addresses can be configured manually, or if you have a computer running Windows 2000 Server and DHCP, the IP addresses can be configured dynamically. See also Dynamic Host Configuration Protocol (DHCP).


A diagnostic command that displays all current TCP/IP network configuration values. It is of particular use on systems running DHCP because it allows users to determine which TCP/IP configuration values have been configured by the DHCP server.


See Internet Protocol Security (IPSec).


See Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX).


See interrupt request (IRQ).


See Industry Standard Architecture (ISA).


See Integrated Services Digital Network (ISDN).


See International Organization for Standardization (ISO).



A small plastic-and-metal plug or wire for connecting different points in an electronic circuit. Jumpers are used to select a particular circuit or option from several possible configurations. Jumpers can be used on network interface cards to select the type of connection through which the card will transmit, either DIX or BNC.


Kerberos authentication protocol

An authentication mechanism used to verify user or host identity. The Kerberos v5 authentication protocol is the default authentication service for Windows XP Professional. Internet Protocol security and the QoS Admission Control Service use the Kerberos protocol for authentication.


In database management, an identifier for a record or group of records in a data file. Most often, the key is defined as the contents of a single field, called the key field in some database management programs and the index field in others. Keys are maintained in tables and are indexed to speed record retrieval. Keys also refer to code that deciphers encrypted data.

kilo (K)

Refers to 1000 in the metric system. In computing terminology, because computing is based on powers of 2, kilo is most often used to mean 1024 (2 raised to the 10th power). To distinguish between the two contexts, a lowercase k is often used to indicate 1000 and an uppercase K for 1024. A kilobyte is 1024 bytes.

kilobit (Kbit)

1024 bits. See also bit, kilo (K).

kilobyte (KB)

1024 bytes. See also byte, kilo (K).



See Layer Two Tunneling Protocol (L2TP).


See local area network (LAN).

LAN requester

See requester (LAN requester).

laser transmission

Wireless network that uses a laser beam to carry data between devices.


See local area transport (LAT).


The coordination of various protocols in a specific architecture that allows the protocols to work together to ensure that the data is prepared, transferred, received, and acted on as intended.

Layer Two Tunneling Protocol (L2TP)

Its primary purpose is to create an encrypted tunnel through an untrusted network. L2TP is similar to Point-to-Point Tunneling Protocol (PPTP) in that it provides tunneling but not encryption. L2TP provides a secure tunnel by cooperating with other encryption technologies such as IPSec. L2TP functions with IPSec to provide a secure virtual private network solution.

line printer

A connectivity tool that runs on client systems and is used to print files to a computer running an LPD server.

line printer daemon (LPD)

A service on the print server that receives documents (print jobs) from line printer remote (LPR) tools running on client systems.


The communication system that connects two local area networks (LANs). Equipment that provides the link, including bridges, routers, and gateways.

local area network (LAN)

Computers connected in a geographically confined network, such as in the same building, campus, or office park.

local area transport (LAT)

A nonroutable protocol from Digital Equipment Corporation.

local computer

A computer that can be accessed directly without using a communications line or a communications device, such as a network adapter or a modem.

local group

One type of group account used by Windows XP. Implemented in each local computer's account database, local groups contain user accounts and other global groups that need to have access, rights, and permissions assigned to a resource on a local computer. Local groups cannot contain other local groups.

local user

The user at the computer.

logical drive

A volume created within an extended partition on a basic disk. You can format and assign a drive letter to a logical drive. Only basic disks can contain logical drives. A logical drive cannot span multiple disks.

logical link control (LLC) sublayer

One of two sublayers created by the IEEE 802 project out of the data-link layer of the OSI reference model. The LLC is the upper sublayer that manages data-link communication and defines the use of logical interface points, called service access points (SAPs), used by computers to transfer information from the LLC sublayer to the upper OSI layers. See also media access control (MAC) sublayer, service access point (SAP)

logon script

Files that can be assigned to user accounts. Typically a batch file, a logon script runs automatically every time the user logs on. It can be used to configure a user's working environment at every logon, and it allows an administrator to influence a user's environment without managing all aspects of it. A logon script can be assigned to one or more user accounts.


macro virus

A virus written in the internal macro language of applications. In many cases macro viruses cause no damage to data, but in some cases malicious macros have been written that can damage your work. See also companion virus, file infector, polymorphic virus, stealth virus.

master boot record (MBR)

The first sector on a hard disk, this data structure starts the process of booting the computer. The MBR contains the partition table for the disk and a small amount of executable code called the master boot code.


See megabit (Mb).


See megabyte (MB).


See millions of bits per second (Mbps).


The vast majority of local area networks (LANs) today are connected by some sort of wire or cabling that acts as the LAN transmission medium, carrying data between computers. The cabling is often referred to as the media.

media access control (MAC) driver

The device driver located at the media access control sublayer of the OSI reference model. This driver is also known as the NIC driver. It provides low-level access to network interface cards (NICs) by providing data-transmission support and some basic NIC management functions. These drivers also pass data from the physical layer to transport protocols at the network and transport layers.

media access control (MAC) sublayer

One of two sublayers created by the IEEE 802 project out of the data-link layer of the OSI reference model. The MAC sublayer communicates directly with the network interface card and is responsible for delivering error-free data between two computers on the network. See also logical link control (LLC) sublayer.

megabit (Mb)

Usually, 1,048,576 bits; sometimes interpreted as 1 million bits. See also bit.

megabyte (MB)

1,048,576 bytes (2 raised to the 20th power); sometimes interpreted as 1 million bytes. See also byte.

Micro Channel Architecture

The design of the bus in IBM PS/2 computers (except Models 25 and 30). The Micro Channel is electrically and physically incompatible with the IBM PC/AT bus. Unlike the PC/AT bus, the Micro Channel functions as either a 16-bit or 32-bit bus. The Micro Channel also can be driven independently by multiple bus master processors. See also Extended Industry Standard Architecture (EISA), Industry Standard Architecture (ISA).

Microcom Network Protocol (MNP)

The standard for asynchronous data-error control developed by Microcom Systems. The method works so well that other companies have adopted not only the initial version of the protocol, but later versions as well. Currently, several modem vendors incorporate MNP Classes 2, 3, 4, and 5.

Microsoft Technical Information Network (TechNet)

Provides informational support for all aspects of networking, with an emphasis on Microsoft products.

millions of bits per second (Mbps)

The unit of measure of supported transmission rates on the following physical media: coaxial cable, twisted-pair cable, and fiber-optic cable. See also bit.


See Microcom Network Protocol (MNP).

mobile computing

Incorporates wireless adapters using cellular telephone technology to connect portable computers with the cabled network.


A communications device that enables a computer to transmit information over a standard telephone line. Because a computer is digital, it works with discrete electrical signals representing binary 1 and binary 0. A telephone is analog and carries a signal that can have many variations. Modems are needed to convert digital signals to analog and back. When transmitting, modems impose (modulate) a computer's digital signals onto a continuous carrier frequency on the telephone line. When receiving, modems sift out (demodulate) the information from the carrier and transfer it in digital form to the computer.


A mode of operation offered by an operating system in which a computer works on more than one task at a time. There are two primary types of multitasking: preemptive and nonpreemptive. In preemptive multitasking, the operating system can take control of the processor without the task's cooperation. In nonpreemptive multitasking, the processor is never taken from a task. The task itself decides when to give up the processor. A true multitasking operating system can run as many tasks as it has processors. When there are more tasks than processors, the computer must "time slice" so that the available processors devote a certain amount of time to one task and then move on to the next task, alternating between tasks until all are completed.


Name Binding Protocol (NBP)

An Apple protocol responsible for keeping track of entities on the network and matching names with Internet addresses. It works at the transport layer of the OSI reference model.


Any bounded area in which a name can be resolved. Name resolution is the process of translating a name into some object or information that the name represents. The Active Directory namespace is based on the Domain Name System (DNS) naming scheme, which allows for interoperability with Internet technologies.


See Name Binding Protocol (NBP).


A diagnostic command that displays protocol statistics and current Transmission Control Protocol/Internet Protocol (TCP/IP) connections using NBT (NetBIOS over TCP/IP). This command is available only if the TCP/IP protocol has been installed. See also netstat.


See Network Device Interface Specification (NDIS).

NetBEUI (NetBIOS Extended User Interface)

A protocol supplied with all Microsoft network products. NetBEUI advantages include small stack size (important for MS-DOS-based computers), speed of data transfer on the network medium, and compatibility with all Microsoft-based networks. The major drawback of NetBEUI is that it is a local area network (LAN) transport protocol and therefore does not support routing. It is also limited to Microsoft-based networks.

NetBIOS (network