A class of IBM Systems Network Architecture terminal and related protocol used to communicate with IBM mainframe host systems.
An encrypting algorithm that processes each data block three times, using a unique key each time. 3DES is much more difficult to break than straight DES. It is the most secure of the DES combinations, and is therefore slower in performance.
See also: Data Encryption Standard (DES)A class of IBM Systems Network Architecture terminal and related protocol used to communicate with AS/400 host systems.
A protocol that supports the mapping of Resource Reservation Protocol (RSVP) signals to Layer 2 signals by using 802.1p priority markings to enable the prioritization of traffic across Layer 2 devices, such as switches, on a network segment. IEEE 802 refers to the Layer 2 technology used by LANs including the data-link layer and the media access control layer.
A tape cartridge format used for data backups, similar to that used for some video cameras except that the tape is rated for data storage. The capacity is 5 GB or more of (optionally compressed) data.
The coding system used by Dolby Digital. A standard for high quality digital audio that is used for the sound portion of video stored in digital format.
A type of expansion slot that is solely for video cards. Designed by Intel, AGP is a dedicated bus that provides fast, high-quality video and graphics performance.
An entry in an object's discretionary access control list (DACL) that grants permissions to a user or group. An ACE is also an entry in an object's system access control list (SACL) that specifies the security events to be audited for a user or group.
See also: access control list (ACL); access mask; discretionary access control list (DACL); object; permission; security descriptor; system access control list (SACL)A list of security protections that apply to an entire object, a set of the object's properties, or an individual property of an object. There are two types of access control lists: discretionary and system.
See also: access control entry (ACE); discretionary access control list (DACL); object; security descriptor; system access control list (SACL)A 32-bit value that specifies the rights that are allowed or denied in an access control entry (ACE) of an access control list (ACL). An access mask is also used to request access rights when an object is opened.
See also: access control entry (ACE)A data structure that contains the security identifier (SID) for a security principal, SIDs for the groups that the security principal belongs to, and a list of the security principal's privileges (also called user rights) on the local computer.
See also: security ID (SID); security principalThe quality of a system incorporating hardware or software to engage a flexible, customizable user interface, alternative input and output methods, and greater exposure of screen elements to make the computer usable by people with cognitive, hearing, physical, or visual disabilities.
An interactive tool that makes it easier to set up commonly used accessibility features by specifying options by type of disability, rather than by numeric value changes.
The directory service that stores information about objects on a network and makes this information available to users and network administrators. Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration for all network objects.
See also: directory; directory serviceA partition from which an x86-based computer starts up. The active partition must be a primary partition on a basic disk. If you use Windows exclusively, the active partition can be the same as the system volume.
See also: basic disk; primary partition; system partition; system volumeThe volume from which the computer starts up. The active volume must be a simple volume on a dynamic disk. You cannot mark an existing dynamic volume as the active volume, but you can upgrade a basic disk containing the active partition to a dynamic disk. After the disk is upgraded to dynamic, the partition becomes a simple volume that is active.
See also: active partition; basic disk; dynamic disk; dynamic volume; simple volumeA set of technologies that allows software components to interact with one another in a networked environment, regardless of the language in which the components were created.
An open industry specification that defines power management on a wide range of mobile, desktop, and server computers and peripherals. ACPI is the foundation for the OnNow industry initiative that allows system manufacturers to deliver computers that start at the touch of a keyboard. ACPI design is essential to take full advantage of power management and Plug and Play.
See also: Plug and PlayA software interface (designed by Microsoft and Intel) between hardware-specific power management software (such as that located in a system BIOS) and an operating system power management driver.
See also: basic input/output system (BIOS)In Systems Management Server, a notification sent by the site server to the client access points (CAPs) specifying that a software distribution program is available for clients to use. In Windows 2000 and Windows XP, the Software Installation snap-in generates an application advertisement script and stores this script in the appropriate locations in Active Directory and the Group Policy object.
The smallest amount of disk space that can be allocated to hold a file. All file systems used by Windows organize hard disks based on allocation units. The smaller the allocation unit size, the more efficiently a disk stores information. If you do not specify an allocation unit size when formatting the disk, Windows picks default sizes based on the size of the volume. These default sizes are selected to reduce the amount of space that is lost and the amount of fragmentation on the volume. An allocation unit is also called a cluster.
See also: file system; volumeA standard single-byte character encoding scheme used for text-based data. ASCII uses designated 7-bit or 8-bit number combinations to represent either 128 or 256 possible characters. Standard ASCII uses 7 bits to represent all uppercase and lowercase letters, the numbers 0 through 9, punctuation marks, and special control characters used in U.S. English. Most current x86-based systems support the use of extended (or "high") ASCII. Extended ASCII allows the eighth bit of each character to identify an additional 128 special symbol characters, foreign-language letters, and graphic symbols.
See also: UnicodeA text file that you can use to provide automated input for unattended installation of Windows XP and Windows 2000. This input includes parameters to answer the questions included in Setup for specific installations. In some cases, you can use this text file to provide input to wizards, such as the Active Directory Installation Wizard, which is used to add Active Directory to Windows 2000 Server through Setup. The default answer file for Setup is known as Unattend.txt.
See also: Active DirectoryA data repository that determines which media can be accessed by which applications and that sets the policies for that media. There can be any number of application media pools in a Removable Storage system. Applications create application media pools.
See also: Removable StorageA set of routines that an application uses to request and carry out lower-level services performed by a computer's operating system. These routines usually carry out maintenance tasks such as managing files and displaying information.
System extensions, programs, devices, and tools added to a computer to make it more accessible to users with disabilities.
A form of data transmission in which information is sent and received at irregular intervals, one character at a time. Because data is received at irregular intervals, the receiving modem must be signaled to let it know when the data bits of a character begin and end. This is done by means of start and stop bits.
A high-speed, connection-oriented protocol used to transport many different types of network traffic. ATM packages data in a 53-byte, fixed-length cell that can be switched quickly between logical connections on a network.
See also: protocolFor files, information that indicates whether a file is read-only, hidden, ready for archiving (backing up), compressed, or encrypted, and whether the file contents should be indexed for fast file searching.
See also: object; schemaThe process that tracks the activities of users by recording selected types of events in the security log of a server or a workstation.
The process for verifying that an entity or object is who or what it claims to be. Examples include confirming the source and integrity of information, such as verifying a digital signature or verifying the identity of a user or computer.
See also: confidentiality; cryptography; integrity; Kerberos V5 authentication protocol; nonrepudiation; NTLM authentication protocol; smart card; trust relationshipA header that provides authentication, integrity, and anti-replay for the entire packet (the IP header and the data payload carried in the packet).
For DNS, describes a DNS server hosting a zone, or a zone containing a name or record. When a DNS server is configured to host a zone, it is said to be authoritative for names that do exist or could exist within that zone. A DNS server is allowed to respond authoritatively to queries for domain names for which it is authoritative. A zone is said to be authoritative for a name if the name exists or could exist within a zone, and it is said to be authoritiative for a record if the owner name of the record exists or could exist within a zone.
See also: DNS server; domain name; Domain Name System (DNS)An unattended setup using one or more of several methods such as Remote Installation Services, bootable CD, and Sysprep.
See also: Remote Installation Services (RIS); SysprepA method of automatically storing network files on a user's hard disk drive whenever a file is open so the files can be accessed when the user is not connected to the network.
A feature of Windows XP TCP/IP that automatically configures a unique IP address from the range 169.254.0.1 through 169.254.255.254 and a subnet mask of 255.255.0.0 when the TCP/IP protocol is configured for dynamic addressing and a Dynamic Host Configuration Protocol (DHCP) is not available.
See also: Dynamic Host Configuration Protocol (DHCP); IP address; Transmission Control Protocol/Internet Protocol (TCP/IP)A state in which media can be allocated for use by applications.
A tree structure for storing database indexes. Each node in the tree contains a sorted list of key values and links that correspond to ranges of key values between the listed values. To find a specific data record given its key value, the program reads the first node, or root, from the disk and compares the desired key with the keys in the node to select a subrange of key values to search. It repeats the process with the node indicated by the corresponding link. At the lowest level, the links indicate the data records. The database system can thus rapidly search through the levels of the tree structure to find the simple index entries that contain the location of the desired records or rows.
A duplicate copy of a program, a disk, or data, made either for archiving purposes or for safeguarding valuable files from loss in case the active copy is damaged or destroyed. Some application programs automatically make backup copies of data files, maintaining both the current version and the preceding version.
A type of local or global group that contains the user rights you need to back up and restore files and folders. Members of the Backup Operators group can back up and restore files and folders regardless of ownership, permissions, encryption, or auditing settings.
See also: auditing; global group; local group; user rightsA type that determines which data is backed up and how it is backed up. There are five backup types: copy, daily, differential, incremental, and normal.
See also: copy backup; daily backup; differential backup; incremental backup; normal backupA disk sector that can no longer be used for data storage, usually due to media damage or imperfections. Also known as bad sector.
A disk sector that can no longer be used for data storage, usually due to media damage or imperfections. Also known as bad block.
In analog communications, the difference between the highest and lowest frequencies in a spcific range. For example, an analog telephone line accommodates a bandwidth of 3,000 hertz (Hz), the difference between the lowest (300 Hz) and highest (3,300 Hz) frequencies it can carry. In digital communications, bandwidth is expressed in bits per second (bps).
A machine-readable label that identifies objects, such as physical media.
The first file record in the master file table (MFT) for a file that has multiple file records. The base file record is the record to which the file's file reference corresponds.
See also: master file table (MFT)A range of measurements derived from performance monitoring that represents acceptable performance under typical operating conditions.
A physical disk that can be accessed by MS-DOS and all Windows-based operating systems. Basic disks can contain up to four primary partitions, or three primary partitions and an extended partition with multiple logical drives. If you want to create partitions that span multiple disks, you must first convert the basic disk to a dynamic disk using Disk Management or the Diskpart.exe command-line utility.
See also: dynamic disk; extended partition; logical drive; MS-DOS (Microsoft Disk Operating System); primary partitionOn x86-based computers, the set of essential software routines that test hardware at startup, start the operating system, and support the transfer of data among hardware devices. The BIOS is stored in read-only memory (ROM) so that it can be executed when you turn on the computer. Although critical to performance, the BIOS is usually invisible to computer users.
See also: Extensible Firmware Interface (EFI); read-only memory (ROM)A primary partition or logical drive that resides on a basic disk.
See also: basic disk; logical drive; primary partitionAn ASCII (unformatted text) file that contains one or more operating system commands. A batch program's file name has a .cmd or .bat extension. When you type the file name at the command prompt, or when the batch program is run from another program, its commands are processed sequentially. Batch programs are also called batch files.
See also: American Standard Code for Information Interchange (ASCII); logon scriptCommunication that occurs in two directions simultaneously. Bidirectional communication is useful in printing where jobs can be sent and printer status can be returned at the same time.
A process by which software components and layers are linked together. When a network component is installed, the binding relationships and dependencies for the components are established. Binding allows components to communicate with each other.
The sequence in which software components, network protocols, and network adapters are linked together. When a network component is installed, the binding relationships and dependencies for the components are established.
A series of fields containing data on disk size, geometry variables, and the physical parameters of the volume. The BPB is located within the boot sector.
A service that runs on the server running Windows 2000 Server that acts on client boot requests.
A critical disk structure for starting your computer, located at sector 1 of each volume or floppy disk. It contains executable code and data that is required by the code, including information used by the file system to access the volume. The boot sector is created when you format the volume.
The volume that contains the Windows operating system and its support files. The boot volume can be, but does not have to be, the same as the system volume.
See also: system volume; volumeAn automated installation method that runs Setup from a CD-ROM. This method is useful for computers at remote sites with slow links and no local IT department.
See also: automated installationA program that is run automatically when a computer is turned on, or booted. After first performing a few basic hardware tests, the bootstrap loader loads and passes control to a larger loader program, which typically then loads the operating system. The bootstrap loader typically resides in the computer's read-only memory (ROM).
See also: read-only memory (ROM)A condition, usually involving a hardware resource, that causes the entire system to perform poorly.
A keyboard filter that assists users whose fingers bounce on the keys when pressing or releasing them.
In programming, a problem in which a set of conditions exceeds a permitted range of values that causes the microprocessor to stop what it is doing and handle the situation in a separate routine.
A UNIX command processor developed by Steven Bourne.
The process of creating and maintaining an up-to-date list of computers and resources on a network or part of a network by one or more designated computers running the Computer Browser service.
A device that enables a broadband connection to the Internet by using cable television infrastructure. Access speeds vary greatly, with a maximum throughput of 10 megabits per second (Mbps).
For DNS and WINS, a local information store of resource records for recently resolved names of remote hosts. Typically, the cache is built dynamically as the computer queries and resolves names. It also helps optimize the time required to resolve queried names.
See also: cache file; naming service; resource record (RR)A file used by the Domain Name System (DNS) server to preload its names cache when the service is started. Also known as the root hints file because DNS uses resource records stored in this file to help locate root servers that provide referral to authoritative servers for remote names. For Windows DNS servers, the cache file is named Cache.dns and is located in the
The process of temporarily storing recently used data values in a special pool in memory for quicker subsequent access. For DNS, typically the ability of the DNS server to store information learned about the DNS namespace during the resolution of DNS queries. (For example, the DNS server can cache DNS records received from other DNS servers.) Caching is also available through the DNS Client service as a way for DNS clients to keep a cache of information learned during recent queries.
See also: caching resolver; DNS server; Domain Name System (DNS)A client-side DNS name resolution service that performs caching of recently learned DNS domain name information. The caching resolver service provides system-wide access to DNS-aware programs for resource records obtained from DNS servers during processing of name queries. Cached data is used for a limited period of time and aged according to the active Time-to-Live (TTL) value. You can set the TTL individually for each resource record (RR). Otherwise, it defaults to the minimum TTL set in the SOA RR for the zone.
See also: cache; caching; expire interval; resolver; resource record (RR); Time to Live (TTL)The number that a remote access server uses to call back a user. This number can be preset by the administrator or specified by the user at the time of each call, depending on how the administrator configures the user's callback options. The callback number should be the number of the phone line to which the user's modem is connected.
See also: remote access serverA 32-bit PC Card.
A unit of media of a certain type, such as 8mm tape, magnetic disk, optical disk, or CD-ROM, used by Removable Storage.
See also: Removable StorageThe part of a computer that has the ability to retrieve, interpret, and execute instructions and to transfer information to and from other resources over the computer's main data-transfer path, the bus. By definition, the CPU is the chip that functions as the "brain" of a computer.
A digital document that is commonly used for authentication and secure exchange of information on open networks, such as the Internet, extranets, and intranets. A certificate securely binds a public key to the entity that holds the corresponding private key. Certificates are digitally signed by the issuing certification authority and can be issued for a user, a computer, or a service. The most widely accepted format for certificates is defined by the
A software service that issues certificates for a particular certification authority (CA). It provides customizable services for issuing and managing certificates for the enterprise. Certificates can be used to provide authentication support, including secure e-mail, Web-based authentication, and smart card authentication.
See also: authentication; certificate; certification authority (CA)A Windows construct that prespecifies format and content of certificates based on their intended usage. When requesting a certificate from a Windows enterprise certification authority (CA), certificate requestors are, depending on their access rights, able to select from a variety of certificate types that are based on certificate templates, such as User and Code Signing.
See also: certificate; certification authority (CA)An entity responsible for establishing and vouching for the authenticity of public keys belonging to users (end entities) or other certification authorities. Activities of a certification authority can include binding public keys to distinguished names through signed certificates, managing certificate serial numbers, and certificate revocation.
See also: certificateA challenge-response authentication protocol for PPP connections documented in RFC 1994 that uses the industry-standard Message Digest 5 (MD5) one-way encryption scheme to hash the response to a challenge issued by the remote access server.
See also: Point-to-Point Protocol (PPP)A feature new to Windows 2000 that tracks changes to NTFS volumes, including additions, deletions, and modifications. The change journal exists on the volume as a sparse file.
See also: NTFS file system; volumeThe robotic element of an online library unit.
An object that resides in another object. A child object implies relation. For example, a file is a child object that resides in a folder, which is the parent object.
See also: object; parent objectText that has been encrypted using an encryption key. Ciphertext is meaningless to anyone who does not have the decryption key.
See also: decryption; encryption; encryption key; plaintextAny computer or program connecting to, or requesting the services of, another computer or program. Client can also refer to the software that enables the computer or program to establish the connection.
For a local area network (LAN) or the Internet, a computer that uses shared network resources provided by another computer (called a server).
See also: serverIn data storage, the smallest amount of disk space that can be allocated to hold a file. All file systems used by Windows organize hard disks based on clusters, which consist of one or more contiguous sectors. The smaller the cluster size, the more efficiently a disk stores information. If no cluster size is specified during formatting, Windows picks defaults based on the size of the volume. These defaults are selected to reduce the amount of space that is lost and the amount of fragmentation on the volume. A cluster is also called an allocation unit.
In computer networking, a group of independent computers that work together to provide a common set of services and present a single-system image to clients. The use of a cluster enhances the availability of the services and the scalability and manageability of the operating system that provides the services.
See also: client; file system; volumeA disk on a shared bus connected to the cluster nodes, which all the cluster nodes can access (though not at the same time).
A recovery technique used when NTFS detects a bad sector. NTFS dynamically replaces the cluster containing the bad sector and allocates a new cluster for the data. If the error occurs during a read, NTFS returns a read error to the calling program, and the data is lost. If the error occurs during a write, NTFS writes the data to the new cluster, and no data is lost.
See also: NTFS file systemA means of providing support for character sets and keyboard layouts for different countries or regions. A code page is a table that relates the binary character codes used by a program to keys on the keyboard or to characters on the display.
Hardware that can convert audio or video signals between analog and digital forms (coder/decoder); hardware or software that can compress and uncompress audio or video data (compression/decompression); or the combination of coder/decoder and compression/decompression. Generally, a codec compresses uncompressed digital data so that the data uses less memory.
A protocol and a corresponding API used by application programs to request higher level application services. CIFS was formerly known as Server Message Block (SMB).
A port on a computer that allows asynchronous communication of one byte at a time. A communication port is also called a serial port.
See also: asynchronous communicationA 32-bit protected-mode file system that controls access to the contents of CD-ROM drives.
A type of CD-ROM that can be written on a CD recorder and read on a CD-ROM drive.
The battery-packed memory that stores information, such as disk types and amount of memory, used to start the computer.
An object-based programming model designed to promote software interoperability; it allows two or more applications or components to easily cooperate with one another, even if they were written by different vendors, at different times, in different programming languages, or if they are running on different computers running different operating systems. Object linking and embedding (OLE) technology and ActiveX are both built on top of COM.
See also: ActiveX; object linking and embedding (OLE)A basic security function of cryptography. Confidentiality provides assurance that only authorized users can read or use confidential or secret information. Without confidentiality, anyone with network access can use readily available tools to eavesdrop on network traffic and intercept valuable proprietary information. For example, an Internet Protocol security service that ensures a message is disclosed only to intended recipients by encrypting the data.
See also: authentication; cryptography; integrity; nonrepudiationThe left pane in Microsoft Management Console (MMC) that displays the items contained in the console. By default it is the left pane of a console window, but it can be hidden. The items in the console tree and their hierarchical organization determine the capabilities of a console.
See also: Microsoft Management Console (MMC)An object that can logically contain other objects. For example, a folder is a container object.
See also: noncontainer object; objectA backup that copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations.
See also: daily backup; differential backup; incremental backup; normal backupA set of information that includes identification and proof of identification that is used to gain access to local and network resources. Examples of credentials are user names and passwords, smart cards, and certificates.
An application programming interface (API) that is provided as part of Microsoft Windows. CryptoAPI provides a set of functions that allows applications to encrypt or digitally sign data in a flexible manner while providing protection for the user's sensitive private key data. Actual cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs).
See also: application programming interface (API); cryptographic service provider (CSP); private keyThe code that performs authentication, encoding, and encryption services that Windows-based applications access through CryptoAPI. A CSP is responsible for creating keys, destroying them, and using them to perform a variety of cryptographic operations. Each CSP provides a different implementation of the CryptoAPI. Some provide stronger cryptographic algorithms, while others contain hardware components, such as smart cards.
See also: CryptoAPI; smart cardThe processes, art, and science of keeping messages and data secure. Cryptography is used to enable and ensure confidentiality, data integrity, authentication (entity and data origin), and nonrepudiation.
See also: authentication; confidentiality; integrity; nonrepudiationThe set of tracks that are at the same head position on a hard disk. Cylinder numbers start at 0, with cylinder 0 at the outer edge of the platters. A cylinder is approximately 8 megabytes.
See also: head; trackA backup that copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).
See also: copy backup; differential backup; incremental backup; normal backupA service provided by cryptographic technology to ensure that data can be read only by authorized users or programs. In a network, data confidentiality ensures that data cannot be read by intruders. Windows 2000 and Windows XP Professional use access control mechanisms and encryption, such as DES, 3DES, and RSA encryption algorithms, to ensure data confidentiality.
See also: 3DES; cryptography; Data Encryption Standard (DES); RSAAn encryption algorithm that uses a 56-bit key, and maps a 64-bit input block to a 64-bit output block. The key appears to be a 64-bit key, but one bit in each of the 8 bytes is used for odd parity, resulting in 56 bits of usable key.
A service provided by cryptographic technology that ensures data has not been modified. In a network environment, data integrity allows the receiver of a message to verify that data has not been modified in transit. Windows 2000 and Windows XP Professional use access control mechanisms and cryptography, such as RSA public-key signing and shared symmetric key one-way hash algorithms, to ensure data integrity.
See also: cryptographyA unit of information transmitted as a whole from one device to another on a network.
A layer that packages raw bits from the physical layer into frames (logical, structured packets for data). This layer is responsible for transferring frames from one computer to another, without errors. After sending a frame, the data-link layer waits for an acknowledgment from the receiving computer.
To return media to the available state after they have been used by an application.
A state that indicates that media have reached their allocation maximum.
The process of making encrypted data readable again by converting ciphertext to plaintext.
See also: ciphertext; encryption; plaintextA configuration item for the TCP/IP protocol that is the IP address of a directly reachable IP router. Configuring a default gateway creates a default route in the IP routing table.
The process of rewriting parts of a file to contiguous sectors on a hard disk to increase the speed of access and retrieval.
See also: fragmentationAn attack in which an attacker exploits a weakness or a design limitation of a network service to overload or halt the service, so that the service is not available for use. This type of attack is typically launched to prevent other users from using a network service such as a Web server or a file server.
The on-screen work area on which windows, icons, menus, and dialog boxes appear.
The directory (or folder) to which files are copied or moved.
See also: source directoryA program that allows a specific device, such as a modem, network adapter, or printer, to communicate with the operating system. Although a device might be installed on your system, Windows cannot use the device until you have installed and configured the appropriate driver.
If a device is listed in the Hardware Compatibility List (HCL), a driver is usually included with Windows. Device drivers load automatically (for all enabled devices) when a computer is started, and thereafter run invisibly.
See also: Hardware Compatibility List (HCL)An administrative tool that can be used to manage the devices on your computer. Use Device Manager to view and change device properties, update device drivers, configure device settings, and remove devices.
A hierarchical tree that contains the devices configured on a computer.
A service that enables a computer to function as a DHCP server and configure DHCP-enabled clients on a network. DHCP runs on a server, enabling the automatic, centralized management of IP addresses and other TCP/IP configuration settings for network clients.
The connection to your network if you are using a device that uses the telephone network. This includes modems with a standard phone line, ISDN cards with high-speed ISDN lines, or X.25 networks.
If you are a typical user, you might have one or two dial-up connections, for example, to the Internet and to your corporate network. In a more complex server situation, multiple network modem connections might be used to implement advanced routing.
A backup that copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.
See also: copy backup; daily backup; incremental backup; normal backupSaved copies of changed data that can be applied to an original volume to generate a volume shadow copy.
See also: volume; volume shadow copyA magnetic medium for recording and storing digital audio data.
An electronic certification issued by certification authorities that shows where a program comes from and proves that the installation package has not been altered. Administrators should sign their code with a digital certificate if planning to distribute an Internet Explorer package over the Internet.
See also: certification authority (CA)A magnetic medium for backing up data. DLT can transfer data faster than many other types of tape media.
A means for originators of a message, file, or other digitally encoded information to bind their identity to the information. The process of digitally signing information entails transforming the information, as well as some secret information held by the sender, into a tag called a signature. Digital signatures are used in public key environments, and they provide nonrepudiation and integrity services.
See also: public key cryptography; timestampA special communication line that uses modulation technology to maximize the amount of data that can be sent over copper wires. DSL is used for connections from telephone switching stations to a subscriber rather than between switching stations.
A type of optical disc storage technology. A digital video disc (DVD) looks like a CD-ROM disc, but it can store greater amounts of data. DVDs are often used to store full-length movies and other multimedia content that requires large amounts of storage space.
See also: DVD decoder; DVD driveFor Microsoft networking, the sending of messages directly over the IPX protocol without the use of NetBIOS. While direct hosting may be more efficient, a direct hosting client can connect only to a direct hosting server. Windows XP Professional does not support direct hosting.
See also: Internetwork Packet Exchange (IPX); network basic input/output system (NetBIOS); NWLinkMemory access that does not involve the microprocessor. DMA is frequently used for data transfer directly between memory and a peripheral device such as a disk drive.
See also: hardware configurationAn information source that contains information about users, computer files, or other objects. In a file system, a directory stores information about files. In a distributed computing environment (such as a Windows domain), the directory stores information about objects such as printers, fax servers, applications, databases, and other users.
See also: domainBoth the directory information source and the service that makes the information available and usable. A directory service enables the user to find an object when given any one of its attributes.
See also: Active Directory; directoryTo make a device nonfunctional. For example, if you disable a device in a hardware configuration, you cannot use the device when your computer uses that hardware configuration. Disabling a device frees the resources that were allocated to the device.
See also: hardware configurationThe part of an object's security descriptor that grants or denies specific users and groups permission to access the object. Only the owner of an object can change permissions granted or denied in a DACL; thus, access to the object is at the owner's discretion.
See also: access control entry (ACE); object; security descriptor; security group; system access control list (SACL)A condition that occurs when disk performance is reduced to the extent that overall system performance is affected.
The maximum amount of disk space available to a user.
To remove a removable tape or disc from a drive.
See also: library; mountA service that allows system administrators to organize distributed network shares into a logical namespace, enabling users to access files without specifying their physical location and providing load sharing across network shares.
The folder created on the Windows 2000-based distribution server to contain the Setup files.
A client computer that queries Domain Name System (DNS) servers in an attempt to resolve DNS domain names. DNS clients maintain a temporary cache of resolved DNS domain names.
See also: DNS server; Domain Name System (DNS)An updated specification to the DNS standard that permits hosts that store name information in DNS to dynamically register and update their records in zones maintained by DNS servers that can accept and process dynamic update messages.
See also: DNS; DNS serverA server that maintains information about a portion of the Domain Name System (DNS) database and that responds to and resolves DNS queries.
See also: DNS client; Domain Name System (DNS)In a DNS database, a zone is a contiguous portion of the DNS tree that is administered as a single separate entity by a DNS server. The zone contains resource records for all the names within the zone.
In Active Directory, a collection of computers defined by the administrator. These computers share a common directory database, security policies, and security relationships with other domains.
In DNS, any tree or subtree within the DNS namespace. Although the names for DNS domains often correspond to Active Directory domains, DNS domains should not be confused with Active Directory domains.
See also: Active Directory; Domain Name System (DNS)In an Active Directory forest, a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources. Administrators can manage user accounts, network access, shared resources, site topology, and other directory objects from any domain controller in the forest.
See also: Active Directory; authentication; directory; shared resourceAn implementation of DFS in which DFS topological information is stored in Active Directory. Because this information is made available on multiple domain controllers in the domain, domain DFS provides fault-tolerance for any distributed file system in the domain.
See also: fault toleranceA security or distribution group that can contain universal groups, global groups, other domain local groups from its own domain, and accounts from any domain in the forest. Domain local security groups can be granted rights and permissions on resources that reside only in the same domain where the domain local group is located.
See also: domain tree; forest; global group; security group; universal groupThe name given by an administrator to a collection of networked computers that share a common directory. Part of the Domain Name System (DNS) naming structure, domain names consist of a sequence of name labels separated by periods.
See also: domain; Domain Name System (DNS)A hierarchical, distributed database that contains mappings of DNS domain names to various types of data, such as IP addresses. DNS enables the location of computers and services by user-friendly names, and it also enables the discovery of other information stored in the database.
See also: domain; IP address; Transmission Control Protocol/Internet Protocol (TCP/IP)In DNS, the inverted hierarchical tree structure that is used to index domain names. Domain trees are similar in purpose and concept to the directory trees used by computer filing systems for disk storage. For example, when numerous files are stored on disk, directories can be used to organize the files into logical collections. When a domain tree has one or more branches, each branch can organize domain names used in the namespace into logical collections.
In Active Directory, a hierarchical structure of one or more domains, connected by transitive, bidirectional trusts, that forms a contiguous namespace. Multiple domain trees can belong to the same forest.
See also: Active Directory; domain; domain name; Domain Name System (DNS); forestA computer configuration that can start two different operating systems.
See also: multiple boot; startup environmentA hardware or software component that allows a digital video disc (DVD) drive to display movies on your computer screen.
See also: digital video disc (DVD); DVD drive; hardware decoder; software decoderA disk storage device that uses digital video disc (DVD) technology. A DVD drive reads both CD-ROM and DVDs; however, you must have a DVD decoder to display DVD movies on your computer screen.
See also: digital video disc (DVD); DVD decoderAn alternative keyboard with a layout that makes the most frequently typed characters more accessible to people who have difficulty typing on the standard QWERTY layout.
A physical disk that can be accessed only by Windows 2000 and Windows XP. Dynamic disks provide features that basic disks do not, such as support for volumes that span multiple disks. Dynamic disks use a hidden database to track information about dynamic volumes on the disk and other dynamic disks in the computer. You convert basic disks to dynamic by using the Disk Management snap-in or the DiskPart command-line tool. When you convert a basic disk to dynamic, all existing basic volumes become dynamic volumes.
See also: active volume; basic disk; basic volume; dynamic volume; partition; volumeA TCP/IP service protocol that offers dynamic leased configuration of host IP addresses and distributes other configuration parameters to eligible network clients. DHCP provides safe, reliable, and simple TCP/IP network configuration, prevents address conflicts, and helps conserve the use of client IP addresses on the network.
DHCP uses a client/server model where the DHCP server maintains centralized management of IP addresses that are used on the network. DHCP-supporting clients can then request and obtain lease of an IP address from a DHCP server as part of their network boot process.
See also: IP address; Transmission Control Protocol/Internet Protocol (TCP/IP)A volume that resides on a dynamic disk. Windows supports five types of dynamic volumes: simple, spanned, striped, mirrored, and RAID-5. A dynamic volume is formatted by using a file system, such as FAT or NTFS, and has a drive letter assigned to it.
See also: basic disk; basic volume; dynamic disk; mirrored volume; RAID-5 volume; simple volume; spanned volume; striped volume; volumeAn operating system feature that allows executable routines (generally serving a specific function or set of functions) to be stored separately as files with .dll extensions. These routines are loaded only when needed by the program that calls them.
On Itanium-based computers, a portion on a GUID partition table (GPT) disk that is formatted with the FAT file system and contains the files necessary to start the computer. Every Itanium-based computer must have at least one GPT disk with an EFI system partition. The EFI system partition serves the same purpose as the system volume found on x86-based computers.
See also: Extensible Firmware Interface (EFI); GUID partition table (GPT); Microsoft Reserved (MSR) partitionAn IPSec protocol that provides confidentiality, in addition to authentication, integrity, and anti-replay. ESP can be used alone, in combination with AH, or nested with the Layer Two Tunneling Protocol (L2TP). ESP does not normally sign the entire packet unless it is being tunneled. Ordinarily, just the data payload is protected, not the IP header.
See also: authentication; Authentication Header (AH); integrity; Internet Protocol security (IPSec); Layer Two Tunneling Protocol (L2TP)A feature in this version of Windows that enables users to encrypt files and folders on an NTFS volume disk to keep them safe from access by intruders.
See also: NTFS file systemThe process of disguising a message or data in such a way as to hide its substance.
See also: public key encryptionA bit string that is used in conjunction with an encryption algorithm to encrypt and decrypt data.
See also: private key; symmetric keyA string consisting of environment information, such as a drive, path, or file name, associated with a symbolic name that can be used by Windows. You use System in Control Panel or the set command from the command prompt to define environment variables.
See also: variableAn IEEE 802.3 standard for contention networks. Ethernet uses a bus or star topology and relies on the form of access known as Carrier Sense Multiple Access with Collision Detection (CSMA/DC) to regulate communication line traffic. Network nodes are linked by coaxial cable, fiber-optic cable, or by twisted-pair wiring. Data is transmitted in variable-length frames containing delivery and control information and up to 1,500 bytes of data. The Ethernet standard provides for baseband transmission at 10 megabits (10 million bits) per second.
Approximately one quintillion bytes, or one billion billion bytes.
For DNS, the number of seconds that DNS servers operating as secondary masters for a zone will use to determine if zone data should be expired when the zone is not refreshed and renewed.
See also: DNS server; Domain Name System (DNS)In Network File System (NFS), to make a file system available by a server to a client for mounting.
See also: Network File System (NFS)A 32-bit bus standard introduced in 1988 by a consortium of nine computer-industry companies. EISA maintains compatibility with the earlier Industry Standard Architecture (ISA) but provides for additional features.
See also: Industry Standard Architecture (ISA)A type of partition that you can create only on basic master boot record (MBR) disks. Extended partitions are useful if you want to create more than four volumes on a basic MBR disk. Unlike primary partitions, you do not format an extended partition with a file system and then assign a drive letter to it. Instead, you create one or more logical drives within the extended partition. After you create a logical drive, you format it and assign it a drive letter. An MBR disk can have up to four primary partitions, or three primary partitions, one extended partition, and multiple logical drives.
See also: basic disk; logical drive; master boot record (MBR); partition; primary partition; unallocated space; volumeAn extension to the Point-to-Point Protocol (PPP) that allows for arbitrary authentication mechanisms to be employed for the validation of a PPP connection.
See also: Point-to-Point Protocol (PPP)In computers with the Intel Itanium processor, the interface between a computer's firmware, hardware, and the operating system. The Extensible Firmware Interface (EFI) defines a new partition style called GUID partition table (GPT). EFI serves the same purpose for Itanium-based computers as the BIOS found in x86-based computers. However, it has expanded capabilities that provide a consistent way to start any compatible operating system and an easy way to add EFI drivers for new bootable devices without the need to update the computer's firmware.
See also: basic input/output system (BIOS); GUID partition table (GPT)A meta-markup language that provides a format for describing structured data. This facilitates more precise declarations of content and more meaningful search results across multiple platforms. In addition, XML enables a new generation of Web-based data viewing and manipulation applications.
A derivative of the file allocation table (FAT) file system. FAT32 supports smaller cluster sizes and larger volumes than FAT, which results in more efficient space allocation on FAT32 volumes.
See also: file allocation table (FAT)The ability of computer hardware or software to ensure data integrity when hardware failures occur. Fault tolerant features appear in many server operating systems and include mirrored volumes, RAID-5 volumes, and server clusters.
See also: cluster; mirrored volume; RAID-5 volumeA type of network media designed for use with fiber-optic cabling.
A file system used by MS-DOS and other Windows operating systems to organize and manage files. The file allocation table (FAT) is a data structure that Windows creates when you format a volume by using the FAT or FAT32 file systems. Windows stores information about each file in the FAT so that it can retrieve the file later.
See also: FAT32; file system; NTFS file systemThe row in the master file table (MFT) that corresponds to a particular disk file. The file record is identified by its file reference.
In an operating system, the overall structure in which files are named, stored, and organized. NTFS, FAT, and FAT32 are types of file systems.
See also: FAT32; NTFS file systemAn area of physical memory that holds frequently used pages. It allows applications and services to locate pages rapidly and reduces disk activity.
A member of the TCP/IP suite of protocols, used to copy files between two computers on the Internet. Both computers must support their respective FTP roles: one must be an FTP client and the other an FTP server.
See also: Transmission Control Protocol/Internet Protocol (TCP/IP)For Indexing Service, software that extracts content and property values from a document in order to index them.
For IPSec, a specification of IP traffic that provides the ability to trigger security negotiations for a communication based on the source, destination, and type of IP traffic.
A keyboard feature that instructs your keyboard to ignore brief or repeated keystrokes. You can also adjust the keyboard repeat rate, which is the rate at which a key repeats when you hold it down.
See also: ToggleKeysA combination of hardware and software that provides a security system, usually to prevent unauthorized access from outside to an internal network or intranet. A firewall prevents direct communication between network and external computers by routing communication through a proxy server outside of the network. The proxy server determines whether it is safe to let a file pass through to the network. A firewall is also called a security-edge gateway.
A Group Policy option that allows you to redirect designated folders to the network.
A graphic design applied to a collection of numbers, symbols, and characters. A font describes a certain typeface, along with other qualities such as size, spacing, and pitch.
See also: OpenType fonts; PostScript fonts; screen font; Type 1 fontsA collection of one or more Active Directory domain trees that share a common schema, configuration, and global catalog and are linked with two-way transitive trusts.
See also: domain; domain tree; schemaThe scattering of parts of the same disk file over different areas of the disk. Fragmentation occurs as files on a disk are deleted and new files are added. It slows disk access and degrades the overall performance of disk operations, although usually not severely.
See also: defragmentationA logical collection of unused data-storage media that can be used by applications or other media pools. When media are no longer needed by an application, they are returned to a free media pool so that they can be used again.
See also: media pool; Removable StorageAvailable space that you use to create logical drives within an extended partition.
See also: extended partition; logical drive; unallocated spaceA server that uses a directory to perform name-to-IP address translation, admission control, and call management services in H.323 conferencing.
See also: H.323A device connected to multiple physical TCP/IP networks capable of routing or delivering IP packets between them. A gateway translates between different transport protocols or data formats (for example, IPX and IP) and is generally added to a network primarily for its translation ability.
In the context of interoperating with Novell NetWare networks, a gateway acts as a bridge between the server message block (SMB) protocol used by Windows networks and the NetWare Core Protocol (NCP) used by NetWare networks. A gateway is also called an IP router.
A security or distribution group that can contain users, groups, and computers from its own domain as members. Global security groups can be granted rights and permissions on resources in any domain in its forest.
Global groups cannot be created or maintained on computers running Windows XP Professional. However, for Windows XP Professional-based computers that participate in a domain, domain global groups can be granted rights and permissions at those workstations and can become members of local groups at those workstations.
See also: group; local group; permission; user accountA 16-byte value generated from the unique identifier on a device, the current date and time, and a sequence number. A GUID is used to identify a particular device or component.
A disk that uses the GUID partition table (GPT) partition style. A partition style is the method that Windows XP uses to organize partitions on the disk. The GPT partition style supports volumes up to 18 exabytes and 128 partitions per disk. Only Itanium-based computers can use GPT disks.
See also: GUID partition table (GPT)A DLL loaded during the Windows 2000 Winlogon process, which displays the standard logon dialog box and collects and processes user logon data for verification.
See also: dynamic-link library (DLL)A display format, like that of Windows, that represents a program's functions with graphic images such as buttons and icons. GUIs allow a user to perform operations and make choices by pointing and clicking with a mouse.
A collection of users, computers, contacts, and other groups. Groups can be used as security or as e-mail distribution collections. Distribution groups are used only for e-mail. Security groups are used both to grant access to resources and as e-mail distribution lists.
See also: domain; global group; local groupThe groups to which a user account belongs. Permissions and rights granted to a group are also provided to its members. In most cases, the actions a user can perform in Windows are determined by the group memberships of the user account to which the user is logged on.
See also: group; user accountThe Microsoft Management Console (MMC) snap-in that is used to edit Group Policy objects.
A collection of Group Policy settings. Group Policy objects are essentially the documents created by the Group Policy snap-in, a Windows tool. Group Policy objects are stored at the domain level, and they affect users and computers contained in sites, domains, and organizational units. In addition, each Windows computer has exactly one group of settings stored locally, called the local Group Policy object.
See also: Group Policy; objectThe portion of Setup that uses a graphical user interface (GUI).
A disk-partitioning scheme that is used by the Extensible Firmware Interface (EFI) in Itanium-based computers. GPT offers more advantages than master boot record (MBR) partitioning because it allows up to 128 partitions per disk, provides support for volumes up to 18 exabytes in size, allows primary and backup partition tables for redundancy, and supports unique disk and partition IDs (GUIDs).
See also: Extensible Firmware Interface (EFI); globally unique identifier (GUID); master boot record (MBR)The ITU-T standard for multimedia communications over networks that do not provide a guaranteed quality of service (QoS). This standard provides specifications for workstations, devices, and services to carry real-time video, audio, and data or any combination of these elements.
See also: International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T); Quality of Service (QoS)A thin layer of software provided by the hardware manufacturer that hides, or abstracts, hardware differences from higher layers of the operating system. By means of the filter provided by the HAL, different types of hardware look alike to the rest of the operating system. This allows the operating system to be portable from one hardware platform to another. The HAL also provides routines that allow a single device driver to support the same device on all platforms.
A hardware list that Microsoft compiles for a specific product. The Windows HCL, which is posted on the Web, lists the hardware devices and computer systems that are compatible with specific versions of Windows.
Resource settings that have been allocated for a specific device. Each device on your computer has a hardware configuration, which can consist of interrupt request (IRQ) lines, DMA, an I/O port, or memory address settings.
See also: direct memory access (DMA); input/output (I/O) portA type of digital video disc (DVD) decoder that allows a DVD drive to display movies on your computer screen. A hardware decoder uses both software and hardware to display movies.
See also: DVD decoder; DVD drive; software decoderA character-based, full-screen error message displayed on a blue background. It indicates that the microprocessor detected a hardware error condition from which the system cannot recover.
The mechanism that reads data from and writes data to a hard disk. Hard disks use one head for each side of each platter. The heads are attached to a common head-movement area, so that all heads move in unison. The heads are always positioned over the same logical track on each side of each platter.
See also: trackThe byte containing the most significant bits (bits 8 through 15) in a 2-byte grouping representing a 16-bit (bits 0 through 15) value.
In data communications, one segment of the path between routers on a geographically dispersed network. A hop is comparable to one "leg" of a journey that includes intervening stops between the starting point and the destination. The distance between each of those stops (routers) is a communications hop.
A local text file in the same format as the 4.3 Berkeley Software Distribution (BSD) UNIX /etc/hosts file. This file maps host names to IP addresses, and it is stored in the \
A feature in Microsoft Internet Explorer 5 that adds timing and media synchronization support to HTML pages. Using a few Extensible Markup Language (XML)-based elements and attributes, you can add images, video, and sounds to an HTML page, and synchronize them with HTML text elements over a specified amount of time. In short, you can use HTML+TIME technology to quickly and easily create multimedia-rich, interactive presentations, with little or no scripting.
A mode in which the ARP/MARS provides ATM addresses to requesting clients in the form of a multicast server (MCS) list value. In this mode, the ARP/MARS acts as a multicast server, providing active forwarding of all multicast and broadcast traffic destined for IP addresses contained within the ranges specified in the list.
See also: Asynchronous Transfer Mode (ATM); IP addressA firmware specification that is a new standard for input and output devices such as drawing tablets, keyboards, USB speakers, and other specialized devices designed to improve accessibility.
See also: universal serial bus (USB)A simple markup language used to create hypertext documents that are portable from one platform to another. HTML files are simple ASCII text files with codes embedded (indicated by markup tags) to denote formatting and hypertext links.
See also: American Standard Code for Information Interchange (ASCII)The protocol used to transfer information on the World Wide Web. An HTTP address (one kind of Uniform Resource Locator [URL]) takes the form: http://www.microsoft.com.
Data structures that drivers use to communicate with each other.
An IEEE specification for supporting multifunction peripherals (MFPs). Windows 2000 has a driver that creates different port settings for each function of an MFP, enabling Windows 2000 print servers to simultaneously send data to multiple parts of an MFP.
A standard for high-speed serial devices such as digital video and digital audio editing equipment.
The process of image output correction. ICM attempts to make the output more closely match the colors that are input or scanned.
A logical collection of data-storage media that has not been cataloged by Removable Storage. Media in an import media pool should be cataloged as soon as possible so that they can be used by an application.
See also: media pool; Removable StorageA backup that copies only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups to restore your data, you will need to have the last normal backup and all incremental backup sets.
See also: copy backup; daily backup; differential backup; normal backupA computer with Message Queuing installed that can host queues and store messages locally. Independent clients do not require synchronous access to a Message Queuing server to send and receive messages, but they can use Message Queuing servers with routing enabled for efficient message routing.
A third-party software developer; an individual or an organization that independently creates computer software.
A bus design specification that allows components to be added as cards plugged into standard expansion slots in IBM Personal Computers and IBM-compatible computers.
Light that is beyond red in the color spectrum. While the light is not visible to the human eye, infrared transmitters and receivers can send and receive infrared signals.
See also: Infrared Data Association (IrDA); infrared device; infrared portThe industry organization of computer, component, and telecommunications vendors who establish the standards for infrared communication between computers and peripheral devices, such as printers.
See also: infrared (IR)A computer, or a computer peripheral such as a printer, that can communicate by using infrared light.
See also: infrared (IR)An optical port on a computer that enables communication with other computers or devices by using infrared light, without cables. Infrared ports can be found on some portable computers, printers, and cameras.
See also: infrared (IR); infrared deviceIn security, a mechanism that allows a specific access control entry (ACE) to be copied from the container where it was applied to all children of the container. Inheritance can be used to manage access to a whole subtree of objects in a single update operation.
See also: access control entry (ACE); Active DirectoryIn Disk Management, the process of detecting a disk or volume and assigning it a status (for example, healthy) and a type (for example, dynamic).
See also: basic disk; basic volume; dynamic disk; dynamic volumeA Regional and Language Options setting that specifies the combination of the language being entered and the keyboard layout, Input Method Editor (IME), speech-to-text converter, or other device being used to enter it. Formerly known as input locale.
A channel through which data is transferred between a device and the microprocessor. The port appears to the microprocessor as one or more memory addresses that it can use to send or receive data.
A port that offers limited access to the cartridges in a library managed by Removable Storage. Also known as a mailslot.
See also: cartridge; library; Removable StorageWhen referring to software, to add program files and folders to your hard disk and related data to your registry so that the software runs properly. Installing contrasts with upgrading, where existing program files, folde