Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.

8. Comprehensive Glossary

A

802.1Q: VLAN tagging standard. Inserts 4-byte tag into Ethernet frame identifying VLAN membership. (Section 3.2.1)

802.1X: Port-based authentication standard. Devices authenticate before gaining network access. (Section 5.3.1)

802.11: Wireless LAN standards family (a/b/g/n/ac/ax = Wi-Fi 4/5/6). (Section 2.5.2)

AAA: Authentication, Authorization, Accounting—framework for access control. (Section 5.1.2)

ACL (Access Control List): Permit/deny rules filtering traffic by IP, port, protocol. (Section 5.3.2)

AD (Administrative Distance): Route trustworthiness value; lower = more trusted. (Section 3.1.2)

APIPA: Automatic Private IP Addressing (169.254.x.x). Indicates DHCP failure. (Section 2.7.1)

ARP: Address Resolution Protocol. Maps IP addresses to MAC addresses. (Section 1.3.1)

B

BGP (Border Gateway Protocol): Path vector routing protocol for internet routing between organizations. (Section 3.1.1)

Broadcast: Traffic sent to all devices on a subnet. (Section 2.4.2)

C

CAM Table: Content Addressable Memory table. Switch's MAC address-to-port mapping. (Section 2.2.1)

CIDR: Classless Inter-Domain Routing. Notation like /24 for subnet masks. (Section 2.7.2)

CRC: Cyclic Redundancy Check. Error detection method; CRC errors indicate physical problems. (Section 6.2.2)

D

DDoS: Distributed Denial of Service. Attack from multiple sources overwhelming a target. (Section 5.2.1)

DHCP: Dynamic Host Configuration Protocol. Automatically assigns IP configuration. (Section 4.4.1)

DMZ: Demilitarized Zone/Screened Subnet. Semi-trusted zone for public-facing servers. (Section 5.3.2)

DNS: Domain Name System. Translates names to IP addresses. (Section 4.4.2)

DORA: DHCP process: Discover, Offer, Request, Acknowledge. (Section 4.4.1)

E

EIGRP: Enhanced Interior Gateway Routing Protocol. Cisco advanced distance-vector routing protocol. (Section 3.1.1)

Evil Twin: Malicious access point mimicking legitimate network SSID. (Section 5.2.2)

F

FHRP: First Hop Redundancy Protocol. Provides gateway failover (HSRP, VRRP). (Section 3.1.3)

G

GRE: Generic Routing Encapsulation. Tunneling protocol without encryption. (Section 2.4.2)

H

Hot Site: Fully operational DR site with real-time data replication. (Section 4.3.1)

I

IaaS: Infrastructure as a Service. Cloud model providing virtual machines. (Section 2.3.1)

IDS: Intrusion Detection System. Monitors and alerts on suspicious activity (passive). (Section 2.2.2)

IKE: Internet Key Exchange. Protocol for establishing IPSec security associations. (Section 2.4.2)

IPS: Intrusion Prevention System. Monitors and blocks suspicious activity (active). (Section 2.2.2)

IPSec: Suite of protocols for encrypting and authenticating IP traffic. (Section 2.4.2)

J

Jitter: Variation in packet delay. Problematic for real-time applications like VoIP. (Section 6.4.1)

Jump Box: Hardened server serving as single entry point for management access. (Section 4.5.2)

L

LDAP: Lightweight Directory Access Protocol. Protocol for accessing directory services. (Section 5.1.2)

M

MAC Address: 48-bit hardware address identifying network interfaces. (Section 1.3.1)

MDF: Main Distribution Frame. Primary network equipment location. (Section 3.4.1)

MIB: Management Information Base. Database of SNMP manageable objects. (Section 4.2.1)

MTBF: Mean Time Between Failures. Average operational time between failures. (Section 4.3.1)

MTTR: Mean Time to Repair. Average time to restore service after failure. (Section 4.3.1)

MTU: Maximum Transmission Unit. Largest frame size allowed on a segment. (Section 3.2.2)

MX Record: DNS record identifying mail servers for a domain. (Section 4.4.2)

N

NAC: Network Access Control. Controls access based on device/user authentication. (Section 5.3.1)

NAS: Network Attached Storage. File-level storage accessed via SMB, NFS. (Section 2.2.2)

NAT: Network Address Translation. Translates IP addresses between networks. (Section 3.1.2)

NTP: Network Time Protocol. Synchronizes clocks across devices. (Section 4.4.3)

O

OSPF: Open Shortest Path First. Link-state routing protocol using Dijkstra's algorithm. (Section 3.1.1)

OSI Model: Seven-layer reference model for network communications. (Section 2.1)

P

PaaS: Platform as a Service. Cloud model providing application runtime environment. (Section 2.3.1)

PAT: Port Address Translation. NAT variant using ports to track multiple connections. (Section 3.1.2)

PDU: Power Distribution Unit. Distributes power to rack equipment. (Section 3.4.2)

PoE: Power over Ethernet. Delivers power over network cables. (Section 6.2.3)

PTR Record: DNS record for reverse lookups (IP to name). (Section 4.4.2)

Q

QoS: Quality of Service. Prioritizes certain traffic types. (Section 6.4.1)

R

RADIUS: Remote Authentication Dial-In User Service. AAA protocol for network access. (Section 5.1.2)

RDP: Remote Desktop Protocol. Microsoft protocol for graphical remote access (port 3389). (Section 4.5.2)

RFC 1918: Defines private IP address ranges. (Section 2.7.1)

RPO: Recovery Point Objective. Maximum acceptable data loss. (Section 4.3.1)

RTO: Recovery Time Objective. Maximum acceptable downtime. (Section 4.3.1)

S

SaaS: Software as a Service. Cloud model providing complete applications. (Section 2.3.1)

SAN: Storage Area Network. Block-level storage network using FC or iSCSI. (Section 2.2.2)

SASE: Secure Access Service Edge. Converged cloud networking and security. (Section 2.8.2)

SD-WAN: Software-Defined Wide Area Network. (Section 2.8.1)

SDN: Software-Defined Networking. Separates control and data planes. (Section 2.8.1)

SFP: Small Form-factor Pluggable transceiver. (Section 2.5.3)

SIEM: Security Information and Event Management system. (Section 4.2.2)

SLAAC: IPv6 Stateless Address Autoconfiguration. (Section 4.4.1)

SMB: Server Message Block. Windows file sharing protocol (port 445). (Section 2.4.1)

SNMP: Simple Network Management Protocol. (Section 4.2.1)

SSH: Secure Shell for encrypted remote access (port 22). (Section 4.5.2)

SSID: Service Set Identifier. Wireless network name. (Section 3.3.2)

STP: Spanning Tree Protocol. Prevents Layer 2 loops. (Section 3.2.2)

SVI: Switch Virtual Interface. VLAN interface on Layer 3 switch. (Section 3.2.1)

T

TACACS+: Terminal Access Controller Access-Control System Plus. AAA protocol encrypting full payload. (Section 5.1.2)

TCP: Transmission Control Protocol. Reliable, connection-oriented transport. (Section 2.4.2)

TTL: Time to Live. Limits packet lifetime; decremented each hop. (Section 2.4.2)

U

UDP: User Datagram Protocol. Fast, connectionless transport. (Section 2.4.2)

UPS: Uninterruptible Power Supply. Battery backup for power outages. (Section 3.4.2)

UTP: Unshielded Twisted Pair. Standard network cable without shielding. (Section 2.5.1)

V

VIP: Virtual IP. Address that can float between devices for redundancy. (Section 3.1.3)

VLAN: Virtual LAN. Logical network segmentation within a switch. (Section 3.2.1)

VLSM: Variable Length Subnet Mask. Different subnet sizes within a network. (Section 2.7.2)

VPC: Virtual Private Cloud. Isolated network segment in public cloud. (Section 2.3.2)

VPN: Virtual Private Network. Encrypted tunnel over public networks. (Section 4.5.1)

W

WPA2/WPA3: Wi-Fi Protected Access security protocols. (Section 3.3.3)

Z

ZTA: Zero Trust Architecture. Security model assuming no implicit trust. (Section 2.8.2)

Good luck on your CompTIA Network+ N10-009 exam!

This guide was created to build deep understanding through first principles. For the most current exam objectives, always refer to the official CompTIA Network+ page.

Alvin Varughese
Written byAlvin Varughese
Founder15 professional certifications