SymbolsABCDEFGHIJKLMNOPQRSTUVWXYZ

Symbols
.inf
The file name extension for files that contain device information or scripts to control
hardware operations.

100baseT
The Ethernet standard for local area networks using twisted-pair cable carrying data at 100
megabits per second (Mbps).

10base2
The Ethernet and IEEE 802.3 standard for baseband local area networks using a thin
coaxial cable up to 200 meters long and carrying data at 10 megabits per second (Mbps).
Cables connect to network adapters by a BNC connector.

10baseT
The Ethernet standard for local area networks using twisted-pair cable carrying data at 10
megabits per second (Mbps).

A
A (address) resource record
A resource record used to map a DNS domain name to a host IP address on the network.
See also: domain name; Domain Name System (DNS); resource record (RR)

access control
A security mechanism that determines which operations a user, group, service, or
computer is authorized to perform on a computer or on a particular object, such as a file,
printer, registry key, or directory service object.
See also: permission; group; object; registry; service

access control entry (ACE)

An entry in an object's discretionary access control list (DACL) that grants permissions to a
user or group. An ACE is also an entry in an object's system access control list (SACL) that
specifies the security events to be audited for a user or group.
See also: access control; permission; discretionary access control list (DACL); object;
system access control list (SACL)

account lockout
A Windows security feature that locks a user account if a number of failed logon attempts

occur within a specified amount of time, based on security policy lockout settings. Locked
accounts cannot log on.

acknowledgment message
For Message Queuing, a message class that indicates that a message arrived or was
retrieved by the target application (a positive acknowledgment), or that an error occurred
before the original message could be retrieved (a negative acknowledgment). These
messages are sent to administration queues on the source computer.
See also: administration queue; Message Queuing

active
Describes the window or icon that you are currently using or that is currently selected. The
operating system always applies the next keystroke or command you choose to the active
window. Windows or icons on the desktop that are not selected are inactive.
See also: channel

active content
Dynamic content, such as a stock ticker, a weather map, or news, that is usually updated
from the World Wide Web or a channel.

Active Directory
The directory service that stores information about objects on a network and makes this
information available to users and network administrators. Active Directory gives network
users access to permitted resources anywhere on the network using a single logon
process. It provides network administrators with an intuitive, hierarchical view of the
network and a single point of administration for all network objects.
See also: directory partition; service

Active Directory data model

A model derived from the LDAP data model. The directory holds objects that represent
entities of various sorts, described by attributes. The objects and classes of objects that
can be stored in the directory are defined in the schema. For each class of objects, the
schema defines the attributes an instance of the class must have, the additional attributes
it can have, and the class that can be its parent.
See also: Active Directory; attribute; Lightweight Directory Access Protocol (LDAP);
schema

Active Directory Users and Computers

An administrative tool designed to perform day-to-day Active Directory administration
tasks. These tasks include creating, deleting, modifying, moving, and setting permissions
on objects stored in the directory. These objects include organizational units, users,
contacts, groups, computers, printers, and shared file objects.
See also: permission; Active Directory; object

active partition
A partition from which an x86-based computer starts up. The active partition must be a
primary partition on a basic disk. If you use Windows exclusively, the active partition can
be the same as the system volume.
See also: basic disk; primary partition; system partition; system volume; x86

active volume
The volume from which the computer starts up. The active volume must be a simple
volume on a dynamic disk. You cannot mark an existing dynamic volume as the active
volume, but you can upgrade a basic disk containing the active partition to a dynamic disk.
Once the disk is upgraded to dynamic, the partition becomes a simple volume that is
active.
See also: active partition; basic disk; dynamic disk; dynamic volume; simple volume

ActiveX
A set of technologies that allows software components to interact with one another in a
networked environment, regardless of the language in which the components were
created.

address (A) resource record

A resource record used to map a DNS domain name to a host IP address on the network.
See also: domain name; Domain Name System (DNS); resource record (RR)

address classes
Predefined groupings of Internet addresses with each class defining networks of a certain
size. The range of numbers that can be assigned for the first octet in the IP address is
based on the address class. Class A networks (values 1 to 126) are the largest, with more
than 16 million hosts per network. Class B networks (128 to 191) have up to 65,534 hosts
per network, and Class C networks (192 to 223) can have up to 254 hosts per network.
See also: Class A IP address; Class B IP address; Class C IP address

Address Resolution Protocol (ARP)

In TCP/IP, a protocol that uses broadcast traffic on the local network to resolve a logically
assigned IP address to its physical hardware or media access control layer address.
In ATM, ARP is used two different ways. For classical IP over ATM, ARP is used to resolve
addresses to ATM hardware addresses. For ATM LAN emulation, ARP is used to resolve
Ethernet/802.3 or Token Ring addresses to ATM hardware addresses.
See also: Internet Protocol (IP); Message Authentication Code (MAC); packet;
Transmission Control Protocol/Internet Protocol (TCP/IP)

administration queue
For Message Queuing, a queue that stores acknowledgment messages.
See also: acknowledgment message; Message Queuing

administrative alerts
Alerts that relate to server and resource use. They notify users about problems in areas
such as security and access, user sessions, server shutdown due to power loss (when an
uninterruptible power supply is available), directory replication, and printing. When a
computer generates an administrative alert, a message is sent to a predefined list of users
and computers.
See also: Alerter service

administrator
For Windows XP Professional, a person responsible for setting up and managing domain
controllers or local computers and their user and group accounts, assigning passwords
and permissions, and helping users with networking problems. Administrators are
members of the Administrators group and have full control over the domain or computer.
For Windows XP Home Edition, a person who can make system-wide changes to the
computer, install software, and who has access to all files on the computer. A person with a
computer administrator account has full access to other user accounts on the computer.

Advanced Configuration and Power Interface (ACPI)

An open industry specification that defines power management on a wide range of mobile,
desktop, and server computers and peripherals. ACPI is the foundation for the OnNow
industry initiative that allows system manufacturers to deliver computers that will start at
the touch of a keyboard. ACPI design is essential to take full advantage of power
management and Plug and Play.
See also: Plug and Play

affinity
For Network Load Balancing, the method used to associate client requests to cluster
hosts. When no affinity is specified, all network requests are load balanced across the
cluster without respect to their source. Affinity is implemented by directing all client
requests from the same IP address to the same cluster host.
See also: IP address; client request

agent
An application that runs on a Simple Network Management Protocol (SNMP) managed
device. The agent application is the object of management activities. A computer running
SNMP agent software is also sometimes referred to as an agent.
See also: service; Simple Network Management Protocol (SNMP)

Alerter service
A service used by the server and other services to notify selected users and computers of
administrative alerts that occur on a computer. The Alerter service requires the Messenger
service.
See also: administrative alerts; Messenger service; service

allocation unit
The smallest amount of disk space that can be allocated to hold a file. All file systems used
by Windows organize hard disks based on allocation units. The smaller the allocation unit
size, the more efficiently a disk stores information. If you do not specify an allocation unit
size when formatting the disk, Windows picks default sizes based on the size of the
volume. These default sizes are selected to reduce the amount of space that is lost and
the amount of fragmentation on the volume. An allocation unit is also called a cluster.
See also: file system; volume

American Standard Code for Information Interchange (ASCII)

A standard single-byte character encoding scheme used for text-based data. ASCII uses
designated 7-bit or 8-bit number combinations to represent either 128 or 256 possible
characters. Standard ASCII uses 7 bits to represent all uppercase and lowercase letters,
the numbers 0 through 9, punctuation marks, and special control characters used in U.S.
English. Most current x86-based systems support the use of extended (or "high") ASCII.
Extended ASCII allows the eighth bit of each character to identify an additional 128 special
symbol characters, foreign-language letters, and graphic symbols.
See also: Unicode

AppleTalk
The Apple Computer network architecture and network protocols. A network that has
Macintosh clients and a computer running Windows 2000 Server or Windows NT Server
with Services for Macintosh functions as an AppleTalk network.

AppleTalk Phase 2
The extended AppleTalk Internet model designed by Apple Computer that supports
multiple zones within a network and extended addressing capacity.

application programming interface (API)

A set of routines that an application uses to request and carry out lower-level services
performed by a computer's operating system. These routines usually carry out
maintenance tasks such as managing files and displaying information.

ASCII (American Standard Code for Information Interchange)

See definition for: American Standard Code for Information Interchange (ASCII)

Assistive Technology Program

A service that provides recommendations for technology that can help people with
disabilities.

Asymmetric Digital Subscriber Line (ADSL)

A high-bandwidth digital transmission technology that uses existing phone lines and also
allows voice transmissions over the same lines. Most of the traffic is transmitted
downstream to the user, generally at rates of 512 Kbps to about 6 Mbps.

asynchronous communication
A form of data transmission in which information is sent and received at irregular intervals,
one character at a time. Because data is received at irregular intervals, the receiving
modem must be signaled to let it know when the data bits of a character begin and end.
This is done by means of start and stop bits.
See also: modem (modulator/demodulator)

Asynchronous Transfer Mode (ATM)

A high-speed connection-oriented protocol used to transport many different types of
network traffic. ATM packages data in a 53-byte, fixed-length cell that can be switched
quickly between logical connections on a network.
See also: protocol

ATM adaptation layer (AAL)

The layer of the ATM protocol stack that parses data into the payload portion of the ATM
cell for transport across an ATM network.
See also: Asynchronous Transfer Mode (ATM)

attribute
For files, information that indicates whether a file is read-only, hidden, ready for archiving
(backing up), compressed, or encrypted, and whether the file contents should be indexed
for fast file searching.
In Active Directory, characteristics of an object and the type of information an object can
hold. For each object class, the schema defines what attributes an instance of the class
must have and what additional attributes it might have.

audio input device

An audio input device records music and voice input into your computer. Examples of
audio input devices are CD-ROM players and microphones.

audit policy
A policy that determines the security events to be reported to the network administrator.

auditing
The process that tracks the activities of users by recording selected types of events in the
security log of a server or a workstation.

authentication
The process for verifying that an entity or object is who or what it claims to be. Examples
include confirming the source and integrity of information, such as verifying a digital
signature or verifying the identity of a user or computer.
See also: smart card; trust relationship

authoritative
For DNS, describes a DNS server hosting a zone, or a zone containing a name or record.
When a DNS server is configured to host a zone, it is said to be authoritative for names
that do exist or could exist within that zone. A DNS server is allowed to respond
authoritatively to queries for domain names for which it is authoritative. A zone is said to be
authoritative for a name if the name exists or could exist within a zone, and it is said to be
authoritiative for a record if the owner name of the record exists or could exist within a
zone.
See also: DNS Server; domain name; Domain Name System (DNS); name server (NS)
resource record; start-of-authority (SOA) resource record; zone

authoritative restore
In Backup, a type of restore operation performed on an Active Directory domain controller
in which the objects in the restored directory are treated as authoritative, replacing
(through replication) all existing copies of those objects. Authoritative restore is applicable
only to replicated system state data such as Active Directory data and File Replication
service data. Use the Ntdsutil.exe utility to perform an authoritative restore.
See also: Active Directory; nonauthoritative restore

authorization
The process that determines what a user is permitted to do on a computer system or
network.

Automatic Private IP Addressing (APIPA)

A feature of Windows XP TCP/IP that automatically configures a unique IP address from
the range 169.254.0.1 through 169.254.255.254 and a subnet mask of 255.255.0.0 when
the TCP/IP protocol is configured for dynamic addressing and a Dynamic Host
Configuration Protocol (DHCP) is not available.
See also: DHCP server; Transmission Control Protocol/Internet Protocol (TCP/IP); IP
address

availability
A measure of the fault tolerance of a computer and its programs. A highly available
computer runs 24 hours a day, 7 days a week.
See also: fault tolerance

B
B-channel
A single channel of an ISDN line that is used to carry either voice or data information.
ISDN Basic Rate Interface (BRI) has 2 B-channels. ISDN Primary Rate Interface (PRI) in
North America has 23 B-channels. ISDN Primary Rate Interface (PRI) in Europe has 30 Bchannels. B-channel is also called bearer channel.
See also: Integrated Services Digital Network (ISDN)

background
The screen background image used on a graphical user interface such as Windows. Any
pattern or picture that can be stored as a bitmap (.bmp) file can be set as a screen
background.

background program
A program that runs while the user is working on another task. The computer's
microprocessor assigns fewer resources to background programs than foreground
programs.
See also: foreground program

backup domain controller (BDC)

In Windows NT Server 4.0 or earlier, a computer running Windows NT Server that receives
a copy of the domain's directory database (which contains all account and security policy
information for the domain).
The copy is synchronized periodically and automatically with the master copy on the
primary domain controller (PDC). BDCs also authenticate user logon information and can
be promoted to function as PDCs as needed. Multiple BDCs can exist in a domain.
Windows NT 3.51 and 4.0 BDCs can participate in a Windows 2000 domain when the
domain is configured in mixed mode.
See also: primary domain controller (PDC)

backup media pool

A logical collection of data-storage media that has been reserved for use by Microsoft
Windows Backup. Backup uses Removable Storage to control access to specific media
within a library.
See also: library; media pool; Removable Storage

backup operator
A type of local or global group that contains the user rights you need to back up and
restore files and folders. Members of the Backup Operators group can back up and restore
files and folders regardless of ownership, permissions, encryption, or auditing settings.
See also: auditing; global group; local group; user rights

backup set
A collection of files, folders, and other data that has been backed up and stored in a file or
on one or more tapes.
See also: backup set catalog; on-disk catalog; on-media catalog

backup set catalog

A summary of the files and folders that have been saved in a backup set.
See also: backup set

backup types
A type that determines which data is backed up and how it is backed up. There are five
backup types: copy, daily, differential, incremental, and normal.
See also: copy backup; daily backup; differential backup; incremental backup; normal
backup

bandwidth
In analog communications, the difference between the highest and lowest frequencies in a
given range. For example, an analog telephone line accommodates a bandwidth of 3,000
hertz (Hz), the difference between the lowest (300 Hz) and highest (3,300 Hz) frequencies
it can carry. In digital communications, bandwidth is expressed in bits per second (bps).
See also: bits per second (bps)

Bandwidth Allocation Protocol (BAP)

A PPP control protocol that is used on a multiprocessing connection to dynamically add
and remove links.
See also: Point-to-Point Protocol (PPP)

base priority
A precedence ranking that determines the order in which the threads of a process are
scheduled for the processor. Use Task Manager to view and change base priorities.
For Message Queuing, a property that specifies the queue's priority in a public queue. You
can set the base priority from -32,768 to 32,767; the default priority is 0. Private queues do
not support base priority. Message Queuing routes and delivers messages first by base
priority, then by message priority.
See also: Message Queuing; private queue; public queue

basic disk
A physical disk that can be accessed by MS-DOS and all Windows-based operating
systems. Basic disks can contain up to four primary partitions, or three primary partitions
and an extended partition with multiple logical drives. If you want to create partitions that
span multiple disks, you must first convert the basic disk to a dynamic disk using Disk
Management or the Diskpart.exe command-line utility.
See also: dynamic disk; extended partition; logical drive; MS-DOS (Microsoft Disk
Operating System); primary partition

basic input/output system (BIOS)

On x86-based computers, the set of essential software routines that test hardware at
startup, start the operating system, and support the transfer of data among hardware
devices. The BIOS is stored in read-only memory (ROM) so that it can be executed when
you turn on the computer. Although critical to performance, the BIOS is usually invisible to
computer users.
See also: Extensible Firmware Interface (EFI); read-only memory (ROM); x86

basic storage
A storage method in MS-DOS, Windows, Windows NT, and Windows 2000 for primary
partitions, extended partitions, and logical drives.
See also: dynamic storage; extended partition; logical drive

basic volume
A primary partition or logical drive that resides on a basic disk.
See also: basic disk; logical drive; primary partition

batch program
An ASCII (unformatted text) file that contains one or more operating system commands. A
batch program's file name has a .cmd or .bat extension. When you type the file name at
the command prompt, or when the batch program is run from another program, its
commands are processed sequentially. Batch programs are also called batch files.
See also: American Standard Code for Information Interchange (ASCII); logon script

baud rate
The speed at which a modem communicates. Baud rate refers to the number of times the
condition of the line changes. This is equal to bits per second only if each signal
corresponds to one bit of transmitted data.
Modems must operate at the same baud rate in order to communicate with each other. If
the baud rate of one modem is set higher than that of the other, the faster modem usually
alters its baud rate to match that of the slower modem.
See also: bits per second (bps); modem (modulator/demodulator)

Berkeley Internet Name Domain (BIND)

An implementation of DNS written and ported to most available versions of the UNIX
operating system. The Internet Software Consortium maintains the BIND software.
See also: DNS; BIND boot file

binary
A base-2 number system in which values are expressed as combinations of two digits, 0
and 1.

BIND boot file

Configuration file used by Domain Name System (DNS) servers running under versions of
the Berkeley Internet Name Domain (BIND) software implementation. The BIND boot file is
a text file, Named.boot, where individual lines in the file list boot directives used to start a
service when the DNS server is started. By default, Microsoft DNS servers use DNS
service parameters stored in the registry, but they allow the use of a BIND boot file as an
alternative for reading boot configuration settings.
See also: Berkeley Internet Name Domain (BIND); registry boot

bindery
A database in Novell NetWare 3.x that contains organizational and security information
about users and groups.

BIOS
See definition for: basic input/output system (BIOS)

bit (binary digit)

The smallest unit of information handled by a computer. One bit expresses a 1 or a 0 in a
binary numeral, or a true or false logical condition. A group of 8 bits makes up a byte,
which can represent many types of information, such as a letter of the alphabet, a decimal
digit, or other character. Bit is also called binary digit.
See also: binary

bits per second (bps)

The number of bits transmitted every second, used as a measure of the speed at which a
device, such as a modem, can transfer data.
See also: modem (modulator/demodulator)

boot
The process of starting or resetting a computer. When first turned on (cold boot) or reset
(warm boot), the computer runs the software that loads and starts the computer's
operating system, which prepares it for use.

boot files
The system files needed to start Windows. The boot files include Ntldr and Ntdetect.com.
See also: partition boot sector

Boot Logging
A process in which a computer that is starting (booting) creates a log file that records the
loading of each device and service. The log file is called Ntbtlog.txt, and it is saved in the
system root directory.
See also: systemroot

boot partition
The partition that contains the Windows operating system and its support files. The boot
partition can be, but does not have to be, the same as the system partition.
See also: partition; Primary disk; system partition

boot volume
The volume that contains the Windows operating system and its support files. The boot
volume can be, but does not have to be, the same as the system volume.

See also: system volume; volume

BOOTP extensions
A set of optional information types defined originally in RFC 1497 for use with BOOTP
service and later supported by DHCP. In DHCP, these extensions form the legacy core set
of client parameters available and supported by most standard DHCP and BOOTP
servers.
See also: bootstrap protocol (BOOTP)

bootstrap protocol (BOOTP)

A protocol used primarily on TCP/IP networks to configure diskless workstations. RFCs
951 and 1542 define this protocol. DHCP is a later boot configuration protocol that uses
this protocol. The Microsoft DHCP service provides limited support for BOOTP service.
See also: Transmission Control Protocol/Internet Protocol (TCP/IP); Dynamic Host
Configuration Protocol (DHCP); Request for Comments (RFC)

broadband
Of or relating to communications systems in which the medium of transmission (such as a
wire or fiber-optic cable) carries multiple messages at a time, each message modulated on
its own carrier frequency by a modem.

broadband connection
A high-speed connection. Broadband connections are typically 256 kilobytes per second
(KBps) or faster. Broadband includes DSL and cable modem service.

broadband integrated services digital network (B-ISDN)

An ITU-T communication standard for high-speed networking that provides new services,
including voice, video, and data on the same network.
See also: International Telecommunication Union - Telecommunication [Standardization
Sector] (ITU-T)

broadcast
An address that is destined for all hosts on a particular network segment.

browser
Software that interprets the markup of files in HTML, formats them into Web pages, and
displays them to the end user. Some browsers also permit end users to send and receive
e-mail, read newsgroups, and play sound or video files embedded in Web documents.
See also: World Wide Web

buffer
A region of RAM reserved for use with data that is temporarily held while waiting to be
transferred between two locations, such as between an application's data area and an

input/output device.
See also: random access memory (RAM)

built-in groups
The default security groups installed with the operating system. Built-in groups have been
granted useful collections of rights and built-in abilities.
In most cases, built-in groups provide all the capabilities needed by a particular user. For
example, if a domain user account belongs to the built-in Administrators group, logging on
with that account gives a user administrative capabilities over the domain and the domain
servers. To provide a needed set of capabilities to a user account, assign it to the
appropriate built-in group.
See also: group

bus
A communication line used for data transfer among the components of a computer system.
A bus essentially allows different parts of the system to share data. For example, a bus
connects the disk-drive controller, memory, and input/output ports to the microprocessor.
See also: expansion slot; universal serial bus (USB)

bytes
A unit of data that typically holds a single character, such as a letter, a digit, or a
punctuation mark. Some single characters can take up more than one byte.
See also: bit (binary digit)

C
cable modem
A device that enables a broadband connection to the Internet by using cable television
infrastructure. Access speeds vary greatly, with a maximum throughput of 10 megabits per
second (Mbps).

cache
For DNS and WINS, a local information store of resource records for recently resolved
names of remote hosts. Typically, the cache is built dynamically as the computer queries
and resolves names. It also helps optimize the time required to resolve queried names.
See also: cache file; resource record (RR)

cache file
A file used by the Domain Name System (DNS) server to preload its names cache when
service is started. Also known as the root hints file because DNS uses resource records
stored in this file to help locate root servers that provide referral to authoritative servers for
remote names. For Windows DNS servers, the cache file is named Cache.dns and is
located in the %SystemRoot%\System32\Dns folder.

See also: authoritative; cache; systemroot

caching
The process of temporarily storing recently used data values in a special pool in memory
for quicker subsequent access. For DNS, typically the ability of the DNS server to store
information learned about the DNS namespace during the resolution of DNS queries. (For
example, the DNS server can cache DNS records received from other DNS servers.)
Caching is also available through the DNS Client service as a way for DNS clients to keep
a cache of information learned during recent queries.
See also: caching resolver; DNS Server; Domain Name System (DNS)

caching resolver
A client-side DNS name resolution service that performs caching of recently learned DNS
domain name information. The caching resolver service provides system-wide access to
DNS-aware programs for resource records obtained from DNS servers during processing
of name queries. Cached data is used for a limited period of time and aged according to
the active Time-to-Live (TTL) value. You can set the TTL individually for each resource
record (RR). Otherwise, it defaults to the minimum TTL set in the SOA RR for the zone.
See also: caching; expire interval; minimum TTL; resolver; resource record (RR); Time to
Live (TTL)

callback number
The number that a remote access server uses to call back a user. This number can be
preset by the administrator or specified by the user at the time of each call, depending on
how the administrator configures the user's callback options. The callback number should
be the number of the phone line to which the user's modem is connected.
See also: preset-to callback; remote access server; set-by-caller callback

callback security
A form of network security in which a remote access server calls a user back at a preset
number after the user has made an initial connection and has been authenticated.
See also: preset-to callback; remote access server

called subscriber ID (CSID) string

A string that specifies the called subscriber ID transmitted by the receiving fax machine
when receiving an inbound fax. This string is usually a combination of the fax or telephone
number and the name of the business. It is often the same as the transmitter subscriber
ID.
See also: string; transmitting station ID (TSID) string

canonical (CNAME) resource record

A resource record used to map an alternate alias name to a primary canonical DNS
domain name used in the zone.
See also: resource record (RR)

canonical name
An object's distinguished name presented with the root first and without the LDAP attribute
tags (such as: CN=, DC=). The segments of the name are delimited with forward slashes
(/). For example,
CN=MyDocuments,OU=MyOU,DC=Microsoft,DC=Com
is presented as
microsoft.com/MyOU/MyDocuments
in canonical form.
See also: distinguished name; Lightweight Directory Access Protocol (LDAP)

cartridge font
A font contained in a plug-in cartridge and used to add fonts to laser, ink-jet, or high-end
dot-matrix printers. Cartridge fonts are distinguished both from internal fonts, which are
contained in ROM in the printer and are always available, and from downloadable (soft)
fonts, which reside on disk and which can be sent to the printer as needed.
See also: downloadable fonts; font; font cartridge; read-only memory (ROM)

cascading hubs
A network configuration in which hubs are connected to other hubs.
See also: hub

catalog
For Indexing Service, a collection of all index information and stored properties for a
particular group of file system directories. By default, Indexing Service indexes the System
and Web catalogs on your hard drive.
See also: property

CD-R
Recordable compact disc. Data can be copied to the CD on more than one occasion;
however, data cannot be erased from the CD.

CD-RW
Rewritable compact disc. Data can be copied to the CD on more than one occasion and
can be erased.

certificate
A digital document that is commonly used for authentication and secure exchange of
information on open networks, such as the Internet, extranets, and intranets. A certificate
securely binds a public key to the entity that holds the corresponding private key.
Certificates are digitally signed by the issuing certification authority and can be issued for a
user, a computer, or a service. The most widely accepted format for certificates is defined
by the ITU-T X.509 version 3 international standard.

See also: International Telecommunication Union - Telecommunication [Standardization

Sector] (ITU-T); certification authority (CA); private key; public key; service

certificate revocation list (CRL)

A document maintained and published by a certification authority that lists certificates that
have been revoked.
See also: certificate; certification authority (CA)

certificate store
Typically, a permanent storage where certificates, certificate revocation lists, and certificate
trust lists are stored.
See also: certificate; certificate revocation list (CRL); certificate trust list (CTL)

certificate template
A Windows construct that profiles certificates (that is, it prespecifies the format and
content) based on their intended usage. When requesting a certificate from a Windows
enterprise certification authority (CA), certificate requestors are, depending on their access
rights, able to select from a variety of certificate types that are based on certificate
templates, such as User and Code Signing.
See also: certificate; certification authority (CA)

certificate trust list (CTL)

A signed list of root certification authority certificates that an administrator considers
reputable for designated purposes, such as client authentication or secure e-mail.
See also: certificate; certification authority (CA); root certificate

certification authority (CA)

An entity responsible for establishing and vouching for the authenticity of public keys
belonging to users (end entities) or other certification authorities. Activities of a certification
authority can include binding public keys to distinguished names through signed
certificates, managing certificate serial numbers, and certificate revocation.
See also: certificate; public key; root authority

certification hierarchy
A model of trust for certificates in which certification paths are created by means of the
establishment of parent-child relationships between certification authorities.
See also: certification authority (CA); certification path

certification path
An unbroken chain of trust, consisting of certificates from trusted certificate authorities,
from a specific certificate to the root certification authority in a certification hierarchy.
See also: public key

Challenge Handshake Authentication Protocol (CHAP)

A challenge-response authentication protocol for PPP connections documented in RFC
1994 that uses the industry-standard Message Digest 5 (MD5) one-way encryption
scheme to hash the response to a challenge issued by the remote access server.

channel
A path or link through which noncontrol information passes between two devices. A single
Basic Rate Interface (BRI) connection, for example, has one physical connection but two
channels for exchanging information between devices. This is often called a bearer
channel, implying a channel that carries information.
On the Internet, a Web site designed to deliver content from the Internet to your computer,
similar to subscribing to a favorite Web site.
See also: active content; B-channel; D-channel

CHAP (Challenge Handshake Authentication Protocol)

An authentication protocol used by Microsoft remote access and Network Connections.
Using CHAP, a remote access client can send its authentication credentials to a remote
access server in a secure form. Microsoft has created a Windows-specific variant of CHAP
called MS-CHAP.
See also: remote access server; remote access

character mode
A display mode in which the monitor can display letters, numbers, and other text
characters, but no graphical images or character formatting (italics, superscript, and so
on).

checkpoints
See definition for: Restore Point

child object
An object that resides in another object. A child object implies relation. For example, a file
is a child object that resides in a folder, which is the parent object.
See also: object; parent object

Class A IP address
A unicast IP address that ranges from 1.0.0.1 through 126.255.255.254. The first octet
indicates the network, and the last three octets indicate the host on the network.
See also: Class B IP address; Class C IP address; IP address

Class B IP address
A unicast IP address that ranges from 128.0.0.1 through 191.255.255.254. The first two
octets indicate the network, and the last two octets indicate the host on the network.
See also: Class A IP address; Class C IP address; IP address

Class C IP address
A unicast IP address that ranges from 192.0.0.1 to 223.255.255.254. The first three octets
indicate the network, and the last octet indicates the host on the network. Network Load
Balancing provides optional session support for Class C IP addresses (in addition to
support for single IP addresses) to accommodate clients that make use of multiple proxy
servers at the client site.
See also: Class A IP address; Class B IP address; IP address

classical IP over ATM (CLIP)

A proposed Internet standard, described in RFC 2225, that allows IP communication
directly on the ATM layer, bypassing an additional protocol (such as Ethernet or Token
Ring) in the protocol stack.
See also: Asynchronous Transfer Mode (ATM); Internet Protocol (IP)

clear
To turn off an option by removing the X or check mark from a check box. You clear a check
box by clicking it, or by selecting it and then pressing the SPACEBAR.

client
Any computer or program connecting to, or requesting the services of, another computer
or program. Client can also refer to the software that enables the computer or program to
establish the connection.
For a local area network (LAN) or the Internet, a computer that uses shared network
resources provided by another computer (called a server).
See also: server

client application
A Windows-based application that can display and store linked or embedded objects. For
distributed applications, the application that imitates a request to a server application.

client request
A service request from a client computer to a server computer or, for Network Load
Balancing, a cluster of computers. Network Load Balancing forwards each client request to
a specific host within the cluster according to the system administrator's load-balancing
policy.
See also: client; cluster; host; load balancing; server

ClipBook Server
A system service that supports ClipBook Viewer, which allows pages to be seen by remote
ClipBooks.

cluster
In data storage, the smallest amount of disk space that can be allocated to hold a file. All

file systems used by Windows organize hard disks based on clusters, which consist of one
or more contiguous sectors. The smaller the cluster size, the more efficiently a disk stores
information. If no cluster size is specified during formatting, Windows picks defaults based
on the size of the volume. These defaults are selected to reduce the amount of space that
is lost and the amount of fragmentation on the volume. A cluster is also called an allocation
unit.
In computer networking, a group of independent computers that work together to provide a
common set of services and present a single-system image to clients. The use of a cluster
enhances the availability of the services and the scalability and manageability of the
operating system that provides the services.
See also: availability; client; file system; scalability; volume

cluster adapter
The adapter that, when using multiple network adapters in each host of a Network Load
Balancing cluster, handles the network traffic for cluster operations (the traffic for all hosts
in the cluster). This adapter is programmed with the host's cluster IP address.
See also: cluster; dedicated adapter; IP address

Cluster Administrator
An application that is used to configure a cluster and its nodes, groups, and resources.
Cluster Administrator can run on any member of the trusted domain regardless of whether
the computer is a cluster node.
See also: cluster; Cluster.exe; server cluster

Cluster Administrator extension

A software component that implements the Cluster Administrator extension application
programming interface (API) for allowing Cluster Administrator to configure a new resource
type.
See also: application programming interface (API); cluster; Cluster Administrator

Cluster API
A collection of functions that are implemented by the cluster software and used by a
cluster-aware client or server application, a cluster management application, or a
Resource DLL. The Cluster API is used to manage the cluster, cluster objects, and the
cluster database.
See also: cluster; Resource DLL; server cluster

cluster disk
A disk on a shared bus connected to the cluster nodes, which all the cluster nodes can
access (though not at the same time).

Cluster service
The essential software component that controls all aspects of server cluster operation and
manages the cluster database. Each node in a server cluster runs one instance of the

Cluster service.
See also: cluster; server cluster

cluster-aware application
An application that can run on a cluster node and that can be managed as a cluster
resource. Cluster-aware applications use the Cluster API to receive status and notification
information from the server cluster.
See also: server cluster; Cluster API; cluster-unaware application; cluster

cluster-unaware application
An application that can run on a cluster node and be managed as a cluster resource but
that does not support the Cluster API.
See also: cluster-aware application; cluster; Cluster API

Cluster.exe
An alternative to using Cluster Administrator to administer clusters from the command
prompt. You can also call Cluster.exe from command scripts to automate many cluster
administration tasks.
See also: Cluster Administrator; cluster

Cmd Show Override, with

When checked, opens the DDE server application as specified by the integer in value.
Possible values are 1 (normal), 2 (minimized), 3 (maximized), and 10 (application default).
When cleared, the DDE server application opens.

CMYK color space

Multidimensional color space consisting of the cyan, magenta, yellow, and black intensities
that make up a given color. Commercial color printing devices generally use this system of
four-color process inks.
See also: color management; color space

code page
A means of providing support for character sets and keyboard layouts for different
countries or regions. A code page is a table that relates the binary character codes used
by a program to keys on the keyboard or to characters on the display.

codec
Hardware that can convert audio or video signals between analog and digital forms
(coder/decoder); hardware or software that can compress and uncompress audio or video
data (compression/decompression); or the combination of coder/decoder and
compression/decompression. Generally, a codec compresses uncompressed digital data
so that the data uses less memory.

color depth
The number of colors per pixel your monitor and graphics adapter support.

color gamut
The particular range of colors that a device is able to produce. A device such as a scanner,
monitor, or printer can produce a unique range of colors, which is determined by the
characteristics of the device itself.
See also: color profile; rendering intent

color management
Process of producing accurate, consistent color among a variety of input and output
devices. A color management system (CMS) maps colors between devices such as
scanners, monitors, and printers; transforms colors from one color space to another (for
example, RGB to CMYK); and provides accurate on-screen or print previews.
See also: CMYK color space; RGB color space

color profile
A profile that contains the data needed for translating the values of a color gamut. This
data includes information about color, hue, saturation, and brightness.
See also: color gamut; hue; saturation

color space
A set of three values that defines how a color can be represented on computer devices
such as monitors, scanners, and printers. For example, in the LAB color space, the terms
luminance or whiteness (L), redness-greenness (A), and yellowness-blueness (B) are
used; in the HVC system, the terms are hue (H), value (V), and chroma (C). Color space
refers to the three-dimensional space that is defined by the respective values, such as L,
A, and B.
See also: CMYK color space; color space; RGB color space

command prompt window

A window displayed on the desktop used to interface with the MS-DOS operating system.
MS-DOS commands are typed at an entry point identified by a blinking cursor.
See also: MS-DOS (Microsoft Disk Operating System)

common groups
Groups that appear in the program list on the Start menu for all users who log on to the
computer. Only administrators can create or change common groups.
See also: group

communication port
A port on a computer that allows asynchronous communication of one byte at a time. A
communication port is also called a serial port.

See also: asynchronous communication; serial port

communication settings
Operating parameters, such as bits per second (bps) and modem type, that apply to serial
ports on a computer.
See also: bits per second (bps); modem (modulator/demodulator); serial port

community name
A name used to group SNMP hosts. This name is placed in SNMP messages sent
between SNMP-managed devices such as Windows 2000-based server computers and
SNMP management stations. Typically, all hosts belong to Public, which is the standard
name for a common community of all SNMP hosts.
See also: Simple Network Management Protocol (SNMP); trap

compatibility mode
A feature of a computer or operating system that allows it to run programs written for a
different system. Programs often run slower in compatibility mode.

Complementary Metal Oxide Semiconductor (CMOS)

A specific type of semiconductor technology that requires very little power. The term has
been popularized to mean a small storage area where your system keeps track of certain
hardware parameters, such as the size of your hard disk, the number of serial ports your
computer has, etc. CMOS is also called Setup RAM.

Compression Control Protocol (CCP)

A protocol used in the negotiation process in a PPP connection. Compression Control
Protocol is one type of Network Control Protocol (NCP). NCPs are used to establish and
configure different network protocol parameters for IP, IPX, and NetBEUI.
See also: Internet Protocol (IP); Internetwork Packet Exchange (IPX); Point-to-Point
Protocol (PPP)

computer account
An account that is created by a domain administrator and uniquely identifies the computer
on the domain. The Windows computer account matches the name of the computer joining
the domain.
See also: domain

computer administrator
A user who manages a computer. The computer administrator makes system-wide
changes to the computer, including installing programs and accessing all files on the
computer, and can create, change and delete the accounts of other users.

Computer Browser service

A service that maintains an up-to-date list of computers and provides the list to
applications when requested. The Computer Browser service provides the computer lists
displayed in the My Network Places, Select Computer, and Select Domain dialog boxes
and (for Windows 2000 Server only) in the Server Manager window.
See also: service

Computer Management
A component you can use to view and control many aspects of the computer configuration.
Computer Management combines several administration utilities into a single console tree,
providing easy access to a local or remote computers administrative properties and tools.

computer quota
For Message Queuing, the storage size limit for messages on a computer, based on the
total size of the messages. When a computer quota is reached, Message Queuing can no
longer send messages to that computer until one or more messages are removed from
queues. Message Queuing enforces the computer quota before it enforces the queue
quota on a computer.
See also: Message Queuing; queue quota

connect
To assign a drive letter, port, or computer name to a shared resource so that you can use
it.
See also: shared resource

connected, authenticating user

A user's status when a telephone connection has been established but authentication has
not yet taken place. The user may be trying to prove security clearance, or the system may
be idle. If this condition occurs, followed by the Waiting for Call phase, then the user was
unable to provide a correct user name or password. If this phase is repeated, followed by
the Waiting for Call phase, an unauthorized attempt to access the network may be under
way.
See also: authentication; Waiting for Call

connected, user authenticated

A user's status when a telephone connection has been established and the user has
entered a correct user name and password. If the user has callback permission and has
requested callback, the connection is followed by the calling-back phase. If the callingback phase is followed by a waiting-for-call phase, then the server was unable to reach the
user at the specified number. The user may have supplied an inaccurate callback number
(in the case of set-by-caller callback), or an unauthorized attempt to access the network
may be under way (in the case of preset-to callback).
See also: preset-to callback; set-by-caller callback

connector application
For Message Queuing, an application that enables Message Queuing computers to
communicate with computers that use other messaging systems.
See also: connector queue; foreign computer; Message Queuing

connector queue
For Message Queuing, a queue created on servers running a connector application. You
can use the connector application to exchange messages with computers that are running
other message-queuing products.
See also: connector application; foreign computer; Message Queuing

console tree
The left pane in a Microsoft Management Console (MMC) that displays the items
contained in the console. By default it is the left pane of a console window, but it can be
hidden. The items in the console tree and their hierarchical organization determine the
capabilities of a console.
See also: Microsoft Management Console (MMC)

constant bit rate (CBR)

An ATM service type that supports constant bandwidth allocation. This service type is used
for voice and video transmissions that require little or no cell loss and rigorous timing
controls during transmission.
See also: Asynchronous Transfer Mode (ATM)

container object
An object that can logically contain other objects. For example, a folder is a container
object.
See also: noncontainer object; object

convergence
The process of stabilizing a system after changes occur in the network. For routing, if a
route becomes unavailable, routers send update messages throughout the internetwork,
reestablishing information about preferred routes.
For Network Load Balancing, a process by which hosts exchange messages to determine
a new, consistent state of the cluster and to elect the host with the highest host priority,
known as the default host. During convergence, a new load distribution is determined for
hosts that share the handling of network traffic for specific TCP or UDP ports.
See also: cluster; default host; host; User Datagram Protocol (UDP)

copy backup
A backup that copies all selected files but does not mark each file as having been backed
up (in other words, the archive attribute is not cleared). Copying is useful if you want to
back up files between normal and incremental backups because copying does not affect

these other backup operations.

See also: daily backup; differential backup; incremental backup; normal backup

count limit
For Process Control, the maximum number of active processes in a process group. You
can configure this in the Process Control snap-in.

CPU Time
In Task Manager, the total processor time, in seconds, used by a process since it started.
See also: Task Manager

CPU Usage
In Task Manager, the percentage of time that a process used the CPU since the last
update. On the Task Manager Process tab, the column heading is CPU.
See also: Task Manager

crash consistency
A feature of shadow copy backups that ensures all files are backed up, regardless of their
state.
See also: volume shadow copy

CRC errors
Errors caused by the failure of a cyclic redundancy check. A CRC error indicates that one
or more characters in the data packet received were found garbled on arrival.

credentials
A set of information that includes identification and proof of identification that is used to
gain access to local and network resources. Examples of credentials are user names and
passwords, smart cards, and certificates.

CRL distribution point

An optional extension in an X.509v3 certificate that identifies how information is obtained.
Also, a directory entry or other distribution source for certificate revocation lists.
See also: certificate; certificate revocation list (CRL); X.509v3 certificate

cross-reference object
Objects in which Active Directory stores information about directory partitions and external
directory services. An example of an external directory service is another LDAP-compliant
directory.
See also: Active Directory; directory partition; Lightweight Directory Access Protocol
(LDAP)

CryptoAPI
An application programming interface (API) that is provided as part of Microsoft Windows.
CryptoAPI provides a set of functions that allow applications to encrypt or digitally sign
data in a flexible manner while providing protection for the user's sensitive private key
data. Actual cryptographic operations are performed by independent modules known as
cryptographic service providers (CSPs).
See also: application programming interface (API); cryptographic service provider (CSP);
private key

cryptographic service provider (CSP)

The code that performs authentication, encoding, and encryption services that Windowsbased applications access through the CryptoAPI. A CSP is responsible for creating keys,
destroying them, and using them to perform a variety of cryptographic operations. Each
CSP provides a different implementation of the CryptoAPI. Some provide stronger
cryptographic algorithms, while others contain hardware components, such as smart
cards.
See also: smart card; CryptoAPI; service

cryptography
The processes, art, and science of keeping messages and data secure. Cryptography is
used to enable and ensure confidentiality, data integrity, authentication (entity and data
origin), and nonrepudiation.

custom file type

Typically, files with extensions that have been created for special kinds of files. Custom file
types are not tracked by the system registry.
See also: registry

D
D-channel
A separate channel of an ISDN line that is used for ISDN signaling. For ISDN Basic Rate
Interface (BRI), the D-channel is 16 kilobits per second (Kbps). For ISDN Primary Rate
Interface (PRI), the D-channel is 64 Kbps. D-channel is also called data channel.
See also: Integrated Services Digital Network (ISDN); switch type

daily backup
A backup that copies all selected files that have been modified the day the daily backup is
performed. The backed-up files are not marked as having been backed up (in other words,
the archive attribute is not cleared).
See also: copy backup; differential backup; incremental backup; normal backup

Data Communications Equipment (DCE)

One of two types of hardware connected by an RS-232-C serial connection, the other
being a Data Terminal Equipment (DTE) device. A DCE is an intermediary device that
often transforms input from a DTE before sending it to a recipient. A modem, for example,
is a DCE that modulates data from a microcomputer (DTE) and sends it along a telephone
connection.
See also: Data Terminal Equipment (DTE); RS-232-C standard

Data Link Control (DLC)

An address that uniquely identifies a node on a network. Every network adapter has a DLC
address or DLC identifier (DLCI). Some network protocols, such as Ethernet and Token
Ring, use DLC addresses exclusively. Other protocols, such as TCP/IP, use a logical
address at the OSI Network layer to identify nodes.
However, all network addresses must eventually be translated to DLC addresses. In
TCP/IP networks, this translation is performed by the Address Resolution Protocol (ARP).
See also: Address Resolution Protocol (ARP); Open Systems Interconnection (OSI)
reference model

data packet
A unit of information transmitted as a whole from one device to another on a network.

Data Terminal Equipment (DTE)

In the RS-232-C hardware standard, any device, such as a remote access server or client,
that has the ability to transmit information in digital form over a cable or a communications
line.
See also: Data Communications Equipment (DCE); remote access server; RS-232-C
standard

data-overrun error
A state in which the sending computer is transmitting characters faster than the receiving
computer can accommodate them. If this problem persists, reduce the bits-per-second
(bps) rate.
See also: bits per second (bps)

datagram
One packet, or unit, of information that includes relevant delivery information, such as the
destination address, that is sent through a packet-switching network.
See also: packet

dead-letter queue
For Message Queuing, a queue that stores nontransactional messages that are
undeliverable or expired. These queues store failed messages on the computer on which
the message expired. Messages in these queues are written to disk and are therefore
recoverable.

See also: transaction dead-letter queue; transactional message

debugger
A program designed to aid in detecting, locating, and correcting errors in another program
by allowing the programmer to step through the program, examine the data, and monitor
conditions such as the values of variables.

dedicated adapter
The network adapter that, when using multiple network adapters in each host of a Network
Load Balancing cluster, handles network traffic not related to cluster operations (the traffic
for individual hosts on the network). This adapter is programmed with the host's dedicated
IP address.
See also: cluster adapter; IP address

default button
In some dialog boxes, the command button that is selected or highlighted when the dialog
box is initially displayed. The default button has a bold border, indicating that it will be
chosen automatically if you press ENTER. You can override a default button by clicking
Cancel or another command button.

default gateway
A configuration item for the TCP/IP protocol that is the IP address of a directly reachable IP
router. Configuring a default gateway creates a default route in the IP routing table.

default host
The host with the highest host priority for which a drainstop command is not in progress.
After convergence, the default host handles all of the network traffic for TCP and UDP
ports that are not otherwise covered by port rules.
See also: convergence; drainstop; host priority; port rule; User Datagram Protocol (UDP)

default network
In the Macintosh environment, the physical network on which the processes of a server
reside as nodes and on which the server appears to users. The default network of the
server must be one to which that server is attached. Only servers on AppleTalk Phase 2
internets have default networks.
See also: internet

default printer
The printer to which a computer sends documents if you select the Print command without
first specifying which printer you want to use with a program. You can have only one
default printer; it should be the printer you use most often.
See also: printer

default user
The profile that serves as a basis for all user profiles. Every user profile begins as a copy
of the default user profile.

default zone
The zone to which all Macintosh clients on the network are assigned by default.
See also: zone

defragmentation
The process of rewriting parts of a file to contiguous sectors on a hard disk to increase the
speed of access and retrieval. When files are updated, the computer tends to save these
updates on the largest continuous space on the hard disk, which is often on a different
sector than the other parts of the file. When files are thus fragmented, the computer must
search the hard disk each time the file is opened to find all of the file's parts, which slows
down response time.
See also: fragmentation

delegation
The ability to assign responsibility for management and administration of a portion of the
namespace to another user, group, or organization.
For DNS, a name service record in the parent zone that lists the name server authoritative
for the delegated zone.
See also: Domain Name System (DNS)

denial-of-service attack
An attack in which an attacker exploits a weakness or a design limitation of a network
service to overload or halt the service, so that the service is not available for use. This type
of attack is typically launched to prevent other users from using a network service such as
a Web server or a file server.

dependency
A relationship of reliance between two resources that makes it necessary for them to run in
the same group on the same node. For example, an application is dependent on the disks
that contain its data resources.
See also: resource

dependency tree
A diagram for visualizing the dependency relationships between resources.
See also: dependency; resource

dependent client
For Message Queuing, a computer that requires synchronous access to a Message
Queuing server to perform all standard message queuing operations, such as sending and

receiving messages and creating queues.

See also: independent client; Message Queuing server

descendent key
All the subkeys that appear when a key in the registry is expanded. A descendent key is
the same as a subkey.
See also: key; subkey

desired zone
The zone in which AppleTalk network integration appears on the network.
See also: default zone; zone

desktop
The on-screen work area on which windows, icons, menus, and dialog boxes appear.

desktop pattern
A design that appears across your desktop. You can create your own pattern or select a
pattern provided by Windows.
See also: desktop

destination document
The document into which a package or a linked or embedded object is being inserted. For
an embedded object, this is sometimes also called the container document.
See also: embedded object

details pane
The pane in the Microsoft Management Console (MMC) that displays the details for the
selected item in the console tree. The details can be a list of items or they can be
administrative properties, services, and events that are acted on by a snap-in.
See also: Microsoft Management Console (MMC); service; snap-in

device
Any piece of equipment that can be attached to a network or computer; for example, a
computer, printer, joystick, adapter, or modem card, or any other peripheral equipment.
Devices normally require a device driver to function with Windows.
See also: device driver; peripheral

device conflict
A conflict that occurs when the same system resources have been allocated to two or
more devices. System resources include interrupt request (IRQ) lines, direct memory
access (DMA) channels, input/output (I/O) ports, and memory addresses.
See also: direct memory access (DMA); input/output (I/O) port; interrupt request (IRQ)

lines; memory address; resource

device driver
A program that allows a specific device, such as a modem, network adapter, or printer, to
communicate with the operating system. Although a device might be installed on your
system, Windows cannot use the device until you have installed and configured the
appropriate driver.
If a device is listed in the Hardware Compatibility List (HCL), a driver is usually included
with Windows. Device drivers load automatically (for all enabled devices) when a computer
is started, and thereafter run invisibly.

device fonts
Fonts that reside in your printer. They can be built into the printer itself or provided by a
font cartridge or font card.
See also: font; font cartridge; printer fonts

Device Manager
An administrative tool that you can use to manage the devices on your computer. Using
Device Manager, you can view and change device properties, update device drivers,
configure device settings, and uninstall devices.
See also: device; uninstall

DFS link
An element in the Distributed File System (DFS) namespace that lies below the root and
maps to one or more targets, each of which corresponds to a shared folder or another
DFS root.
See also: DFS root; domain DFS

DFS root
The starting point of the Distributed File System (DFS) namespace. The root is often used
to refer to the namespace as a whole. A root maps to one or more root targets, each of
which corresponds to a shared folder on a server.
See also: DFS link

DFS topology
The overall logical hierarchy of the Distributed File System (DFS), including elements such
as roots, links, shared folders, and replica sets, as depicted in the DFS administrative
console. This is not to be confused with the DFS namespace, which is the logical view of
shared resources seen by users.
See also: DFS link; DFS root; domain DFS

DHCP client
Any network-enabled device that supports the ability to communicate with a DHCP server

for the purpose of obtaining dynamic leased IP configuration and related optional
parameters information.
See also: Dynamic Host Configuration Protocol (DHCP); DHCP server; lease

DHCP option
Address configuration parameters that a DHCP service assigns to clients. Most DHCP
options are predefined, based on optional parameters defined in Request for Comments
(RFC) 1542, although extended options can be added by vendors or users.
See also: Dynamic Host Configuration Protocol (DHCP); service

DHCP server
A computer running the Microsoft DHCP service that offers dynamic configuration of IP
addresses and related information to DHCP-enabled clients.
See also: Dynamic Host Configuration Protocol (DHCP); service; IP address

DHCP service resource

A resource type that provides DHCP services from a cluster.
See also: cluster; Dynamic Host Configuration Protocol (DHCP)

DHCP/BOOTP Relay Agent

The agent program or component responsible for relaying DHCP and BOOTP broadcast
messages between a DHCP server and a client across an IP router. A DHCP relay agent
supports DHCP/BOOTP message relay as defined in RFCs 1541 and 2131. The DHCP
Relay Agent service is managed using the Routing and Remote Access service.
See also: DHCP server; bootstrap protocol (BOOTP); Dynamic Host Configuration
Protocol (DHCP)

dial location
The country code, area code, and specific dialing requirements for the place you are
dialing from. Once you have created a dial location, you can select it to apply the dialing
requirements to all your calls. To change dialing locations, select or create a different one.

dial-up connection
The connection to your network if you are using a device that uses the telephone network.
This includes modems with a standard phone line, ISDN cards with high-speed ISDN lines,
or X.25 networks.
If you are a typical user, you may have one or two dial-up connections, for example, to the
Internet and to your corporate network. In a more complex server situation, multiple
network modem connections might be used to implement advanced routing.
See also: Integrated Services Digital Network (ISDN); modem (modulator/demodulator)

dialog box
A secondary window that contains buttons and various kinds of options through which you

can carry out a particular command or task.

dictionary attack
A method of guessing a user's password or PIN by trying every word in the dictionary until
successful.

differential backup
A backup that copies files created or changed since the last normal or incremental backup.
It does not mark files as having been backed up (in other words, the archive attribute is not
cleared). If you are performing a combination of normal and differential backups, restoring
files and folders requires that you have the last normal as well as the last differential
backup.
See also: copy backup; daily backup; incremental backup; normal backup

differential data
Saved copies of changed data that can be applied to an original volume to generate a
volume shadow copy.
See also: volume; volume shadow copy

digital signature
A means for originators of a message, file, or other digitally encoded information to bind
their identity to the information. The process of digitally signing information entails
transforming the information, as well as some secret information held by the sender, into a
tag called a signature. Digital signatures are used in public key environments, and they
provide nonrepudiation and integrity services.
See also: Digital Signature Standard (DSS); service; time stamp

Digital Signature Standard (DSS)

A standard that uses the Digital Signature Algorithm (DSA) for its signature algorithm and
SHA-1 as its message hash algorithm. DSA is a public-key cipher that is used only to
generate digital signatures and cannot be used for data encryption.
See also: digital signature; Secure Hash Algorithm (SHA-1)

Digital Subscriber Line (DSL)

A type of high-speed Internet connection using standard telephone wires. This is also
referred to as a broadband connection.

digital video disc (DVD)

A type of optical disc storage technology. A digital video disc (DVD) looks like a CD-ROM
disc, but it can store greater amounts of data. DVDs are often used to store full-length
movies and other multimedia content that requires large amounts of storage space.
See also: DVD decoder; DVD drive

direct cable connection

A link between the I/O ports of two computers created with a single cable rather than a
modem or other interfacing devices. In most cases, a direct cable connection is made with
a null modem cable.
See also: input/output (I/O) port; null modem cable

direct memory access (DMA)

Memory access that does not involve the microprocessor. DMA is frequently used for data
transfer directly between memory and a peripheral device such as a disk drive.
See also: hardware configuration

directory partition
A contiguous subtree of the directory that forms a unit of replication. A given replica is
always a replica of some directory partition. The directory always has at least three
directory partitions:
The schema, which defines the object classes and attributes contained in Active
Directory.
The configuration, which identifies the domain controllers, replication topology and
other related information about the domain controllers within a specific
implementation of Active Directory.
One or more domains that contain the actual directory object data.
A domain controller always stores the partitions for the schema, configuration, and its own
(and no other) domain. The schema and configuration are replicated to every domain
controller in the domain tree or forest. The domain is replicated only to domain controllers
for that domain. A subset of the attributes for all domain objects is replicated to the global
catalog.
See also: Active Directory; attribute; domain; replica; replication

directory service
Both the directory information source and the service that make the information available
and usable. A directory service enables the user to find an object given any one of its
attributes.

DirectX
An extension of the Microsoft Windows operating system. DirectX technology helps games
and other programs use the advanced multimedia capabilites of your hardware.

disable
To make a device nonfunctional. For example, if you disable a device in a hardware
configuration, you cannot use the device when your computer uses that hardware
configuration. Disabling a device frees the resources that were allocated to the device.
See also: enable; hardware configuration

discretionary access control list (DACL)

The part of an object's security descriptor that grants or denies specific users and groups
permission to access the object. Only the owner of an object can change permissions
granted or denied in a DACL; thus, access to the object is at the owner's discretion.
See also: distribution group; object; security descriptor; security group

disk
A storage device that is attached to a computer.
See also: basic disk; dynamic disk

disk configuration information

Information in the Windows registry on assigned drive letters, simple volumes, striped
volumes, mirrored volumes, spanned volumes, and RAID-5 volumes. You can change the
disk configuration by using Disk Management.
See also: mirrored volume; RAID-5 volume; registry; simple volume; spanned volume;
volume

dismount
To remove a removable tape or disc from a drive.
See also: library; mount

display adapter
See definition for: video adapter

distinguished name
A name that uniquely identifies an object by using the relative distinguished name for the
object, plus the names of container objects and domains that contain the object. The
distinguished name identifies the object as well as its location in a tree. Every object in
Active Directory has a distinguished name. A typical distinguished name might be
CN=MyName,CN=Users,DC=Microsoft,DC=Com
This identifies the MyName user object in the microsoft.com domain.
See also: Active Directory; domain; object

distribution group
A group that is used solely for e-mail distribution and that is not security-enabled.
Distribution groups cannot be listed in discretionary access control lists (DACLs) used to
define permissions on resources and objects. Distribution groups can be used only with email applications (such as Microsoft Exchange) to send e-mail to collections of users. If
you do not need a group for security purposes, create a distribution group instead of a
security group.
See also: discretionary access control list (DACL); security group

DLL
See definition for: dynamic-link library (DLL)

DNS
See definition for: Domain Name System (DNS)

DNS Server
A service that maintains information about a portion of the Domain Name System (DNS)
database and responds to and resolves DNS queries. A computer running this service is
also known as a DNS server.
See also: Domain Name System (DNS)

DNS suffix
For DNS, a character string that represents a domain name. The DNS suffix shows where
a host is located relative to the DNS root, specifying a host s location in the DNS
hierarchy. Usually, DNS suffix describes the latter portion of a DNS name, following one or
more of the first labels of a DNS name.

dock
To connect a laptop or notebook computer to a docking station.
See also: docking station; hot docking; undock

docking station
A unit for housing a portable computer that contains a power connection, expansion slots,
and connections to peripherals, such as a monitor, printer, full-sized keyboard, and mouse.
The docking station turns the portable computer into a desktop computer.
See also: dock; hot docking; undock

document
Any self-contained piece of work created with an application program and, if saved on
disk, given a unique file name by which it can be retrieved.
See also: filter; property cache

domain
A group of computers that are part of a network and share a common directory database.
A domain is administered as a unit with common rules and procedures. Each domain has
a unique name.
An Active Directory domain is a collection of computers defined by the administrator of a
Windows network. These computers share a common directory database, security
policies, and security relationships with other domains. An Active Directory domain
provides access to the centralized user accounts and group accounts maintained by the
domain administrator. An Active Directory forest is made up of one or more domains, each
of which can span more than one physical location.

A DNS domain is any tree or subtree within the DNS namespace. Although the names for
DNS domains often correspond to Active Directory domains, DNS domains should not be
confused with Active Directory domains.
See also: Active Directory; Domain Name System (DNS)

domain controller
In a Windows domain environment, a computer running Active Directory that manages
user access to a network, which includes logging on, authentication, and access to the
directory and shared resources.
See also: Active Directory; authentication; shared resource

domain controller locator (Locator)

An algorithm that runs in the context of the Net Logon service and that finds domain
controllers on a Windows 2000 network. Locator can find domain controllers by using DNS
names (for IP/DNS-compatible computers) or by using NetBIOS names (for computers
that are running Windows 3.x, Windows for Workgroups, Windows NT 3.5 or later,
Windows 95, or Windows 98, or it can be used on a network where IP transport is not
available).

domain DFS
An implementation of DFS in which DFS topological information is stored in Active
Directory. Because this information is made available on multiple domain controllers in the
domain, domain DFS provides fault-tolerance for any distributed file system in the domain.
See also: DFS topology; fault tolerance

domain local group

A security or distribution group that can contain universal groups, global groups, and
accounts from any domain in the domain tree or forest. A domain local group can also
contain other domain local groups from its own domain. Rights and permissions can be
assigned only at the domain containing the group.
See also: distribution group; domain tree; forest; global group; security group; universal
group

domain name
The name given by an administrator to a collection of networked computers that share a
common directory. Part of the Domain Name System (DNS) naming structure, domain
names consist of a sequence of name labels separated by periods.
See also: domain; Domain Name System (DNS); label; namespace

Domain Name System (DNS)

A hierarchical, distributed database that contains mappings of DNS domain names to
various types of data, such as IP addresses. DNS enables the location of computers and
services by user-friendly names, and it also enables the discovery of other information
stored in the database.

See also: domain; service; Transmission Control Protocol/Internet Protocol (TCP/IP); IP

address

domain namespace
The database structure used by the Domain Name System (DNS).
See also: Domain Name System (DNS)

domain naming master

The domain controller assigned to control the addition or removal of domains in the forest.
At any time, there can be only one domain naming master in the forest.
See also: domain controller; forest; multimaster replication; operations master; replication

domain of origin
The parent DNS domain name that is used to root either a zone or a resource record
within a zone. This name is joined to the end of unqualified or relative domain names to
form a fully qualified domain name (FQDN) within the zone. In DNS Manager, the domain
of origin will correspond to Zone name as it appears in the Add Zone Wizard or the name
that appears in the Parent domain name field for any resource records created within the
zone.
See also: domain; domain name; Domain Name System (DNS); fully qualified domain
name (FQDN); relative name; resource record (RR)

domain tree
In DNS, the inverted hierarchical tree structure that is used to index domain names.
Domain trees are similar in purpose and concept to the directory trees used by computer
filing systems for disk storage.
For example, when numerous files are stored on disk, directories can be used to organize
the files into logical collections. When a domain tree has one or more branches, each
branch can organize domain names used in the namespace into logical collections.
In Active Directory, a hierarchical structure of one or more domains, connected by
transitive, bidirectional trusts, that forms a contiguous namespace. Multiple domain trees
may belong to the same forest.
See also: Active Directory; domain; transitive trust; two-way trust; domain name; Domain
Name System (DNS); forest; namespace

dots per inch (DPI)

The standard used to measure screen and printer resolution, expressed as the number of
dots that a device can display or print per linear inch. The greater the number of dots per
inch, the better the resolution.

double-byte characters
A set of characters in which each character is represented by two bytes. Some languages,
such as Japanese, Chinese, and Korean, require double-byte character sets.

downloadable fonts
A set of characters stored on disk and sent (downloaded) to a printer's memory when
needed for printing a document. Downloadable fonts are most commonly used with laser
printers and other page printers, although many dot-matrix printers can accept some of
them. Downloadable fonts are also called soft fonts.
See also: font; font cartridge; PostScript fonts

drag
To move an item on the screen by selecting the item and then pressing and holding down
the mouse button while moving the mouse. For example, you can move a window to
another location on the screen by dragging its title bar.

drain
For Network Load Balancing, a command that disables new traffic handling for the rule
whose port range contains the specified port. All ports specified by the port rule are
affected.
See also: cluster; drainstop; port; port rule

drainstop
For Network Load Balancing, a command that disables all new traffic handling on the
specified hosts. The hosts then enter draining mode to complete existing connections.
While draining, hosts remain in the cluster and stop their cluster operations when there are
no more active connections. To terminate draining mode, explicitly stop cluster mode with
the stop command, or restart new traffic handling with the start command. To drain
connections from a specific port, use the drain command.
See also: drain; host

drive
An area of storage that is formatted with a file system and has a drive letter. The storage
can be a floppy disk, a CD, a hard disk, or another type of disk. You can view the contents
of a drive by clicking its icon in Windows Explorer or My Computer.
See also: drive letter; file system; volume

drive letter
The naming convention for disk drives on IBM and compatible computers. Drives are
named by letter, beginning with A, followed by a colon.
See also: drive

drop folder
In the Macintosh environment, a folder for which you have the Make Changes permission
but not the See Files or See Folders permission. You can copy files into a drop folder, but
you cannot see what files and subfolders the drop folder contains.
See also: Make Changes

dual boot
A computer configuration that can start two different operating systems.
See also: boot; multiple boot; startup environment

duplex
A system capable of transmitting information in both directions over a communications
channel.
See also: full-duplex; half-duplex

DVD decoder
A hardware or software component that allows a digital video disc (DVD) drive to display
movies on your computer screen.
See also: digital video disc (DVD); DVD drive; hardware decoder; software decoder

DVD drive
A disk storage device that uses digital video disc (DVD) technology. A DVD drive reads
both CD-ROM and DVDs; however, you must have a DVD decoder to display DVD movies
on your computer screen.
See also: DVD decoder; digital video disc (DVD)

DWORD
A data type composed of hexadecimal data with a maximum allotted space of 4 bytes.

dynamic data exchange (DDE)

A form of interprocess communication (IPC) implemented in the Microsoft Windows family
of operating systems. Two or more programs that support dynamic data exchange (DDE)
can exchange information and commands.
See also: Network DDE service

dynamic disk
A physical disk that can be accessed only by Windows 2000 and Windows XP. Dynamic
disks provide features that basic disks do not, such as support for volumes that span
multiple disks. Dynamic disks use a hidden database to track information about dynamic
volumes on the disk and other dynamic disks in the computer. You convert basic disks to
dynamic by using the Disk Management snap-in or the DiskPart command line utility.
When you convert a basic disk to dynamic, all existing basic volumes become dynamic
volumes.
See also: active volume; basic disk; basic volume; dynamic volume; volume

Dynamic Host Configuration Protocol (DHCP)

A TCP/IP service protocol that offers dynamic leased configuration of host IP addresses
and distributes other configuration parameters to eligible network clients. DHCP provides
safe, reliable, and simple TCP/IP network configuration, prevents address conflicts, and

helps conserve the use of client IP addresses on the network.

DHCP uses a client/server model where the DHCP server maintains centralized
management of IP addresses that are used on the network. DHCP-supporting clients can
then request and obtain lease of an IP address from a DHCP server as part of their
network boot process.
See also: IP address; service; Transmission Control Protocol/Internet Protocol (TCP/IP);
lease

dynamic storage
A storage method in Windows that allows disk and volume management without requiring
operating system restart.
See also: basic storage

dynamic update
An updated specification to the Domain Name System (DNS) standard that permits hosts
that store name information in DNS to dynamically register and update their records in
zones maintained by DNS servers that can accept and process dynamic update
messages.
See also: DNS Server; Domain Name System (DNS); host; zone

dynamic volume
A volume that resides on a dynamic disk. Windows supports five types of dynamic
volumes: simple, spanned, striped, mirrored, and RAID-5. A dynamic volume is formatted
by using a file system, such as FAT or NTFS, and it has a drive letter assigned to it.
See also: basic disk; basic volume; dynamic disk; mirrored volume; RAID-5 volume; simple
volume; spanned volume; volume

dynamic-link library (DLL)

An operating system feature that allows executable routines (generally serving a specific
function or set of functions) to be stored separately as files with .dll extensions. These
routines are loaded only when needed by the program that calls them.
See also: Resource DLL

E
EFI
See definition for: Extensible Firmware Interface (EFI)

EFI system partition

On Itanium-based computers, a portion on a GUID partition table (GPT) disk that is
formatted with the FAT file system and contains the files necessary to start the computer.
Every Itanium-based computer must have at least one GPT disk with an EFI system
partition. The EFI system partition serves the same purpose as the system volume found

on x86-based computers.
See also: Extensible Firmware Interface (EFI); GUID partition table (GPT); Microsoft
Reserved (MSR) partition; Itanium; x86

embedded object
Information created in another program that has been pasted inside your document. When
information is embedded, you can edit the information in the new document using toolbars
and menus from the original program.
To edit the embedded information, double-click it and the toolbars and menus from the
program used to create the information appear. Embedded information is not linked to the
original source. If you change information in one place, it is not updated in the other.
See also: OLE; package; source document

emulated local area network (ELAN)

A logical ATM network that emulates the services of an Ethernet or Token Ring LAN.
See also: local area network (LAN)

enable
To make a device functional. For example, if a device in your hardware configuration
settings is enabled, the device is available for use when your computer uses that hardware
configuration.
See also: disable; hardware configuration

encapsulated PostScript (EPS) file

A file that prints at the highest possible resolution for your printer. An EPS file may print
faster than other graphical representations. Some Windows-based and non-Windowsbased graphical programs can import EPS files.
See also: PostScript

encrypted password
A password that is scrambled. Encrypted passwords are more secure than plaintext
passwords, which are susceptible to network sniffers.
See also: encryption

Encrypting File System (EFS)

A feature in this version of Windows that enables users to encrypt files and folders on an
NTFS volume disk to keep them safe from access by intruders.
See also: NTFS file system; recovery agent

encryption
The process of disguising a message or data in such a way as to hide its substance.
See also: public key encryption; symmetric encryption

enhanced small device interface (ESDI)

A standard that can be used with high-capacity hard disks, floppy disk drives, and tape
drives to allow these devices to communicate with a computer at high speeds.

environment variable
A string consisting of environment information, such as a drive, path, or file name,
associated with a symbolic name that can be used by Windows. You use System in
Control Panel or the set command from the command prompt to define environment
variables.
See also: string; variable

error detection
A technique for detecting when data is lost during transmission. This allows the software to
recover lost data by notifying the transmitting computer that it needs to retransmit the data.

Ethernet
An IEEE 802.3 standard for contention networks. Ethernet uses a bus or star topology and
relies on the form of access known as Carrier Sense Multiple Access with Collision
Detection (CSMA/DC) to regulate communication line traffic. Network nodes are linked by
coaxial cable, fiber-optic cable, or by twisted-pair wiring. Data is transmitted in variablelength frames containing delivery and control information and up to 1,500 bytes of data.
The Ethernet standard provides for baseband transmission at 10 megabits (10 million bits)
per second.

event
Any significant occurrence in the system or an application that requires users to be notified
or an entry to be added to a log.

Event Log service

A service that records events in the system, security, and application logs. The Event Log
service is located in Event Viewer.
See also: Event Viewer; event; service

event logging
The process of recording an audit entry in the audit trail whenever certain events occur,
such as services starting and stopping, or users logging on and off and accessing
resources. You can use Event Viewer to review AppleTalk network integration events as
well as Windows events.
See also: event; service

Event Viewer
A component you can use to view and manage event logs, gather information about
hardware and software problems, and monitor security events. Event Viewer maintains
logs about program, security, and system events.

See also: event; event logging

everyone category
In the Macintosh environment, one of the user categories to which you assign permissions
for a folder. Permissions granted to everyone apply to all users who use the server,
including guests.
See also: permission

expanded memory
Type of memory that can be added to IBM personal computers. The use of expanded
memory is defined by the Expanded Memory Specification (EMS), which supports memory
boards containing RAM that can be enabled or disabled by software.
See also: extended memory

expansion slot
A socket in a computer, designed to hold expansion boards and connect them to the
system bus.
See also: bus

expire interval
For DNS, the number of seconds that DNS servers operating as secondary masters for a
zone will use to determine if zone data should be expired when the zone is not refreshed
and renewed.
See also: DNS Server; Domain Name System (DNS); secondary master; zone

explicit permissions
Permissions on an object that are automatically assigned when the object is created, or
specifically assigned or changed by the owner of the object.
See also: permission; object

express message
For Message Queuing, a message that uses fewer resources and is faster than a
recoverable message. However, because express messages are mapped to memory, they
are lost if the computer storing them fails.
See also: recoverable message

extended characters
Any of the 128 additional characters in the extended ASCII (8-bit) character set. These
characters include those in several non-English languages, such as accent marks, and
special symbols used for creating pictures.

extended memory
Memory beyond one megabyte in 80286, 80386, 80486, and Pentium computers.
See also: expanded memory

extended partition
A type of partition that you can create only on basic master boot record (MBR) disks.
Extended partitions are useful if you want to create more than four volumes on a basic
MBR disk. Unlike primary partitions, you do not format an extended partition with a file
system and then assign a drive letter to it. Instead, you create one or more logical drives
within the extended partition. After you create a logical drive, you format it and assign it a
drive letter. An MBR disk can have up to four primary partitions, or three primary partitions,
one extended partition, and multiple logical drives.
See also: basic disk; drive letter; logical drive; master boot record (MBR); partition; primary
partition; volume

Extensible Authentication Protocol (EAP)

An extension to the Point-to-Point Protocol (PPP) that allows for arbitrary authentication
mechanisms to be employed for the validation of a PPP connection.
See also: CHAP (Challenge Handshake Authentication Protocol); Point-to-Point Protocol
(PPP)

Extensible Firmware Interface (EFI)

In computers with the Intel Itanium processor, the interface between a computer's
firmware, hardware, and the operating system. The Extensible Firmware Interface (EFI)
defines a new partition style called GUID partition table (GPT). EFI serves the same
purpose for Itanium-based computers as the BIOS found in x86-based computers.
However, it has expanded capabilities that provide a consistent way to start any
compatible operating system and an easy way to add EFI drivers for new bootable devices
without the need to update the computer's firmware.
See also: basic input/output system (BIOS); GUID partition table (GPT); Itanium; x86

Extensible Markup Language (XML)

A meta-markup language that provides a format for describing structured data. This
facilitates more precise declarations of content and more meaningful search results across
multiple platforms. In addition, XML will enable a new generation of Web-based data
viewing and manipulation applications.

external network number

A 4-byte hexadecimal number used for addressing and routing purposes. The external
network number is associated with physical network adapters and networks. To
communicate with each other, all computers on the same network that use a specific frame
type must have the same external network number. All external network numbers must be
unique to the IPX internetwork.
See also: frame type; internal network number; Internetwork Packet Exchange (IPX)

extract
When you extract a file, an uncompressed copy of the file that is created in a folder you
specify. The original file remains in the compressed folder.

F
failback
The process of moving resources, either individually or in a group, back to their preferred
node after the node has failed and come back online.
See also: failback policy; resource

failback policy
Parameters that an administrator can set using Cluster Administrator that affect failback
operations.
See also: Cluster Administrator; failback

failed
A state that applies to a resource or a node in a cluster. A resource or a node is placed in
the failed state after an unsuccessful attempt has been made to bring it online.
See also: cluster; resource

failover
The process of taking resource groups offline on one node and bringing them back online
on another node. When a resource group goes offline, all resources belonging to that
group go offline. The offline and online transitions occur in a predefined order, with
resources that are dependent on other resources taken offline before and brought online
after the resources upon which they depend.
See also: failover policy; failover time; IIS Server Instance resource; offline; possible
owners; resource

failover policy
Parameters that an administrator can set, using Cluster Administrator, that affect failover
operations.
See also: Cluster Administrator; failover

failover time
The amount of time it takes a resource, either individually or in a group, to complete the
failover process.
See also: failover; resource

FAT
See definition for: file allocation table (FAT)

FAT32
A derivative of the file allocation table (FAT) file system. FAT32 supports smaller cluster
sizes and larger volumes than FAT, which results in more efficient space allocation on
FAT32 volumes.
See also: file allocation table (FAT); NTFS file system; volume

fault tolerance
The ability of computer hardware or software to ensure data integrity when hardware
failures occur. Fault tolerant features appear in many server operating systems and
include mirrored volumes, RAID-5 volumes, and server clusters.
See also: cluster; mirrored volume; RAID-5 volume

Fax Service
A system service that provides fax services to local and remote network clients. Fax
services include receiving faxes and faxing documents, fax wizard messages, and e-mail
messages.
See also: service

Federal Information Processing Standard 140-1 (FIPS 140-1)

A standard entitled Security Requirements for Cryptographic Modules. FIPS 140-1
describes government requirements that hardware and software cryptomodules should
meet for Sensitive but Unclassified (SBU) use.

file allocation table (FAT)

A file system used by MS-DOS and other Windows-based operating systems to organize
and manage files. The file allocation table (FAT) is a data structure that Windows creates
when you format a volume by using the FAT or FAT32 file systems. Windows stores
information about each file in the FAT so that it can retrieve the file later.
See also: FAT32; file system; NTFS file system

File and Print Servers for Macintosh

A software component that allows Macintosh users access to a computer running any
version of the Windows Server family. The services provided with this component allow
personal computer and Macintosh users to share files and resources, such as printers on
the AppleTalk network or printers attached to the Windows server.

file control block (FCB)

A small block of memory temporarily assigned by a computer's operating system to hold
information about a file that has been opened for use. An FCB typically contains such
information as the file's identification, its location on disk, and a pointer that marks the
user's current (or last) position in the file.

File Server for Macintosh

An AppleTalk network integration service that allows Macintosh clients and personal
computer clients to share files. File Server for Macintosh is also called MacFile.
See also: service

File Share resource

A file share accessible by a network path that is supported as a cluster resource by a
Resource DLL.
See also: Resource DLL

file system
In an operating system, the overall structure in which files are named, stored, and
organized. NTFS, FAT, and FAT32 are types of file systems.
See also: FAT32; NTFS file system; FAT

File Transfer Protocol (FTP)

A member of the TCP/IP suite of protocols, used to copy files between two computers on
the Internet. Both computers must support their respective FTP roles: one must be an FTP
client and the other an FTP server.
See also: Transmission Control Protocol/Internet Protocol (TCP/IP)

file type
In the Windows environment, a designation of the operational or structural characteristics
of a file. The file type identifies the program, such as Microsoft Word, that is used to open
the file. File types are associated with a file name extension. For example, files that have
the .txt or .log extension are of the Text Document type and can be opened using any text
editor.
In the Macintosh environment, a four-character sequence that identifies the type of a
Macintosh file. The Macintosh Finder uses the file type and file creator to determine the
appropriate desktop icon for that file.

filter
For Indexing Service, software that extracts content and property values from a document
in order to index them.
For IPSec, a specification of IP traffic that provides the ability to trigger security
negotiations for a communication based on the source, destination, and type of IP traffic.
See also: document; property value

filtering mode
For Network Load Balancing, the method by which network traffic inbound to a cluster is
handled by the hosts within the cluster. Traffic can either be handled by a single server,
load balanced among the hosts within the cluster, or disabled completely.
See also: cluster; host; load balancing

FilterKeys
A keyboard feature that instructs your keyboard to ignore brief or repeated keystrokes. You
can also adjust the keyboard repeat rate, which is the rate at which a key repeats when
you hold it down.
See also: StickyKeys; ToggleKeys; MouseKeys

firewall
A combination of hardware and software that provides a security system, usually to
prevent unauthorized access from outside to an internal network or intranet. A firewall
prevents direct communication between network and external computers by routing
communication through a proxy server outside of the network. The proxy server
determines whether it is safe to let a file pass through to the network. A firewall is also
called a security-edge gateway.

folder
A container for programs and files in graphical user interfaces, symbolized on the screen
by a graphical image (icon) of a file folder. A folder is a means of organizing programs and
documents on a disk and can hold both files and additional folders.

font
A graphic design applied to a collection of numbers, symbols, and characters. A font
describes a certain typeface, along with other qualities such as size, spacing, and pitch.
See also: OpenType fonts; PostScript fonts; screen fonts; Type 1 fonts

font cartridge
A plug-in unit available for some printers that contains fonts in several styles and sizes. As
with downloadable fonts, printers using font cartridges can produce characters in sizes and
styles other than those created by the fonts built into it.
See also: downloadable fonts; font

foreground program
The program that runs in the active window (the uppermost window with the highlighted
title bar). The foreground program responds to commands issued by the user.
See also: background program; title bar

foreign computer
A computer that uses another message queuing system but, through a connector
application, can exchange messages with computers that run Message Queuing.
See also: connector application; Message Queuing

forest
A collection of one or more Windows domains that share a common schema,
configuration, and global catalog and are linked with two-way transitive trusts.

See also: domain; domain tree; global catalog; schema; transitive trust; two-way trust

form
The specification of physical characteristics such as paper size (that is, letter or legal) and
printer area margins of paper or other print media. For example, by default, the Letter form
has a paper size of 8.5 inches by 11 inches and does not reserve space for margins.

format
The structure of a file that defines the way it is stored and laid out on the screen or in print.
The format of a file is usually indicated by its extension. For example, .txt after a file name
indicates the file is a text document, and .doc after a file name indicates it is a Word
document.

FORTEZZA
A family of security products, including PCMCIA-based cards, compatible serial port
devices, combination cards (such as FORTEZZA/Modem and FORTEZZA/Ethernet),
server boards, and others. FORTEZZA is a registered trademark held by the National
Security Agency.

fragmentation
The scattering of parts of the same disk file over different areas of the disk. Fragmentation
occurs as files on a disk are deleted and new files are added. It slows disk access and
degrades the overall performance of disk operations, although usually not severely.
See also: defragmentation

frame type
The way in which a network type, such as Ethernet, formats data to be sent over a
network. When multiple frame types are allowed for a particular network type, the packets
are structured differently and are, therefore, incompatible. All computers on a network
must use the same frame type to communicate. Frame type is also called frame format.
See also: packet

free media pool

A logical collection of unused data-storage media that can be used by applications or other
media pools. When media are no longer needed by an application, they are returned to a
free media pool so that they can be used again.
See also: media pool; Removable Storage

free space
Available space that you use to create logical drives within an extended partition.
See also: extended partition; logical drive; unallocated space

front-end processor (FEP)

In communications, a computer that is located between communications lines and a main
(host) computer and used to relieve the host of tasks related to communications;
sometimes considered synonymous with communications controller. A front-end processor
is dedicated entirely to handling transmitted information, including error detection and
control; receipt, transmission, and possibly encoding of messages; and management of
the lines running to and from other devices.

FTP (File Transfer Protocol)

See definition for: File Transfer Protocol (FTP)

full name
A user's complete name, usually consisting of the last name, first name, and middle initial.
The full name is information that Local Users and Groups or Active Directory Users and
Computers can maintain as part of the information identifying and defining a user account.
See also: user account; Active Directory Users and Computers

full zone transfer (AXFR)

The standard query type supported by all DNS servers to update and synchronize zone
data when the zone has been changed. When a DNS query is made using AXFR as the
specified query type, the entire zone is transferred as the response.
See also: DNS Server; zone

full-duplex
A system capable of simultaneously transmitting information in both directions over a
communications channel.
See also: half-duplex; duplex

fully qualified domain name (FQDN)

A DNS domain name that has been stated unambiguously so as to indicate with absolute
certainty its location in the domain namespace tree. Fully qualified domain names differ
from relative names in that they are typically stated with a trailing period (.) - for example,
host.example.microsoft.com. - to qualify their position to the root of the namespace.
See also: namespace; domain name; Domain Name System (DNS)

G
game port
An input/output connector to which you attach a joy stick or other game device to your
computer. It is typically a 15-pin socket on the back of a PC.
See also: serial port

gateway
A device connected to multiple physical TCP/IP networks capable of routing or delivering
IP packets between them. A gateway translates between different transport protocols or
data formats (for example, IPX and IP) and is generally added to a network primarily for its
translation ability.
In the context of interoperating with Novell NetWare networks, a gateway acts as a bridge
between the server message block (SMB) protocol used by Windows networks and the
NetWare core protocol (NCP) used by NetWare networks. A gateway is also called an IP
router.

GDI objects
Objects from the Graphics Device Interface (GDI) library of application programming
interfaces (APIs) for graphics output devices. In Task Manager, the number of GDI objects
currently used by a process.
See also: Task Manager

Generic Service resource

A Windows service that is supported as a cluster resource by a Resource DLL.
See also: Resource DLL

gigabyte (GB)
1,024 megabytes, though often interpreted as approximately one billion bytes.

global account
In an Active Directory network, a normal user account in a user's domain. Most user
accounts are global accounts. If there are multiple domains in the network, it is best if each
user in the network has only one user account in only one domain, and each user's access
to other domains is accomplished through the establishment of domain trust relationships.
See also: Active Directory; domain

global catalog
A domain controller that contains a partial replica of every domain in Active Directory. In
other words, a global catalog holds a replica of every object in Active Directory, but with a
limited number of each object's attributes. The global catalog stores those attributes most
frequently used in search operations (such as a user's first and last names) and those
attributes required to locate a full replica of the object.
The Active Directory replication system builds the global catalog automatically. The
attributes replicated into the global catalog include a base set defined by Microsoft.
Administrators can specify additional properties to meet the needs of their installation.
See also: Active Directory; attribute; domain controller; replication

global group
A security or distribution group that can have users, groups, and computers from its own
domain as members. Global security groups can be granted rights and permissions on

resources in any domain in the forest. Global groups cannot be created or maintained on
computers running Windows XP Professional. However, for Windows XP Professional
computers that participate in a domain, domain global groups can be granted rights and
permissions at those workstations and can become members of local groups at those
workstations.
See also: permission; group; local group; user account

glue chasing
The follow-up queries or successive lookups that are made to resolve glue records in a
zone to other remote DNS servers that are authoritative for a derivative zone. When glue
chasing is performed, name server (NS) resource records for delegated DNS servers are
chased, or followed, by using successive queries to resolve the servers named in NS
records to their host address (A) resource records and to obtain server IP addresses.
See also: A (address) resource record; delegation; DNS Server; glue record; name server
(NS) resource record; zone

glue record
A resource record for out-of-zone information used to provide helpful pointer information
for locating DNS servers that have been delegated authority for specific subdomains
derived from a zone's domain of origin. These records are used to glue zones together and
provide an effective delegation and referral path for other DNS servers to follow when
performing a recursive lookup to fully resolve a name.
See also: delegation; DNS Server; domain of origin; glue chasing; resource record (RR);
zone

graphics mode
A display mode in which lines and characters on the screen are drawn pixel by pixel.
Graphics mode displays images by grouping individual dots into shapes, such as the
arrowhead of a mouse pointer. It can also preview character formatting, such as boldface
and italics, as it will appear in print.

group
A collection of users, computers, contacts, and other groups. Groups can be used as
security or as e-mail distribution collections. Distribution groups are used only for e-mail.
Security groups are used both to grant access to resources and as e-mail distribution lists.
See also: domain; global group; local group

group account
A collection of user accounts. By making a user account a member of a group, you give
the related user all the rights and permissions granted to the group.
See also: group; user account

group memberships
The groups to which a user account belongs. Permissions and rights granted to a group
are also provided to its members. In most cases, the actions a user can perform in

Windows are determined by the group memberships of the user account to which the user
is logged on.
See also: group; user account

group name
A unique name identifying a local group or a global group to Windows. A group's name
cannot be identical to any other group name or user name in its own domain or computer.
See also: global group; local group

Group Policy
The Microsoft Management Console (MMC) snap-in that is used to edit Group Policy
objects.
See also: Group Policy object; Microsoft Management Console (MMC); policy; snap-in

Group Policy object

A collection of Group Policy settings. Group Policy objects are essentially the documents
created by the Group Policy snap-in, a Windows utility. Group Policy objects are stored at
the domain level, and they affect users and computers contained in sites, domains, and
organizational units. In addition, each Windows computer has exactly one group of
settings stored locally, called the local Group Policy object.
See also: Group Policy; object; policy

guest account
A built-in account used to log on to a computer running Windows when a user does not
have an account on the computer or domain, or in any of the domains trusted by the
computer's domain.
See also: domain

GUID partition table (GPT)

A disk-partitioning scheme that is used by the Extensible Firmware Interface (EFI) in
Itanium-based computers. GPT offers more advantages than master boot record (MBR)
partitioning because it allows up to 128 partitions per disk, provides support for volumes up
to 18 exabytes in size, allows primary and backup partition tables for redundancy, and
supports unique disk and partition IDs (GUIDs).
See also: Itanium; Extensible Firmware Interface (EFI); master boot record (MBR)

H
half-duplex
A system capable of transmitting information in only one direction at a time over a
communications channel.
See also: duplex; full-duplex

handle
In the user interface, an interface added to an object that facilitates moving, sizing,
reshaping, or other functions pertaining to an object. In programming, a pointer to a
pointer, that is, a token that lets a program access an identified resource.

handle count
In Task Manager, the number of object handles in a process's object table.
See also: Task Manager

handshaking
A series of signals acknowledging that communication can take place between computers
or other devices. A hardware handshake is an exchange of signals over specific wires
(other than the data wires), in which each device indicates its readiness to send or receive
data. A software handshake consists of signals transmitted over the same wires used to
transfer data, as in modem-to-modem communications over telephone lines.

handwriting input device

A tool, such as a digital pen and tablet, used to enter text by writing instead of typing.
Along with writing tablets, you can use 3-D drawing or Computer Aided Drafting (CAD)
tablets, or a tablet-PC. You can also write by moving your mouse on the mouse pad.

handwriting recognition
The ability to interpret handwritten text and convert it into computer-readable text.
Handwriting recognition programs allow you to enter text using a pen stylus or other
handwriting input device, rather than a keyboard.

hard disk
A device, also called hard disk drive, that contains one or more inflexible platters coated
with material in which data can be recorded magnetically with read/write heads. The hard
disk exists in a sealed case that protects it and allows the head to fly 10 millionths to 25
millionths of an inch above the surface of a platter. Data can both be stored and accessed
much more quickly than on a floppy disk.

hardware
The physical components of a computer system, including any peripheral equipment such
as printers, modems, and mouse devices.

hardware compression
A feature available on some tape devices that automatically compresses the data that is
being stored on the device. This is usually an option that is turned on or off in a backup
program.

hardware configuration
Resource settings that have been allocated for a specific device. Each device on your

computer has a hardware configuration, which may consist of IRQ lines, DMA, an I/O port,
or memory address settings.
See also: device; direct memory access (DMA); input/output (I/O) port; interrupt request
(IRQ) lines; memory address

hardware decoder
A type of digital video disc (DVD) decoder that allows a DVD drive to display movies on
your computer screen. A hardware decoder uses both software and hardware to display
movies.
See also: DVD decoder; DVD drive; software decoder

hardware profile
Data that describes the configuration and characteristics of specific computer equipment.
This information can be used to configure computers for using peripheral devices.
See also: device

hardware type
A classification for similar devices. For example, Imaging Device is a hardware type for
digital cameras and scanners.
See also: device

hash
A fixed-size result that is obtained by applying a one-way mathematical function
(sometimes called a hash algorithm) to an arbitrary amount of data. If there is a change in
the input data, the hash changes. The hash can be used in many operations, including
authentication and digital signing. A hash is also called a message digest.
See also: authentication; hash algorithm

hash algorithm
An algorithm used to produce a hash value of some piece of data, such as a message or
session key. A good hash algorithm has a quality where changes in the input data can
change every bit in the resulting hash value; for this reason, hashes are useful in detecting
any modification in a large data object, such as a message. Furthermore, a good hash
algorithm makes it computationally infeasible to construct two independent inputs that
have the same hash. Typical hash algorithms include MD2, MD4, MD5, and SHA-1. Hash
algorithm is also called a hash function.
See also: Hash-based Message Authentication Mode (HMAC); MD2; MD4; MD5; message
digest; Secure Hash Algorithm (SHA-1)

Hash-based Message Authentication Mode (HMAC)

A mechanism for message authentication using cryptographic hash functions. HMAC can
be used with any iterative cryptographic hash function (for example, MD5 and SHA-1) in
combination with a secret shared key. The cryptographic strength of HMAC depends on
the properties of the underlying hash function.

See also: hash algorithm; MD5; Secure Hash Algorithm (SHA-1)

hexadecimal
A base-16 number system represented by the digits 0 through 9 and the uppercase or
lowercase letters A (equivalent to decimal 10) through F (equivalent to decimal 15).

hibernation
A state in which your computer shuts down after saving everything in memory on your hard
disk. When you bring your computer out of hibernation, all programs and documents that
were open are restored to your desktop.
See also: standby

High Contrast
A display feature that instructs programs to change the color scheme to a high-contrast
scheme and to increase legibility whenever possible.

histogram
A chart consisting of horizontal or vertical bars, the widths or heights of which represent
the values of certain data.

hive
A section of the registry that appears as a file on your hard disk. The registry subtree is
divided into hives (named for their resemblance to the cellular structure of a beehive). A
hive is a discrete body of keys, subkeys, and values that is rooted at the top of the registry
hierarchy. A hive is backed by a single file and a .log file, which are in the
systemroot\System32\Config or the systemroot\Profiles\username folders.
By default, most hive files (Default, SAM, Security, and System) are stored in the
systemroot\System32\Config folder. The systemroot\Profiles folder contains the user
profile for each user of the computer. Because a hive is a file, it can be moved from one
system to another. However, you must use the Registry Editor to edit the file.
See also: registry; key; systemroot

home folder
A folder (usually on a file server) that administrators can assign to individual users or
groups. Administrators use home folders to consolidate user files onto specific file servers
for easy backup. Home folders are used by some programs as the default folder for the
Open and Save As dialog boxes. Home folders are sometimes referred to as home
directories.
See also: administrator; group

host
A Windows computer that runs a server program or service used by network or remote
clients. For Network Load Balancing, a cluster consists of multiple hosts connected over a
local area network (LAN).

See also: client; cluster; local area network (LAN); server; service

host name
The DNS name of a device on a network. These names are used to locate computers on
the network. To find another computer, its host name must either appear in the Hosts file or
be known by a DNS server. For most Windows computers, the host name and the
computer name are the same.
See also: DNS Server; Domain Name System (DNS)

host priority
For Network Load Balancing, a host's precedence for handling default network traffic for
TCP and UDP ports. It is used if a host within the cluster goes offline, and it determines
which host within the cluster will assume responsibility for the traffic previously handled by
the offline host.
See also: cluster; host; User Datagram Protocol (UDP)

Hosts file
A local text file in the same format as the 4.3 Berkeley Software Distribution (BSD) UNIX
/etc/hosts file. This file maps host names to IP addresses, and it is stored in the \
%Systemroot%\System32\Drivers\Etc folder.
See also: systemroot

hot docking
The process of attaching a laptop computer to a docking station while the computer is
running, and automatically activating the docking station's video display and other
functions.
See also: dock; docking station; undock

HTTP
See definition for: Hypertext Transfer Protocol (HTTP)

hub
A common connection point for devices in a network. Typically used to connect segments
of a local area network (LAN), a hub contains multiple ports. When data arrives at one
port, it is copied to the other ports so that all segments of the LAN can see the data.
See also: local area network (LAN); port; switching hub

hubbed mode
A mode in which the ARP/MARS provides ATM addresses to requesting clients in the form
of a multicast server (MCS) list value. In this mode, the ARP/MARS acts as a multicast
server, providing active forwarding of all multicast and broadcast traffic destined for IP
addresses contained within the ranges specified in the list.
See also: Address Resolution Protocol (ARP); Asynchronous Transfer Mode (ATM);

multicast address resolution service (MARS); multicast server (MCS); nonhubbed mode;
IP address

hue
The position of a color along the color spectrum. For example, green is between yellow
and blue. This attribute can be set using Display in Control Panel.
See also: saturation

hyperlink
Colored and underlined text or a graphic that you click to go to a file, a location in a file, an
HTML page on the World Wide Web, or an HTML page on an intranet. Hyperlinks can also
go to newsgroups and to Gopher, Telnet, and FTP sites.
In Windows folders, hyperlinks are text links that appear in the folder's left pane. You can
click these links to perform tasks, such as moving or copying a file, or to go to other places
on your computer, such as the My Documents folder or Control Panel.

Hypertext Markup Language (HTML)

A simple markup language used to create hypertext documents that are portable from one
platform to another. HTML files are simple ASCII text files with codes embedded (indicated
by markup tags) to denote formatting and hypertext links.
See also: American Standard Code for Information Interchange (ASCII)

Hypertext Transfer Protocol (HTTP)

The protocol used to transfer information on the World Wide Web. An HTTP address (one
kind of Uniform Resource Locator [URL]) takes the form: http://www.microsoft.com.

I
icon
A small image displayed on the screen to represent an object that can be manipulated by
the user. Icons serve as visual mnemonics and allow the user to control certain computer
actions without having to remember commands or type them at the keyboard.

IEEE 1394
A standard for high-speed serial devices such as digital video and digital audio editing
equipment.
See also: device

IEEE 1394 connector

A type of connector that enables you to connect and disconnect high-speed serial devices.
An IEEE 1394 connector is usually on the back of your computer near the serial port or the
parallel port.

If a device is IEEE 1394 compatible, you can connect the device to the IEEE 1394
connector while the computer is running and Windows will detect the device and inform
you when it is ready for use. Similarly, you can unplug the device while the computer is
running, but you should use the Add Hardware Wizard to inform Windows that you are
unplugging the device. Windows will then inform you when the device can be unplugged
from the computer.
The IEEE 1394 bus is used primarily to connect high-end digital video and digital audio
devices to your computer; however, some hard disks, printers, scanners, and DVD drives
can also be connected to your computer using the IEEE 1394 connector.

IIS Server Instance resource

A server-instance designation used with Internet Information Services (IIS) that supports
the WWW and FTP services. IIS server instances are supported as cluster resources by a
Resource DLL. IIS Server Instance resources may have dependencies on IP Address
resources, Network Name resources, and Physical Disk resources. Access information for
server instances does not fail over.
See also: dependency; failover; Resource DLL

Image Name
The name of a process as displayed in Task Manager.
See also: Task Manager

import media pool

A logical collection of data-storage media that has not been cataloged by Removable
Storage. Media in an import media pool should be cataloged as soon as possible so that
they can be used by an application.
See also: media pool; Removable Storage

in-addr.arpa domain
A special top-level DNS domain reserved for reverse mapping of IP addresses to DNS
host names.
See also: Domain Name System (DNS); reverse lookup; top-level domains

incremental backup
A backup that copies only those files created or changed since the last normal or
incremental backup. It marks files as having been backed up (in other words, the archive
attribute is cleared). If you use a combination of normal and incremental backups to
restore your data, you will need to have the last normal backup and all incremental backup
sets.
See also: copy backup; daily backup; differential backup; normal backup

incremental zone transfer (IXFR)

An alternate query type that can be used by some DNS servers to update and synchronize
zone data when a zone is changed. When incremental zone transfer is supported between

DNS servers, servers can keep track of and transfer only those incremental resource
record changes between each version of the zone.
See also: DNS Server; secondary master; zone; zone transfer

independent client
A computer with Message Queuing installed that can host queues and store messages
locally. Independent clients do not require synchronous access to a Message Queuing
server to send and receive messages, but they can use Message Queuing servers with
routing enabled for efficient message routing.
See also: dependent client; Message Queuing server; routing services

infrared (IR)
Light that is beyond red in the color spectrum. While the light is not visible to the human
eye, infrared transmitters and receivers can send and receive infrared signals.
See also: Infrared Data Association (IrDA); infrared device; infrared port

Infrared Data Association (IrDA)

The industry organization of computer, component, and telecommunications vendors who
establish the standards for infrared communication between computers and peripheral
devices, such as printers.
See also: infrared (IR)

infrared device
A computer, or a computer peripheral such as a printer, that can communicate using
infrared light.
See also: infrared (IR)

infrared file transfer

Wireless file transfer between a computer and another computer or device using infrared
light.
See also: infrared (IR)

infrared network connection

A direct or incoming network connection to a remote access server using an infrared port.
See also: infrared port

infrared port
An optical port on a computer that enables communication with other computers or
devices by using infrared light, without cables. Infrared ports can be found on some
portable computers, printers, and cameras.
See also: infrared (IR); infrared device; port

infrastructure master
The domain controller assigned to update group-to-user references whenever group
memberships are changed, and to replicate these changes to any other domain controllers
in the domain. At any time, there can be only one infrastructure master in a particular
domain.
See also: domain controller; multimaster replication; operations master

inheritance
A mechanism that allows a given access control entry (ACE) to be copied from the
container where it was applied to all children of the container. Inheritance can be combined
with delegation to grant administrative rights to a whole subtree of the directory in a single
update operation.
See also: access control entry (ACE); delegation

inherited permissions
Permissions on an object that are automatically inherited from its parent object. Inherited
permissions cannot be modified.
See also: permission; object; parent object

Initial master
A shared folder whose existing files and folders are replicated to other shared folders when
replication is initially configured. After replication is complete, there is no initial master,
since any of the replicas can accept changes and propagate them to the other replicas.
The initial master then becomes another replica.
See also: shared folder; replica; replication

initialize
In Disk Management, the process of detecting a disk or volume and assigning it a status
(for example, healthy) and a type (for example, dynamic).
See also: basic disk; basic volume; dynamic disk; dynamic volume

Initiate to Application Enable

When checked, new connections to the DDE share are allowed. When cleared, only
current DDE conversations are allowed.

Ink
An option that allows you to enter text in handwritten form. Instead of converting your
handwritten text to typed text, the text is converted to an object and displayed exactly as
you wrote it. For example:

input language
The specification of the language you want to type in. Some programs that are designed

for Windows recognize this setting. When you add a new input language, a keyboard
layout for that language is also added.

Input Method Editor (IME)

Programs used to enter the thousands of different characters in written Asian languages
with a standard 101-key keyboard. An IME consists of both an engine that converts
keystrokes into phonetic and ideographic characters and a dictionary of commonly used
ideographic words. As the user enters keystrokes, the IME engine attempts to identify
which character or characters the keystrokes should be converted into.

input/output (I/O) port

A channel through which data is transferred between a device and the microprocessor.
The port appears to the microprocessor as one or more memory addresses that it can use
to send or receive data.
See also: device; memory address; port

insertion point
The place where text will be inserted when typed. The insertion point usually appears as a
flashing vertical bar in an application's window or in a dialog box.

install
When referring to software, to add program files and folders to your hard disk and related
data to your registry so that the software runs properly. Installing contrasts with upgrading,
where existing program files, folders, and registry entries are updated to a more recent
version.
When referring to hardware, to physically connect the device to your computer, to load
device drivers onto your computer, and to configure device properties and settings.
See also: device driver; registry; uninstall

integrated device electronics (IDE)

A type of disk-drive interface in which the controller electronics reside on the drive itself,
eliminating the need for a separate adapter card. IDE offers advantages such as lookahead caching to increase overall performance.

Integrated Services Digital Network (ISDN)

A digital phone line used to provide higher bandwidth. ISDN in North America is typically
available in two forms: Basic Rate Interface (BRI) consists of 2 B-channels at 64 kilobits
per second (Kbps) and a D-channel at 16 Kbps; Primary Rate Interface (PRI) consists of
23 B-channels at 64 Kbps and a D-channel at 64 Kbps. An ISDN line must be installed by
the phone company at both the calling site and the called site.
See also: B-channel; D-channel; multilink dialing; Service Profile Identifier (SPID); switch
type

interactive dialog box

A dialog box that requires a response from the user. Intermediary devices such as a
security host require such a dialog box as an added layer of security between the client
and the remote access server. In such dialog boxes, the user types an access code or a
user name and password on the remote access terminal screen.
See also: dialog box; intermediary device; remote access server; static dialog box

interactive logon
A network logon from a computer keyboard, when the user types information in the Logon
Information dialog box displayed by the computer's operating system.

interconnect
A private network that connects nodes in a cluster.
See also: cluster

intermediary device
A device other than a modem or X.25 PAD, located between a network connection and the
remote access server. This device is typically a modem-pool switch or security host and
requires either a static or interactive dialog box between the client and itself.
See also: remote access server; static dialog box; interactive dialog box; PAD (packet
assembler/disassembler)

internal network number

A 4-byte hexadecimal number used for addressing and routing purposes. The internal
network number identifies a virtual network inside a computer. The internal network
number must be unique to the IPX internetwork. Internal network number is also called
virtual network number.
See also: external network number; Internetwork Packet Exchange (IPX)

international prefix
Digits dialed before the country code to access the international phone service. The actual
digits depend on the country or region in which you are dialing an international number.
For example, in the United States of America, the prefix for international dialing is 011. To
dial from the United States of America to Honduras, which has the country code 504, you
would dial: (011) (504) (000) 000-0000

International Telecommunication Union - Telecommunication

[Standardization Sector] (ITU-T)
The sector of the International Telecommunication Union (ITU) responsible for
telecommunication standards. ITU-T replaces the Comite Consultatif International
Telegraphique et Telephonique (CCITT). Its responsibilities include standardizing modem
design and operations, and standardizing protocols for networks and facsimile
transmission. ITU is an international organization within which governments and the
private sector coordinate global telecom networks and services.

internet
internet. Two or more network segments connected by routers. Another term for
internetwork.
Internet. A worldwide network of computers. If you have access to the Internet, you can
retrieve information from millions of sources, including schools, governments, businesses,
and individuals.
See also: World Wide Web

Internet address
An address for a resource on the Internet that is used by Web browsers to locate Internet
resources. An Internet address typically starts with a protocol name, followed by the name
of the organization that maintains the site; the suffix identifies the kind of organization it is.
For example, the address http://www.yale.edu/ provides the following information:
http: This Web server uses the Hypertext Transfer Protocol.
www: This site is on the World Wide Web.
edu: This is an educational institution.
Internet address is also called Uniform Resource Locator (URL).
See also: Web server; protocol

Internet Control Message Protocol (ICMP)

A required maintenance protocol in the TCP/IP suite that reports errors and allows simple
connectivity. ICMP is used by the Ping tool to perform TCP/IP troubleshooting.
See also: Internet Protocol (IP); protocol; Transmission Control Protocol/Internet Protocol
(TCP/IP)

Internet Engineering Task Force (IETF)

An open community of network designers, operators, vendors, and researchers concerned
with the evolution of Internet architecture and the smooth operation of the Internet.
Technical work is performed by working groups organized by topic areas (such as routing,
transport, and security) and through mailing lists. Internet standards are developed in IETF
Requests for Comments (RFCs), which are a series of notes that discuss many aspects of
computing and computer communication, focusing on networking protocols, programs, and
concepts.
See also: subnet bandwidth management (SBM); Session Description Protocol (SDP)

Internet Group Management Protocol (IGMP)

A protocol used by IP hosts to report their multicast group memberships to any
immediately neighboring multicast routers.
See also: Internet Protocol multicasting; protocol

Internet Information Services (IIS)

Software services that support Web site creation, configuration, and management, along
with other Internet functions. Internet Information Services include Network News Transfer

Protocol (NNTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
See also: Simple Mail Transfer Protocol (SMTP); File Transfer Protocol (FTP); Network
News Transfer Protocol (NNTP)

Internet Protocol (IP)

A routable protocol in the TCP/IP protocol suite that is responsible for IP addressing,
routing, and the fragmentation and reassembly of IP packets.
See also: Compression Control Protocol (CCP); packet; Transmission Control
Protocol/Internet Protocol (TCP/IP); voluntary tunnel

Internet Protocol multicasting

The extension of local area network multicasting technology to a TCP/IP network. Hosts
send and receive multicast datagrams, the destination fields of which specify IP host group
addresses rather than individual IP addresses. A host indicates that it is a member of a
group by means of the Internet Group Management Protocol (IGMP).
See also: Internet Group Management Protocol (IGMP); Transmission Control
Protocol/Internet Protocol (TCP/IP)

Internet Protocol security (IPSec)

A set of industry-standard, cryptography-based protection services and protocols. IPSec
protects all protocols in the TCP/IP protocol suite and Internet communications using
L2TP.

Internet service provider (ISP)

A company that provides individuals or companies access to the Internet and the World
Wide Web. An ISP provides a telephone number, a user name, a password, and other
connection information so users can connect their computers to the ISP's computers. An
ISP typically charges a monthly or hourly connection fee.
See also: Web server

Internetwork Packet Exchange (IPX)

A network protocol native to NetWare that controls addressing and routing of packets
within and between LANs. IPX does not guarantee that a message will be complete (no
lost packets).
See also: Compression Control Protocol (CCP); IPX/SPX; local area network (LAN);
Routing Information Protocol over IPX (RIPX)

interrupt
A request for attention from the processor. When the processor receives an interrupt, it
suspends its current operations, saves the status of its work, and transfers control to a
special routine known as an interrupt handler, which contains the instructions for dealing
with the particular situation that caused the interrupt.

interrupt request (IRQ) lines

Hardware lines over which devices can send signals to get the attention of the processor
when the device is ready to accept or send information. Each device must have a unique
IRQ line.
See also: device

intersite messaging service (ISM)

A service that supports transports for asynchronous, site-to-site messaging. Each transport
serves two major roles: send/receive and topology queries (such as, what are the various
sites connected by this transport, and at what cost?). The intersite messaging services
shipped in Windows are RPC and SMTP (mail).
See also: remote procedure call (RPC); service; Simple Mail Transfer Protocol (SMTP)

intranet
A network within an organization that uses Internet technologies and protocols, but is
available only to certain people, such as employees of a company. An intranet is also
called a private network.

IP address
A 32-bit address used to identify a node on an IP internetwork. Each node on the IP
internetwork must be assigned a unique IP address, which is made up of the network ID,
plus a unique host ID. This address is typically represented with the decimal value of each
octet separated by a period (for example, 192.168.7.27). In this version of Windows, you
can configure the IP address statically or dynamically through DHCP.
See also: Dynamic Host Configuration Protocol (DHCP); IP Address resource; scope

IP Address resource
A 32-bit number in dotted decimal format that represents an Internet Protocol (IP) address
and is supported as a cluster resource by a Resource DLL provided with Windows.
See also: IP address; Resource DLL

IPX/SPX
Transport protocols used in Novell NetWare networks, which together correspond to the
combination of TCP and IP in the TCP/IP protocol suite. Windows implements IPX through
NWLink.
See also: NWLink; Transmission Control Protocol/Internet Protocol (TCP/IP); Internetwork
Packet Exchange (IPX)

ISA expansion slot

A connection socket for a peripheral designed to the Industry Standard Architecture (ISA)
on a computer motherboard.

ISDN (Integrated Services Digital Network)

A high-speed digital telephone service that can dramatically increase the speed at which
you connect to the Internet or to your corporate LAN (local area network). ISDN can
operate at 128 kilobytes per second (Kbps), which is five or more times faster than many
analog modems.

ISP (Internet service provider)

See definition for: Internet service provider (ISP)

Itanium
An Intel microprocessor that uses explicitly parallel instruction set computing and 64-bit
memory addressing.

J
job object
A system-level structure that allows processes to be grouped together and managed as a
single unit.
See also: process

journal queue
For Message Queuing, a queue where journal messages are stored.
See also: journal quota; Message Queuing; source journaling; target journaling

journal quota
For Message Queuing, a property that specifies the cumulative limit for journal messages
in a journal queue. The limit is based on cumulative journal message size. When a journal
queue's quota is reached, messages are no longer stored.
See also: journal queue; Message Queuing

junction point
A physical location on a hard disk that points to data located at another location on your
hard disk or another storage device. Junction points are created when you create a
mounted drive. You can also create a junction point using the linkd command.
See also: mounted drive

K
KerberosV5 authentication protocol

An authentication mechanism used to verify user or host identity. The Kerberos V5

authentication protocol is the default authentication service for Windows 2000. Internet

Protocol security (IPSec) and the QoS Admission Control Service use the Kerberos
protocol for authentication.
See also: Key Distribution Center (KDC); realm; service ticket; ticket-granting service
(TGS); ticket-granting ticket (TGT)

kernel
The core of layered architecture that manages the most basic operations of the operating
system and the computer's processor. The kernel schedules different blocks of executing
code, called threads, for the processor to keep it as busy as possible and coordinates
multiple processors to optimize performance. The kernel also synchronizes activities
among Executive-level subcomponents, such as I/O Manager and Process Manager, and
handles hardware exceptions and other hardware-dependent functions. The kernel works
closely with the hardware abstraction layer.

key
In Registry Editor, a folder that appears in the left pane of the Registry Editor window. A
key can contain subkeys and value entries. For example, Environment is a key of
HKEY_CURRENT_USER.
In IP security (IPSec), a value used in combination with an algorithm to encrypt or decrypt
data. Key settings for IP security are configurable to provide greater security.
See also: registry; subkey

Key Distribution Center (KDC)

A network service that supplies session tickets and temporary session keys used in the
Kerberos V5 authentication protocol. In Windows 2000 and Windows XP, the KDC runs as
a privileged process on all domain controllers.
See also: ticket-granting ticket (TGT); KerberosV5 authentication protocol; ticketgranting service (TGS)

keyboard language
The language you want to use when you type. Some programs that are designed for the
Windows platform recognize this setting. When you add a new keyboard language, a
keyboard layout for that language is also added.

keyboard layout
The arrangement that accommodates the special characters and symbols used in different
languages. Keyboard layouts affect which characters appear when you press the keys on
your keyboard. After you change your keyboard layout, the characters that appear on your
screen may no longer correspond to the characters that are printed on your keyboard
keys.

L
L2TP (Layer 2 Tunneling Protocol)
An industry-standard Internet tunneling protocol. Unlike Point-to-Point Tunneling Protocol
(PPTP), L2TP does not require IP connectivity between the client workstation and the
server. L2TP requires only that the tunnel medium provide packet-oriented point-to-point
connectivity. The protocol can be used over media such as ATM, Frame Relay, and X.25.
L2TP provides the same functionality as PPTP. Based on Layer 2 Forwarding (L2F) and
PPTP specifications, L2TP allows clients to set up tunnels across intervening networks.
See also: Asynchronous Transfer Mode (ATM); Internet Protocol (IP); Point-to-Point
Tunneling Protocol (PPTP); tunnel

label
Each part of a full DNS domain name that represents a node in the domain namespace
tree. Domain names are made up of a sequence of labels, such as the three labels
(example, microsoft, and com) that make up the DNS domain name
example.microsoft.com. Each label used in a DNS name must be 63 bytes or less in
character length.
See also: domain name; Domain Name System (DNS)

LAN emulation (LANE)

A set of protocols that allow existing Ethernet and Token Ring LAN services to overlie an
ATM network. LANE allows connectivity among LAN- and ATM-attached stations.
See also: Asynchronous Transfer Mode (ATM); local area network (LAN); protocol

LAN emulation client (LEC)

The client on an ELAN that performs data forwarding, address resolution, and other control
functions. The LEC resides on end stations in an ELAN.
See also: client; emulated local area network (ELAN); LAN emulation (LANE)

LAN emulation configuration server

The service that assigns individual local area network emulation (LANE) clients to
particular emulated local area networks (ELANs) by directing them to the LAN emulation
server (LES).
See also: emulated local area network (ELAN); LAN emulation (LANE); LAN emulation
server (LES); service

LAN emulation server (LES)

The central control point for an emulated local area network (ELAN). Enables LAN
emulation clients to join the ELAN and resolves LAN addresses to ATM addresses.
See also: Asynchronous Transfer Mode (ATM); emulated local area network (ELAN); LAN
emulation (LANE)

latency
In Active Directory replication, the delay between the time an update is applied to a given
replica and the time it is applied to some other replica. Latency is sometimes referred to as
propagation delay.
See also: replication; Active Directory; replica

LCD (Liquid Crystal Display)

See definition for: liquid crystal display (LCD)

LDAP Data Interchange Format (LDIF)

Files that contain LDAP instructions that manipulate directory information. Before the
LDAP commands in an LDIF file are carried out, they can be read or modified, providing
an opportunity for fine-tuning.
See also: Lightweight Directory Access Protocol (LDAP)

lease
The length of time for which a DHCP client can use a dynamically assigned IP address
configuration. Before the lease time expires, the client must either renew or obtain a new
lease with DHCP.
See also: Dynamic Host Configuration Protocol (DHCP); IP address

library
A data-storage system, usually managed by Removable Storage. A library consists of
removable media (such as tapes or discs) and a hardware device that can read from or
write to the media. There are two major types of libraries: robotic libraries (automated
multiple-media, multidrive devices) and stand-alone drive libraries (manually operated,
single-drive devices). A robotic library is also called a jukebox or changer.
See also: Removable Storage

Lightweight Directory Access Protocol (LDAP)

The primary access protocol for Active Directory. Lightweight Directory Access Protocol
(LDAP) version 3 is defined by a set of Proposed Standard documents in Internet
Engineering Task Force (IETF) RFC 2251.
See also: Active Directory; Internet Engineering Task Force (IETF); protocol

Line Printer Daemon (LPD)

A service on the print server that receives documents (print jobs) from Line Printer Remote
(LPR) utilities running on client systems.
See also: Line Printer Remote (LPR); print job; print server; service

Line Printer Remote (LPR)

A connectivity utility that runs on client systems and is used to print files to a computer
running an LPD server.

See also: Line Printer Daemon (LPD)

Link Control Protocol (LCP)

A PPP control protocol that negotiates link and PPP parameters to dynamically configure
the data-link layer of a PPP connection.

linked object
An object that is inserted into a document but still exists in the source file. When
information is linked, the new document is updated automatically if the information in the
original document changes. If you want to edit the linked information, double-click it. The
toolbars and menus from the original program will appear. If the original document is on
your computer, changes that you make to the linked information will also appear in the
original document.
See also: embedded object; OLE; package; source document

liquid crystal display (LCD)

A type of display used in digital watches and many portable computers. LCD displays
utilize two sheets of polarizing material with a liquid crystal solution between them. An
electric current passed through the liquid causes the crystals to align so that light cannot
pass through them. Each crystal, therefore, is like a shutter, either allowing light to pass
through or blocking the light.

Lmhosts file
A local text file that maps NetBIOS names (commonly used for computer names) to IP
addresses for hosts that are not located on the local subnet. In this version of Windows,
the file is stored in the systemroot\System32\Drivers\Etc folder.
See also: systemroot; IP address

load balancing
A technique used by Windows Clustering to scale the performance of a server-based
program (such as a Web server) by distributing its client requests across multiple servers
within the cluster. Each host can specify the load percentage that it will handle, or the load
can be equally distributed across all the hosts. If a host fails, Windows Clustering
dynamically redistributes the load among the remaining hosts.
See also: cluster; host

local area network (LAN)

A communications network connecting a group of computers, printers, and other devices
located within a relatively limited area (for example, a building). A LAN allows any
connected device to interact with any other on the network.
See also: NetBIOS Extended User Interface (NetBEUI); network basic input/output system
(NetBIOS); virtual local area network (VLAN); workgroup

local computer
The computer that you are currently logged on to as a user. More generally, a local
computer is a computer that you can access directly without using a communications line
or a communications device, such as a network adapter or a modem.

local group
For computers running Windows and member servers, a group that can be granted
permissions and rights from its own computer and (if the computer participates in a
domain) user accounts and global groups both from its own domain and from trusted
domains.
See also: global group; user account

local printer
A printer that is directly connected to one of the ports on your computer.

local user
A person who uses a computer that is not connected to a network. A local user is most
likely someone using a computer at home.

local user profile

A computer-based record about an authorized user that is created automatically on the
computer the first time a user logs on to a workstation or server computer.

log file
A file that stores messages generated by an application, service, or operating system.
These messages are used to track the operations performed. For example, Web servers
maintain log files listing every request made to the server. Log files are usually plain text
(ASCII) files and often have a .log extension.
In Backup, a file that contains a record of the date the tapes were created and the names
of files and directories successfully backed up and restored. The Performance Logs and
Alerts service also creates log files.
See also: American Standard Code for Information Interchange (ASCII); service

log on
To begin using a network by providing a user name and password that identifies a user to
the network.

logical drive
A volume that you create within an extended partition on a basic master boot record (MBR)
disk. Logical drives are similar to primary partitions, except that you are limited to four
primary partitions per disk, whereas you can create an unlimited number of logical drives
per disk. A logical drive can be formatted and assigned a drive letter.
See also: basic disk; basic volume; drive letter; extended partition; master boot record
(MBR); primary partition; volume

logical printer
The software interface between the operating system and the printer in Windows. While a
printer is the device that does the actual printing, a logical printer is its software interface
on the print server. This software interface determines how a print job is processed and
how it is routed to its destination (to a local or network port, to a file, or to a remote print
share). When you print a document, it is spooled (or stored) on the logical printer before it
is sent to the printer itself.
See also: printer; spooling

logon right
A user right that is assigned to a user and that specifies the ways in which a user can log
on to a system. An example of a logon right is the right to log on to a system remotely.

logon script
Files that can be assigned to user accounts. Typically a batch file, a logon script runs
automatically every time the user logs on. It can be used to configure a user's working
environment at every logon, and it allows an administrator to influence a user's
environment without managing all aspects of it. A logon script can be assigned to one or
more user accounts.
See also: logon script path; user account

logon script path

A sequence of directory names that specifies the location of the logon script. When a user
logs on, the authenticating computer locates the specified logon script (if one has been
assigned to that user account) by following that computer's local logon script path (usually
systemroot\System32\Repl\Import\Scripts).
See also: logon script; systemroot; user account

long distance operator

Digits dialed before the area or city code to access a long distance phone service. For
example, in the United States of America, you dial a 1 before the area or city code: (1)
(206) 000-0000. The actual digits depend on the country/region or phone service. Area
codes and long distance operators are not used in all countries/regions.

long name
A folder name or file name longer than the 8.3 file name standard (up to eight characters
followed by a period and an extension of up to three characters) of the FAT file system.
This version of Windows supports long file names up to 255 characters.
In a Macintosh environment, users can assign long names to files and folders on the
server and, using AppleTalk network integration, you can assign long names to Macintoshaccessible volumes when you create them. This version of Windows automatically
translates long names of files and folders to 8.3 names for MS-DOS and Windows 3.x
users.
See also: file allocation table (FAT); MS-DOS (Microsoft Disk Operating System)

loopback address
The address of the local computer used for routing outgoing packets back to the source
computer. This address is used primarily for testing.

loose name checking

A form of domain name checking DNS uses that examines characters in DNS names for
valid ANSI character compliance. However, loose name checking does not check for
compliance with DNS naming requirements and valid character usage for Internet host
names, as specified in RFC 1123, Requirements for Internet Hosts - Applications and
Support.
For RFC compliance, DNS domain names will use name labels made up only of valid
uppercase and lowercase letters, number characters, and hyphens (A through Z, a through
z, 0 through 9, and -) separated by periods.
See also: domain name; Domain Name System (DNS); label

luminosity
The brightness of a color based on a scale from black to white on your monitor.

M
Make Changes
The Macintosh-style permission that gives users the right to make changes to a folder's
contents; for example, modifying, renaming, moving, creating, and deleting files. When
AppleTalk network integration translates access privileges into permissions, a user who
has the Make Changes privilege is given Write and Delete permissions.
See also: permission

Management and Monitoring Tools

Software components that include utilities for network management and monitoring, along
with services that support client dialing and the updating of client phone books. Also
included is the Simple Network Management Protocol (SNMP).
See also: Simple Network Management Protocol (SNMP)

Management Information Base (MIB)

A set of objects that represent various types of information about a device, used by Simple
Network Management Protocol (SNMP) to manage the device. Because different network
management services are used for different types of devices and protocols, each service
has its own set of objects.
See also: Simple Network Management Protocol (SNMP); service

management system
A network-enabled host running Simple Network Management Protocol (SNMP)
management software. This software requests information from SNMP agents.

Management system is also called a management console.

mandatory user profile

A user profile that is not updated when the user logs off. It is downloaded to the user's
desktop each time the user logs on, and is created by an administrator and assigned to
one or more users to create consistent or job-specific user profiles. Only members of the
Administrators group can change profiles.
See also: roaming user profile; user profile

map
To translate one value into another. In virtual memory systems, a computer might map a
virtual address into a physical address.

master boot record (MBR)

The first sector on a hard disk, which starts the process of booting the computer. The MBR
contains the partition table for the disk and a small amount of executable code called the
master boot code.
See also: Recovery Console; partition boot sector

master domain
A Windows NT 4.0 domain that is used for managing user and group accounts in a
multidomain network.
See also: domain; group account; user account

Master File Table (MFT)

An NTFS system file on NTFS-formatted volumes that contains information about each file
and folder on the volume. The MFT is the first file on an NTFS volume.
See also: file allocation table (FAT); NTFS file system; volume

master server
An authoritative DNS server for a zone. Master servers can vary and are one of two types
(either primary or secondary masters), depending on how the server obtains its zone data.
See also: DNS Server; primary master; secondary master; zone; zone transfer

maximize
To enlarge a window to its largest size by clicking the Maximize button (at the right of the
title bar), or by pressing ALT+SPACEBAR and then pressing X.
See also: minimize; title bar

MD2
A hash algorithm that creates a 128-bit hash value and was developed by RSA Data
Security, Inc.

See also: hash algorithm

MD4
A hash algorithm that creates a 128-bit hash value and was developed by RSA Data
Security, Inc.
See also: hash algorithm

MD5
An industry-standard one-way, 128-bit hashing scheme, developed by RSA Data Security,
Inc., and used by various Point-to-Point Protocol (PPP) vendors for encrypted
authentication. A hashing scheme is a method for transforming data (for example, a
password) in such a way that the result is unique and cannot be changed back to its
original form. The CHAP authentication protocol uses challenge-response with one-way
MD5 hashing on the response. In this way, you can prove to the server that you know your
password without actually sending the password over the network.
See also: CHAP (Challenge Handshake Authentication Protocol); hash algorithm;
message digest

media
Any fixed or removable objects that store computer data. Examples include hard disks,
floppy disks, tapes, and compact discs.

media pool
A logical collection of removable media that have the same management policies. Media
pools are used by applications to control access to specific tapes or discs within libraries
managed by Removable Storage. There are four media pools: unrecognized, import, free,
and application-specific. Each media pool can only hold either media or other media pools.
See also: free media pool; import media pool; backup media pool; Removable Storage

media sensing
A feature that, when it detects a network cable connection failure, removes the bound
protocols from the failed network adapter until the cable connection is reestablished.
Without these bound protocols, the network interface connected through the failed network
adapter is not available for cluster communication.

mediator
For Process Control, a process used to preserve information when a service stops or
starts.

memory address
A portion of computer memory that can be allocated to a device or used by a program or
the operating system. Devices are usually allocated a range of memory addresses.
See also: device

Memory Usage
In Task Manager, the current working set of a process, in kilobytes. The current working
set is the number of pages currently resident in memory. On the Task Manager
Processes tab, the column heading is Mem Usage.
See also: Task Manager

Memory Usage Delta

In Task Manager, the change in memory, in kilobytes, used since the last update.
See also: Task Manager

message
For Message Queuing, a unit of information sent between computers running Message
Queuing. The message can contain text or binary data as defined by the sending
application. All messages, including status messages, are stored in queues on Message
Queuing computers.
See also: Message Queuing

Message Authentication Code (MAC)

An algorithm that ensures the quality of a block of data.

message digest
See definition for: hash

Message Queuing
A message queuing and routing system for Windows that enables distributed applications
running at different times to communicate across heterogeneous networks and with
computers that may be offline. Message Queuing provides guaranteed message delivery,
efficient routing, security, and priority-based messaging. Message Queuing was formerly
known as MSMQ.
See also: Microsoft Distributed Transaction Coordinator (MS DTC)

Message Queuing server

For Message Queuing (also known as MSMQ), a computer that can provide message
queuing, routing, and directory services to client computers. Message Queuing servers
can be used to:

Provide message routing and session concentration for independent clients.

Provide message routing between sites over routing links.
Create queues and store messages for dependent clients.
Access information in Active Directory (if installed on a Windows domain controller).

See also: Active Directory; dependent client; independent client; routing link; routing
services; session concentration

Messenger service
A service that sends and receives messages sent by administrators or by the Alerter
service.
See also: service; Alerter service; performance alert

metadata
Data about data. For example, the title, subject, author, and size of a file constitute the
file's metadata.

metric
A number used to indicate the cost of a route in the IP routing table that enables the
selection of the best route among possible multiple routes to the same destination.

Microcom Networking Protocol Five (MNP5)

A data-compression standard that allows modems to increase throughput by compressing
data before transmission. Data can be compressed with a ratio of up to 2:1. MNP5
sometimes expands data that has already been compressed, resulting in poorer
performance in those cases. If you have an MNP5 modem, do not turn on modem
compression and software compression at the same time. To turn on MNP5 compression,
you must also turn on MNP4 error control.
See also: Microcom Networking Protocol Four (MNP4)

Microcom Networking Protocol Four (MNP4)

An industry-standard communication protocol that allows modems to automatically
retransmit corrupted data, assuring that only error-free data passes through the modem.
MNP2 and MNP3 standards are included in MNP4.
See also: Microcom Networking Protocol Five (MNP5)

Microsoft Distributed Transaction Coordinator (MS DTC)

A transaction manager that coordinates transactions that span multiple resource
managers, such as Message Queuing and Microsoft SQL Server. MS DTC is automatically
installed when Message Queuing is installed.
See also: Message Queuing; transaction

Microsoft Management Console (MMC)

A framework for hosting administrative tools, called consoles. A console may contain tools,
folders or other containers, World Wide Web pages, and other administrative items. These
items are displayed in the left pane of the console, called a console tree. A console has
one or more windows that can provide views of the console tree.
The main MMC window provides commands and tools for authoring consoles. The
authoring features of MMC and the console tree itself may be hidden when a console is in
User Mode.
See also: snap-in; console tree

Microsoft Point-to-Point Encryption (MPPE)

A 128-bit key or 40-bit key encryption algorithm using RSA RC4. MPPE provides for
packet confidentiality between the remote access client and the remote access or tunnel
server and is useful where IP security (IPSec) is not available. MPPE 40-bit keys are used
to satisfy current North American export restrictions. MPPE is compatible with Network
Address Translation.
See also: remote access server; tunnel server

Microsoft Reserved (MSR) partition

A required partition on every GUID partition table (GPT) disk. System components can
allocate portions of the MSR partition into new partitions for their own use. For example,
when you convert a basic GPT disk to dynamic, the system allocates a portion of the MSR
partition to be used as the Logical Disk Manager (LDM) metadata partition. The MSR
partition varies in size based on the size of the GPT disk. For disks smaller than 16 GB,
the MSR partition is 32 MB. For disks larger than 16 GB, the MSR partition is 128 MB. The
MSR partition is not visible in Disk Management, and you cannot store data on the MSR
partition or delete it.
See also: GUID partition table (GPT); partition

MIDI setup
The setup that specifies the type of MIDI device you are using, the channel and patch
settings needed to play MIDI files, and the port your device is using.
See also: Musical Instrument Digital Interface (MIDI)

minimize
To reduce a window to a button on the taskbar by clicking the Minimize button (at the right
of the title bar), or by pressing ALT+SPACEBAR and then pressing N.
See also: maximize; title bar

minimum TTL
A default Time to Live (TTL) value set in seconds for use with all resource records in a
zone. This value is set in the start of authority (SOA) resource record for each zone. By
default, the DNS server includes this value in query answers to inform recipients how long
it can store and use resource records provided in the query answer before they must
expire the stored records data. When TTL values are set for individual resource records,
those values will override the minimum TTL.
See also: DNS Server; start-of-authority (SOA) resource record; Time to Live (TTL); zone

mirror
One of the two volumes that make up a mirrored volume. Each mirror of a mirrored volume
resides on a different disk. If one mirror becomes unavailable (due to a disk failure, for
example), Windows can use the remaining mirror to gain access to the volume's data.
See also: fault tolerance; mirrored volume; volume

mirror set
A fault-tolerant partition created with Windows NT 4.0 or earlier that duplicates data on two
physical disks. You can only repair, resynchronize, break, or delete mirror sets in Windows
2000. To create new volumes that are mirrored, use mirrored volumes on dynamic disks.
See also: basic disk; dynamic disk; fault tolerance; mirrored volume

mirrored volume
A fault-tolerant volume that duplicates data on two physical disks. A mirrored volume
provides data redundancy by using two identical volumes, which are called mirrors, to
duplicate the information contained on the volume. A mirror is always located on a different
disk. If one of the physical disks fails, the data on the failed disk becomes unavailable, but
the system continues to operate in the mirror on the remaining disk. You can create
mirrored volumes only on dynamic disks.
See also: volume; dynamic disk; dynamic volume; fault tolerance; RAID-5 volume

modem (modulator/demodulator)
A device that allows computer information to be transmitted and received over a telephone
line. The transmitting modem translates digital computer data into analog signals that can
be carried over a phone line. The receiving modem translates the analog signals back to
digital form.
See also: modem compression; null modem cable; port; Telephony API (TAPI); Waiting for
Call

modem compression
A technique used to reduce the number of characters transmitted without losing data
content. The transmitting modem compresses the data and the receiving computer or
modem decompresses the data back to its original state.
See also: modem (modulator/demodulator)

modulation standards
Protocols that determine how modems convert digital data into analog signals that can be
transmitted over telephone lines.
Initially, Bell created modulation standards used in the United States, and the CCITT
created international recommendations. The ITU-T (formerly called the CCITT) now makes
recommendations generally adopted by modem manufacturers both internationally and in
the United States. The ITU-T V series recommendations (such as V.34 and V.90) define
data communication over the telephone network. The suffixes -bis and -ter (for example,
V.32bis) indicate later versions.
See also: International Telecommunication Union - Telecommunication [Standardization
Sector] (ITU-T); V.34; V.90

mount
To place a removable tape or disc into a drive.
See also: dismount; library; mounted drive

mounted drive
A drive attached to an empty folder on an NTFS volume. Mounted drives function the
same as any other drive, but are assigned a label or name instead of a drive letter. The
mounted drive's name is resolved to a full file system path instead of just a drive letter.
Members of the Administrators group can use Disk Management to create mounted drives
or reassign drive letters.
See also: drive; mount; NTFS file system; volume

MouseKeys
A keyboard feature that enables you to use the numeric keypad to move the mouse pointer
and to click, double-click, and drag.
See also: ToggleKeys; FilterKeys; StickyKeys

MS-DOS (Microsoft Disk Operating System)

An operating system used on all personal computers and compatibles. As with other
operating systems, such as OS/2, it translates user keyboard input into operations the
computer can perform. MS-DOS can be easily accessed by using the command prompt,
while MS-DOS-based programs can be accessed through the use of shortcuts on the
desktop.
See also: OS/2; command prompt window; MS-DOS-based program

MS-DOS-based program
A program that is designed to run with MS-DOS and therefore may not be able to take full
advantage of all Windows features.
See also: MS-DOS (Microsoft Disk Operating System); program information file (PIF)

multicast
Network traffic destined for a set of hosts that belong to a multicast group.

Multicast Address Dynamic Client Allocation Protocol (MADCAP)

An extension to the DHCP protocol standard used to support dynamic assignment and
configuration of IP multicast addresses on TCP/IP-based networks.
See also: Dynamic Host Configuration Protocol (DHCP); Transmission Control
Protocol/Internet Protocol (TCP/IP)

multicast address resolution service (MARS)

A service for resolving multicast IP addresses to the ATM addresses of the clients that
have joined that multicast group. The MARS can work in conjunction with the MCS and
clients to distribute multicast data through point-to-multipoint connections.
See also: Asynchronous Transfer Mode (ATM); multicast server (MCS); IP address

multicast scope
A range of multicast group IP addresses in the Class D address range that are available to

be leased or assigned to multicast DHCP clients by DHCP.

See also: address classes; Dynamic Host Configuration Protocol (DHCP); lease

multicast server (MCS)

A service that manages zero or more multicast groups and distributes multicast data sent
to it by clients of those multicast groups through point-to-multipoint connections.
See also: nonhubbed mode; service

multicasting
The process of sending a message simultaneously to more than one destination on a
network.

multihomed computer
A computer that has multiple network adapters or that has been configured with multiple IP
addresses for a single network adapter.
See also: virtual IP address; IP address; network adapter

multilink dialing
The combination of two or more physical communications links' bandwidth into a single
logical link to increase your remote access bandwidth and throughput by using remote
access Multilink. Based on the Internet Engineering Task Force (IETF) standard RFC
1990, Multilink combines analog modem paths, ISDN B-channels, and mixed analog and
digital communications links on both your client and server computers. This increases your
Internet and intranet access speed and decreases the amount of time you are connected
to a remote computer.
See also: B-channel; bandwidth; Integrated Services Digital Network (ISDN)

multimaster replication
A replication model in which any domain controller accepts and replicates directory
changes to any other domain controller. This differs from other replication models in which
one computer stores the single modifiable copy of the directory and other computers store
backup copies.
See also: domain controller; replication

multiple boot
A computer configuration that runs two or more operating systems.
See also: dual boot; startup environment

Musical Instrument Digital Interface (MIDI)

A serial interface standard that allows for the connection of music synthesizers, musical
instruments, and computers. The MIDI standard is based partly on hardware and partly on
a description of the way in which music and sound are encoded and communicated
between MIDI devices. The information transmitted between MIDI devices is in a form

called a MIDI message, which encodes aspects of sound, such as pitch and volume, as 8bit bytes of digital information.
MIDI devices can be used for creating, recording, and playing back music. Using MIDI,
computers, synthesizers, and sequencers can communicate with each other, either
keeping time or actually controlling the music created by other connected equipment.
See also: MIDI setup

My Documents
A folder that provides you with a convenient place to store documents, graphics, or other
files you want to access quickly. When you save a file in a program such as WordPad or
Paint, the file is automatically saved in My Documents, unless you choose a different
folder.
See also: home folder

N
name
The identifier of your computer on the network.

name resolution
The process of having software translate between names that are easy for users to work
with and numerical IP addresses, which are difficult for users but necessary for TCP/IP
communications. Name resolution can be provided by software components such as DNS
or WINS.
See also: Domain Name System (DNS); Transmission Control Protocol/Internet Protocol
(TCP/IP); Windows Internet Name Service (WINS)

name server (NS) resource record

A resource record used in a zone to designate the DNS domain names for authoritative
DNS servers for the zone.
See also: DNS Server; Domain Name System (DNS); resource record (RR); zone

named pipe
A portion of memory that can be used by one process to pass information to another
process, so that the output of one is the input of the other. The second process can be
local (on the same computer as the first) or remote (on a networked computer).

namespace
A set of unique names for resources or items used in a shared computing environment.
For Microsoft Management Console (MMC), the namespace is represented by the console
tree, which displays all of the snap-ins and resources that are accessible to a console.
For Domain Name System (DNS), namespace is the vertical or hierarchical structure of
the domain name tree. For example, each domain label, such as host1 or example, used

in a fully qualified domain name, such as host1.example.microsoft.com, indicates a branch

in the domain namespace tree.
See also: console tree; Domain Name System (DNS); label; resource; snap-in

naming context
See definition for: directory partition

native mode
The condition in which all domain controllers in the domain have been upgraded to
Windows 2000 and an administrator has enabled native mode operation (through Active
Directory Users and Computers).
See also: Active Directory Users and Computers

NetBIOS Extended User Interface (NetBEUI)

A network protocol native to Microsoft Networking. It is usually used in small, departmentsize local area networks (LANs) of 1 to 200 clients. It can use Token Ring source routing
as its only method of routing. It is the Microsoft implementation of the NetBIOS standard.
See also: Compression Control Protocol (CCP); local area network (LAN); network basic
input/output system (NetBIOS); protocol

NetWare Core Protocol (NCP)

The file-sharing protocol that governs communications about resource (such as disk and
printer), bindery, and NDS operations between server and client computers on a Novell
NetWare network. Requests from client computers are transmitted by the IPX protocol.
Servers respond according to NCP guidelines.
See also: bindery; Internetwork Packet Exchange (IPX); Novell Directory Services (NDS)

network
A group of computers and other devices, such as printers and scanners, connected by a
communications link, enabling all the devices to interact with each other. Networks can be
small or large, permanently connected through wires or cables, or temporarily connected
through phone lines or wireless transmissions. The largest network is the Internet, which is
a worldwide group of networks.
See also: network adapter

network adapter
A device that connects your computer to a network. This device is sometimes called an
adapter card or network interface card.

network administrator
A person responsible for planning, configuring, and managing the day-to-day operation of
the network. Network administrator is also called a system administrator.

network basic input/output system (NetBIOS)

An application programming interface (API) that can be used by programs on a local area
network (LAN). NetBIOS provides programs with a uniform set of commands for
requesting the lower-level services required to manage names, conduct sessions, and
send datagrams between nodes on a network.
See also: application programming interface (API); basic input/output system (BIOS); local
area network (LAN); service

network card driver

A device driver that works directly with the network card, acting as an intermediary
between the card and the protocol driver. With AppleTalk network integration, the
AppleTalk Protocol stack on the server is implemented as a protocol driver and is bound to
one or more network card drivers.
See also: device driver

Network Connections
A component you can use to gain access to network resources and functionality, whether
you are physically at the network location or in a remote location. By using the Network
Connections folder you can create, configure, store, and monitor connections.

Network DDE service

A service that provides network transport and security for DDE conversations.
See also: dynamic data exchange (DDE); service

network media
The type of physical wiring and lower-layer protocols used for transmitting and receiving
packets; for example, Ethernet, FDDI, and Token Ring.

Network Name resource

The name of a device that exists on a network and is supported as a cluster resource by a
Resource DLL provided with Windows.
See also: Resource DLL

Network News Transfer Protocol (NNTP)

A member of the TCP/IP suite of protocols used to distribute network news messages to
NNTP servers and clients (newsreaders) on the Internet. NNTP is designed so that news
articles are stored on a server in a central database, thus enabling a user to select specific
items to read.
See also: Transmission Control Protocol/Internet Protocol (TCP/IP)

network number
In the Macintosh environment, the routing address or range of addresses assigned to the
physical network that AppleTalk Phase 2 routers use to direct information to the

appropriate network. Network number is also called network range and cable range.

network partition
A state in which one or more of the nodes in a cluster cannot communicate with the other
cluster nodes.

network place
A folder on a Web server. You can view files and folders on Web servers just as you would
view files and folders on network servers. However, when you save a file to a network
place, the file is saved on a Web server, not on your computer's hard disk. You can create
network places by using the Add Network Place Wizard, which is located in My Network
Places. Network places are available only on Web servers that support Web Extender
Client (WEC), FrontPage extensions, and Distributed Authoring and Versioning (DAV)
protocols.

non-Plug and Play

A device, such as a printer, modem, or game controller, that requires manual configuration
of hardware settings before it can be used. Non-Plug and Play devices are becoming
increasingly rare as manufacturers stop producing them in favor of Plug and Play devices.
Non-Plug and Play typically applies to older pieces of equipment.
See also: device; Plug and Play

nonauthoritative restore
A restore of a backup copy of a Windows domain controller in which the objects in the
restored directory are not treated as authoritative. The restored objects are updated with
changes held in other replicas of the restored domain.
See also: authoritative restore

noncontainer object
An object that cannot logically contain other objects. For example, a file is a noncontainer
object.
See also: container object; object

nonhubbed mode
A mode in which the ATM ARP/MARS does not forward multicast and broadcast traffic for
multicast group clients. In this mode, the service returns a dynamic listing of ATM hosts
currently registered for the multicast group address to requesting clients. Clients then use
this list to initiate and establish their own point-to-multipoint virtual connections with each
of the members in the multicast list.
See also: hubbed mode; multicast address resolution service (MARS); multicast server
(MCS)

nonpaged memory
Memory that cannot be paged to disk. Paging is the moving of infrequently used parts of a

program's working memory from RAM to another storage medium, usually the hard disk.
See also: paging file

nonpaged pool
Operating system memory that is never paged to disk. Paging is the moving of infrequently
used parts of a program's working memory from RAM to another storage medium, usually
the hard disk. In Task Manager, the amount of memory used by a process, in kilobytes.
See also: paging file

normal backup
A backup that copies all selected files and marks each file as having been backed up (in
other words, the archive attribute is cleared). With normal backups, you need only the
most recent copy of the backup file or tape to restore all of the files. You usually perform a
normal backup the first time you create a backup set.
See also: copy backup; daily backup; differential backup; incremental backup

notification area
The area on the taskbar to the right of the taskbar buttons. The notification area displays
the time and can also contain shortcuts that provide quick access to programs, such as
Volume Control and Power Options. Other shortcuts can appear temporarily, providing
information about the status of activities. For example, the printer shortcut icon appears
after a document has been sent to the printer and disappears when printing is complete.

notify list
A list maintained by the primary master for a zone of other DNS servers that should be
notified when zone changes occur. The notify list is made up of IP addresses for DNS
servers configured as secondary masters for the zone. When the listed servers are notified
of a change to the zone, they will initiate a zone transfer with another DNS server and
update the zone.
See also: DNS Server; primary master; zone transfer; secondary master; zone

Novell Directory Services (NDS)

On networks running Novell NetWare 4.0, a distributed database that maintains
information about every resource on the network and provides access to these resources.

Nslookup
A command-line tool used to diagnose Domain Name System (DNS) infrastructure.
See also: Domain Name System (DNS)

NTDS-DSA object
An object that represents the configuration of the Active Directory service running on a
specific domain controller. For example, the NTDS-DSA object holds the setting that
determines whether or not the Active Directory service provides global catalog services.
NTDS-DSA objects are created and deleted in the course of running the Active Directory

Installation Wizard (dcpromo.exe).

An NTDS-DSA object is stored in the Configuration directory partition and is always a child
of the Server object representing the domain controller where this particular Active
Directory service is running. For example, if the distinguished name of an NTDS-DSA
object is:
CN=NTDS Settings,CN=RESKIT1,CN=Servers,
CN=Washington,CN=Sites,CN=Configuration,DC=reskit,DC=com
then the distinguished name of the corresponding Server object is:
CN=RESKIT1,CN=Servers,CN=Washington,CN=Sites,
CN=Configuration,DC=reskit,DC=com
See also: Active Directory; domain controller; global catalog

NTFS file system

An advanced file system that provides performance, security, reliability, and advanced
features that are not found in any version of FAT. For example, NTFS guarantees volume
consistency by using standard transaction logging and recovery techniques. If a system
fails, NTFS uses its log file and checkpoint information to restore the consistency of the file
system. In Windows 2000 and Windows XP, NTFS also provides advanced features such
as file and folder permissions, encryption, disk quotas, and compression.
See also: FAT32; file allocation table (FAT); file system

NTLM
A security package that provides authentication between clients and servers.

NTLM authentication protocol

A challenge/response authentication protocol. The NTLM authentication protocol was the
default for network authentication in Windows NT version 4.0 and earlier. The protocol
continues to be supported in Windows 2000 but no longer is the default.

null modem cable

Special cabling that eliminates the modem's need for asynchronous communications
between two computers over short distances. A null modem cable emulates modem
communication.
See also: modem (modulator/demodulator)

NWLink
An implementation of the Internetwork Packet Exchange (IPX), Sequenced Packet
Exchange (SPX), and NetBIOS protocols used in Novell networks. NWLink is a standard
network protocol that supports routing and can support NetWare client-server applications,
where NetWare-aware Sockets-based applications communicate with IPX/SPX Socketsbased applications.
See also: Routing Information Protocol over IPX (RIPX); IPX/SPX; network basic
input/output system (NetBIOS)

O
object
An entity, such as a file, folder, shared folder, printer, or Active Directory object, described
by a distinct, named set of attributes. For example, the attributes of a File object include its
name, location, and size; the attributes of an Active Directory User object might include the
user's first name, last name, and e-mail address.
For OLE and ActiveX, an object can also be any piece of information that can be linked to,
or embedded into, another object.
See also: attribute; child object; OLE; parent object

offline
A state that marks a component in a cluster as unavailable. A node in an offline state is
either inactive or not running. Resources and groups also have an offline state.
See also: group; online; pending; resource

OLE
A way to transfer and share information between applications by pasting information
created in one application into a document created in another application, such as a
spreadsheet or word processing file.
See also: embedded object; linked object; package

on-disk catalog
Information stored on a local disk drive. The on-disk catalog contains a list of files and
folders that have been backed up in a backup set.
See also: backup set; on-media catalog

on-media catalog
Information stored on backup storage media. The on-media catalog contains a list of files
and folders that have been backed up in a backup set.
See also: backup set; on-disk catalog

one-way trust
A type of trust relationship in which only one of the two domains trusts the other domain.
For example, domain A trusts domain B and domain B does not trust domain A. All oneway trusts are nontransitive.
See also: transitive trust; two-way trust

online
A state that marks a component in a cluster as available. When a node is online, it is an
active member of the cluster and can own and run groups as well as honor cluster
database updates, contribute votes to the quorum algorithm, and maintain heartbeats.

Resources and groups also have an online state.

See also: group; offline; pending; resource

Open Systems Interconnection (OSI) reference model

A networking model introduced by the International Organization for Standardization (ISO)
to promote multi-vendor interoperability. Open Systems Interconnection (OSI) is a sevenlayered conceptual model consisting of the application, presentation, session, transport,
network, data-link, and physical layers.
See also: Transmission Control Protocol/Internet Protocol (TCP/IP)

OpenType fonts
Outline fonts that are rendered from line and curve commands, and can be scaled and
rotated. OpenType fonts are clear and readable in all sizes and on all output devices
supported by Windows. OpenType is an extension of TrueType font technology.
See also: font; TrueType fonts

operations master
A domain controller that has been assigned one or more special roles in an Active
Directory domain.
The domain controllers assigned these roles perform operations that are single-master
(not permitted to occur at different places on the network at the same time). Examples of
these operations include resource identifier allocation, schema modification, PDC election,
and certain infrastructure changes.
The domain controller that controls the particular operation owns the operations master
role for that operation. The ownership of these operations master roles can be transferred
to other domain controllers.
See also: Active Directory; domain controller; domain naming master; infrastructure
master; schema master

operator
In mathematics and in programming and computer applications, a symbol or other
character indicating an operation that acts on one or more elements. You can use the
following four operators in standard calculations:
/ divide
* multiply
- subtract
+ add
For Indexing Service, a word or character that specifies a relationship in a query.

organizational unit
An Active Directory container object used within domains. An organizational unit is a
logical container into which users, groups, computers, and other organizational units are
placed. It can contain objects only from its parent domain. An organizational unit is the
smallest scope to which a Group Policy object can be linked, or over which administrative

authority can be delegated.

See also: Active Directory; container object; Group Policy object; parent domain

orphan
A member of a mirrored volume or a RAID-5 volume that has failed due to a severe cause,
such as a loss of power or a complete hard-disk head failure. When this happens, the
fault-tolerant driver determines that it can no longer use the orphaned member and directs
all new reads and writes to the remaining members of the fault-tolerant volume.
See also: fault tolerance; mirrored volume; RAID-5 volume

orphan file
A file that is stored inside My Briefcase and not linked to any file outside My Briefcase.
When you update files, the orphan file is not synchronized with any other file.

OS/2
A protected-mode, virtual memory, multitasking operating system for personal computers
based on the Intel 80286, 80386, i486, and Pentium processors. OS/2 can run most MSDOS-based programs and can read all MS-DOS disks.
See also: MS-DOS-based program

owner
In a Windows environment, the person who controls how permissions are set on objects
and can grant permissions to others.
In the Macintosh environment, an owner is the user responsible for setting permissions for
a folder on a server. A Macintosh user who creates a folder on the server automatically
becomes the owner of the folder, and can then transfer ownership to someone else. Each
Macintosh-accessible volume on the server also has an owner.

owner category
In the Macintosh environment, the user category to which you assign permissions for the
owner of a folder or a Macintosh volume.

P
package
An icon that represents embedded or linked information. That information may consist of a
complete file, such as a Paint bitmap, or part of a file, such as a spreadsheet cell. When
you choose the package, the application used to create the object either plays the object
(for example, a sound file) or opens and displays the object. If you change the original
information, linked information is automatically updated. However, you must manually
update embedded information.
See also: embedded object; linked object; OLE

packet
An Open Systems Interconnection (OSI) network layer transmission unit that consists of
binary information representing both data and a header containing an identification
number, source and destination addresses, and error-control data.
See also: Internet Protocol (IP); packet header; packet switching; switching hub

packet header
In network protocol communications, a specially reserved field of a defined bit length that
is attached to the front of a packet for carry and transfer of control information. When the
packet arrives at its destination, the field is then detached and discarded as the packet is
processed and disassembled in a corresponding reverse order for each protocol layer.
See also: packet

packet switching
A technology for breaking data into packets and then sending the packets over a network.
Each packet has a header containing its source and destination, a sequence number to
reassemble the information, a block of data content, and an error-checking code. The data
packets may take different routes to their destination, where the original information is
reassembled after the packets arrive. The international standard for packet switching
networks is X.25.
See also: packet

PAD (packet assembler/disassembler)

A device that connects a non-X.25 device such as a modem to an X.25 packet switching
network.

page
In virtual memory systems, a unit of data storage that is brought into random access
memory (RAM), typically from a hard drive, when a requested item of data is not already in
RAM.
See also: virtual memory

page fault
The interrupt that occurs when software attempts to read from or write to a virtual memory
location that is marked not present.
In Task Manager, page fault is the number of times data has to be retrieved from disk for a
process because it was not found in memory. The page fault value accumulates from the
time the process started.
See also: Page Faults Delta; Task Manager; virtual memory

Page Faults Delta

In Task Manager, the change in the number of page faults since the last update.
See also: Task Manager

page-description language (PDL)

A computer language that describes the arrangement of text and graphics on a printed
page.
See also: Printer Control Language (PCL); Printer Job Language (PJL); PostScript;
PostScript fonts

paged pool
The system-allocated virtual memory that has been charged to a process and that can be
paged. Paging is the moving of infrequently-used parts of a program's working memory
from RAM to another storage medium, usually the hard disk.
In Task Manager, the amount of system-allocated virtual memory, in kilobytes, used by a
process.
See also: registry size limit (RSL); virtual memory

paging file
A hidden file on the hard disk that Windows uses to hold parts of programs and data files
that do not fit in memory. The paging file and physical memory, or RAM, comprise virtual
memory. Windows moves data from the paging file to memory as needed and moves data
from memory to the paging file to make room for new data. Paging file is also called a
swap file.
See also: Peak Memory Usage; registry size limit (RSL); virtual memory

Panose
A font-classification method that measures values, such as serifs, weight, and stroke
variations, for a TrueType font. These values are represented by a Panose number. The
Panose number is then used to associate the font with other fonts of similar appearance
but different names. The closer the Panose number of two fonts, the more similar they are.

paper source
The location (such as Upper Paper Tray or Envelope Feeder) of the paper at the printer.

parallel port
The input/output connector for a parallel interface device. Printers are generally plugged
into a parallel port.
See also: serial port

parent domain
For DNS and Active Directory, domains that are located in the namespace tree directly
above other derivative domain names (child domains). For example, microsoft.com would
be the parent domain for example.microsoft.com, a child domain.
See also: domain; Domain Name System (DNS)

parent object
The object in which another object resides. A parent object implies relation. For example, a
folder is a parent object in which a file, or child object, resides. An object can be both a
parent and a child object. For example, a subfolder that contains files is both the child of
the parent folder and the parent folder of the files.
See also: child object; object

parity
A calculated value that is used to reconstruct data after a failure. RAID-5 volumes stripe
data and parity intermittently across a set of disks. When a disk fails, some server
operating systems use the parity information together with the data on good disks to
recreate the data on the failed disk.
See also: fault tolerance; RAID-5 volume

parity bit
In asynchronous communications, an extra bit used in checking for errors in groups of data
bits transferred within or between computer systems. In modem-to-modem
communications, a parity bit is often used to check the accuracy with which each character
is transmitted.
See also: parity

partition
A portion of a physical disk that functions as though it were a physically separate disk.
After you create a partition, you must format it and assign it a drive letter before you can
store data on it.
On basic disks, partitions are known as basic volumes, which include primary partitions
and logical drives. On dynamic disks, partitions are known as dynamic volumes, which
include simple, striped, spanned, mirrored, and RAID-5 volumes.
See also: basic disk; basic volume; drive letter; dynamic volume; extended partition;
primary partition; system partition

partition boot sector

A portion of a hard disk partition that contains information about the disk's file system and
a short machine language program that loads the Windows operating system.
See also: partition

password
A security measure used to restrict logon names to user accounts and access to computer
systems and resources. A password is a string of characters that must be provided before
a logon name or an access is authorized. A password can be made up of letters, numbers,
and symbols, and it is case sensitive.
See also: user account

Password Authentication Protocol (PAP)

A simple, plaintext authentication scheme for authenticating PPP connections. The user
name and password are requested by the remote access server and returned by the
remote access client in plaintext.
See also: Point-to-Point Protocol (PPP); remote access; password

paused
A state that applies to a node in a cluster. The node is a fully active member in the cluster
but cannot accept new resource groups (for example, a resource group cannot fail over or
fail back to a paused node). You can administer and maintain a paused node.
See also: cluster; failback; failover; offline

PC Card
A removable device, approximately the size of a credit card, that can be plugged into a
Personal Computer Memory Card International Association (PCMCIA) slot in a portable
computer. PCMCIA devices can include modems, network cards, and hard disk drives.
See also: modem (modulator/demodulator)

PCI expansion slot

A connection socket for a peripheral designed for the Peripheral Component Interconnect
(PCI) local bus on a computer motherboard.

PDC emulator master

The domain controller assigned to act as a Windows NT 4.0 primary domain controller
(PDC) to service network clients that do not have Active Directory client software installed,
and to replicate directory changes to any Windows NT backup domain controllers (BDCs)
in the domain.
The PDC emulator master receives preferential replication of password changes
performed by other domain controllers in the domain and handles any password
authentication requests that fail at the local domain controller. At any time, there can be
only one PDC emulator master in a particular domain.
See also: Active Directory; primary domain controller (PDC); replication; backup domain
controller (BDC); domain controller; multimaster replication; operations master

Peak Memory Usage

In Task Manager, the peak amount of physical memory resident in a process since it
started.
See also: Task Manager

pending
A state that refers to a resource in a cluster when the resource is in the process of being
brought online or taken offline.
See also: offline; online; resource

Per Seat Licensing

A licensing mode that requires a separate Client Access License for each client computer,
regardless of whether all the clients access the server at the same time.
See also: client; Per Server Licensing

Per Server Licensing

A licensing mode that requires a separate Client Access License for each concurrent
connection to the server, regardless of whether there are other client computers on the
network that do not happen to connect concurrently.
See also: client; Per Seat Licensing

performance alert
A feature that detects when a predefined counter value rises above or falls below the
configured threshold and notifies a user by means of the Messenger service.
See also: Messenger service

performance counter
In System Monitor, a data item that is associated with a performance object. For each
counter selected, System Monitor presents a value corresponding to a particular aspect of
the performance that is defined for the performance object.
See also: performance object

performance object
In System Monitor, a logical collection of counters that is associated with a resource or
service that can be monitored.
See also: performance counter

performance object instance

In System Monitor, a term used to distinguish between multiple performance objects of the
same type on a computer.
See also: performance object

peripheral
A device, such as a disk drive, printer, modem, or joystick, that is connected to a computer
and is controlled by the computer's microprocessor.
See also: device

peripheral component interconnect (PCI)

A specification introduced by Intel Corporation that defines a local bus system that allows
up to 10 PCI-compliant expansion cards to be installed in the computer.

permission
A rule associated with an object to regulate which users can gain access to the object and
in what manner. Permissions are granted or denied by the object's owner.
See also: object; printer permissions; security descriptor; shared folder permissions;
special access permissions

Physical Disk resource

A disk on a cluster storage device. Physical disks are supported as cluster resources by a
Resource DLL.
See also: Resource DLL

ping
A utility that verifies connections to one or more remote hosts. The ping command uses
the ICMP echo request and echo reply packets to determine whether a particular IP
system on a network is functional. Ping is useful for diagnosing IP network or router
failures.
See also: Internet Control Message Protocol (ICMP)

pixel
Short for picture element, one spot in a rectilinear grid of thousands of such spots that
form an image produced on the screen by a computer or on paper by a printer. A pixel is
the smallest element that display or print hardware and software can manipulate to create
letters, numbers, or graphics. A pixel is also called a pel.
See also: screen resolution

PKCS #10
The Certification Request Syntax Standard, developed and maintained by RSA Data
Security, Inc. A syntax for certificate requests.
See also: certificate; Public Key Cryptography Standards (PKCS)

PKCS #12
The Personal Information Exchange Syntax Standard, developed and maintained by RSA
Data Security, Inc. This syntax standard specifies a portable format for storing or
transporting a user's private keys, certificates, and miscellaneous secrets.
See also: certificate; Public Key Cryptography Standards (PKCS)

PKCS #7
The Cryptographic Message Syntax Standard. It is a general syntax, developed and
maintained by RSA Data Security, Inc., for data to which cryptography may be applied,
such as digital signatures and encryption. It also provides a syntax for disseminating
certificates or certificate revocation lists.
See also: certificate; certificate revocation list (CRL); encryption; Public Key Cryptography
Standards (PKCS)

plaintext
Data that is not encrypted. Sometimes also called cleartext.

plotter
Any device used to draw charts, diagrams, and other line-based graphics.

plotter font
A font created by a series of dots connected by lines. Plotter fonts can be scaled to any
size and are most often printed on plotters. Some dot-matrix printers also support plotter
fonts.
See also: font

Plug and Play

A set of specifications developed by Intel that allows a computer to automatically detect
and configure a device and install the appropriate device drivers.
See also: universal serial bus (USB); non-Plug and Play

point of termination station (POTS)

Basic dial telephone connections to the public switched network, without any added
features or functions. Plain old telephone service and point of termination station is also
called POTS.

Point-to-Point Protocol (PPP)

An industry standard suite of protocols for the use of point-to-point links to transport
multiprotocol datagrams. PPP is documented in RFC 1661.
See also: Compression Control Protocol (CCP); remote access; Transmission Control
Protocol/Internet Protocol (TCP/IP); voluntary tunnel

Point-to-Point Protocol over Ethernet (PPPoE)

A specification for connecting users on an Ethernet network to the Internet through a
broadband connection, such as a single DSL line, wireless device, or cable modem. Using
PPPoE and a broadband modem, LAN users can gain individual authenticated access to
high-speed data networks. By combining Ethernet and Point-to-Point Protocol (PPP),
PPPoE provides an efficient way to create a separate connection for each user to a
remote server.

Point-to-Point Tunneling Protocol (PPTP)

Networking technology that supports multiprotocol virtual private networks (VPNs),
enabling remote users to access corporate networks securely across the Internet or other
networks by dialing into an Internet service provider (ISP) or by connecting directly to the
Internet. The Point-to-Point Tunneling Protocol (PPTP) tunnels, or encapsulates, IP, IPX,
or NetBEUI traffic inside of IP packets. This means that users can remotely run
applications that are dependent upon particular network protocols.
See also: Internet Protocol (IP); Internetwork Packet Exchange (IPX); NetBIOS Extended

User Interface (NetBEUI); packet; tunnel; virtual private network (VPN)

pointer (PTR) resource record

A resource record used in a reverse lookup zone created within the in-addr.arpa domain to
designate a reverse mapping of a host IP address to a host DNS domain name.
See also: in-addr.arpa domain; reverse lookup; resource record (RR)

policy
The mechanism by which desktop settings are configured automatically, as defined by the
administrator. Depending on context, this can refer to Group Policy, Windows NT 4.0
System Policy, or a specific setting in a Group Policy object.
See also: Group Policy; Group Policy object; System Policy

polling intervals
The frequency the Resource Monitor checks that the resource is available and operating.
There are two levels of polling: Looks Alive and Is Alive. The server cluster requests a
more thorough check of the resource's state at each Is Alive interval than it does at each
Looks Alive interval; therefore, the Is Alive polling interval is typically longer than the Looks
Alive polling interval. You can specify the two polling intervals and a time-out value for
resources.
See also: resource

POP3 (Post Office Protocol 3)

A popular protocol used for receiving e-mail messages. This protocol is often used by
ISPs. POP3 servers allow access to a single Inbox in contrast to IMAP servers, which
provide access to multiple server-side folders.

port
A connection point on your computer where you can connect devices that pass data into
and out of a computer. For example, a printer is typically connected to a parallel port (also
called an LPT port), and a modem is typically connected to a serial port (also called a
COM port).
See also: serial port; universal serial bus (USB)

port rule
For Network Load Balancing, a set of configuration parameters that determine the filtering
mode to be applied to a range of ports.
See also: filtering mode; port

Portable Operating System Interface for UNIX (POSIX)

An Institute of Electrical and Electronics Engineers (IEEE) standard that defines a set of
operating-system services. Programs that adhere to the POSIX standard can be easily
ported from one system to another. POSIX was based on UNIX system services, but it was
created in a way that allows it to be implemented by other operating systems.

See also: service

possible owners
A list that specifies which nodes in the cluster are capable of running that resource. By
default, both nodes appear as possible owners, so the resource can run on either node. In
most cases, it is appropriate to use this default setting. If you want the resource to be able
to fail over, both nodes must be designated as possible owners.
See also: failover; resource

PostScript
A page-description language (PDL), developed by Adobe Systems for printing on laser
printers. PostScript offers flexible font capability and high-quality graphics. It is the
standard for desktop publishing because it is supported by imagesetters, the highresolution printers used by printing services for commercial typesetting.
See also: Printer Control Language (PCL); page-description language (PDL); Printer Job
Language (PJL); PostScript fonts; PostScript printer; service; Type 1 fonts

PostScript fonts
Fonts that are defined in terms of the PostScript page-description language (PDL) rules
and are intended to be printed on a PostScript-compatible printer. When a document
displayed in a screen font is sent to a PostScript printer, the printer uses the PostScript
version if the font exists. If the font doesn't exist but a version is installed on the computer,
that font is downloaded to the printer. If there is no PostScript font installed in either the
printer or the computer, the bit-mapped (raster) font is translated into PostScript and the
printer produces text using the bit-mapped font. PostScript fonts are distinguished from bitmapped fonts by their smoothness, detail, and faithfulness to standards of quality
established in the typographic industry.
See also: downloadable fonts; font; page-description language (PDL); PostScript; raster
fonts

PostScript printer
A printer that uses the PostScript page-description language (PDL) to create text and
graphics on the output medium, such as paper or overhead transparency. Examples of
PostScript printers include the Apple LaserWriter, the NEC LC-890, and the QMS PS-810.
See also: page-description language (PDL); PostScript; virtual printer memory

power conditioning
A feature of an uninterruptible power supply (UPS) that removes spikes, surges, sags, and
noise from the power supply.
See also: uninterruptible power supply (UPS)

power scheme
A group of preset power-management options. For example, you can set elapsed times for
putting your computer on standby and for turning off your monitor and hard disk. You save
these settings as a named power scheme.

PPP (Point-to-Point Protocol)

See definition for: Point-to-Point Protocol (PPP)

predefined key
A key that represents one of the main divisions of the registry. Each predefined key is
displayed in a separate Registry Editor window, with the key's name appearing in the
window's title bar. For example, HKEY_CLASSES_ROOT is a predefined key.
See also: registry; hive; key

preferred owner
The node on which you prefer each group to run. For example, the static load balancing
model performs best when groups are appropriately balanced between two nodes. When a
node fails, the remaining node takes over the groups from the failed node, but
performance is diminished. By setting those groups to fail back to their preferred server
(the failed node), you automatically restore maximum performance when failback occurs. A
group does not fail back if a preferred owner is not selected.
You will not always choose a preferred owner because it may not matter where the group
resides; all that matters is that the group is still running on one of the two nodes. Or, the
nodes may be equally capable of handling the load required to use some or all of the
resources.
See also: group; resource; failback

preferred server
The NetWare server that you connect to by default when you log on to your computer. The
preferred server validates your user credentials and is queried when you request
information about resources available on the NetWare network.

preset-to callback
A form of security in which a remote access server verifies users by calling them back at
numbers supplied by the network administrator at the time user privileges are granted.
Only a network administrator can change a preset callback number. This ensures that no
one can borrow a user's password and connect to the server from a location other than the
user's normal one.
See also: callback number; remote access server; connected, user authenticated

Primary disk
The hard disk drive that contains the system and boot partitions used to start Windows.
See also: boot partition; system partition

primary domain controller (PDC)

In a Windows NT Server 4.0 or earlier domain, the computer running Windows NT Server
that authenticates domain logons and maintains the directory database for a domain. The
PDC tracks changes made to accounts of all computers on a domain. It is the only
computer to receive these changes directly. A domain has only one PDC. In this version of

Windows, one of the domain controllers in each domain is identified as the PDC for
compatibility with Windows NT 4.0 and earlier versions of Windows NT.
See also: backup domain controller (BDC)

primary master
An authoritative DNS server for a zone that can be used as a point of update for the zone.
Only primary masters have the ability to be updated directly to process zone updates,
which include adding, removing, or modifying resource records that are stored as zone
data. Primary masters are also used as the first sources for replicating the zone to other
DNS servers.
See also: DNS Server; replication; resource record (RR); secondary master; zone

primary mouse button

The button you use most often for clicking and double-clicking. The primary mouse button
is the left button on most mice and trackball devices, and the lower button on some
trackball devices, but you can switch the function of the buttons by using the Mouse
Properties dialog box in Control Panel.

primary partition
A type of partition that you can create on basic disks. A primary partition is a portion of a
physical disk that functions as though it were a physically separate disk. On basic master
boot record (MBR) disks, you can create up to four primary partitions on a basic disk, or
three primary partitions and an extended partition with multiple logical drives. On basic
GPT disks, you can create up to 128 primary partitions. Primary partitions are also known
as volumes.
See also: basic disk; extended partition; GUID partition table (GPT); logical drive; master
boot record (MBR); partition; volume

print job
The source code that contains both the data to be printed and the commands for print.
Print jobs are classified into data types based on what modifications, if any, the spooler
must make to the job for it to print correctly.
See also: print spooler; Printer window; printing pool

print processor
The component that, working in conjunction with the printer driver, receives and alters print
jobs, as necessary, according to their data type to ensure that the jobs print correctly.
See also: print job; printer driver

print queue
A print queue is a list of documents waiting to be printed on the printer. In the print queue,
you can see information such as the size of the document, who sent the document, and
status information for printing.

print server
A computer that is dedicated to managing the printers on a network. The print server can
be any computer on the network.

print spooler
Software that accepts a document sent to a printer and then stores it on disk or in memory
until the printer is ready for it. This collection of dynamic-link libraries (DLLs) receives,
processes, schedules, and distributes documents for printing. The term spooler is an
acronym created from simultaneous print operations on line.
See also: dynamic-link library (DLL); printer; spooling

Print Spooler resource

Printer queues providing access to a network printer connected to the network by an IP
address rather than by an individual name. Print spoolers are supported as cluster
resources by a Resource DLL.
See also: print spooler; Resource DLL; IP address

printer
A device that puts text or images on paper or other print media. Examples are laser
printers or dot-matrix printers.
See also: logical printer; print spooler; printing pool

Printer Control Language (PCL)

The page-description language (PDL) developed by Hewlett Packard for their laser and
inkjet printers. Because of the widespread use of laser printers, this command language
has become a standard in many printers.
See also: Printer Job Language (PJL); PostScript; page-description language (PDL)

printer driver
A program designed to allow other programs to work with a particular printer without
concerning themselves with the specifics of the printer's hardware and internal language.
By using printer drivers that handle the subtleties of each printer, programs can
communicate properly with a variety of printers.
See also: device driver

printer fonts
Fonts residing in or intended for a printer. A printer font, usually located in the printer's
read-only memory (ROM), can be internal, downloaded, or on a font cartridge.
See also: device fonts; downloadable fonts; font; font cartridge

Printer Job Language (PJL)

The printer command language developed by Hewlett Packard that provides printer control
at the print-job level. Using PJL commands, you can change default printer settings such

as number of copies to print. PJL commands also permit switching printer languages
between print jobs without action by the user. If bi-directional communication is supported,
a PJL-compatible printer can send information such as printer model and job status to the
print server.
See also: Printer Control Language (PCL); page-description language (PDL); PostScript

printer permissions
Permissions that specify the type of access that a user or group has to a printer. The
printer permissions are Print, Manage Printers, and Manage Documents.
See also: permission

Printer window
Also called the queue view, the Printer window shows information about any pending print
jobs for the printer. For each printer you have installed or to which you are connected, you
can such information as see how many documents are waiting to be printed, who owns
them, and how large they are.
See also: print job

Printers and Faxes

The folder in Control Panel that contains the Add Printer Wizard and icons for all the
printers installed on your computer.
See also: printer

printing pool
Two or more identical printers that are connected to one print server and act as a single
printer. In this case, when you print a document, the print job will be sent to the first
available printer in the pool.
See also: print job; printer

priority
For Process Control, the relative ranking of a process or process group with respect to the
use of CPU and system resources. You can configure this in the Process Control snap-in.

private branch exchange (PBX)

An automatic telephone switching system that enables users within an organization to
place calls to each other without going through the public telephone network. Users can
also place calls to outside numbers.

private key
The secret half of a cryptographic key pair that is used with a public key algorithm. Private
keys are typically used to decrypt a symmetric session key, digitally sign data, or decrypt
data that has been encrypted with the corresponding public key.
See also: public key; public key encryption

private network
A cluster network that supports only node-to-node communication.
See also: cluster

private queue
For Message Queuing, a queue that is not published in Active Directory and can be
accessed only by applications that have access to the full format name of the queue.
See also: Active Directory; Message Queuing; public queue; system queue

privilege
A user's right to perform a specific task, usually one that affects an entire computer system
rather than a particular object. Privileges are assigned by administrators to individual users
or groups of users as part of the security settings for the computer.

Pro
Windows XP Professional

process
The virtual address space and the control information necessary for the execution of a
program.
See also: socket

process identifier (PID)

A numerical identifier that uniquely distinguishes a process while it runs. Use Task
Manager to view PIDs.
See also: Task Manager; process

program
A complete, self-contained set of computer instructions that you use to perform a specific
task, such as word processing, accounting, or data management. Program is also called
application.

program information file (PIF)

A file that provides information to Windows about how best to run MS-DOS-based
programs. When you start an MS-DOS-based program, Windows looks for a PIF to use
with it. PIFs contain such items as the name of the file, a start-up directory, and
multitasking options.
See also: MS-DOS-based program

property
A characteristic or parameter of a class of objects or devices. For example, properties of
Microsoft Word files include Size, Created, and Characters.

See also: property cache; property value; tag

property cache
For Indexing Service, a file that stores values for document properties.
See also: document; property

property value
A specific characteristic or parameter that defines a property. For example, property values
of a specific Microsoft Word document could include Size = 10,000 bytes, Created = Jan
2, 1999, and Characters = 5,250.
See also: property

Protective MBR
The first sector of a GUID partition table (GPT) disk that is structured like the first sector of
a master boot record (MBR) disk to prevent x86-based disk utilities from destroying GPT
partitions. The Protective MBR contains one partition that reserves the entire space used
on the disk by GPT partitions.
See also: Extensible Firmware Interface (EFI); GUID partition table (GPT); master boot
record (MBR); x86

protocol
A set of rules and conventions for sending information over a network. These rules govern
the content, format, timing, sequencing, and error control of messages exchanged among
network devices.
See also: static routes; Transmission Control Protocol/Internet Protocol (TCP/IP)

public key
The nonsecret half of a cryptographic key pair that is used with a public key algorithm.
Public keys are typically used when encrypting a session key, verifying a digital signature,
or encrypting data that can be decrypted with the corresponding private key.
See also: Public Key Cryptography Standards (PKCS); private key; public key encryption;
recovery agent; key

public key cryptography

A method of cryptography in which two different keys are used: a public key for encrypting
data and a private key for decrypting data. Public key cryptography is also called
asymmetric cryptography.
See also: cryptography; Public Key Cryptography Standards (PKCS); private key; public
key

Public Key Cryptography Standards (PKCS)

A family of standards for public key cryptography that includes RSA encryption, DiffieHellman key agreement, password-based encryption, extended-syntax, cryptographic

message syntax, private key information syntax, and certificate request syntax, as well as
selected attributes. Developed, owned, and maintained by RSA Data Security, Inc.
See also: certificate; public key cryptography

public key encryption

A method of encryption that uses two encryption keys that are mathematically related. One
key is called the private key and is kept confidential. The other is called the public key and
is freely given out to all potential correspondents. In a typical scenario, a sender uses the
receiver's public key to encrypt a message. Only the receiver has the related private key to
decrypt the message. The complexity of the relationship between the public key and the
private key means that, provided the keys are long enough, it is computationally infeasible
to determine one from the other. Public key encryption is also called asymmetric
encryption.
See also: encryption; private key; public key; symmetric encryption

public key infrastructure (PKI)

The term generally used to describe the laws, policies, standards, and software that
regulate or manipulate certificates and public and private keys. In practice, it is a system of
digital certificates, certification authorities, and other registration authorities that verify and
authenticate the validity of each party involved in an electronic transaction. Standards for
PKI are still evolving, even though they are being widely implemented as a necessary
element of electronic commerce.
See also: certificate; certification authority (CA); public key

public network
A cluster network that supports client-to-cluster communication (either with or without
supporting node-to-node communication).
See also: cluster

public queue
For Message Queuing, a queue that is published in Active Directory and replicated
throughout a Windows enterprise. Public queues can, therefore, be located by any
computer running Message Queuing within the enterprise.
See also: Active Directory; Message Queuing; private queue; queue

Public Switched Telephone Network (PSTN)

Standard analog telephone lines, available worldwide.

puff and sip device

An assistive computer technology for people with mobility impairments. A puff and sip
device is a head-mounted alternative to using the mouse. The device allows a user to
move the mouse pointer without using his or her hands by puffing air into a tube.

pulse dialing
A form of dialing that enters a phone number by means of pulse frequencies. The user
typically hears a series of clicking sounds when dialing. Old-fashioned rotary dial phones
use pulse dialing.
See also: touch-tone dialing

Q
query
For Indexing Service, a structured statement that specifies the documents you want to
find. The simplest query is a single word.
See also: tag; vector; wildcard character

queue
A list of programs or tasks waiting for execution. In Windows printing terminology, a queue
refers to a group of documents waiting to be printed. In NetWare and OS/2 environments,
queues are the primary software interface between the application and print device; users
submit documents to a queue. With Windows, however, the printer is that interface; the
document is sent to a printer, not a queue.
See also: transactional message; printer

queue quota
For Message Queuing, the storage size limit for messages in public queues. When a
queue quota is reached, Message Queuing can no longer send messages to that queue
until one or more messages are removed from the queue. Message Queuing enforces the
computer quota before it enforces the queue quota on a computer.
See also: computer quota; Message Queuing; queue

queue type
For Message Queuing, a globally unique identifier (GUID) specified by the application that
created the queue.
See also: Message Queuing; queue

Quick Launch
A customizable toolbar that lets you display the Windows desktop or start a program (for
example, Internet Explorer) with a single click. You can add buttons to start your favorite
programs from the Quick Launch location on the taskbar.

quiet answer
A telephone-answering protocol in which incoming calls are answered with silence instead
of a tone signal. Some telephone-switching systems use quiet answering. These switching
systems expect the caller to provide another phone number, code, or extension after the
quiet answer.

quorum disk
The cluster disk on which configuration data is maintained in the quorum log, cluster
database checkpoint, and resource checkpoints. The quorum disk is managed by the
Quorum resource, which is usually a special kind of Physical Disk resource.

quorum log
The log where the quorum resource stores data. This data is maintained by the clustering
software. Also known as the recovery log or change log.
See also: quorum resource; server cluster

quorum resource
The quorum-capable resource selected to maintain the configuration data necessary for
recovery of the cluster. This data contains details of all of the changes that have been
applied to the cluster database. The quorum resource is generally accessible to other
cluster resources so that any cluster node has access to the most recent database
changes. By default there is only one quorum resource per cluster.
See also: server cluster

quota limit
The amount of disk space available to a user.
See also: warning level

R
RAID-5 volume
A fault-tolerant volume with data and parity striped intermittently across three or more
physical disks. Parity is a calculated value that is used to reconstruct data after a failure. If
a portion of a physical disk fails, Windows recreates the data that was on the failed portion
from the remaining data and parity. You can create RAID-5 volumes only on dynamic
disks, and you cannot mirror or extend RAID-5 volumes.
See also: dynamic disk; dynamic volume; fault tolerance; parity; volume

RAM
See definition for: random access memory (RAM)

random access memory (RAM)

Memory that can be read from or written to by a computer or other devices. Information
stored in RAM is lost when the computer is turned off.
See also: virtual memory

raster fonts
Fonts that are stored as bitmaps. Raster fonts are designed with a specific size and

resolution for a specific printer and cannot be scaled or rotated. If a printer does not
support raster fonts, it will not print them. The five raster fonts are Courier, MS Sans Serif,
MS Serif, Small, and Symbol. Raster fonts are also called bit-mapped fonts.
See also: font; printer

raw socket
A socket that provides direct access to lower-level network protocols.
See also: socket

read-only memory (ROM)

A semiconductor circuit that contains information that cannot be modified.

realm
A set of security principles, in a non-Windows networked environment, that are subject to
Kerberos authentication.
See also: KerberosV5 authentication protocol

realm name
An identifying prefix or suffix appended to a user name to enable appropriate routing and
authentication during a remote logon process.
See also: authentication; routing; user name

rebinding state
A state used by DHCP clients to extend and renew their address lease when the current
lease is close to expiring. In this state, the client broadcasts to the network to locate any
DHCP server that can either renew or replace its currently leased configuration. The
rebinding state begins when 87.5 percent of the client's lease time has elapsed.
See also: Dynamic Host Configuration Protocol (DHCP); lease

recoverable message
For Message Queuing, a message that can be recovered no matter which computer fails,
but that uses more resources and is slower than an express message.
See also: express message; Message Queuing

recovery agent
A person who is issued a public key certificate for the purpose of recovering user data that
is encrypted with Encrypting File System (EFS).
See also: certificate; Encrypting File System (EFS); public key

Recovery Console
A command-line interface that provides a limited set of administrative commands that are
useful for repairing a computer.

See also: NTFS file system

recovery policy
A type of public key Group Policy object used by Encrypting File System (EFS) that
provides for one or more user accounts to be designated as recovery agents.
See also: Encrypting File System (EFS); Group Policy object; public key; recovery agent;
user account

Recycle Bin
The place in which Windows stores deleted files. You can retrieve files you deleted in error,
or you can empty the Recycle Bin to create more disk space.

Redundant Array of Independent Disks (RAID)

A method used to standardize and categorize fault-tolerant disk systems. RAID levels
provide various mixes of performance, reliability, and cost. Some servers provide three of
the RAID levels: Level 0 (striping), Level 1 (mirroring), and Level 5 (RAID-5).
See also: RAID-5 volume; fault tolerance; mirrored volume

refresh
To update displayed information with current data.
See also: refresh rate

refresh interval
An interval of time used by secondary masters of a zone to determine how often to check if
their zone data needs to be refreshed. When the refresh interval expires, the secondary
master checks with its source for the zone to see if its zone data is still current or if it
needs to be updated using a zone transfer. This interval is set in the SOA (start-ofauthority) resource record for each zone.
See also: secondary master; start-of-authority (SOA) resource record; zone; zone transfer

refresh rate
The frequency with which the video screen is retraced to prevent the image from flickering.
The entire image area of most monitors is refreshed approximately 60 times per second.
See also: refresh

region
Contiguous chunks of storage on a disk.

registered file type

File types that are tracked by the system registry and are recognized by the programs you
have installed on your computer.
See also: file type

registry
A database repository for information about a computer's configuration. The registry
contains information that Windows continually references during operation, such as:
Profiles for each user.
The programs installed on the computer and the types of documents each can
create.
Property settings for folders and program icons.
What hardware exists on the system.
Which ports are being used.
The registry is organized hierarchically as a tree and is made up of keys and their
subkeys, hives, and value entries.
See also: hive; key; registry size limit (RSL); subtree; value entry

registry boot
The default boot option used by most Windows DNS servers. When registry boot is used,
DNS is started and initialized using DNS parameters and their values as they are stored in
the Windows registry. You can use a Berkeley Internet Name Domain (BIND) boot file as
an alternative to this method of boot configuration for DNS.
See also: BIND boot file; DNS Server; Domain Name System (DNS)

registry size limit (RSL)

A universal maximum for registry space that prevents an application from filling the paged
pool with registry data. The total amount of space that can be consumed by registry data
(hives) is restricted by the registry size limit.
See also: paged pool; registry; hive

relative distinguished name

The part of an object's distinguished name that is an attribute of the object itself. For most
objects this is the Common Name attribute. For security principals, the default common
name is the security principal name, also referred to as the SAM account name.
For the distinguished name
CN=MyName,CN=Users,DC=Microsoft,DC=Com
the relative distinguished name of the MyName user object is CN=MyName. The relative
distinguished name of the parent object is CN=Users.
See also: object; distinguished name

relative ID (RID)
The part of a security ID (SID) that uniquely identifies an account or group within a domain.
See also: domain; forest; group; security ID (SID)

relative ID master
The domain controller assigned to allocate sequences of relative IDs to each domain

controller in its domain. Whenever a domain controller creates a security principal (user,
group, or computer object), the domain controller assigns the object a unique security ID.
The security ID consists of a domain security ID that is the same for all security IDs
created in a particular domain, and a relative ID that is unique for each security ID created
in the domain. At any time, there can be only one relative ID master in a particular domain.
See also: domain controller; relative ID (RID); security ID (SID); security principal

relative name
The partial DNS domain name configured in individual resource records to locate and
qualify the record within a zone. The relative name is joined to the front of the parent
domain (domain of origin) for each resource record to form a fully qualified domain name
(FQDN) within the zone. In DNS Manager, the relative name will correspond to fields that
use record-specific name properties, such as the Host computer name field used in an
address (A) resource record.
See also: A (address) resource record; Domain Name System (DNS); fully qualified
domain name (FQDN); resource record (RR); zone

remote access
Part of the integrated Routing and Remote Access service that provides remote
networking for telecommuters, mobile workers, and system administrators who monitor
and manage servers at multiple branch offices. Users with a computer running Windows
and Network Connections can dial in to remotely access their networks for services such
as file and printer sharing, electronic mail, scheduling, and SQL database access.
See also: remote access server; response; Serial Line Internet Protocol (SLIP); service

remote access server

A Windows-based computer running the Routing and Remote Access service and
configured to provide remote access.
See also: set-by-caller callback; remote access

remote administration
The management of one computer by an administrator working at another computer
connected to the first computer across a network.

Remote Authentication Dial-In User Service (RADIUS)

A security authentication protocol based on clients and servers and widely used by Internet
service providers (ISPs) on remote servers in non-Windows-brand operating systems.
RADIUS is the most popular means of authenticating and authorizing dial-up and tunneled
network users today.
See also: authentication; tunnel

remote computer
A computer that you can access only by using a communications line or a communications
device, such as a network card or a modem.

Remote Installation Services

Software services that allow an administrator to set up new client computers remotely,
without having to visit each client. The target clients must support remote booting.
See also: Single Instance Store (SIS)

remote procedure call (RPC)

A message-passing facility that allows a distributed application to call services that are
available on various computers on a network. Used during remote administration of
computers.
See also: service

Remote Storage
A data management service used to migrate infrequently accessed files from local storage
to remote storage. Migrated files are recalled automatically and transparently upon user
request when the file is opened.

Removable Storage
A service used for managing removable media (such as tapes and discs) and storage
devices (libraries). Removable Storage allows applications to access and share the same
media resources.
See also: library; service

rendering intent
In color management, the approach used to map the colors specified in an image file to
the color gamut of your monitor or printer. The color gamut is the range of color that a
device can produce.
See also: color gamut

replica
A folder within a replica set.
See also: replica set; replication topology

replica set
One or more shared folders that participates in replication.
See also: replication

replication
The process of copying data from a data store or file system to multiple computers to
synchronize the data. Active Directory provides multimaster replication of the directory
between domain controllers within a given domain. The replicas of the directory on each
domain controller are writable. This allows updates to be applied to any replica of a given
domain. The replication service automatically copies the changes from a given replica to
all other replicas.

See also: Active Directory; replica; replication policy; topology

replication policy
Rules that define how and when replication is performed.
See also: replication

replication topology
A description of the physical connections between replicas and sites. In contrast, DFS
topologies describe the logical connections.
See also: replica

report message
For Message Queuing, a message that contains status information and is sent to report
queues on the source computer. Examples include test messages and route tracking
messages.
See also: Message Queuing; report queue

report queue
For Message Queuing, a queue on the source computer that contains report messages.
Report queues can be used when sending test messages and tracking message routes.
See also: Message Queuing; report message

Request for Comments (RFC)

An official document of the Internet Engineering Task Force (IETF) that specifies the
details for protocols included in the TCP/IP family.
See also: Internet Engineering Task Force (IETF); protocol; Transmission Control
Protocol/Internet Protocol (TCP/IP)

reservation
A specific IP address within a scope permanently reserved for leased use to a specific
DHCP client. Client reservations are made in the DHCP database using DHCP Manager
and based on a unique client device identifier for each reserved entry.
In Admission Control Service, an allocation of network resources, contained in a Resource
Reservation Protocol (RSVP) reservation request administered by the Admission Control
Service.
See also: Dynamic Host Configuration Protocol (DHCP); lease; Resource Reservation
Protocol (RSVP); scope; IP address

resolver
DNS client programs used to look up DNS name information. Resolvers can be either a
small stub (a limited set of programming routines that provide basic query functionality) or
larger programs that provide additional lookup DNS client functions, such as caching.

See also: caching; caching resolver; Domain Name System (DNS)

resource
Generally, any part of a computer system or network, such as a disk drive, printer, or
memory, that can be allotted to a running program or a process.
For Device Manager, any of four system components that control how the devices on a
computer work. These four system resources are interrupt request (IRQ) lines, direct
memory access (DMA) channels, input/output (I/O) ports, and memory addresses.
For server clusters, a physical or logical entity that is capable of being managed by a
cluster, brought online and taken offline, and moved between nodes. A resource can be
owned only by a single node at any point in time.
See also: direct memory access (DMA); input/output (I/O) port; interrupt request (IRQ)
lines; memory address; offline; online; resource; server cluster

resource allocation
The process of distributing a computer system's facilities to different components of a job
in order to perform the job.

Resource DLL
A dynamic-link library (DLL) containing an implementation of the Resource application
programming interface (API) for a specific type of resource. The Resource DLL is loaded
into the address space of its Resource Monitor.
See also: application programming interface (API); dynamic-link library (DLL)

resource domain
A Windows NT 4.0 domain that is used for hosting file, print, and other application
services.
See also: domain; service

Resource Monitor
A cluster software component that facilitates communication between a node's server
cluster and one or more of its resources.
See also: resource; server cluster

resource record (RR)

Standard DNS database structure containing information used to process DNS queries.
For example, an address (A) type resource record contains IP address corresponding to a
host name. Most of the basic resource record types are defined in RFC 1035, but
additional RR types have been defined in other RFCs and approved for use with DNS.
See also: Domain Name System (DNS); Request for Comments (RFC); retry interval; zone

resource record set (RRset)

A collection of more than one resource record returned in a query response by a DNS

server. Resource record sets (RRsets) are used in responses where more than one record
is part of the answer.
See also: DNS Server; resource record (RR)

Resource Reservation Protocol (RSVP)

A signaling protocol that allows the sender and receiver in a communication to set up a
reserved highway for data transmission with a specified quality of service.
See also: protocol

response
In Windows remote access, strings expected from the device, which can contain macros.
See also: string; remote access

response message
For Message Queuing, a message sent by a receiving application to the response queue
specified by a sending application. Any available queue can be specified as a response
queue.
See also: Message Queuing; response queue; queue

response queue
For Message Queuing, a queue that is created by the sending application and used by the
receiving application to reply to messages. For example, an application might send a
response message to a response queue every time the application receives a message.
See also: Message Queuing; response message; queue

Restore Point
A representation of a stored state of your computer. Restore point is created by System
Restore at specific intervals and when System Restore detects the beginning of a change
to your computer. Also, restore point can be created by you manually at any time.

retry interval
The time, in seconds after the refresh interval expires, used by secondary masters of a
zone to determine how often to try and retry contacting its source for zone data to see if its
replicated zone data needs to be refreshed. This interval is set in the SOA (start-ofauthority) resource record for each zone.
See also: refresh interval; replication; secondary master; start-of-authority (SOA) resource
record; zone

reverse lookup
In DNS, a query process by which the IP address of a host computer is searched to find its
friendly DNS domain name. In DNS Manager, reverse lookup zones are based on the inaddr.arpa domain name and typically hold pointer (PTR) resource records.
See also: Domain Name System (DNS); in-addr.arpa domain; pointer (PTR) resource

record; zone

RGB color space

Multidimensional color space consisting of the red, green, and blue intensities that make
up a given color. This system is typically used in scanners, digital cameras, computer
monitors, and computer printers.
See also: color management; color space

right-click
To position the mouse over an object, and then press and release the secondary (right)
mouse button. Right-clicking opens a shortcut menu that contains useful commands,
which change depending on where you click.

roaming user profile

A server-based user profile that is downloaded to the local computer when a user logs on
and that is updated both locally and on the server when the user logs off. A roaming user
profile is available from the server when logging on to a workstation or server computer.
When logging on, the user can use the local user profile if it is more current than the copy
on the server.
See also: local user profile; mandatory user profile; user profile

rolling upgrade
In a cluster, the process of upgrading cluster nodes by turns while the other nodes
continue to provide service.
See also: cluster

ROM
An acronym for Read-Only Memory, a semiconductor circuit into which code or data is
permanently installed by the manufacturing process. ROM contains instructions or data
that can be read but not modified.

root
The highest or uppermost level in a hierarchically organized set of information. The root is
the point from which further subsets are branched in a logical sequence that moves from a
broad or general focus to narrower perspectives.

root authority
The certification authority (CA) at the top of a certification hierarchy. The root CA has a
self-signed certificate. Also called the root certification authority.
See also: certification authority (CA); certification hierarchy; root

root certificate
A self-signed certification authority certificate. It is called a root certificate because it is the

certificate for the root authority. The root authority must sign its own certificate because by
definition there is no higher certifying authority in the certification hierarchy.
See also: certificate; certification authority (CA); certification hierarchy; root authority

root domain
The beginning of the Domain Name System (DNS) namespace. In Active Directory, the
initial domain in an Active Directory tree. Also the initial domain of a forest.

root hints
Local information stored on a DNS server that provides helping resource records to direct
the server to its root servers. For DNS, the root hints are stored in the file Cache.dns,
located in the Systemroot\System32\Dns folder. Root hints are also called cache hints.
See also: authoritative; DNS Server; Domain Name System (DNS); namespace; root
servers; systemroot

root servers
DNS servers that are authoritative for the root of the namespace.
See also: authoritative; DNS Server; namespace; root

round robin
A simple mechanism used by DNS servers to share and distribute loads for network
resources. Round robin is used to rotate the order of resource records (RRs) returned in a
response to a query when multiple RRs of the same type exist for a queried DNS domain
name.
See also: DNS Server; resource record (RR)

router
In a Windows environment, hardware that helps LANs and WANs achieve interoperability
and connectivity, and can link LANs that have different network topologies (such as
Ethernet and Token Ring). Routers match packet headers to a LAN segment and choose
the best path for the packet, optimizing network performance.
In the Macintosh environment, routers are necessary for computers on different physical
networks to communicate with each other. Routers maintain a map of the physical
networks on a Macintosh internet (network) and forward data received from one physical
network to other physical networks. Computers running the Server version of Windows
with AppleTalk network integration can act as routers, and you can also use other routing
hardware on a network with AppleTalk network integration.
See also: local area network (LAN); packet header; Routing Information Protocol over IPX
(RIPX); routing; static routes; wide area network (WAN)

routing
The process of forwarding a packet through an internetwork from a source host to a
destination host.
See also: host; packet

Routing Information Protocol over IPX (RIPX)

A protocol used by routers to exchange information between routers on an IPX network
and by hosts to determine the best router to use when forwarding IPX traffic to a remote
IPX network.
See also: protocol; router; Internetwork Packet Exchange (IPX); NWLink

routing link
For Message Queuing, a communications link established between Windows sites for
routing messages. Specially configured Message Queuing servers with routing services
enabled are used to create a routing link between sites.
See also: Message Queuing; routing-link cost; routing services

routing services
For Message Queuing, a service on a Message Queuing server that provides message
routing services. If so configured, this feature can be used on a Message Queuing server
to:
Enable computers that use different network protocols to communicate.
Reduce the number of sessions by acting as a gateway for all incoming or outgoing
messages for independent clients.
Route messages between sites over a routing link.
See also: session concentration; service; independent client; Message Queuing; Message
Queuing server; routing link

routing-link cost
For Message Queuing, a number used to determine the route messages can take between
two sites. This number represents the relative monetary cost of communication over a link.
A routing link has a default routing-link cost of 1 and should not be changed unless you
have multiple routing links between two sites and you want to enforce message routing
over a specific routing link.
See also: Message Queuing; routing link

RS-232-C standard
An accepted industry standard for serial communication connections. Adopted by the
Electric Industries Association, this Recommended Standard (RS) defines the specific
lines and signal characteristics used by serial communications controllers to standardize
the transmission of serial data between devices. The letter C signifies the third in a series.

RSA
A widely used public/private key algorithm. It is the default cryptographic service provider
(CSP) for Microsoft Windows. It was patented by RSA Data Security, Inc. in 1977.
See also: cryptographic service provider (CSP)

S
saturation
In color management, the purity of a color's hue, moving from gray to the pure color.
See also: hue

scalability
A measure of how well a computer, service, or application can grow to meet increasing
performance demands. For server clusters, the ability to incrementally add one or more
systems to an existing cluster when the overall load of the cluster exceeds its capabilities.
See also: server cluster

scan interval
For Process Control, the time between successive checks for new processes started on
the server. You can configure this in the Process Control snap-in.

schema
A description of the object classes and attributes stored in Active Directory. For each object
class, the schema defines the attributes an object class must have, the additional
attributes it may have, and the object class that can be its parent.
The Active Directory schema can be updated dynamically. For example, an application can
extend the schema with new attributes and classes and use the extensions immediately.
Schema updates are accomplished by creating or modifying the schema objects stored in
Active Directory. Like every object in Active Directory, schema objects have an access
control list, so only authorized users may alter the schema.
See also: Active Directory; attribute; object; parent object

schema master
The domain controller assigned to control all updates to the schema within a forest. At any
time, there can be only one schema master in the forest.
See also: domain controller; forest; schema

scope
A range of IP addresses that are available to be leased or assigned to DHCP clients by the
DHCP service.
See also: Dynamic Host Configuration Protocol (DHCP); lease; IP address

scope of influence
In a domain environment, a site, domain, or organizational unit; in a workgroup
environment, the local disk.
See also: domain; organizational unit

scrap
A file that is created when you drag part of a document to the desktop.

screen fonts
A typeface designed for display on a computer monitor screen. Screen fonts often have
accompanying PostScript fonts for printing to PostScript-compatible printers.
See also: font; PostScript

screen resolution
The setting that determines the amount of information that appears on your screen,
measured in pixels. Low resolution, such as 640 x 480, makes items on the screen appear
large, although the screen area is small. High resolution, such as 1024 x 768, makes the
overall screen area large, although individual items appear small.
See also: pixel

screen saver
A moving picture or pattern that appears on your screen when you have not used the
mouse or keyboard for a specified period of time.

script
A type of program consisting of a set of instructions to an application or tool program. A
script usually expresses instructions by using the application's or tool's rules and syntax,
combined with simple control structures such as loops and if/then expressions. "Batch
program" is often used interchangeably with "script" in the Windows environment.

second-level domains
Domain names that are rooted hierarchically at the second tier of the domain namespace
directly beneath the top-level domain names such as .com and .org. When DNS is used on
the Internet, second-level domains are names such as microsoft.com that are registered
and delegated to individual organizations and businesses according to their top-level
classification. The organization then assumes further responsibility for parenting
management and growth of its name into additional subdomains.
See also: domain name; Domain Name System (DNS); namespace; parent domain; toplevel domains

secondary master
An authoritative DNS server for a zone that is used as a source for replication of the zone
to other servers. Secondary masters update their zone data only by transferring zone data
from other DNS servers. They do not have the ability to perform zone updates.
See also: authoritative; DNS Server; master server; primary master; zone; zone transfer

secondary mouse button

The button that you use to display shortcut menus or other program-specific features. The
secondary mouse button is the right button on most mice and trackball devices, and the

upper button on other trackball devices, but you can switch the function of the buttons in
the Mouse Control Panel.

Secure Hash Algorithm (SHA-1)

A message digest hash algorithm that generates a 160-bit hash value. SHA-1 is used with
the Digital Signature Algorithm (DSA) in the Digital Signature Standard (DSS), among
other places.
See also: Digital Signature Standard (DSS); hash algorithm; message digest

Secure Sockets Layer (SSL)

A proposed open standard for establishing a secure communications channel to prevent
the interception of critical information, such as credit card numbers. Primarily, it enables
secure electronic financial transactions on the World Wide Web, although it is designed to
work on other Internet services as well.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

A protocol for secure electronic mail over the Internet.
See also: protocol

security
On a network, protection of a computer system and its data from harm or loss,
implemented especially so that only authorized users can gain access to shared files.

security descriptor
A data structure that contains security information associated with a protected object.
Security descriptors include information about who owns the object, who can access it and
in what way, and what types of access will be audited.
See also: permission; discretionary access control list (DACL); group; object; system
access control list (SACL)

security group
A group that can be listed in discretionary access control lists (DACLs) used to define
permissions on resources and objects. A security group can also be used as an e-mail
entity. Sending an e-mail message to the group sends the message to all the members of
the group.
See also: discretionary access control list (DACL)

security host
An authentication device, supplemental to standard Windows and remote access server
security, that verifies whether a caller from a remote client is authorized to connect to the
remote access server.
See also: authentication; remote access server; remote access

security ID (SID)
A data structure of variable length that identifies user, group, and computer accounts.
Every account on a network is issued a unique SID when the account is first created.
Internal processes in Windows refer to an account's SID rather than the account's user or
group name.
See also: group account; group name; user account; user name

security log
An event log containing information on security events that are specified in the audit policy.

security principal
An account holder that is automatically assigned a security identifier for access to
resources. A security principal can be a user, group, service, or computer.
See also: group; security principal name; service

security principal name

A name that uniquely identifies a user, group, or computer within a single domain. This
name is not guaranteed to be unique across domains.
See also: domain; group; security principal

select
To specify a block of data or text on screen by highlighting it or otherwise marking it, with
the intent of performing some operation on it.

Serial Line Internet Protocol (SLIP)

An older industry standard that is part of Windows remote access client to ensure
interoperability with other remote access software.
See also: remote access

serial port
An interface on the computer that allows asynchronous transmission of data characters
one bit at a time. Also called a communication or COM port.
See also: communication port; port

SerialKey device
Enables you to attach an alternate input device (also called an augmentative
communication device) to your computer's serial port. This feature is designed for people
who are unable to use the computer's standard keyboard and mouse.

server
In general, a computer that provides shared resources to network users.
See also: client; shared resource

server cluster
A group of independent computer systems, known as nodes, working together as a single
system to ensure that mission-critical applications and resources remain available to
clients. A server cluster is the type of cluster that Cluster service implements.
See also: cluster

Server Message Block (SMB)

A file-sharing protocol designed to allow networked computers to transparently access files
that reside on remote systems over a variety of networks. The SMB protocol defines a
series of commands that pass information between computers. SMB uses four message
types: session control, file, printer, and message.

server zone
The AppleTalk zone on which a server appears. On a Phase 2 network, a server appears
in the default zone of the server's default network.
See also: server; zone

service
A program, routine, or process that performs a specific system function to support other
programs, particularly at a low (close to the hardware) level. When services are provided
over a network, they can be published in Active Directory, facilitating service-centric
administration and usage. Some examples of services are the Security Accounts Manager
service, File Replication service, and Routing and Remote Access service.
See also: Active Directory; Dynamic Host Configuration Protocol (DHCP); Service Profile
Identifier (SPID)

service (SRV) resource record

A resource record used in a zone to register and locate well-known TCP/IP services. The
SRV resource record is specified in RFC 2782, and it is used to locate domain controllers
for Active Directory.
See also: Active Directory; resource record (RR); Transmission Control Protocol/Internet
Protocol (TCP/IP)

Service Profile Identifier (SPID)

An 8-digit to 14-digit number that identifies the services that you ordered for each Bchannel. For example, when you order Primary Rate ISDN, you obtain two phone numbers
and two SPIDs from your ISDN provider. Typical ISDN adapters cannot operate without
configuring SPIDs.
See also: Integrated Services Digital Network (ISDN); service; B-channel

Service Provider Interface

Calling conventions that back-end services use to make themselves accessible to frontend applications.
See also: service

service ticket
A ticket issued by the Kerberos V5 ticket-granting service (TGS) that allows a user to
authenticate to a specific service in the domain.
See also: KerberosV5 authentication protocol; ticket; ticket-granting service (TGS)

session
A logical connection created between two hosts to exchange data. Typically, sessions use
sequencing and acknowledgments to send data reliably.
In the context of load balancing TCP/IP traffic, a set of client requests directed to a server.
These requests can be invoked with multiple, possibly concurrent, TCP connections. The
server program sometimes maintains state information between requests. To preserve
access to the server state, Network Load Balancing needs to direct all requests within a
session to the same cluster host when load balancing.
See also: client request; load balancing; server; Transmission Control Protocol/Internet
Protocol (TCP/IP)

session concentration
For Message Queuing, a feature that typically reduces network bandwidth within a site and
the number of sessions between sites. Specially configured Message Queuing servers
with routing services provide session concentration.
See also: bandwidth; Message Queuing; Message Queuing server; routing services;
session; site

Session Description Protocol (SDP)

A protocol that TAPI uses to advertise IP multicast conferences. This protocol describes
multimedia sessions for the purposes of session announcement, session invitation, and
other forms of session initiation. SDP descriptors are stored in Active Directory. SDP is
described in RFC 2327 of the IETF.
See also: Telephony API (TAPI); multicast; Active Directory; Internet Engineering Task
Force (IETF); protocol

Set
Applies any changes you have made without closing the dialog box.

set-by-caller callback
In Network Connections, a form of callback in which the user supplies the telephone
number that the remote access server uses for callback. This setting spares the user any
long-distance telephone charges.
See also: remote access server; connected, user authenticated

share
To make resources, such as folders and printers, available to others.
See also: resource

share name
A name that refers to a shared resource on a server. Each shared folder on a server has a
share name used by personal computer users to refer to the folder. Users of Macintosh
computers use the name of the Macintosh-accessible volume that corresponds to a folder,
which may be the same as the share name.

shared folder
A folder on another computer that has been made available for other people to use on the
network.

shared folder permissions

Permissions that restrict a shared resource's availability over the network to only certain
users.
See also: permission

shared printer
A printer that receives input from more than one computer. For example, a printer attached
to another computer on the network can be shared so that it is available for you to use.
Shared printer is also called a network printer.
See also: printer

shared resource
Any device, data, or program that is used by more than one other device or program. For
Windows, shared resources refer to any resource that is made available to network users,
such as folders, files, printers, and named pipes. A shared resource can also refer to a
resource on a server that is available to network users.
See also: device; resource; server

shortcut
A link to any item accessible on your computer or on a network, such as a program, file,
folder, disk drive, Web page, printer, or another computer. You can put shortcuts in various
areas, such as on the desktop, on the Start menu, or in specific folders.
See also: desktop

ShowSounds
A feature that instructs programs that usually convey information only by sound to also
provide all information visually, such as by displaying text captions or informative icons.

Simple Mail Transfer Protocol (SMTP)

A member of the TCP/IP suite of protocols that governs the exchange of electronic mail
between message transfer agents.
See also: protocol; Transmission Control Protocol/Internet Protocol (TCP/IP)

Simple Network Management Protocol (SNMP)

A network protocol used to manage TCP/IP networks. In Windows, the SNMP service is
used to provide status information about a host on a TCP/IP network.
See also: agent; protocol; service; Transmission Control Protocol/Internet Protocol
(TCP/IP)

Simple Network Time Protocol (SNTP)

A protocol used to synchronize clocks over the Internet. SNTP enables client computers to
synchronize their clocks with a time server over the Internet.

Simple TCP/IP Services

Four TCP/IP services: Character Generator, Daytime Discard, Echo, and Quote of the Day.
See also: service; Transmission Control Protocol/Internet Protocol (TCP/IP)

simple volume
A dynamic volume made up of disk space from a single dynamic disk. A simple volume can
consist of a single region on a disk or multiple regions of the same disk that are linked
together. You can extend a simple volume within the same disk or onto additional disks. If
you extend a simple volume across multiple disks, it becomes a spanned volume. You can
create simple volumes only on dynamic disks. Simple volumes are not fault tolerant, but
you can mirror them to create mirrored volumes.
See also: dynamic disk; dynamic volume; fault tolerance; mirrored volume; spanned
volume; volume

Single Instance Store (SIS)

A component that saves disk space on the server by maintaining a single physical copy of
all identical files found. If SIS finds a duplicate file on the server, it copies the original file
into the SIS store and leaves a link where the original resided. This technology is used
only with Remote Installation Services.
See also: Remote Installation Services

single sign-on
A process that allows a user with a domain account to log on to a network once, using a
password or smart card, and to gain access to any computer in the domain.
See also: domain; smart card

single switch device

An assistive computer technology for people with mobility impairments. A single switch
device allows users to interact with a computer by using slight body movements.

site
One or more well connected (highly reliable and fast) TCP/IP subnets. A site allows
administrators to configure Active Directory access and replication topology quickly and

easily to take advantage of the physical network. When users log on, Active Directory
clients locate Active Directory servers in the same site as the user.
See also: subnet; Active Directory; replication topology; Transmission Control
Protocol/Internet Protocol (TCP/IP)

SLIP (Serial Line Internet Protocol)

See definition for: Serial Line Internet Protocol (SLIP)

small computer system interface (SCSI)

A standard high-speed parallel interface defined by the American National Standards
Institute (ANSI). A SCSI interface is used for connecting microcomputers to peripheral
devices such as hard disks and printers, and to other computers and local area networks
(LANs).
See also: device; local area network (LAN)

smart card
A credit card-sized device that is used with an access code to enable certificate-based
authentication and single sign-on to the enterprise. Smart cards securely store certificates,
public and private keys, passwords, and other types of personal information. A smart card
reader attached to the computer reads the smart card.
See also: authentication; single sign-on; smart card reader

smart card reader

A device that is installed in computers to enable the use of smart cards for enhanced
security features.
See also: smart card

snap-in
A type of tool you can add to a console supported by Microsoft Management Console
(MMC). A stand-alone snap-in can be added by itself; an extension snap-in can only be
added to extend the function of another snap-in.
See also: Microsoft Management Console (MMC)

socket
An identifier for a particular service on a particular node on a network. The socket consists
of a node address and a port number, which identifies the service. For example, port 80 on
an Internet node indicates a Web server. There are two kinds of sockets: streams
(bidirectional) and datagrams.
See also: datagram; process; raw socket; port

software decoder
A type of digital video disc (DVD) decoder that allows a DVD drive to display movies on
your computer screen. A software decoder uses only software to display movies.

See also: DVD decoder; DVD drive; hardware decoder

Sound card
Accessory expansion board for personal computers that permits recording and playing
back sound.

sound file
A sound file contains information that Windows uses to play sounds on your computer.
Sound files have the file name extension .wav.

SoundSentry
A Windows feature that produces a visual cue, such as a screen flash or a blinking title
bar, whenever the computer plays a system sound.

source document
The document where a linked or embedded object was originally created.
See also: embedded object; linked object

source journaling
For Message Queuing, the process of storing a copy of an outgoing message. Source
journaling is configured on a message basis and is set by the sending application. When
source journaling is enabled, a copy of the message is put in the source journal queue of
the source computer when the message arrives at the destination (target) queue.
See also: journal queue; Message Queuing; target journaling

spanned volume
A dynamic volume consisting of disk space on more than one physical disk. You can
increase the size of a spanned volume by extending it onto additional dynamic disks. You
can create spanned volumes only on dynamic disks. Spanned volumes are not fault
tolerant and cannot be mirrored.
See also: dynamic disk; dynamic volume; fault tolerance; mirrored volume; simple volume;
volume

special access permissions

On NTFS volumes, a custom set of permissions. You can customize permissions on files
and directories by selecting the individual components of the standard sets of permissions.
See also: volume; permission; NTFS file system

speech recognition
The ability to interpret spoken words and convert them into computer-readable text.
Speech recognition programs allow you to enter text by speaking into a microphone, rather
than using a keyboard.

splitting
A Briefcase command that separates the copy of the file inside Briefcase from the copy
outside Briefcase.

spooling
A process on a server in which print documents are stored on a disk until a printer is ready
to process them. A spooler accepts each document from each client, stores it, then sends
it to a printer when the printer is ready.
See also: print spooler

standby
A state in which your computer consumes less power when it is idle, but remains available
for immediate use. While your computer is on standby, information in computer memory is
not saved on your hard disk. If there is an interruption in power, the information in memory
is lost.

Start Application Enable

When checked, the server DDE application automatically starts when a client DDE
application attempts to initiate a DDE conversation. When cleared, attempts to open a
DDE conversation succeed only if the server DDE application is already running.

start-of-authority (SOA) resource record

A record that indicates the starting point or original point of authority for information stored
in a zone. The SOA resource record (RR) is the first RR created when adding a new zone.
It also contains several parameters used by other computers that use DNS to determine
how long they will use information for the zone and how often updates are required.
See also: zone; authoritative; Domain Name System (DNS); resource record (RR)

startup environment
In dual-boot or multiple-boot systems, the configuration settings that specify which system
to start and how each system should be started.
See also: dual boot; multiple boot

static dialog box

A scripted dialog box between the client computer and an intermediary device. This kind of
dialog box requires no response from the user.
See also: client

static routes
Routes in the routing table that are permanent. Static routes are manually configured by a
network administrator. They change only if the network administrator changes them. If the
routing protocol is configured to support auto-static routes (automatically added static
routes), then the router can issue a request to a protocol to get an update of routing
information on a specific interface. The results of such an update are then converted and

kept as static routes.

See also: routing; protocol; router

status area
See definition for: notification area

status bar
A line of information related to the current program. The status bar is usually located at the
bottom of a window. Not all windows have a status bar.

StickyKeys
A keyboard feature that enables you to press a modifier key (CTRL, ALT, or SHIFT), or the
Windows logo key, and have it remain active until a non-modifier key is pressed. This is
useful for people who have difficulty pressing two keys simultaneously.
See also: ToggleKeys; FilterKeys; MouseKeys

Stop error
A serious error that affects the operating system and that could place data at risk. The
operating system generates an obvious message, a screen with the Stop error, rather than
continuing on and possibly corrupting data. Stop error is also called a fatal system error.

strict RFC checking

For DNS, a form of domain name checking that examines characters used in DNS names
for compliance with DNS naming requirements and valid character usage as specified in
RFC 1123, Requirements for Internet Hosts - Applications and Support. For strict RFC
compliance, DNS domain names will use name labels made up only of valid uppercase
and lowercase letters, number characters, and hyphens (A through Z, a through z, 0
through 9, -), separated by periods.
See also: domain name; Domain Name System (DNS); label; loose name checking;
Request for Comments (RFC)

string
A group of characters or character bytes handled as a single entity. Computer programs
use strings to store and transmit data and commands. Most programming languages
consider strings (such as 2674:gstmn) as distinct from numeric values (such as 470924).
See also: transmitting station ID (TSID) string

subkey
A key within a key. In the registry structure, subkeys are subordinate to subtrees and keys.
Keys and subkeys are similar to the section header in .ini files; however, subkeys can
carry out functions.
See also: registry; descendent key; key; subkey

subnet
A subdivision of an IP network. Each subnet has its own unique subnetted network ID.

subnet bandwidth management (SBM)

An IETF standard that enables administrative control at the subnet level.

subnet mask
A 32-bit value that enables the recipient of IP packets to distinguish the network ID and
host ID portions of the IP address. Typically, subnet masks use the format 255.x.x.x.

subtree
Any node within a tree, along with any selection of connected descendant nodes. In the
registry structure, subtrees are the primary nodes that contain keys, subkeys, and value
entries.
See also: registry; key; subkey; value entry

switch type
The type of interface to which your ISDN device is being attached. Switch type is also
called switch.
See also: B-channel; D-channel; Integrated Services Digital Network (ISDN)

switching hub
A central network device (multiport hub) that forwards packets to specific ports rather than,
as in conventional hubs, broadcasting every packet to every port. In this way, the
connections between ports deliver the full bandwidth available.
See also: hub; packet

symmetric encryption
An encryption algorithm that requires the same secret key to be used for both encryption
and decryption. Because of its speed, symmetric encryption is typically used when a
message sender needs to encrypt large amounts of data. Symmetric encryption is also
called secret key encryption.
See also: public key encryption

synchronize
To reconcile the differences between files stored on one computer and versions of the
same files on another computer. Once the differences are determined, both sets of files
are updated.

system access control list (SACL)

The part of an object's security descriptor that specifies which events are to be audited per
user or group. Examples of auditing events are file access, logon attempts, and system
shutdowns.

See also: discretionary access control list (DACL); event; object; security descriptor

system area network

A network configuration, usually on a separate Internet Protocol (IP) subnet, that gives
data a direct path to system hardware.
See also: subnet

system disk
A disk that contains the MS-DOS system files necessary to start MS-DOS.
See also: MS-DOS (Microsoft Disk Operating System)

system files
Files used by Windows to load, configure, and run the operating system. Generally,
system files must never be deleted or moved.

System menu
A menu that contains commands you can use to manipulate a window or close a program.
You click the program icon at the left of the title bar to open the System menu.

system partition
The partition that contains the hardware-specific files needed to load Windows (for
example, Ntldr, Osloader, Boot.ini, Ntdetect.com). The system partition can be, but does
not have to be, the same as the boot partition.
See also: boot partition; partition

System Policy
A Windows NT 4.0-style policy based on registry settings made using Poledit.exe, the
System Policy Editor.
See also: policy; registry

system queue
For Message Queuing, a queue that stores various types of administrative messages.
Message Queuing uses up to five system queues, all of which are private queues. System
queues cannot be deleted.
See also: Message Queuing; queue; private queue; system queue

System Restore
A tool that tracks changes to your computer and creates a restore point when it detects the
beginning of a change. You can use the System Restore Wizard to select a restore point to
restore your computer to an earlier state when your computer was functioning the way you
like.

system volume
The volume that contains the hardware-specific files that are needed to load Windows on
x86-based computers with a BIOS. The system volume can be, but does not have to be,
the same volume as the boot volume.
See also: basic input/output system (BIOS); boot volume; volume; x86

systemroot
The path and folder name where the Windows system files are located. Typically, this is
C:\Windows, although you can designate a different drive or folder when you install
Windows. You can use the value %systemroot% to replace the actual location of the folder
that contains the Window system files. To identify your systemroot folder, click Start, click
Run, type %systemroot%, and then click OK.

SYSVOL
A shared directory that stores the server copy of the domain's public files, which are
replicated among all domain controllers in the domain.
See also: domain; domain controller

T
tag
For Indexing Service, one or more terms that identify an element in a query, such as
weight, phrase, property, or regular expression. For example, the tag {prop name=created}
specifies the Created property in a query.
See also: property; query

target
The mapping destination of a DFS root or link, which corresponds to a physical folder that
has been shared on the network.

target journaling
For Message Queuing, the process of storing a copy of incoming messages. Target
journaling is configured on a queue basis. When target journaling is enabled, a copy of
each incoming message is placed in the target journal queue when the message is
retrieved (read) from the destination queue.
See also: journal queue; Message Queuing; source journaling

Task Manager
A utility that provides information about programs and processes running on the computer.
Using Task Manager, you can end or run programs and end processes, and display a
dynamic overview of your computer's performance.

taskbar
The bar that contains the Start button and appears by default at the bottom of the desktop.
You can click the taskbar buttons to switch between programs. You can also hide the
taskbar, move it to the sides or top of the desktop, and customize it in other ways.
See also: desktop; taskbar button; notification area

taskbar button
A button that appears on the taskbar and corresponds to a running application.
See also: taskbar

TCP
Transmission Control Protocol.

TCP/IP
See definition for: Transmission Control Protocol/Internet Protocol (TCP/IP)

Telephony API (TAPI)

An application programming interface (API) used by communications programs to work
with telephony and network services. Communications programs like HyperTerminal and
Phone Dialer use TAPI to dial, answer, and route telephone calls on conventional
telephony devices, including PBXs, modems, and fax machines. TAPI 3.0 also provides
Internet Protocol (IP) telephony support, which Phone Dialer and other programs use to
transmit, route, and control real-time audio and video signals over IP-based networks such
as the Internet.
See also: service; Internet Protocol (IP); modem (modulator/demodulator); application
programming interface (API)

Telnet
A terminal-emulation protocol that is widely used on the Internet to log on to network
computers. Telnet also refers to the application that uses the Telnet protocol for users who
log on from remote locations.
See also: protocol

terminal
A device consisting of a display screen and a keyboard that is used to communicate with a
computer.

terminate-and-stay-resident (TSR) program

A program running under MS-DOS that remains loaded in memory even when it is not
running, so that it can be quickly invoked for a specific task performed while any other
application is operating.
See also: MS-DOS (Microsoft Disk Operating System)

test queue
For Message Queuing, a queue that stores sent test messages.
See also: Message Queuing; queue

text box
In a dialog box, a box in which you type information needed to carry out a command. The
text box may be blank or may contain text when the dialog box opens.

text service
A program that enables a user to enter or edit text. Text services include keyboard layouts,
handwriting and speech recognition programs, and Input Method Editors (IMEs). IMEs are
used to enter East Asian language characters with a keyboard.

theme
A set of visual elements that provide a unified look for your computer desktop. A theme
determines the look of the various graphic elements of your desktop, such as the windows,
icons, fonts, colors, and the background and screen saver pictures. It can also define
sounds associated with events such as opening or closing a program.

Thread Count
In Task Manager, the number of threads running in a process.
See also: Task Manager

thumbnail
A miniature version of an image that is often used for quick browsing through multiple
images.

ticket
A set of identification data for a security principle, issued by a domain controller for
purposes of user authentication. Two forms of tickets in Windows are ticket-granting tickets
(TGTs) and service tickets.
See also: authentication; domain controller; service ticket; ticket-granting ticket (TGT)

ticket-granting service (TGS)

A Kerberos V5 service provided by the Kerberos V5 Key Distribution Center (KDC) service
that issues service tickets that allow users to authenticate to services in a domain.
See also: KerberosV5 authentication protocol; Key Distribution Center (KDC); service
ticket; ticket-granting ticket (TGT)

ticket-granting ticket (TGT)

A credential issued to a user by the Kerberos Key Distribution Center (KDC) when the user
logs on. The user must present the TGT to the KDC when requesting session tickets for
services. Because a TGT is normally valid for the life of the user's logon session, it is

sometimes called a user ticket.

See also: KerberosV5 authentication protocol; Key Distribution Center (KDC); ticketgranting service (TGS)

time server
A computer that periodically synchronizes the time on all computers within a network. This
ensures that the time used by network services and local functions remains accurate.

time slice
A brief period of time during which a particular task is given control of the microprocessor
in a time-sharing multitasking environment. A computer's processor is allocated to an
application, usually measured in milliseconds. Time slice is also called quantum.

time stamp
A certification by a trusted third party specifying that a particular message existed at a
specific time and date. In a digital context, trusted third parties generate a trusted time
stamp for a given message by having a time stamping service append a time value to a
message and then digitally signing the result.
See also: digital signature; service

Time to Live (TTL)

A timer value included in packets sent over TCP/IP-based networks that tells the recipients
how long to hold or use the packet or any of its included data before expiring and
discarding the packet or data. For DNS, TTL values are used in resource records within a
zone to determine how long requesting clients should cache and use this information when
it appears in a query response answered by a DNS server for the zone.
See also: DNS Server; Domain Name System (DNS); packet; resource record (RR);
Transmission Control Protocol/Internet Protocol (TCP/IP); zone

time-out error
A condition where an expected character is not received in time. When this condition
occurs, the software assumes that the data has been lost and requests that it be resent.

time-out interval
For Process Control, the time the server waits, when a command cannot be successfully
completed, before canceling the command. You can configure this in the Process Control
snap-in.

title bar
The horizontal bar at the top of a window that contains the name of the window. On many
windows, the title bar also contains the program icon, the Maximize, Minimize, and Close
buttons, and the optional ? button for context-sensitive Help. To display a menu with
commands such as Restore and Move, right-click the title bar.
See also: maximize; minimize

ToggleKeys
A feature that sets your keyboard to beep when one of the locking keys (CAPS LOCK,
NUM LOCK, or SCROLL LOCK) is turned on or off.
See also: FilterKeys; MouseKeys; StickyKeys; ToggleKeys

token
Any nonreducible textual element in data that is being parsed. For example, the use in a
program of a variable name, a reserved word, or an operator. Storing tokens as short
codes shortens program files and speeds execution.
For networking, a unique structured data object or message that circulates continuously
among the nodes of a token ring and describes the current state of the network. Before
any node can send a message on the network, it must first wait to control the token. See
also token ring.

toolbar
In a program in a graphical user interface, a row, column, or block of on-screen buttons or
icons. When clicked, these buttons or icons activate certain functions, or tasks, of the
program. For example, the toolbar in Microsoft Word contains buttons for, among other
actions, changing text to italic or boldface, and for saving or opening a document. Users
can often customize toolbars and move them around on the screen.

top-level domains
Domain names that are rooted hierarchically at the first tier of the domain namespace
directly beneath the root (.) of the DNS namespace. On the Internet, top-level domain
names such as .com and .org are used to classify and assign second-level domain names
(such as microsoft.com) to individual organizations and businesses according to their
organizational purpose.
See also: domain; domain name; domain namespace; Domain Name System (DNS); root;
second-level domains

topology
In Windows, the relationships among a set of network components. In the context of Active
Directory replication, topology refers to the set of connections that domain controllers use
to replicate information among themselves.
See also: Active Directory; domain controller; replication

touch-tone dialing
A form of dialing that uses multiple-tone signaling. The user hears a series of tones
(beeps) when dialing. Push-button telephones usually use touch-tone dialing.
See also: pulse dialing

trace log
A type of log generated when the user selects a trace data provider using Performance.
Trace logs differ sdff from counter-data logs in that they measure data continuously rather

than take periodic samples.

training
The process of teaching the speech recognition engine to recognize your voice and
manner of speaking. The speech engine looks for patterns in the way you speak, enabling
it to provide better accuracy when you dictate text. You train the engine by reading text in
the training wizard, and continue to train the engine as you dictate text while working.

transaction
For Message Queuing, the pairing of two or more actions that are performed together as a
single action; the action succeeds or fails as a whole. Using Microsoft Distributed
Transaction Coordinator (MS DTC) ensures that either both actions succeed or neither is
executed.
See also: Message Queuing; Microsoft Distributed Transaction Coordinator (MS DTC);
transaction dead-letter queue; transactional message

transaction dead-letter queue

For Message Queuing, a queue that stores transactional messages that cannot reach their
destination queue. Transaction dead-letter queues store failed messages on the computer
on which the message expired. Messages in these queues are written to disk and are
therefore recoverable.
See also: dead-letter queue; Message Queuing; transaction; queue

transactional message
For Message Queuing, a message that can be sent and received only from within a
transaction. This type of message returns to its prior state when a transaction is terminated
abruptly. A transactional message is removed from a queue only when the transaction is
committed; otherwise, it remains in the queue and can be subsequently read during
another transaction.
See also: Message Queuing; transaction; queue

transceiver
A device that can both transmit and receive signals. On local area networks (LANs), a
transceiver is the device that connects a computer to the network and that converts signals
to and from parallel and serial form.

transitive trust
The standard type of trust relationship between Windows domains in a domain tree or
forest. When a domain joins an existing forest or domain tree, a transitive trust is
automatically established. Transitive trusts are always two-way relationships. This series of
trusts, between parent and child domains in a domain tree and between root domains of
domain trees in a forest, allows all domains in a forest to trust each other for the purposes
of authentication. For example, if domain A trusts domain B and domain B trusts domain C,
then domain A trusts domain C.
See also: domain tree; forest; one-way trust; two-way trust

Transmission Control Protocol/Internet Protocol (TCP/IP)

A set of networking protocols widely used on the Internet that provides communications
across interconnected networks of computers with diverse hardware architectures and
various operating systems. TCP/IP includes standards for how computers communicate
and conventions for connecting networks and routing traffic.
See also: protocol; Internet Protocol (IP)

transmitting station ID (TSID) string

A string that specifies the transmitter subscriber ID sent by the fax machine when sending
a fax to a receiving machine. This string is usually a combination of the fax or telephone
number and the name of the business. It is often the same as the called subscriber ID.
See also: called subscriber ID (CSID) string; string

Transport Driver Interface (TDI)

A common set of routines for network layer components that communicate with the
session layer of the Open Systems Interconnection (OSI) model. These routines allow
software components above and below the transport layer to be mixed and matched
without reprogramming.
See also: Open Systems Interconnection (OSI) reference model

Transport Layer Security (TLS)

A standard protocol that is used to provide secure Web communications on the Internet or
intranets. It enables clients to authenticate servers or, optionally, servers to authenticate
clients. It also provides a secure channel by encrypting communications. TLS is the latest
and a more secure version of the SSL protocol.
See also: Secure Sockets Layer (SSL); authentication; protocol

transport provider
The driver and support files that provide transport services in a networking environment.

trap
In Simple Network Management Protocol (SNMP), a message sent by an agent to a
management system indicating that an event has occurred on the host running the agent.
See also: agent; event; host; Simple Network Management Protocol (SNMP)

tree view
A hierarchical representation of the folders, files, disk drives, and other resources
connected to a computer or network. For example, Windows Explorer uses a tree view to
display the resources that are attached to a computer or a network.
See also: resource

Trivial File Transfer Protocol (TFTP)

A protocol used to download the initial files needed to begin the installation process.

See also: protocol

Trojan horse
A program that masquerades as another common program in an attempt to receive
information. An example of a Trojan horse is a program that behaves like a system logon
to retrieve user names and password information that the writers of the Trojan horse can
later use to break into the system.

TrueType fonts
Fonts that are scalable and sometimes generated as bitmaps or soft fonts, depending on
the capabilities of your printer. TrueType fonts are device-independent fonts that are stored
as outlines. They can be sized to any height, and they can be printed exactly as they
appear on the screen.
See also: font

trust relationship
A logical relationship established between domains to allow pass-through authentication,
in which a trusting domain honors the logon authentications of a trusted domain. User
accounts and global groups defined in a trusted domain can be given rights and
permissions in a trusting domain, even though the user accounts or groups don't exist in
the trusting domain's directory.
See also: group; user account; permission; authentication; domain; global group

tunnel
A logical connection over which data is encapsulated. Typically, both encapsulation and
encryption are performed and the tunnel is a private, secure link between a remote user or
host and a private network.
See also: encryption; host; tunnel server; voluntary tunnel

tunnel server
A server or router that terminates tunnels and forwards traffic to the hosts on the target
network.
See also: host; router; server; tunnel

two-way trust
A type of trust relationship in which both of the domains in the relationship trust each other.
In a two-way trust relationship, each domain has established a one-way trust with the other
domain. For example, domain A trusts domain B and domain B trusts domain A. Two-way
trusts can be transitive or nontransitive. All two-way trusts between Windows domains in
the same domain tree or forest are transitive.
See also: domain tree; forest; one-way trust; transitive trust

Type 1 fonts
Scalable fonts designed to work with PostScript devices.

See also: font; PostScript

U
UDP socket
A socket that transmits datagrams over the User Datagram Protocol (UDP).
See also: datagram; socket; User Datagram Protocol (UDP)

unallocated space
Available disk space that is not allocated to any volume. The type of volume that you can
create on unallocated space depends on the disk type. On basic disks, you can use
unallocated space to create primary or extended partitions. On dynamic disks, you can use
unallocated space to create dynamic volumes.
See also: basic disk; dynamic disk; extended partition; logical drive; object; partition;
primary partition; volume

UNC (Universal Naming Convention) name

The full name of a resource on a network. It conforms to the \\servername\sharename
syntax, where servername is the name of the server and sharename is the name of the
shared resource. UNC names of directories or files can also include the directory path
under the share name, with the following syntax:
\\servername\sharename\directory\filename
See also: share name; resource

undock
To detach a laptop or other portable computer from a docking station.
See also: dock; docking station; hot docking

unicast
In data communications networks, to transmit data from one terminal to another, such as
from client to server, or from server to server.

Unicode
A character encoding standard developed by the Unicode Consortium that represents
almost all of the written languages of the world. The Unicode character repertoire has
multiple representation forms, including UTF-8, UTF-16, and UTF-32. Most Windows
interfaces use the UTF-16 form.
See also: American Standard Code for Information Interchange (ASCII); Unicode
Character System (UCS); Unicode Transmission Format 8 (UTF-8)

Unicode Character System (UCS)

An international standard character set reference that is part of the Unicode standard. The

most widely held existing version of the UCS standard is UCS-2, which specifies 16-bit
character values currently accepted and recognized for use to encode most of the world's
languages.
See also: Unicode Transmission Format 8 (UTF-8); American Standard Code for
Information Interchange (ASCII); Unicode

Unicode Transmission Format 8 (UTF-8)

A character set for protocols evolving beyond the use of ASCII. The UTF-8 protocol
provides for support of extended ASCII characters and translation of UCS-2, an
international 16-bit Unicode character set. UTF-8 enables a far greater range of names
than can be achieved using ASCII or extended ASCII encoding for character data.
See also: American Standard Code for Information Interchange (ASCII); Unicode
Character System (UCS); Unicode

Uniform Resource Locator (URL)

An address that uniquely identifies a location on the Internet. A URL for a World Wide Web
site is preceded with http://, as in the fictitious URL http://www.example.microsoft.com/. A
URL can contain more detail, such as the name of a page of hypertext, usually identified
by the file name extension .html or .htm.

uninstall
When referring to software, the act of removing program files and folders from your hard
disk and removing related data from your registry so the software is no longer available.
When referring to a device, the act of removing the corresponding device drivers from your
hard disk and physically removing the device from your computer.
See also: device driver; install

uninterruptible power supply (UPS)

A device connected between a computer and a power source to ensure that electrical flow
is not interrupted. UPS devices use batteries to keep the computer running for a period of
time after a power failure. UPS devices usually provide protection against power surges
and brownouts as well.

universal group
A security or distribution group that can be used anywhere in the domain tree or forest. A
universal group can have members from any Windows domain in the domain tree or
forest. It can also include other universal groups, global groups, and accounts from any
domain in the domain tree or forest. Rights and permissions must be assigned on a perdomain basis, but can be assigned at any domain in the domain tree or forest.
Universal groups can be members of domain local groups and other universal groups, but
they cannot be members of global groups. Universal groups appear in the global catalog
and should contain primarily global groups.
See also: distribution group; domain; domain tree; domain local group; forest; global
group; global catalog; security group

Universal Naming Convention (UNC)

A convention for naming files and other resources beginning with two backslashes (\),
indicating that the resource exists on a network computer. UNC names conform to the
\\SERVERNAME\SHARENAME syntax, where SERVERNAME is the server's name and
SHARENAME is the name of the shared resource. The UNC name of a directory or file
can also include the directory path after the share name, with the following syntax:
\\SERVERNAME\SHARENAME\DIRECTORY\FILENAME.

universal serial bus (USB)

An external bus that supports Plug and Play installation. Using USB, you can connect and
disconnect devices without shutting down or restarting your computer. You can use a
single USB port to connect up to 127 peripheral devices, including speakers, telephones,
CD-ROM drives, joysticks, tape drives, keyboards, scanners, and cameras. A USB port is
usually located on the back of your computer near the serial port or parallel port.
See also: port; bus; Plug and Play

UNIX
A powerful, multiuser, multitasking operating system initially developed at AT&T Bell
Laboratories in 1969 for use on minicomputers. UNIX is considered more portable, that is,
less computer-specific, than other operating systems because it is written in C language.
Newer versions of UNIX have been developed at the University of California at Berkeley
and by AT&T.

UPS service
A service that manages an uninterruptible power supply (UPS) connected to a computer.
See also: service

URL
See definition for: Uniform Resource Locator (URL)

USB port
An interface on the computer that enables you to connect a Universal Serial Bus (USB)
device. USB is an external bus standard that enables data transfer rates of 12 Mbps (12
million bits per second). USB ports support a plug that is approximately 7 mm x 1 mm.
See also: universal serial bus (USB)

user
A person who uses a computer. If the computer is connected to a network, a user can
access the programs and files on the computer, as well as programs and files located on
the network (depending on account restrictions determined by the network administrator).

user account
A record that consists of all the information that defines a user to Windows. This includes
the user name and password required for the user to log on, the groups in which the user

account has membership, and the rights and permissions the user has for using the
computer and network, and accessing their resources. For Windows XP Professional and
member servers, user accounts are managed with Local Users and Groups. For Windows
Server domain controllers, user accounts are managed with Microsoft Active Directory
Users and Computers.
See also: permission; Active Directory Users and Computers; group; password; resource;
user name

User Datagram Protocol (UDP)

A TCP complement that offers a connectionless datagram service that guarantees neither
delivery nor correct sequencing of delivered packets (much like IP).
See also: datagram; Internet Protocol (IP); packet; service

user name
A unique name identifying a user account to Windows. An account's user name must be
unique among the other group names and user names within its own domain or
workgroup.
See also: domain; group name; user account; workgroup

USER object
An object from Window Manager, which includes windows, menus, cursors, icons, hooks,
accelerators, monitors, keyboard layouts, and other internal objects. In Task Manager, the
number of USER objects currently being used by a process.
See also: Task Manager

user password
The password stored in each user's account. Each user generally has a unique user
password and must type that password when logging on or accessing a server.
See also: password; user account

user principal name

A user account name (sometimes referred to as the user logon name) and a domain name
identifying the domain in which the user account is located. This is the standard usage for
logging on to a Windows domain. The format is: user@domain.com (as for an e-mail
address).
See also: domain; domain name; user principal name suffix; user account

user principal name suffix

The UPN suffix is the part of the user principal name to the right of the @ character. The
default UPN suffix for a user account is the DNS domain name of the domain that contains
the user account. Alternative UPN suffixes may be added to simplify administration and
user logon processes by providing a single UPN suffix for all users. The UPN suffix is only
used within the Active Directory forest and is not required to be a valid DNS domain name.
See also: Active Directory; user account; domain; domain name; Domain Name System

(DNS); user principal name

user profile
A file that contains configuration information for a specific user, such as desktop settings,
persistent network connections, and application settings. Each user's preferences are
saved to a user profile that Windows uses to configure the desktop each time a user logs
on.

user rights
Tasks that a user is permitted to perform on a computer system or domain. There are two
types of user rights: privileges and logon rights. An example of a privilege is the right to
shut down the system. An example of a logon right is the right to log on to a computer
locally. Both types are assigned by administrators to individual users or groups as part of
the security settings for the computer.
See also: administrator; domain; group; privilege

Users
A special group that contains all users who have user permissions on the server. When a
Macintosh user assigns permissions to everyone, those permissions are given to the
group's users and guests.
See also: permission; group

V
V.34
Data transmission standard that provides for up to 33,600 bits per second (bps)
communications over telephone lines. It defines a full-duplex (two-way) modulation
technique and includes error-correcting and negotiation.
See also: bits per second (bps); full-duplex; modulation standards; V.90

V.90
Data transmission standard that provides for up to 56,000 bits per second (bps)
communications over telephone lines. The transmission speed from the client-side modem
is 33,600 bps, the same as V.34. The transmission speed from the host-side modem, such
as an Internet service provider (ISP) or corporate network, is up to 56,000 bps, with an
average speed of 40,000 to 50,000 bps. When the host-side modem does not support this
standard, the alternative is V.34.
See also: bits per second (bps); client; host; Internet service provider (ISP); modem
(modulator/demodulator); modulation standards; V.34

value entry
The string of data that appears in the right pane of a registry window and that defines the
value of the currently selected key. A value entry has three parts: name, data type, and the
value itself.

See also: registry; key

variable
In programming, a named storage location capable of containing a certain type of data that
can be modified during program execution.
System environment variables are defined by Windows 2000 Server and are the same no
matter who is logged on to the computer. Administrator group members can add new
variables or change the values, however.
User environment variables can be different for each user of a particular computer. They
include any environment variables you want to define or variables defined by your
applications, such as the path where application files are located.
See also: environment variable

vector
For Indexing Service, an ordered series of words or numbers used in a query. For
example, a single document can have (Scott Cooper; Don Hall; Amy Egert) as a vector of
coauthors.
See also: query

vector font
A font rendered from a mathematical model, in which each character is defined as a set of
lines drawn between points. Vector fonts can be cleanly scaled to any size or aspect ratio.
See also: font; plotter font

video adapter
An expansion board that plugs into a personal computer to give it display capabilities. A
computer's display capabilities depend on both the logical circuitry (provided in the video
adapter) and the monitor. Each adapter offers several different video modes. The two
basic categories of video modes are text and graphics. Within the text and graphics
modes, some monitors also offer a choice of resolutions. At lower resolutions a monitor
can display more colors.
Modern adapters contain memory, so that the computer's RAM is not used for storing
displays. In addition, most adapters have their own graphics coprocessor for performing
graphics calculations. These adapters are often called graphics accelerators.

virtual address
In a virtual memory system, the address the application uses to reference memory. The
kernel and the memory management unit (MMU) translate this address into a physical
address before the memory is actually read or written.
See also: virtual memory

virtual container
A container that allows any LDAP-compliant directory to be accessed through Active
Directory.

See also: Active Directory; Lightweight Directory Access Protocol (LDAP)

virtual IP address
An IP address that is shared among the hosts of a Network Load Balancing cluster. A
Network Load Balancing cluster might also use multiple virtual IP addresses, for example,
in a cluster of multihomed Web servers.
See also: host; multihomed computer; IP address

virtual local area network (VLAN)

A logical grouping of hosts on one or more LANs that allows communication to occur
between hosts as if they were on the same physical LAN.
See also: host; local area network (LAN)

virtual memory
Temporary storage used by a computer to run programs that need more memory than it
has. For example, programs could have access to 4 gigabytes of virtual memory on a
computer's hard drive, even if the computer has only 32 megabytes of RAM. The program
data that does not currently fit in the computer's memory is saved into paging files.
See also: virtual printer memory; paging file; Virtual Memory Size

Virtual Memory Size

In Task Manager, the amount of virtual memory, or address space, committed to a process.
See also: Task Manager; virtual memory

virtual printer memory

In a PostScript printer, a part of memory that stores font information. The memory in
PostScript printers is divided into two areas: banded memory and virtual memory. The
banded memory contains graphics and page-layout information needed to print your
documents. The virtual memory contains any font information that is sent to your printer
either when you print a document or when you download fonts.
See also: PostScript printer; virtual memory

virtual private network (VPN)

The extension of a private network that encompasses encapsulated, encrypted, and
authenticated links across shared or public networks. VPN connections can provide
remote access and routed connections to private networks over the Internet.
See also: authentication; encryption; remote access; routing; tunnel

virus
A program that attempts to spread from computer to computer and either cause damage
(by erasing or corrupting data) or annoy users (by printing messages or altering what is
displayed on the screen).

VoIP (Voice over Internet Protocol)

A method for sending voice over a LAN, a WAN, or the Internet using TCP/IP packets.
See also: local area network (LAN); Transmission Control Protocol/Internet Protocol
(TCP/IP); wide area network (WAN)

volume
An area of storage on a hard disk. A volume is formatted by using a file system, such as
FAT or NTFS, and has a drive letter assigned to it. You can view the contents of a volume
by clicking its icon in Windows Explorer or in My Computer. A single hard disk can have
multiple volumes, and volumes can also span multiple disks.
See also: disk; drive letter; file allocation table (FAT); NTFS file system; simple volume;
spanned volume

volume set
A partition consisting of disk space on one or more physical disks that was created with
Windows NT 4.0 or earlier. You can delete volume sets only with Windows&nsbsp;2000 or
Windows XP. To create new volumes that span multiple disks, use spanned volumes on
dynamic disks.
See also: basic disk; dynamic disk; partition; spanned volume; volume

volume shadow copy

A volume that represents a duplicate of the original volume taken at the time the copy
began.
See also: crash consistency; differential data; volume

voluntary tunnel
A tunnel that is initiated by the client. It tunnels PPP over IP from the client to the tunnel
server, then the data is forwarded to the target host by the tunnel server.
See also: client; host; Internet Protocol (IP); Point-to-Point Protocol (PPP); tunnel; tunnel
server

W
Waiting for Call
A telephony signal that Network Connections has put the modem in Listen mode and is
waiting for incoming calls.
See also: Network Connections; modem (modulator/demodulator)

warning level
The point at which users are nearing their quota limit.
See also: quota limit

Web Distributed Authoring and Versioning (WebDAV)

An application protocol related to HTTP 1.1 that allows clients to transparently publish and
manage resources on the World Wide Web.

Web server
A computer that is maintained by a system administrator or Internet service provider (ISP)
and that responds to requests from a user's browser.
See also: Internet service provider (ISP)

WebDAV
See definition for: Web Distributed Authoring and Versioning (WebDAV)

well-connected
Sufficient connectivity to make your network and Active Directory useful to clients on your
network. The precise meaning of well-connected is determined by your particular needs.
See also: Active Directory

wide area network (WAN)

A communications network connecting geographically separated computers, printers, and
other devices. A WAN allows any connected device to interact with any other on the
network.
See also: device; local area network (LAN)

wildcard character
A keyboard character that can be used to represent one or many characters when
conducting a query. The question mark (?) represents a single character, and the asterisk
(*) represents one or more characters.

wildcarding
In DNS, the supported use of wildcard characters such as the asterisk (*) in domain names
for DNS queries that resolve to multiple names. When wildcarding is used, DNS servers
must support resolving name queries that use wildcard characters, and resolvers must be
able to parse multiple records from any resource record sets (RRsets) issued in wildcard
query responses.
See also: DNS Server; domain name; Domain Name System (DNS); resource record set
(RRset); wildcard character

window
A portion of the screen where programs and processes can be run. You can open several
windows at the same time. For example, you can open your e-mail in one window, work on
a budget in a spreadsheet in another, download pictures from your digital camera in
another window, and order your weekly groceries on the Web in another window. Windows
can be closed, resized, moved, minimized to a button on the taskbar, or maximized to take
up the whole screen.

Windows Internet Name Service (WINS)

A software service that dynamically maps IP addresses to computer names (NetBIOS
names). This allows users to access resources by name instead of requiring them to use
IP addresses that are difficult to recognize and remember. WINS servers support clients
running Windows NT 4.0 and earlier versions of Microsoft operating systems.
See also: Domain Name System (DNS); network basic input/output system (NetBIOS);
WINS proxy; resource; service; WINS resource; IP address

Windows Management Instrumentation (WMI)

A management infrastructure in Windows that supports monitoring and controlling system
resources through a common set of interfaces and provides a logically organized,
consistent model of Windows operation, configuration, and status.
See also: resource

Windows Open Services Architecture (WOSA)

A common set of interfaces that connect front-end applications with back-end services.
See also: service

WINS proxy
A computer that listens to name query broadcasts and responds for those names not on
the local subnet. The proxy communicates with a WINS server to resolve names and then
caches them for a specific time period.
See also: subnet; Windows Internet Name Service (WINS)

WINS resource
A resource type that provides Windows Internet Name Service (WINS) from a cluster.
See also: cluster; resource types; Windows Internet Name Service (WINS)

Winsock
Windows Sockets. An application programming interface (API) standard for software that
provides a TCP/IP interface under Windows.
See also: application programming interface (API); Transmission Control Protocol/Internet
Protocol (TCP/IP)

wireless communication
Communication between a computer and another computer or device without wires. The
form of wireless communication provided as part of the Windows operating system uses
infrared light to transmit files. Radio frequencies, as used by cellular and cordless
telephones, are another form of wireless communication.
See also: infrared (IR); infrared device; infrared port

workgroup
A simple grouping of computers, intended only to help users find such things as printers
and shared folders within that group. Workgroups in Windows do not offer the centralized
user accounts and authentication offered by domains.
See also: authentication; domain; user account

working set
For a process, the amount of physical memory assigned to a process by the operating
system.

World Wide Web

A system for exploring the Internet by using hyperlinks. When you use a Web browser, the
Web appears as a collection of text, pictures, sounds, and digital movies.
See also: internet

writable CD
Recordable compact disc (CD-R) or rewritable compact disc (CD-RW). Data can be copied
to the CD on more than one occasion. Rewritable compact discs can also be erased.

X
X.509v3 certificate
Version 3 of the ITU-T recommendation X.509 for certificate syntax and format. This is the
standard certificate format used by Windows XP certificate-based processes.
An X.509 certificate includes the public key and information about the person or entity to
whom the certificate is issued, information about the certificate, plus optional information
about the certification authority (CA) issuing the certificate.
See also: International Telecommunication Union - Telecommunication [Standardization
Sector] (ITU-T); certificate; certification authority (CA); public key

x86
Refers to microprocessors that have or emulate the 32-bit Intel processor architecture.

XML (Extensible Markup Language)

See definition for: Extensible Markup Language (XML)

Y
There are no glossary terms that begin with this letter.

Z
zone
In the Macintosh environment, a logical grouping that simplifies browsing the network for
resources, such as servers and printers.
In a DNS database, a manageable unit of the DNS database that is administered by a
DNS server. A zone stores the domain names and data of the domain with a
corresponding name, except for domain names stored in delegated subdomains.
See also: Domain Name System (DNS); partition; resource; DNS Server; domain

zone list
In the Macintosh environment, a list that includes all of the zones associated with a
particular network. Zone list is not to be confused with Windows DNS zones.
See also: Domain Name System (DNS); zone

zone transfer
The synchronization of authoritative DNS data between DNS servers. A DNS server
configured with a secondary zone periodically queries the master DNS servers to
synchronize its zone data.
See also: authoritative; DNS Server; secondary master; zone