IT Glossary

Microsoft's directory service for managing users, computers, and permissions across a Windows network. IT administrators use Active Directory to control who can access what resources within an organization.

Software that automatically displays or downloads unwanted advertisements without your consent. While not always malicious, adware slows computers, consumes bandwidth, and can track browsing behavior without permission.

Software designed to detect, prevent, and remove malware from computers. Modern antivirus tools combine signature-based detection with behavioral analysis to identify both known and previously unseen threats.

A set of rules that allows different software applications to communicate and share data with each other. APIs enable the integrations between the apps and services businesses rely on every day.

The process of tracking and managing an organization's IT hardware and software assets throughout their lifecycle from purchase to disposal. Good asset management reduces costs and closes security gaps from forgotten or unpatched devices.

A copy of data stored separately from the original, used to restore files after data loss, corruption, hardware failure, or a ransomware attack. The 3-2-1 rule recommends three copies of data, on two different types of media, with one stored offsite.

The maximum rate of data transfer across a network connection, typically measured in Mbps (megabits per second) or Gbps (gigabits per second). Higher bandwidth means more data can move at once, resulting in faster speeds.

Low-level firmware built into a computer's motherboard that initializes hardware when the system starts and then loads the operating system. UEFI is the modern replacement for the older BIOS standard, offering faster boot times and a graphical interface.

Microsoft's built-in drive encryption tool for Windows. BitLocker encrypts the entire contents of a drive so data cannot be accessed if the device is lost, stolen, or the drive is removed from the machine.

A traditional IT support model where service is only provided reactively when something breaks, billed on an hourly or per-incident basis. Contrasts with managed IT, which is proactive and subscription-based.

A trial-and-error attack where cybercriminals systematically try every possible password or encryption key until the correct one is found. Strong, unique passwords and account lockout policies are the primary defenses.

A temporary storage layer that saves copies of frequently accessed data to speed up future requests. Clearing your browser cache removes these stored copies and can resolve website loading issues or display problems.

The process of copying data to a remote, cloud-based storage service as a backup. Cloud backups provide offsite protection against local disasters and eliminate the need for physical tape management.

The delivery of computing services including servers, storage, databases, networking, and software over the internet on a pay-as-you-go basis. Eliminates the need to own and maintain physical hardware on-site.

A method of archiving data that is rarely accessed using inexpensive, slower storage media. Cloud providers offer cold storage tiers at a fraction of the cost of active storage, making them ideal for long-term data archives.

A lightweight, portable unit that packages an application and all its dependencies together. Containers start faster than virtual machines and ensure an application performs consistently across different computing environments.

The primary chip in a computer responsible for executing instructions and processing data. Often called the brain of the computer. Performance is measured in GHz (gigahertz) and by the number of processing cores.

The portion of the internet not indexed by standard search engines, accessible only through specialized software like Tor. Known for anonymous activity and illegal marketplaces where stolen data and credentials are frequently bought and sold.

An incident where unauthorized individuals gain access to confidential or sensitive data. Breaches can expose personal information, financial records, and login credentials, often resulting in identity theft or significant financial and reputational damage.

A cyberattack that overwhelms a server, network, or service by flooding it with traffic from thousands of sources simultaneously, making it slow or completely unavailable to legitimate users.

A network protocol that automatically assigns IP addresses and other configuration settings to devices when they connect to a network. DHCP eliminates the need to manually configure each device on the network.

The process of integrating digital technology into all areas of a business, fundamentally changing how it operates and delivers value. Involves adopting cloud services, automation, and modern collaboration tools to improve efficiency.

The strategies, processes, and technologies for restoring IT systems and data after a disruptive event such as a cyberattack, hardware failure, or natural disaster. A DR plan defines how quickly and in what order systems must be restored.

The internet's address book. DNS translates human-readable domain names like nexusitnm.com into numeric IP addresses that computers use to find each other. Without DNS, you would need to memorize numbers to visit websites.

In networking, a group of computers and devices managed under a common administrative structure. On the internet, a domain is a website address such as nexusitnm.com. Businesses register domains through registrars like GoDaddy or Namecheap.

The period during which a system, server, or service is unavailable due to failure, maintenance, or a cyberattack. For businesses, downtime directly translates to lost productivity, revenue, and customer trust.

Software that allows the operating system to communicate with a specific hardware device such as a printer, graphics card, or network adapter. Outdated or missing drivers are a common cause of hardware malfunctions and performance issues.

The process of converting readable data into a scrambled format that can only be decoded with the correct key. Encryption protects sensitive data both when it is stored on devices and when it is transmitted across networks.

Any device that connects to a network, including computers, laptops, smartphones, tablets, and printers. Endpoints are common targets for cyberattacks and must be actively monitored, patched, and protected with security software.

Security solutions designed to protect individual devices from cyber threats. Includes antivirus software, endpoint detection and response (EDR) tools, and device management policies enforced by IT administrators across an organization.

A wired networking technology that connects devices using a physical cable, typically Cat5e or Cat6. Ethernet connections are faster, more stable, and more secure than wireless connections, making them the preferred choice for workstations and servers.

A security system that monitors and controls network traffic based on defined security rules. A firewall acts as a barrier between your trusted internal network and untrusted external networks, blocking unauthorized access and malicious traffic.

Low-level software stored on a hardware device that controls its fundamental operation. Examples include router firmware and BIOS. Manufacturers release firmware updates to fix bugs, close security vulnerabilities, and add features.

A node that connects two different networks and translates between them. Your internet router typically serves as your network gateway, routing all traffic between your local network and the broader internet.

A specialized processor designed to rapidly handle graphics rendering and parallel computing tasks. Essential for gaming and video editing, and increasingly used for AI, machine learning, and large-scale data processing workloads.

A traditional storage device that uses spinning magnetic platters to read and write data. Slower and more fragile than SSDs due to their mechanical nature, but they typically offer more storage capacity at a lower cost per gigabyte.

A passive cooling component attached to processors and other components that generate significant heat. Heat sinks draw heat away using metal fins and airflow, preventing overheating that can damage hardware or cause performance throttling.

A centralized IT support function that assists end users experiencing technical problems. Help desks handle requests via phone, email, chat, or ticketing systems and escalate complex issues to specialized technicians.

The secure version of HTTP, the protocol used to transfer data between your browser and a website. HTTPS encrypts the connection using SSL/TLS. Look for the padlock icon and https:// in your address bar to confirm a secure connection.

A computing environment that combines on-premises infrastructure with public and private cloud services, allowing data and workloads to move between them based on cost, performance, and security requirements.

Software that creates and manages virtual machines, allocating physical hardware resources among them. Common examples include VMware ESXi and Microsoft Hyper-V. Also called a virtual machine monitor (VMM).

A cloud computing model where providers deliver virtualized servers, storage, and networking over the internet. You manage the operating systems and applications while the provider manages and maintains the underlying physical hardware.

The process of creating an exact byte-for-byte copy of a hard drive's contents. System images are used for rapid deployment of new computers, disaster recovery, and restoring a machine to a known-good working state.

A unique numerical identifier assigned to every device on a network. Think of it as a mailing address for your computer or phone. Local addresses like 192.168.1.x work inside your network; public addresses identify your connection on the internet.

The combined hardware, software, networks, facilities, and services required to operate an organization's technology environment. Includes servers, storage, networking equipment, workstations, and the physical or virtual data center.

Software or hardware that secretly records every keystroke a user types, including passwords, credit card numbers, and private messages, then transmits the captured data to an attacker for exploitation.

A network connecting devices within a limited physical area such as a home, office, or building. Your home Wi-Fi network is a LAN. Devices on the same LAN communicate directly with each other at high speeds without going through the internet.

The time delay between sending a request and receiving a response over a network, measured in milliseconds. Low latency is critical for video calls, online gaming, and real-time applications. Also commonly referred to as ping.

A unique hardware identifier permanently assigned to a network interface card by the manufacturer. Unlike IP addresses which change, MAC addresses identify the physical device itself and are used to identify specific devices on a local network.

Short for malicious software. Any program or file intentionally designed to harm, disrupt, or gain unauthorized access to a computer system. Includes viruses, ransomware, spyware, trojans, adware, and worms.

A proactive IT model where a third-party provider monitors and manages an organization's systems around the clock for a predictable monthly fee, addressing issues before they cause outages rather than waiting for things to break.

Software allowing IT administrators to remotely manage, monitor, and secure mobile devices used for work. MDM enables enforcing security policies, pushing software updates, remotely locking devices, and wiping lost or stolen devices.

A security method requiring two or more independent verification factors before granting access. Combining something you know (password), something you have (phone app code), or something you are (fingerprint) makes accounts dramatically harder to compromise.

Microsoft's cloud-based productivity platform offering Outlook, Word, Excel, PowerPoint, Teams, and SharePoint on a subscription basis. Widely used by businesses of all sizes for email, communication, collaboration, and file management.

The primary circuit board in a computer that connects all hardware components and allows them to communicate with each other. The CPU, RAM, storage drives, graphics card, and expansion cards all connect to the motherboard.

A company that remotely manages a client's IT infrastructure on a proactive, subscription basis. MSPs monitor systems, apply patches, manage backups, run the helpdesk, and respond to security incidents for a flat monthly fee.

A dedicated file storage device connected to a network that allows multiple users and devices to store and retrieve data from a central location. Commonly used in small businesses and home offices as a shared file server.

A method that allows multiple devices on a private network to share a single public IP address when connecting to the internet. Your router performs NAT automatically, translating between internal private addresses and your public address.

A device that connects multiple devices on the same local network and intelligently forwards traffic only to the intended recipient, making communication faster and more efficient than older network hubs that broadcast to everyone.

A hardware component that connects a computer to a network. Modern computers typically have a NIC built directly into the motherboard. NICs can be wired (Ethernet) or wireless (Wi-Fi).

A high-speed storage interface protocol for solid state drives that connects directly to the CPU via PCIe, bypassing older, slower interfaces. NVMe drives are several times faster than standard SATA SSDs and are now common in modern computers.

Software whose source code is publicly available for anyone to view, modify, and distribute. Open source projects benefit from broad community contributions and are often free to use. Examples include Linux, WordPress, and LibreOffice.

The foundational software that manages all hardware resources and provides a platform for running applications. Common examples include Windows, macOS, Linux, iOS, and Android.

A cloud computing model providing a complete development and deployment environment. Developers can build and run applications without purchasing, configuring, or managing the underlying server infrastructure.

A software application that stores and organizes passwords in an encrypted vault. Users only need to remember one master password while the manager generates and stores strong, unique passwords for every account.

A software update released by a developer to fix bugs, address security vulnerabilities, or add functionality. Applying patches promptly is one of the most effective and low-cost defenses against known cyberattacks.

The systematic process of identifying, testing, and deploying software updates across all systems in an organization. Consistent patch management is a foundational element of cybersecurity hygiene and compliance.

A high-speed interface standard used to connect hardware components like graphics cards, NVMe SSDs, and network cards directly to the motherboard, enabling fast data exchange with the CPU.

An authorized simulated cyberattack performed on a system, network, or application to identify exploitable vulnerabilities before real attackers can find them. Also called pen testing or ethical hacking.

Rules that define what actions a user or group can perform on files, folders, systems, or applications. Properly configured permissions are essential for preventing unauthorized access to sensitive data and critical systems.

A cyberattack using deceptive emails, text messages, or websites to trick people into revealing passwords, credit card numbers, or other sensitive information. Often disguised as urgent messages from banks, vendors, or colleagues.

Cloud infrastructure dedicated exclusively to a single organization. Provides greater control, security, and customization than a public cloud, but typically at a higher cost due to dedicated hardware and management.

An intermediary server between your device and the internet that forwards your requests on your behalf. Used for privacy, content filtering, caching frequently accessed content, and managing which websites users can access.

Cloud computing services offered by third-party providers like Amazon Web Services, Microsoft Azure, and Google Cloud, available over the internet. Offers on-demand scalability and a pay-as-you-go pricing model.

Network management techniques that prioritize certain types of traffic to ensure critical applications like video conferencing and VoIP receive sufficient bandwidth, even when the network is under heavy load.

A technology combining multiple physical drives into a single logical unit for improved performance, increased capacity, or data redundancy. Different RAID levels trade off between speed, total storage, and fault tolerance.

High-speed short-term memory that stores data the computer is actively working with. More RAM allows running more applications simultaneously without slowing down. Measured in gigabytes and is much faster but more expensive than storage drives.

A type of malware that encrypts a victim's files and demands a ransom payment in exchange for the decryption key. Ransomware attacks can cripple organizations for days and result in permanent data loss if no clean backups are available.

A Microsoft protocol that allows users to connect to and control a remote Windows computer over a network or the internet. Widely used by IT technicians to provide remote support without being physically present at the machine.

The duplication of critical system components or infrastructure so that if one component fails, another automatically takes over. Redundancy is a core principle of high-availability systems and minimizes the impact of hardware failures.

Technology that allows a user to access and control a computer from a different physical location over a network. IT technicians use remote desktop tools to troubleshoot and resolve issues without an on-site visit.

A type of malware that gains persistent, privileged access to a system while actively concealing its presence from the user and security tools. Rootkits are among the most difficult forms of malware to detect and fully remove.

A device that connects your home or office network to the internet and routes traffic between all connected devices. Your router assigns local IP addresses, manages data flow, and typically includes a built-in firewall for basic protection.

The maximum acceptable amount of data loss measured in time in the event of a disaster. If your RPO is four hours, your backup system must capture a snapshot of data at least every four hours to meet that requirement.

The maximum acceptable amount of time to restore a system or application to operation after a failure or disaster. If your RTO is two hours, your IT team must have affected systems back online within two hours of an outage occurring.

A software distribution model where applications are hosted in the cloud and accessed via a web browser on a subscription basis. Microsoft 365, Salesforce, and QuickBooks Online are widely used examples.

A high-speed specialized network dedicated to providing block-level storage access to servers. SANs are used in enterprise environments where storage performance, reliability, and scalability are mission-critical requirements.

The ability of a system, network, or application to handle increasing workloads by adding resources as needed. Cloud environments are far more scalable than fixed on-premises infrastructure, allowing rapid adjustment to business demand.

A powerful computer that provides resources, data, or services to other computers over a network. Servers run continuously and are engineered to handle simultaneous requests from many users reliably.

A formal contract between a service provider and a client that defines the expected level of service, including guaranteed response times, uptime percentages, support availability, and consequences for missing those targets.

Psychological manipulation tactics used by cybercriminals to deceive people into revealing confidential information or taking actions that compromise security. Phishing emails are the most prevalent form of social engineering.

Unsolicited bulk messages sent over email or other digital channels. Beyond being a nuisance, spam is frequently used to distribute phishing attacks, malware links, and fraudulent offers at scale.

Malicious software that secretly monitors user activity and collects personal information without consent. Spyware can capture keystrokes, screenshots, and browsing history and transmit the data to attackers for exploitation.

A storage device that uses flash memory chips with no moving mechanical parts. SSDs are significantly faster, quieter, more durable, and more energy-efficient than traditional hard disk drives.

The name of a Wi-Fi network that appears when you scan for available wireless networks on your device. You can customize your network's SSID through your router's settings page.

Security protocols that encrypt data transmitted between a web browser and a server. When you see a padlock icon and https:// in your browser address bar, SSL/TLS is actively protecting your connection from interception.

A logically divided segment of a larger network. Subnetting breaks a network into smaller sections for improved performance, organization, and security by isolating different departments or system types from each other.

Software used by IT teams to log, track, manage, and resolve support requests. Each issue receives a unique ticket number so progress is tracked, nothing falls through the cracks, and response times can be measured and reported.

Malicious software disguised as legitimate or useful software. Once installed by an unsuspecting user, a trojan carries out harmful actions such as stealing data, downloading additional malware, or opening a backdoor for remote attackers.

A security process requiring two forms of verification before granting access: something you know (your password) and something you have (a code sent to your phone). Dramatically reduces the risk of unauthorized access even when a password is compromised.

A battery backup device that provides emergency power to connected equipment during a power outage or voltage fluctuation. A UPS gives you time to safely save work and shut down systems before the battery is depleted.

The percentage of time a system, server, or service is operational and available to users. Commonly expressed as a percentage, where 99.9% uptime equals less than nine hours of unplanned downtime per year.

A software emulation of a complete computer system running on a physical host machine. A single physical server can host many VMs, each with its own operating system and applications, greatly improving hardware utilization.

Technology that creates virtual versions of computing resources, allowing multiple virtual machines to run on a single physical server. Virtualization improves efficiency, simplifies disaster recovery, and reduces hardware costs.

A logically segmented network created within a physical network infrastructure. VLANs group devices together regardless of physical location, improving security by isolating traffic between departments, systems, or guest networks.

Technology that transmits voice calls over the internet rather than traditional telephone lines. Services like Microsoft Teams, Zoom, and RingCentral use VoIP, reducing costs and enabling features traditional phone systems cannot offer.

An encrypted connection over the internet that allows your device to send and receive data as if it were directly connected to a private network. VPNs secure remote access, protect privacy on public Wi-Fi, and help employees work safely from anywhere.

A weakness or flaw in a software system, network configuration, or process that could be exploited by an attacker. Vulnerabilities are discovered through security research and testing and addressed through patches and configuration changes.

A network that spans large geographic areas, connecting multiple LANs together. The internet is the world's largest WAN. Businesses use private WANs to securely connect offices across different cities or regions.

Wireless networking technology that uses radio signals to connect devices to the internet or a local network without physical cables. Wi-Fi is governed by the 802.11 family of standards and managed through your wireless router.

The sixth generation of Wi-Fi technology, delivering faster speeds, better performance in dense environments with many connected devices, and improved battery efficiency compared to previous Wi-Fi generations.

A high-performance computer designed for demanding technical work such as CAD design, video editing, 3D rendering, or scientific computation. More powerful than a standard desktop and typically configured with professional-grade hardware components.

A security framework built on the principle of never trust, always verify. Every user and every device must be authenticated and authorized before accessing any resource, regardless of whether they are inside or outside the network perimeter.

A software security flaw that is unknown to the developer and has no available patch. The name refers to the developer having had zero days to respond. Attackers who discover and exploit zero-days can do so freely until a fix is released.