A header field, in a file encrypted by using the Encrypting File System, that contains the file encryption key encrypted with a recovery agent's public key.
Disk duplication, or imaging, is a method for duplicating a configuration to multiple destination computers. The destination computers might be part of a network or non-networked. Sysprep works on computers that have similar hardware configurations with identical hardware controllers and hardware abstraction layers (HALs) as the source computer.
Domain Name System (DNS)
A method of naming computers on a network via a hierarchical naming system with the "root" domain at the top of the hierarchy. The Internet uses DNS as do Windows 2000 networks.
Encrypting File System (EFS)
An extension of the NTFS 5.0 file system that allows a user to encrypt files using their private key.
Forward lookup query
A forward lookup is when a host name is resolved to an IP address.
Fully qualified domain name (FQDN)
A Fully qualified domain name is the host name combined with the domain name, such as www.microsoft.com.
Group Policy is a Windows 2000 Technology that allows for centralized change management and desktop control. It is similar to the Windows NT 4.0 System Policies.
Internet Authentication Service (IAS)
Software services that provide security and authentication for dial-in users.
Internet Connection Sharing (ICS)
A Windows 2000 technology that allows multiple computers on a private network to connected to the public Internet via a single connection to the Internet.
Internet Protocol Security (IPSec)
A method of encrypting communications transparently so that they are protected during transit on the wire. Users and applications do not need to be IPSec aware to take advantage of IPSec.
IP Security Policy Management
IPSec is a policy driven security infrastructure. IPSec policies consist of a series of decision trees that determine when and how IPSec should be applied.
Microsoft Management Console (MMC)
The MMC is the central management interface used to administer the Windows 2000 operating system environment.
Mixed mode allows Windows NT and Windows 2000 domain controllers to co-exist in a domain. Mixed mode does not support the universal and nested group enhancements of Windows 2000. The domain mode setting can be changed to Windows 2000 native mode when all Windows NT domain controllers are removed from a domain.
Terminal Services allows a multiuser environment on a terminal server where each user runs their own applications in their own, dedicated computing environment. This is in contrast to Remote Control programs which typically allow a single user access to the remote machine.
A name server is a server service that provides a method of translating network names to IP addresses. Two examples of a name server are DNS Servers and WINS Servers.
When all domain controllers in the domain have been upgraded to Windows 2000 and an administrator has enabled native mode operation.
Network Address Translation (NAT)
Private addresses cannot receive traffic from Internet locations. Therefore, if an intranet is using private addresses and communicating with Internet locations, the private address must be translated to a public address. A network address translator (NAT) is placed between an intranet that uses private addresses and the Internet, which uses public addresses. Outgoing packets from the intranet have their private addresses translated by the NAT into public addresses. Incoming packets from the Internet have their public addresses translated by the NAT into private addresses.
Network installation shared point
A network share containing the Windows 2000 installation files.
Primary zone database file
A DNS Zone file that is the read/write copy of the zone.
Public Key Infrastructure (PKI)
The term generally used to describe the laws, policies, standards, and software that regulate or manipulate certificates and public and private keys. In practice, it is a system of digital certificates, certification authorities, and other registration authorities that verify and authenticate the validity of each party involved in an electronic transaction. Standards for PKI are still evolving, even though they are being widely implemented as a necessary element of electronic commerce. Public key infrastructure is also called PKI.
Remote Authentication Dial-In User Service (RADIUS)
A security authentication protocol based on clients and servers and widely used by Internet service providers (ISPs) on non-Microsoft remote servers. RADIUS is the most popular means of authenticating and authorizing dial-up and tunneled network users today.
Remote Desktop Protocol (RDP)
A key component of Terminal Server is the protocol that allows a "super-thin client" to communicate with the Terminal Server over the network. This protocol is based on International Telecommunications Union's (ITU) T.120 protocol, an international, standard multichannel conferencing protocol currently used in the Microsoft NetMeeting conferencing software product. It is tuned for high-bandwidth enterprise environments and will also support encrypted sessions.
Remote Display Protocol
The Remote Display Protocol controls the graphics display on the terminal client.
Remote installation service (RIS)
Software services that allow an administrator to set up new client computers remotely, without having to visit each client. The target clients must support remote booting.
Routing and Remote Access Service (RRAS)
A comprehensive Routing and Remote Access Server service that provides a number of services for remote access connections into and leaving a Windows 2000 network.
Secondary zone database file
The Secondary Zone database file is a read-only copy of the zone database obtained from the Primary DNS Server for the zone.
Secure Sockets Layer (SSL)
A protocol for secure network communications using a combination of public and secret key technology.