Security through obscurity: The principle that if no one knows what algorithm is being used or general security practices, then one is safe from attackers
Seed value: A secret value that is used to initialize a process that is generated by software using one or more values
Self-signed certificate:This certificate has been signed by the same entity that issued the certificate
Serial number: A unique identifier for their certificate assigned by the CA which allows the CA to manage and identify individual certificates
Session hijacking (cookie hijacking): A common meddler in the middle attack
Session key: The shared symmetric encryption key using TLS sessions to encrypt data being sent back and forth
Severity:Includes factors like what and how many systems were compromised and how the breach affects business functions
SHA1: It is part of the secure hash algorithm suite of functions, designed by the NSA and published in 1995
Shannon's maxim: It states that the system should remain secure, even if your adversary knows exactly what kind of encryption systems you're employing, as long as your keys remain secure
Single Sign-on (SSO):An authentication concept that allows users to authenticate once to be granted access to a lot of different services and applications
Social engineering: An attack method that relies heavily on interactions with humans instead of computers
Software signing certificate: Trust mechanism where a software vendor can cryptographically sign binaries they distribute using a private key
Spear phishing: Phishing that targets individual or group - the fake emails may contain some personal information like your name, or the names of friends or family
Spoofing:When a source is masquerading around as something else
Spyware: The type of malware that's meant to spy on you
SQL Injection Attack: An attack that targets the entire website if the website is using a SQL database
