Correlation analysis: The process of taking log data from different systems, and matching events across the systems
Counter-based tokens: They use a secret seed value along with the secret counter value that's incremented every time a one-time password is generated on the device
Cross-site scripting (XSS):A type of injection attack where the attacker can insert malicious code and target the user of the service
Cryptanalysis: Looking for hidden messages or trying to decipher coded message
Cryptographic hashing: It is distinctly different from encryption because cryptographic hash functions should be one directional
Cryptography: The overarching discipline that covers the practice of coding and hiding messages from third parties
Cryptology:The study of cryptography
Cryptosystem: A collection of algorithms for key generation and encryption and decryption operations that comprise a cryptographic service
D
Data binding and sealing: It involves using the secret key to derive a unique key that's then used for encryption of data
Data exfiltration: The unauthorized transfer of data from a computer. It's also a very important concern when a security incident happens
Data handling policies: Should cover the details of how different data is classified
Data information tree: A structure where objects will have one parent and can have one or more children that belong to the parent object
Decryption: The reverse process from encryption; taking the garbled output and transforming it back into the readable plain text
Defense in depth: The concept of having multiple overlapping systems of defense to protect IT systems
Denial-of-Service (DoS) attack: An attack that tries to prevent access to a service for legitimate users by overwhelming the network or server
DES (Data Encryption Standard): One of the earliest encryption standards
