Security Beginner

What is Encryption?

The process of converting readable data into an unreadable format using algorithms, reversible only with the correct key.

Encryption protects data confidentiality. Symmetric encryption (AES, ChaCha20) uses one key for both encryption and decryption — fast but requires secure key exchange. Asymmetric encryption (RSA, ECC) uses a public/private key pair — slower but enables secure key exchange.

Data should be encrypted at rest (stored data) and in transit (network traffic via TLS). Never implement custom encryption — use established libraries and algorithms.

Learn More About This Topic

Linux System Hardening

Closely related

Network Security Fundamentals

Closely related

SOC Analyst Fundamentals

Related reading

Related Terms

Content Security Policy (CSP)

An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

JWT (JSON Web Token)

A compact, self-contained token format used for securely transmitting information between parties as a JSON object.

Principle of Least Privilege

A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.

DAST (Dynamic Application Security Testing)

Testing a running application from the outside by sending malicious requests to discover security vulnerabilities.

Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.

View All Security Terms →