Chat with AI
Deck 5: E-Commerce Security and Payment Systems
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/75
Play
Full screen (f)
Deck 5: E-Commerce Security and Payment Systems
1
TLS does not guarantee server-side authentication.
False
2
A Trojan horse appears to be benign, but then does something other than expected.
True
3
Digital cash is legal tender that is instantly convertible into other forms of value without the intermediation of any third parties.
False
4
Phishing attacks rely on browser parasites.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
5
All of the following are factors in contributing to the increase in cybercrime except:
A)the ability to remotely access the Internet.
B)the Internet's similarity to telephone networks.
C)the ability to anonymously access the Internet.
D)the Internet is an open, vulnerable design.
A)the ability to remotely access the Internet.
B)the Internet's similarity to telephone networks.
C)the ability to anonymously access the Internet.
D)the Internet is an open, vulnerable design.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
6
In order to accept payments by credit card, online merchants typically must have a merchant account established with a bank or financial institution.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
7
Insiders present a greater security threat to e-commerce sites than outsiders.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
8
Smishing attacks exploit SMS messages.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
9
PayPal requires the recipient of a payment to have a PayPal account to receive funds.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
10
The use of a digital signature helps to ensure integrity, authenticity, and nonrepudiation.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
11
________ refers to the ability to identify the person or entity with whom you are dealing on the Internet.
A)Nonrepudiation
B)Authenticity
C)Availability
D)Integrity
A)Nonrepudiation
B)Authenticity
C)Availability
D)Integrity
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
12
________ refers to the ability to ensure that an e-commerce site continues to function as intended.
A)Nonrepudiation
B)Authenticity
C)Availability
D)Integrity
A)Nonrepudiation
B)Authenticity
C)Availability
D)Integrity
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following is an example of an integrity violation of e-commerce security?
A)A Web site is not actually operated by the entity the customer believes it to be.
B)A merchant uses customer information in a manner not intended by the customer.
C)A customer denies that he or she is the person who placed the order.
D)An unauthorized person intercepts an online communication and changes its contents.
A)A Web site is not actually operated by the entity the customer believes it to be.
B)A merchant uses customer information in a manner not intended by the customer.
C)A customer denies that he or she is the person who placed the order.
D)An unauthorized person intercepts an online communication and changes its contents.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
14
A worm does not need to be activated by a user in order for it to replicate itself.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
15
The Computer Security Institute reported in its 2011 survey that approximately ________ percent of responding organizations experienced a computer security incident within the previous 12 months.
A)25
B)45
C)75
D)95
A)25
B)45
C)75
D)95
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
16
________ refers to the ability to ensure that e-commerce participants do not deny their online actions.
A)Nonrepudiation
B)Authenticity
C)Availability
D)Integrity
A)Nonrepudiation
B)Authenticity
C)Availability
D)Integrity
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
17
According to the Computer Security Institute's 2011 Computer Crime and Security Survey, which of the following was the most commonly reported type of attack?
A)malware infection
B)laptop theft
C)Web site defacement
D)insider abuse
A)malware infection
B)laptop theft
C)Web site defacement
D)insider abuse
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
18
The six key dimensions to e-commerce security are nonrepudiation, authenticity, availability, integrity, privacy, and:
A)confidentiality.
B)usability.
C)functionality.
D)viability.
A)confidentiality.
B)usability.
C)functionality.
D)viability.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
19
The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
20
Drive-by downloads are now the most common method of infecting computers.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
21
Which dimension(s)of security is spoofing a threat to?
A)integrity
B)availability
C)integrity and authenticity
D)availability and integrity
A)integrity
B)availability
C)integrity and authenticity
D)availability and integrity
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
22
Which of the following is a prominent hacktivist group?
A)Anonymous
B)Anti-Phishing Working Group
C)IC3
D)Symantec
A)Anonymous
B)Anti-Phishing Working Group
C)IC3
D)Symantec
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
23
Most of the world's spam is delivered via which of the following?
A)viruses
B)worms
C)Trojan horses
D)botnets
A)viruses
B)worms
C)Trojan horses
D)botnets
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
24
Which of the following statements about PKI is not true?
A)The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties.
B)PKI is not effective against insiders who have a legitimate access to corporate systems including customer information.
C)PKI guarantees that the verifying computer of the merchant is secure.
D)The acronym PKI stands for public key infrastructure.
A)The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties.
B)PKI is not effective against insiders who have a legitimate access to corporate systems including customer information.
C)PKI guarantees that the verifying computer of the merchant is secure.
D)The acronym PKI stands for public key infrastructure.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
25
What is the most frequent cause of stolen credit cards and card information today?
A)lost cards
B)the hacking and looting of corporate servers storing credit card information
C)sniffing programs
D)phishing attacks
A)lost cards
B)the hacking and looting of corporate servers storing credit card information
C)sniffing programs
D)phishing attacks
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
26
Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as:
A)spyware.
B)a backdoor.
C)pupware.
D)adware.
A)spyware.
B)a backdoor.
C)pupware.
D)adware.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
27
A program which spreads by sending e-mails from an infected computer to all of the e-mail addresses found on that infected computer is an example of a:
A)macro virus.
B)worm/Trojan horse.
C)Trojan horse/virus.
D)bot program.
A)macro virus.
B)worm/Trojan horse.
C)Trojan horse/virus.
D)bot program.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
28
A digital certificate contains all of the following except the:
A)subject's private key.
B)subject's public key.
C)digital signature of the certification authority.
D)digital certificate serial number.
A)subject's private key.
B)subject's public key.
C)digital signature of the certification authority.
D)digital certificate serial number.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
29
Which of the following statements about symmetric key encryption is not true?
A)In symmetric key encryption, both the sender and the receiver use the same key to encrypt and decrypt a message.
B)The Data Encryption Standard is a symmetric key encryption system.
C)Symmetric key encryption is computationally slower.
D)Symmetric key encryption is a key element in digital envelopes.
A)In symmetric key encryption, both the sender and the receiver use the same key to encrypt and decrypt a message.
B)The Data Encryption Standard is a symmetric key encryption system.
C)Symmetric key encryption is computationally slower.
D)Symmetric key encryption is a key element in digital envelopes.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
30
________ refers to the ability to ensure that messages and data are only available to those authorized to view them.
A)Confidentiality
B)Integrity
C)Privacy
D)Availability
A)Confidentiality
B)Integrity
C)Privacy
D)Availability
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
31
A ________ is hardware or software that acts as a filter to prevent unwanted packets from entering a network.
A)firewall
B)virtual private network
C)proxy server
D)PPTP
A)firewall
B)virtual private network
C)proxy server
D)PPTP
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
32
Which of the following is not a key point of vulnerability when dealing with e-commerce?
A)the client computer
B)the server
C)the communications pipeline
D)the credit card companies
A)the client computer
B)the server
C)the communications pipeline
D)the credit card companies
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following dimensions of e-commerce security is not provided for by encryption?
A)confidentiality
B)availability
C)message integrity
D)nonrepudiation
A)confidentiality
B)availability
C)message integrity
D)nonrepudiation
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
34
The Data Encryption Standard uses a(n)________-bit key.
A)8
B)56
C)256
D)512
A)8
B)56
C)256
D)512
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
35
Which of the following statements about public key encryption is not true?
A)Public key encryption uses two mathematically related digital keys.
B)Public key encryption ensures authentication of the sender.
C)Public key encryption does not ensure message integrity.
D)Public key encryption is based on the idea of irreversible mathematical functions.
A)Public key encryption uses two mathematically related digital keys.
B)Public key encryption ensures authentication of the sender.
C)Public key encryption does not ensure message integrity.
D)Public key encryption is based on the idea of irreversible mathematical functions.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
36
All of the following are examples of malicious code except:
A)viruses.
B)bots.
C)worms.
D)sniffers.
A)viruses.
B)bots.
C)worms.
D)sniffers.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
37
An example of a privacy violation of e-commerce security is:
A)your e-mail being read by a hacker.
B)your online purchasing history being sold to other merchants without your consent.
C)your computer being used as part of a botnet.
D)your e-mail being altered by a hacker.
A)your e-mail being read by a hacker.
B)your online purchasing history being sold to other merchants without your consent.
C)your computer being used as part of a botnet.
D)your e-mail being altered by a hacker.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
38
Botnets are typically used for all of the following except:
A)DDoS attacks.
B)phishing attacks.
C)storing network traffic for analysis.
D)stealing information from computers.
A)DDoS attacks.
B)phishing attacks.
C)storing network traffic for analysis.
D)stealing information from computers.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
39
Symmetric key encryption is also known as:
A)public key encryption.
B)secret key encryption.
C)PGP.
D)PKI.
A)public key encryption.
B)secret key encryption.
C)PGP.
D)PKI.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
40
All of the following are methods of securing channels of communication except:
A)SSL/TLS.
B)certificates.
C)VPN.
D)FTP.
A)SSL/TLS.
B)certificates.
C)VPN.
D)FTP.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
41
There are around ________ smartphone users in the United States.
A)1)16 million
B)11.6 million
C)116 million
D)1)16 billion
A)1)16 million
B)11.6 million
C)116 million
D)1)16 billion
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
42
All of the following are limitations of the existing online credit card payment system except:
A)poor security.
B)cost to consumers.
C)cost to merchant.
D)social equity.
A)poor security.
B)cost to consumers.
C)cost to merchant.
D)social equity.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
43
P2P payment systems are a variation on what type of payment system?
A)stored value payment system
B)digital checking system
C)accumulating balance system
D)digital credit card system
A)stored value payment system
B)digital checking system
C)accumulating balance system
D)digital credit card system
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
44
Online payments are believed to cost ________ to process compared to ________ for paper bills.
A)20 to 30 cents, $3 to $7
B)$1 to $2, $10 to $20
C)$3 to $7, 20 to 30 cents
D)$10 to $20, $1 to $2
A)20 to 30 cents, $3 to $7
B)$1 to $2, $10 to $20
C)$3 to $7, 20 to 30 cents
D)$10 to $20, $1 to $2
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
45
Which of the following countries has been found to have engaged in cyberespionage against Google?
A)Russia
B)China
C)Iran
D)Iraq
A)Russia
B)China
C)Iran
D)Iraq
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
46
Which of the following did Dropbox implement after a series of security snafus in 2011 and 2012?
A)anti-virus software
B)two-factor authentication
C)SSL/TLS
D)firewall
A)anti-virus software
B)two-factor authentication
C)SSL/TLS
D)firewall
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
47
Rustock is an example of which of the following?
A)worm
B)botnet
C)phishing
D)hacktivism
A)worm
B)botnet
C)phishing
D)hacktivism
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
48
Linden Dollars, created for use in Second Life, are an example of:
A)digital cash.
B)virtual currency.
C)EBPP.
D)peer-to-peer payment systems.
A)digital cash.
B)virtual currency.
C)EBPP.
D)peer-to-peer payment systems.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
49
Malware that comes with a downloaded file that a user requests is called a:
A)Trojan horse.
B)backdoor.
C)drive-by download.
D)PUP.
A)Trojan horse.
B)backdoor.
C)drive-by download.
D)PUP.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
50
In the United States, the primary form of online payment is:
A)PayPal.
B)credit cards.
C)debit cards.
D)Google Wallet.
A)PayPal.
B)credit cards.
C)debit cards.
D)Google Wallet.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
51
The research firm Cybersource estimated that online credit card fraud in the United States amounted to about ________ in 2011.
A)$34 million
B)$340 million
C)$3.4 billion
D)$34 billion
A)$34 million
B)$340 million
C)$3.4 billion
D)$34 billion
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
52
Which of the following is not an example of a PUP?
A)adware
B)browser parasite
C)drive-by download
D)spyware
A)adware
B)browser parasite
C)drive-by download
D)spyware
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
53
Online bill payment now accounts for ________ of all bill payments.
A)10%
B)25%
C)50%
D)100%
A)10%
B)25%
C)50%
D)100%
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
54
________ refers to the ability to ensure that information being displayed on a Web site, or transmitted or received over the Internet, has not been altered in any way by an unauthorized party.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
55
Proxy servers are also known as:
A)firewalls.
B)application gateways.
C)dual home systems.
D)packet filters.
A)firewalls.
B)application gateways.
C)dual home systems.
D)packet filters.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
56
To allow employees to connect securely over the Internet to their corporate network, you would use a(n)________
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
57
Which of the following is a set of short-range wireless technologies used to share information among devices within about 2 inches of each other?
A)DES
B)NFC
C)IM
D)text messaging
A)DES
B)NFC
C)IM
D)text messaging
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
58
The exploitation of human fallibility and gullibility to distribute malware is known as ________.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
59
Which of the following left the WikiLeaks Web site effectively inoperable in August 2012?
A)SQL injection attack
B)browser parasite
C)DDoS attack
D)botnet
A)SQL injection attack
B)browser parasite
C)DDoS attack
D)botnet
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
60
Bitcoins are an example of:
A)digital cash.
B)virtual currency.
C)a stored value payment system.
D)an EBPP system.
A)digital cash.
B)virtual currency.
C)a stored value payment system.
D)an EBPP system.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
61
To internal computers, a proxy server is known as the ________.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
62
Discuss and explain the various types of malicious code and how they work. Include the different types of viruses.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
63
Malicious code that is designed to take advantage of a security hole in computer software or operating system is called a(n)________.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
64
In encryption, the method used to transform plain text to encrypted text is called a(n)________.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
65
A(n)________ vulnerability involves a vulnerability unknown to security experts that is actively exploited before there is a patch available.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
66
The ________ worm was designed to disarm computers that control the centrifuges in Iran's uranium enrichment process.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
67
Define and explain how EBPP systems work. Describe each of the main EBPP business models.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
68
Discuss the security of communications channels. Include definitions and explanations for the terms Secure Sockets Layer/Transport Layer Security (SSL/TLS), secure negotiated session, session key, and VPN.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
69
________ involves cybervandalism and data theft for political purposes.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
70
A(n)________ is a feature of viruses, worms, and Trojans that allows an attacker to remotely access a compromised computer.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
71
________ is a form of online payment system for monthly bills.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
72
________ involves misrepresenting oneself by using a fake e-mail address or masquerading as someone else.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
73
Explain the difference between symmetric key encryption and public key encryption. Which dimensions of e-commerce security does encryption address?
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
74
The most common form of securing a digital channel of communication is ________.
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
75
Explain how an online credit card transaction works, identifying the parties involved and describing how SSL is involved. What are the limitations of online credit card payment systems?
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 75 flashcards in this deck.
