Quiz 11: Data Analytics in Accounting: Tools and Practice
Phishing: It is a cyber fraud in which intruder uses the duplicity of websites for getting sensitive and private information of the user that can be used for identity theft. In phishing users are sent misleading mails so that private information like credit card details, password, bank account or social security numbers can be taken from them. Social engineering is a technique used by hackers which depends largely on individual interaction. In this technique people are being tricked with the aim of breaking their normal security system. Phishing is a type of social engineering because in phishing also a confidence trick is performed by pretending as a trustworthy organization and sending mail or creating fake website with the aim of gathering sensitive and personal information or for accessing system. Most of the phishing frauds done by making a duplicate site for any bank, so that intruder gets account number and PIN of an innocent bank customer. Some examples of phishing are, an intruder can create a duplicate web page of any bank's site for getting PIN and account holder's account number; an attacker can use the duplicate link for any social website for getting personal information of the user. Another way of phishing is it can be done from services, sites and companies with which the person is not having any account and thus asking for personal information.
Authentication It refers to a process that helps in determining the identity of any user or any device that uses or connects to a computer system. It prevents repudiation in conducting online business. Authentication can be achieved by using asymmetric-key encryption. Consideration of all the options for the option which would explain the process of authorization: a. Authentication helps in preventing the access of any unauthorized or unknown person to the important information of an organization or of an individual person and it does not verifies the users to enter into a transaction. Hence, Option a is incorrect. c. In the process of Authentication, the user is identified to the system by the process. It's not the process in which the user himself identifies his own identity to the system, but authentication does it. Hence, Option c is also incorrect. d. In a process of authentication, the identity of the user is verified by the system. The process of authentication does not involve any indications from the users to the customers about the processing of transactions. Hence, Option d is also incorrect. b. As stated above, authentication is the process that helps the computer system in determining the identity of the user or any other device that access the computer system. This helps in preventing the access of any unauthorized or unknown person to the important information of an organization or of an individual person. Hence, Option b is the correct option.
Symmetric key encryption It refers to those algorithms which are fast and are suitable to encrypt large data files and large messages. However symmetric key is somewhere problematic as the receiver and the sender use the same key to encrypt and decrypt, which creates security problem if, the sender and receiver are not present in same location. Asymmetric key encryption It refers to the system that helps the user to ensure certain type of confidentiality of the information that is used or shared by him. Asymmetric key encryption uses private and public keys to encrypt or decrypt any kind of data but, it is not useful for encrypting large data files and its process is slow. The two keys are used by the user under this encryption are: 1. Public Key 2. Private Key E-business or electronic business refers to those term which can be used to define any business which is held by sharing information across the internet. E-business is trading in services and products using computer networks and internet. The encryption method is used to secure the data in e-business. Seeing both the symmetric and a symmetric encryption together it can be said that asymmetric key is very slow in processes, whereas, symmetric encryption is much faster. Meanwhile asymmetric encryption allows two key each per individual but symmetric encryption allows the separate key for each pair of users. Authentication of users can be easily done by using the asymmetric encryption. Both the methods can be used for encrypt and descript the information in conducting E-commerce. A company prefers one method over the other as per its requirement. A company determines its requirement and then decides which encryption is to be used. However companies prefer using both the encryption methods together to enjoy the benefits of both the methods and reduce the chances of fraud and loss of confidential data.