CSIS1010- Chp. 5 Quiz
According to Symantec, the number of data breaches in 2016 increased by ________ compared to 2015. A. 100% B. 20% C. 150% D. 15%
B. 20%
Which of the following statements is not true? A. The primary use of VPNs is to establish secure communications among business partners. B. A VPN uses a dedicated secure line. C. A VPN provides both confidentiality and integrity. D. A VPN uses both authentication and encryption.
B. A VPN uses a dedicated secure line.
To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use: A. An authorization policy. B. An authorization management system. C. Security tokens. D. Access controls.
B. An authorization management system
All of the following are examples of social/mobile peer-to-peer payment systems except: A. Square Cash. B. Bill Me Later. C. Venmo. D. Google Wallet.
B. Bill Me Later
Which of the following is not an example of a PUP? A. Browser parasite B. Drive-by download C. Adware D. Spyware
B. Drive-by download
A ________ is hardware or software that acts as a filter to prevent unwanted packets from entering a network. A. PPTP B. Firewall C. Virtual private network D. Proxy server
B. Firewall
The overall rate of online credit card fraud is ________ of all online card transactions. A. Around 10% B. Less than 1% C. Around 15% D. Around 5%
B. Less than 1%
Asymmetric key cryptography is also known as: A. PGP. B. Public key cryptography. C. Secret key cryptography. D. PKI.
B. Public key cryptography
Conficker is an example of a: A. Botnet. B. Worm. C. Trojan horse. D. Virus.
B. Worm
All of the following statements about Apple Pay are true except which of the following? A. Apple Pay is based on Touch ID biometric fingerprint scanning. B. Apple Pay can be used for mobile payments at the point of sale at a physical store. C. Apple Pay is subject to regulations issued by the Bureau of Consumer Financial Protection applicable to GPR transactions. D. Apple Pay relies on NFC chip technology.
C. Apple Pay is subject to regulations issued by the Bureau of Consumer Financial Protection applicable to GPR transactions.
According to Ponemon Institute's 2017 survey, which of the following was not among the causes of the most costly cybercrimes? A. Malicious code B. Denial of service .C. Botnets D. Malicious insiders
C. Botnets
________ is the ability to identify the person or entity with whom you are dealing on the Internet. A. Availability B. Nonrepudiation C. Integrity D. Authenticity
D. Authenticity
Face ID is an example of which of the following? A. Encryption B. IDS C. Firewall D. Biometrics
D. Biometrics
TRUE OR FALSE Digital cash is legal tender that is instantly convertible into other forms of value without the intermediation of any third parties.
False
TRUE OR FALSE Phishing attacks rely on browser parasites.
False
TRUE OF FALSE Apple Pay uses near field communication (NFC) chips.
True
TRUE OR FALSE PayPal is the most popular alternative payment method in the United States
True
TRUE OR FALSE Spoofing is the attempt to hide a hacker's true identity by using someone else's e-mail or IP address.
True
TRUE OR FALSE The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.
True
TRUE OR FALSE There is a finite number of Bitcoins that can be created.
True
Which of the following is not an example of an access control? A. Proxy servers B. Login passwords C. Digital signatures D. Firewalls
C. Digital signatures
Which of the following is an example of an integrity violation of e-commerce security? A. A website is not actually operated by the entity the customer believes it to be. B. A customer denies that he is the person who placed the order. C. A merchant uses customer information in a manner not intended by the customer. D. An unauthorized person intercepts an online communication and changes its contents.
D. An unauthorized person intercepts an online communication and changes its contents.
Which of the following statements is not true? A. A retina scan is an example of a biometric device. B. Biometric devices reduce the opportunity for spoofing. C. Biometric data stored on an iPhone is encrypted. D. Apple's Touch ID stores a digital replica of a user's actual fingerprint in Apple's iCloud.
D. Apple's Touch ID stores a digital replica of a user's actual fingerprint in Apple's iCloud.
An intrusion detection system can perform all of the following functions except: A. Checking network traffic to see if it matches certain patterns or preconfigured rules. B. Examining network traffic. C. Setting off an alarm when suspicious activity is detected. D. Blocking suspicious activity.
D. Blocking suspicious activity
Which of the following is not a key factor for establishing e-commerce security? A. Organizational policies B. Technology C. Laws and industry standards D. Data integrity
D. Data Integrity
Bitcoins are an example of: A. Virtual currency. B. A stored value payment system. C. An EBPP system. D. Digital cash
D. Digital cash
All of the following are methods of securing channels of communication except: A. VPN. B. SSL/TLS. C. Digital certificates. D. FTP.
D. FTP
According to Symantec, almost half of the e-mail addresses involved in business e-mail compromise (BEC) phishing that it analyzed had an IP address originating in: A. China. B. North Korea. C. Russia. D. Nigeria.
D. Nigeria
Which of the following is the most common protocol for securing a digital channel of communication? A. HTTP B. DES C. VPN D. SSL/TLS
D. SSL/TLS
Which of the following is not an example of malicious code? A. Scareware B. Bot C. Trojan horse D. Sniffer
D. Sniffer
What is the most frequent cause of stolen credit cards and card information today? A. Sniffing programs B. Phishing attacks C. Lost cards D. The hacking and looting of corporate servers storing credit card information
D. The hacking and looting of corporate servers storing credit card information
TRUE OR FALSE A drive-by download is malware that comes with a downloaded file that a user intentionally or unintentionally requests.
True
TRUE OR FALSE Changeup is an example of a software vulnerability.
True
TRUE OR FALSE Typically, the more security measures added to an e-commerce site, the slower and more difficult it becomes to use.
True
TRUE OR FALSE WannaCry is an example of ransomware.
True
________ is the ability to ensure that messages and data are only available to those authorized to view them. A. Confidentiality B. Integrity C. Availability D. Privacy
A. Confidentiality
Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as: A. Spyware. B. A backdoor. C. Browser parasite. D. Adware.
A. Spyware
Which of the following statements is not true? A. The Cybersecurity Information Sharing Act was strongly supported by most large technology companies and privacy advocates. B. The USA Patriot Act broadly expanded law enforcement's investigative and surveillance powers. C. A majority of states require companies that maintain personal data on their residents to publicly disclose when a security breach affecting those residents has occurred. D. The Federal Trade Commission has asserted that it has authority over corporations' data security practices.
A. The Cybersecurity Information Sharing Act was strongly supported by most large technology companies and privacy advocates.
All of the following are limitations of the existing online credit card payment system except: A. Poor security. B. Cost to consumers. C. Cost to merchant. D. Social equity.
B. Cost to consumers
PCI-DSS is a standard established by which of the following? A. The retail industry B. The credit card industry C. The federal government D. The banking industry
B. The credit card industry
Accessing data without authorization on Dropbox is an example of a: A. Social network security issue. B. Sniffing issue. C. Mobile platform security issue. D. Cloud security issue.
C. Cloud security issue
Angler is an example of which of the following? A. Phishing B. Worm C. Hacktivism D. Exploit kit
D. Exploit kit
Which of the following statements about data breaches in 2016 is not true? A. According to Symantec, the total number of data breaches in 2016 increased significantly from the number in 2015. B. According to Symantec, the number of major breaches in 2016 increased from the number in 2015. C. According to Symantec, the total number of identities exposed by data breaches in 2016 increased to 1.1 billion. D. According to the Identity Theft Resource Center, data breaches involving the business sector represented over 45% of all breaches.
A. According to Symantec, the total number of data breaches in 2016 increased significantly from the number in 2015.
Malware that comes with a downloaded file that a user requests is called a: A. Drive-by download. B. PUP. C. Trojan horse. D. Backdoor.
A. Drive-by download
Which of the following is the leading cause of data breaches? A. Hackers B. Accidental disclosures C. DDoS attacks D. Theft of a computer
A. Hackers
Which dimension(s) of security is spoofing a threat to? A. Integrity and authenticity B. Integrity C. Availability and integrity D. Availability
A. Integrity and authenticity
________ is the ability to ensure that e-commerce participants do not deny their online actions. A. Nonrepudiation B. Authenticity C. Availability D. Integrity
A. Nonrepudiation
All of the following are used for authentication except: A. Packet filters. B. Certificates of authority. C. Digital signatures. D. Biometric devices.
A. Packet filters
Automatically redirecting a web link to a different address is an example of which of the following? A. Pharming B. Social engineering C. DDoS attack D. Sniffing
A. Pharming
Next generation firewalls provide all of the following except: A. The ability to automatically update applications with security patches. B. An application-centric approach to firewall control. C. The ability to identify users regardless of the device or IP address. D. The ability to identify applications regardless of the port, protocol, or security evasion tools used.
A. The ability to automatically update applications with security patches.
To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use: A. Security tokens. B. An authorization management system. C. An authorization policy. D. Access controls.
B. An authorization management system
The attack on Dyn Inc., in October 2016 is an example of which of the following? A. SQL injection attack B. DDoS attack C. Browser parasite D. MitM attack
B. DDoS attack
Today, online bill payment accounts for ________ of all bill payments, while paper checks account for ________. A. About 25%; about 10% B. More than 55%; less than 20% C. 100%; 0% D. Less than 10%; less than 25%
B. More than 55%; less than 20%
Which of the following is a set of short-range wireless technologies used to share information among devices within about two inches of each other? A. DES B. NFC C. Text messaging D. IM
B. NFC
All of the following statements about PKI are true except: A. PKI is not effective against insiders who have a legitimate access to corporate systems including customer information. B. PKI guarantees that the verifying computer of the merchant is secure. C. The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties. D. The acronym PKI stands for public key infrastructure.
B. PKI guarantees that the verifying computer of the merchant is secure.
Which of the following was designed to cripple Iranian nuclear centrifuges? A. Flame B. Stuxnet C. Storm D. Snake
B. Stuxnet
All the following statements about symmetric key cryptography are true except: A. The Data Encryption Standard is a symmetric key encryption system. B. Symmetric key cryptography is computationally slower. C. In symmetric key cryptography, both the sender and the receiver use the same key to encrypt and decrypt a message. D. Symmetric key cryptography is a key element in digital envelopes.
B. Symmetric key cryptography is computationally slower
Linden Dollars, created for use in Second Life, are an example of: A. Peer-to-peer payment systems. B. Virtual currency. C. Digital cash. D. EBPP.
B. Virtual currency
Which of the following is an example of an online privacy violation? A. Your e-mail being read by a hacker B. Your online purchasing history being sold to other merchants without your consent C. Your e-mail being altered by a hacker D. Your computer being used as part of a botnet
B. Your online purchasing history being sold to other merchants without your consent.
