IS 194 Exam 2
An e-commerce site that cost $25,000 to develop is likely to require a yearly maintenance budget of approximately:
$25,000
The research firm Cybersource estimated that online credit card fraud in the United States amounted to about ___ in 2012
$3.5 billion
Name 3 tools that can be used to retrieve objects from a database
-CGI -ASP -JSP
Botnets are typically used for:
-DDoS attacks -storing network traffic for analysis -stealing information from computers
What are some methods of securing channels of communication?
-SSL/TLS -certificates -VPN
Name some parts of a Web site's middle-tier layer
-a database server -an ad server -a mail server
What are some examples of a PUP?
-adware -browser parasite -spyware
What dimensions of e-commerce security are provided for by encryption?
-confidentiality -message integrity -nonrepudiation
The structure of a market is described in terms of what?
-direct competitors -suppliers -substitute products
Offline media is typically used for what marketing activities?
-education -exposure -branding
An intrusion detection system can perform what functions?
-examining network traffic -setting off an alarm when suspicious activity is detected -checking network traffic to see if it matches certain patterns or preconfigured rules
Give some true statements about symmetric key encryption
-in symmetric key encryption, both the sender and the receiver use the same key to encrypt and decrypt a message -the Data Encryption Standard is a symmetric key encryption system -symmetric key encryption is a key element in digital envelopes
Name some advantages of dynamic page generation
-lowered menu costs -market segmentation -nearly cost-free price discrimination
The six key dimensions to e-commerce security are:
-nonrepudiation -authenticity -availability -integrity -privacy -confidentiality
What are some main factors in determining overall demand for an e-commerce site?
-number of items in inventory -security required -type of content
What are the main factors in Web site optimization?
-page content -page generation -page delivery
What are some limitations of the existing online credit card payment system?
-poor security -cost to merchant -social equity
Name some simple steps for optimizing Web page content that can reduce response times
-reducing unnecessary HTML comments -using more efficient graphics -avoiding unnecessary links to other pages on the site
What are the steps one can take to right-size a Web site's hardware platform and meet demands for service?
-scaling hardware vertically -scaling hardware horizontally -improving processing architecture
What are some important factors in Web site optimization?
-selecting keywords and page titles -identifying market niches for your services or products -buying search engine ads
What are some methods of improving the processing architecture of a Web site?
-separating static content from dynamic content -optimizing ASP code -optimizing the database schema
A SWOT analysis describes a business's:
-strengths -weaknesses -opportunities -threats
A digital certificate contains:
-subject's public key -digital signature of the certification authority -digital certificate serial number
What are some factors in contributing to the increase in cybercrime?
-the ability to remotely access the Internet -the ability to anonymously access the Internet -the Internet is an open, vulnerable design
What are some key points of vulnerability when dealing with e-commerce?
-the client computer -the server -the communications pipeline
Give some true statements about PKI
-the term "PKI" refers to the certification authorities and digital certificate procedures that are accepted by all parties -PKI is not effective against insiders who have a legitimate access to corporate systems including customer information -the acronym "PKI" stands for public key infrastructure
Give some true statements about public key encryption
-uses two mathematically related digital keys -does not ensure message integrity -is based on the idea of irreversible mathematical functions
Examples of malicious code include:
-viruses -bots -worms
In order from beginning to end, the major steps in the SDLC are:
1) analysis/planning 2) systems design 3) building the system 4) testing 5) implementation
Online bill payments are believed to cost ___ to process compared to ___ for paper bills
20 to 30 cents; $3 to $7
Online bill payment now accounts for ___ of all bill payments
50%
The Data Encryption Standard uses a(n) ___-bit key
56
All of the following are basic functionality by e-commerce merchant server software except: A) a product catalog B) marketing software C) a shopping cart D) credit card processing
B
Which of the following is not an example of one of the four kinds of e-commerce presence? A) e-mail list B) customer management system C) Twitter feed D) print ad that refers to a Web site
B
All of the following are basic information requirements for a product database except: A) product descriptions B) stock numbers C) customer ID numbers D) inventory levels
C
Which of the following is not an example of an access control? A) firewalls B) proxy servers C) digital signatures D) login passwords
C
___ provides a set of standards for communicating between a browser and a program running on a server that allows for interaction between the user and server
CGI
What technology could you use to place the content of your Web site in a database so that you can then dynamically generate requests for pages?
CMS
What country has been found to have engaged in cyberespionage against Google?
China
___ refers to the ability to ensure that messages and data are only available to those authorized to view them
Confidentiality
All of the following are Web site design features that annoy customers except: A) slow-loading pages B) pup-under ads C) splash pages D) redundant navigation
D
All of the following are basic functionality provided by Web servers except: A) site management tools B) data capture tools C) security services D) a shopping cart
D
All of the following are used for authentication except: A) digital signatures B) certificates of authority C) biometric devices D) packet filters
D
Which of the following is an example of dynamic content? A) product photographs B) product descriptions C) home page graphic D) blog posts
D
Which of the following is not a type of application server? A) proxy server B) mail server C) ad server D) FTP server
D
Which of the following is not one of the basic business objectives for an e-commerce site? A) display goods B) execute a transaction C) provide production and supplier links D) optimize system architecture
D
What left the WikiLeaks Web site effectively inoperable in August 2012?
DDoS attack
___ is a programming language invented by Netscape used to control the objects on an HTML page and handle interactions with the browser
JavaScript
What is a set of short-range wireless technologies used to share information among devices within about 2 inches of each other?
NFC
___ refers to the ability to ensure that e-commerce participants do not deny their online actions
Nonrepudiation
What is the first step in developing an e-commerce security plan?
Perform a risk assessment
What is used to process certificates and private/public key information?
SSL
___ are the types of information systems capabilities needed to meet business objectives
System functionalities
___ involves testing a site program's modules one at a time
Unit testing
What is the current standard used to protect Wi-Fi networks?
WPA2
Which of the following is an example of a CMS? A) Apache B) WordPress C) Oracle D) WebTrends Analytics
WordPress
A system design has two main components:
a logical design and a physical design
To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use:
an authorization management system
Give an example of an integrity violation of e-commerce security
an unauthorized person intercepts an online communication and changes its contents
Rustock is an example of:
botnet
Most of the world's spam is delivered via what?
botnets
The primary way a Web site is able to personalize the content presented to a visitor is through the use of:
cookies
In the United States, the primary form of online payment is:
credit cards
What system functionality must your Web site have in order to be able to personalize or customize a product for a client?
customer on-site tracking
The cost of hardware, software, and telecommunications services needed to build a Web site have ___ over the last decade
decreased dramatically
What are the two most important management challenges in building a successful e-commerce presence?
developing a clear understanding of business objectives and knowing how to choose the right technology to achieve those objectives
Bitcoins are an example of:
digital cash
What basic system functionality is used to display goods on a Web site?
digital catalog
Malware that comes with a downloaded file that a user requests is called a:
drive-by download
Proxy servers are also known as:
dual home systems
A ___ is hardware or software that acts as a filter to prevent unwanted packets from entering a network
firewall
Most of the time required to maintain an e-commerce site is spent on:
general administration and making changes and enhancements to the system
What dimension(s) of security is spoofing a threat to?
integrity and authenticity
The overall rate of online credit card fraud is ___% of all online card transactions
less than 1
What typically includes a data flow diagram to describe the flow of information for an e-commerce site?
logical design
What is the final stage suggested for a six-phase plan to develop an e-commerce presence?
mobile plan
What details the actual hardware components to be used in a system?
physical design
What type of server monitors and controls access to a main Web server and implements firewall protection?
proxy server
What type of site typically tends to have high to very high page views (hits)?
publishing/subscription
Reventon is an example of:
ransomware
What is the least expensive path to creating a mobile Internet presence?
resizing an existing Web site for mobile use
Symmetric key encryption is also known as:
secret key encryption
What would you use to identify orphan files?
site management tools
What helps you understand the marketing effectiveness of your e-commerce site?
site tracking and reporting system
Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as:
spyware
P2P payment systems are a variation on what type of payment system?
stored value payment system
What payment system offers immediate monetary value?
stored value/debit card
What is the most frequent cause of stolen credit cards and card information today?
the hacking and looting of corporate servers storing credit card information
The term "stateless" refers to the fact that:
the server does not have to maintain an ongoing dedicated interaction with the client computer
What type of site typically needs a high percentage of secure pages?
trading
What did Dropbox implement after a series of security snafus in 2011 and 2012?
two-factor authentication
An e-commerce Web site that processes orders requires, at minimum, a ___ system architecture
two-tier
Linden Dollars, created for use in Second Life, are an example of:
virtual currency
An example of a privacy violation of e-commerce security is:
your online purchasing history being sold to other merchants without your consent
Which of the following is not an open source software tool? A) WebSphere B) Apache C) MySQL D) PHP
A
___ verifies that the business objectives of the system as originally conceived are in fact working
Acceptance testing
What is a prominent hacktivist group?
Anonymous
The leading Web server software is:
Apache
___ refers to the ability to identify the person or entity with whom you are dealing on the Internet
Authenticity
___ refers to the ability to ensure that an e-commerce site continues to function as intended
Availability