mngt 3

20) The intentional defacement or destruction of a website is called: A) spoofing. B) cybervandalism. C) cyberwarfare. D) phishing. E) pharming.

B

Changing the prices of products based on the level of demand characteristics of the customer is called ________ pricing. A) menu B) dynamic C) flexible D) asymmetric E) customized

B

Using the Internet to find potential customers inexpensively for products that have low demand is an example of: A) clickstream advertising. B) behavioral targeting. C) online profiling. D) long tail marketing. E) crowdsourcing.

D

A firewall is a combination of hardware and software that controls the flow of incoming and outgoing network traffic.

T

Advertising networks track a user's behavior at thousands of websites.

T

Phishing is a form of spoofing.

T

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

T

Push-based model

build to stock -Schedules based on best guesses of demand

Operational CRM

-Customer-facing applications -Sales force automation call center and customer service support -Marketing automation

disaster recovery planning

-Devises plans for restoration of disrupted services

Intrusion detection systems

-Monitors hot spots on corporate networks to detect and deter intruders

A digital certificate system: A) uses third party CAs to validate a user's identity. B) uses digital signatures to validate a user's identity. C) uses tokens to validate a user's identity. D) uses government-issued certificates of authority. E) protects a user's identity by substituting a certificate in place of identifiable traits.

A

information asymmetry

A decision situation where one party has more or better information than its counterparty.

Pull-based model

demand driven -Customer orders trigger events in supply chain

Digital Goods

goods that can be delivered over a digital network

mobile commerce (m-commerce)

use of wireless handheld devices like cellphones and tablets to conduct commercial transactions online

Crowdsourcing

using consumers to develop and market products

supply chain

•Network of organizations and processes for: -Procuring materials -Transforming materials into products -Distributing the products

security policy

•Ranks information risks, identifies security goals and mechanisms for achieving these goals

Analytical CRM

-Based on data warehouses populated by operational C R M systems and customer touch points -Analyzes customer data (O L A P, data mining, etc.)

Firewall

-Combination of hardware and software that prevents unauthorized users from accessing private networks

security

-Policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems

Behavioral Marketing

-Tracking online behavior of individuals -On individual websites/apps and across advertising networks

Encryption

-Transforming text or data into cipher text that cannot be read by unintended recipients -Two methods for encryption on networks §Secure Sockets Layer (S S L) and successor Transport Layer Security (T L S) §Secure Hypertext Transfer Protocol (S-H T T P)

A firewall allows the organization to: A) prevent unauthorized communication into and out of its network. B) check the accuracy of all transactions between its network and the Internet. C) create an enterprise system on the Internet. D) check the content of all incoming and outgoing email messages. E) create access rules for a network.

A

A statement ranking information risks and identifying security goals would be included in which of the following? A) Security policy B) AUP C) Risk assessment D) Business impact analysis E) Business continuity plan

A

Blockchain refers to a technology that: A) uses a chain of digital "blocks" that contain records of transactions. B) uses a centralized data store in the cloud. C) relies on the Internet to provide secure transactions. D) uses existing banking systems to transfer funds. E) relies on peer-to-peer networks.

A

Compared to traditional markets, digital markets have: A) lower search costs. B) weaker network effects. C) higher menu costs. D) greater asymmetry. E) higher transaction costs.

A

Craigslist is an example of: A) C2C e-commerce. B) B2B e-commerce. C) B2C e-commerce. D) M-commerce. E) B2G commerce.

A

The Gramm-Leach-Bliley Act: A) requires financial institutions to ensure the security of customer data. B) specifies best practices in information systems security and control. C) imposes responsibility on companies and management to safeguard the accuracy of financial information. D) outlines medical security and privacy rules. E) identifies computer abuse as a crime and defines abusive activities.

A

The universal standards of the Internet and e-commerce lower which of the following? A) Market entry costs B) Richness C) Information density D) Ubiquity E) Interactivity

A

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack. A) DDoS B) DoS C) SQL injection D) phishing E) botnet

A

Which of the following Internet business models involves a merchant creating an online digital environment that enables people with like interests to share information? A) Community provider B) Service provider C) Market creator D) Transaction broker E) Portal

A

Which of the following best illustrates the transaction fee revenue model? A) eBay receives a small fee from a seller if a seller is successful in selling an item. B) Yelp receives a fee after steering a customer to a participating website where he or she makes a purchase. C) Pandora provides basic services for free but charges a premium for advanced services. D) Apple accepts micropayments for single music track downloads. E) Netflix charges customers a monthly fee for access to its library of movies.

A

Which of the following refers to policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems? A) Security B) Controls C) Benchmarking D) Algorithms E) Identity management

A

Phishing

An attack that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information

Computer Crime

Any violation of criminal law that involves knowledge of computer technology for its perpetration, investigation, or prosecution.

Information ________ exists when one party in a transaction has more information that is important for the transaction than the other party. A) transparency B) asymmetry C) complexity D) discrimination E) competition

B

Transaction brokers: A) generate revenue from advertising or from directing buyers to sellers. B) save users money and time by processing transactions normally handled in person, by phone, or by mail online. C) provide a digital environment where buyers and sellers can meet, display products, search for products, and establish prices. D) sell physical products directly to consumers or individual businesses. E) provide online meeting places where people with similar interests can communicate.

B

What is the primary benefit to consumers of disintermediation? A) Faster service B) Lower costs C) Higher quality D) Greater choices E) None, because disintermediation primarily benefits manufacturers.

B

Which of the following statements about Internet security vulnerabilities is not true? A) Sharing files over a P2P network can expose information on a corporate computer to outsiders. B) Large public networks, such as the Internet, are less vulnerable than internal networks. C) Employees can pose a security threat. D) Instant messaging can provide hackers access to an otherwise secure network. E) Email attachments can serve as a springboard for malicious software.

B

Which of the following statements about blockchain is not true? A) Once recorded, a blockchain transaction cannot be changed. B) The data represented in a blockchain is maintained in a central database. C) The records in a blockchain are secured through cryptography. D) Each block in a blockchain is connected to all the blocks before and after it. E) Blockchain is vulnerable in some of the same ways as conventional, centralized record-keeping systems.

B

________ is malware that hijacks a user's computer and demands payment in return for giving back access. A) A Trojan horse B) Ransomware C) Spyware D) A virus E) An evil twin

B

________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors. A) Stateful inspections B) Intrusion detection systems C) Application proxy filtering technologies D) Packet filtering technologies E) Firewalls

B

A secure website that links a large firm to its suppliers and other key business partners is called a(n): A) e-hub. B) marketspace. C) exchange. D) private industrial network. E) net marketplace.

D

Amazon.com is known primarily for its use of which of the following business models? A) Content provider B) Portal C) Market creator D) E-tailer E) Transaction broker

D

The HIPAA Act of 1996: A) requires financial institutions to ensure the security of customer data. B) specifies best practices in information systems security and control. C) imposes responsibility on companies and management to safeguard the accuracy of financial information. D) outlines medical security and privacy rules. E) identifies computer abuse as a crime and defines abusive activities.

D

risk assessment

Determines level of risk to firm if specific activity or process is not properly controlled

All of the following have contributed to an increase in software flaws except: A) the growing complexity of software programs. B) the growing size of software programs. C) demands for timely delivery to markets. D) the inability to fully test programs. E) the increase in the number of computer hackers in the world.

E

Compared to digital goods, traditional goods have: A) lower inventory costs. B) lower marginal costs per unit. C) lower copying costs. D) more variable pricing. E) higher costs of distribution.

E

Evil twins are: A) Trojan horses that appear to the user to be a legitimate commercial software application. B) email messages that mimic the email messages of a legitimate business. C) fraudulent websites that mimic a legitimate business's website. D) computers that fraudulently access a website or network using the IP address and identification of an authorized computer. E) bogus wireless network access points that look legitimate to users.

E

Selling the same goods to different targeted groups at different prices is called: A) cost customization. B) cost optimization. C) price gouging. D) cost personalization. E) price discrimination.

E

Which of the following defines acceptable uses of a firm's information resources and computing equipment? A) An information systems audit policy B) A CA policy C) A MSSP D) A UTM system E) An AUP

E

What is an exchange, and why did many early exchanges fail

Exchanges are independently owned third-party Net marketplaces that connect thousands of suppliers and buyers for spot purchasing. Many exchanges provide vertical markets for a single industry, such as food, electronics, or industrial equipment, and they primarily deal with direct inputs. Exchanges proliferated during the early years of e-commerce, but many failed. Suppliers were reluctant to participate because the exchanges encouraged competitive bidding that drove prices down and did not offer any long-term relationships with buyers or services to make lowering prices worthwhile. Also, many essential direct purchases are not conducted on a spot basis because they require contracts and consideration of issues such as delivery timing, customization, and quality of products.

Behavioral targeting cannot be used if a consumer is using a mobile app

F

Information asymmetry exists when there is more information about one product than there is about a similar product.

F

Mobile devices typically feature state-of-the-art encryption and security features, making them highly secure tools for businesses, and therefore do not require any special protections.

F

Most IoT devices support sophisticated security approaches.

F

The Internet increases information asymmetry.

F

The term switching costs refers to a merchant's costs of changing prices.

F

Define location-based services and briefly describe the main categories of these services. Which of the categories do you feel has the most potential in terms of e-commerce revenues, and why?

Location-based services are services that use GPS mapping services available on smartphones to deliver value-added services. They include geosocial services, geoadvertising, and geoinformation services. A geosocial service can tell you where your friends are meeting. Geoadvertising services can tell you where to find the nearest Italian restaurant, and geoinformation services can tell you the price of a house you are looking at, or about special exhibits at a museum you are passing. Student answers as to the most valuable of these services will vary; an example is: I feel that geoadvertising services have the most potential for profit, as it is based on a profit-making mechanism: advertising. Geosocial services and geoinformation services, by themselves, are more content- and communication-oriented.

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

Student answers will vary, but should include the understanding that using the cloud for computing distributes data to remote services that a company will not have final control of, that a company's cloud data will be stored alongside the data of other companies, and that various safeguards should be in place to protect your data. A sample answer is: The safety of cloud computing as compared to in-house network computing depends on the security implemented both at the corporation and at the service provider. For example, the company will need to ensure secure procedures and make sure that employees have secure passwords and access levels. The cloud service provider should use encryption for all data, at a minimum. Clients should make sure that the service provider complies with local privacy rules, external security audits, and certifications and provides proof of encryption mechanisms.

A computer worm is a program that can copy itself to other computers on the network.

T

An acceptable use policy defines acceptable uses of the firm's information resources and computing equipment.

T

Authentication refers to verifying that people are who they claim to be.

T

Behavioral targeting refers to targeting ad messages to a person's clickstream behavior.

T

Biometric authentication uses systems that read and interpret individual human traits.

T

DoS attacks flood a network server with thousands of requests for service.

T

E-commerce refers to the use of the Internet and the web to transact business.

T

In cloud computing, accountability and responsibility for protection of sensitive data resides with the company owning the data.

T

In general, for digital goods, the marginal cost of producing another unit is about zero.

T

In the affiliate revenue model, firms derive revenue by referring consumers to other firms selling online

T

Legislation requiring private or governmental entities to notify individuals of security breaches involving personally identifiable information has been enacted in all 50 states.

T

Streaming is a publishing method for music and video files that flows a continuous stream of content to a user's device without being stored locally on the device.

T

Explain how two-factor authentication increases security.

Two-factor authentication increases security by validating users by a multistep process. To be authenticated, a user must provide two means of identification, one of which is typically a physical token, such as a smartcard or chip-enabled bank card, and the other of which is typically data, such as a password or PIN (personal identification number). Biometric data, such as fingerprints, iris prints, or voice prints, can also be used as one of the authenticating mechanisms. A common example of two-factor authentication is a bank card; the card itself is the physical item, and the PIN is the data that go with it.

denial of service attack

a cyber attack in which an attacker sends a flood of data packets to the target computer, with the aim of overloading its resources

Botnet

a network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g., to send spam messages.

Enterprise software

computer software used to satisfy the needs of an organization

Social engineering

hackers use their social skills to trick people into revealing access credentials or other valuable information

Business Continuity Planning

process involved in creating a system of prevention and recovery from potential threats to a company

Disintermediation

process of cutting out one or more middlemen from a transaction

Malware

software that is intended to damage or disable computers and computer systems.

price transparency

the degree to which complete information is available

Identity theft

the fraudulent acquisition and use of a person's private identifying information, usually for financial gain. Phishing Evil Twins Pharming

Electronic Data Interchange (EDI)

Computer-to-computer exchange of standard transactions such as invoices, purchase orders

Patches

Repair software flaws

What are the security challenges faced by wireless networks?

Both Bluetooth and Wi-Fi networks are susceptible to hacking by eavesdroppers. Local area networks (LANs) using the 802.11 standard can be easily penetrated by outsiders armed with laptops, wireless cards, external antennae, and hacking software. Hackers use these tools to detect unprotected networks, monitor network traffic, and, in some cases, gain access to the Internet or to corporate networks. Wi-Fi transmission technology was designed to make it easy for stations to find and hear one another. The service set identifiers (SSIDs) identifying the access points in a Wi-Fi network are broadcast multiple times and can be picked up fairly easily by intruders' sniffer programs. Wireless networks in many locations do not have basic protections against war driving, in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic. A hacker can employ an 802.11 analysis tool to identify the SSID. An intruder that has associated with an access point by using the correct SSID is capable of accessing other resources on the network, using the Windows operating system to determine which other users are connected to the network, access their computer hard drives, and open or copy their files. Intruders also use the information they have gleaned to set up rogue access points on a different radio channel in physical locations close to users to force a user's radio NIC to associate with the rogue access point. Once this association occurs, hackers using the rogue access point can capture the names and passwords of unsuspecting users.

A foreign country attempting to access government networks in order to disable a national power grid is an example of: A) phishing. B) denial-of-service attacks. C) cyberwarfare. D) war driving. E) evil twins.

C

An analysis of an information system that rates the likelihood of a security incident occurring and its cost would be included in which of the following? A) Security policy B) AUP C) Risk assessment D) Business impact analysis E) Business continuity plan

C

Information density refers to the: A) richness—complexity and content—of a message. B) total amount and quantity of information delivered to consumers by merchants. C) total amount and quantity of information available to all market participants. D) amount of information available to reduce price transparency. E) amount of physical storage space needed to store data about a specific entity, such as a product or consumer.

C

The Sarbanes-Oxley Act: A) requires financial institutions to ensure the security of customer data. B) specifies best practices in information systems security and control. C) imposes responsibility on companies and management to safeguard the accuracy of financial information. D) outlines medical security and privacy rules. E) identifies computer abuse as a crime and defines abusive activities.

C

The process of sourcing goods and materials, negotiating with suppliers, paying for goods, and making delivery arrangements is called: A) e-procurement. B) SCM. C) procurement. D) distribution E) production.

C

Which of the following best illustrates the advertising revenue model? A) eBay receives a small fee from a seller if a seller is successful in selling an item. B) Yelp receives a fee after steering a customer to a participating website where he or she makes a purchase. C) Facebook provides a social network for free but shows sponsored content in users' News Feeds. D) Apple accepts micropayments for single music track downloads. E) Netflix charges customers a monthly fee for access to its library of movies.

C

Which of the following dimensions of e-commerce technology involves the integration of video, audio, and text marketing messages into a single marketing message and consumer experience? A) Ubiquity B) Personalization/customization C) Richness D) Interactivity E) Social technology

C

Which of the following focuses primarily on the technical issues of keeping systems up and running? A) Business continuity planning B) Security policies C) Disaster recovery planning D) An AUP E) An information systems audit

C

________ involves placing ads in social network newsfeeds or within traditional editorial content, such as a newspaper article. A) Behavioral targeting B) Crowdsourcing C) Native advertising D) Demand prediction software E) Lead generation marketing

C

________ is spyware that logs and transmits everything a user types. A) Keyware B) A Trojan horse C) A keylogger D) A worm E) A sniffer

C

Describe the use of personalization and customization in e-commerce. What business value do these techniques have?

Personalization enables merchants to target their marketing messages to specific individuals by adjusting the message to a person's name, interests, and past purchases. The ability of Internet technology to track customer behavior at websites, along with records of purchases and other behavior, allows merchants to create a detailed profile of a customer. These profiles can be used to create unique personalized web pages that display content or ads for products or services of special interest to each user, improving the customer's experience and creating additional value. For example, Amazon.com greets logged in users with their usernames. The business value of personalization is reduced marketing costs, as you spend only the money to target customers that are more likely to be receptive and are more profitable, and improved sales results, from increased customer response to personalized sites that better serve their own purposes and shopping needs. Personalization can achieve some of the benefits of using individual salespeople for dramatically lower costs. Customization enables merchants to change the delivered product or service based on a user's preferences or prior behavior. For instance, the Wall Street Journal Online allows you to select the type of news stories you want to see first and gives you the opportunity to be alerted when certain events happen. The business value of customization is improved sales results.

Key loggers

Record every keystroke on computer to steal serial numbers, passwords, launch Internet attacks

Just In Time Strategy

Scheduling system for minimizing inventory by having components arrive exactly at the moment they are needed and finished goods shipped as soon as they leave the assembly line.