E-commerce Chapter 5

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

The symmetric key—which the recipient will require to decrypt the document—is itself encrypted, using the recipient's public key. So we have a _______.

"key within a key" (a digital envelope).

digital signature (e-signature)

"signed" cipher text that can be sent over the internet

In 2017, a survey by Ponemon Institute found that the average annualized cost of cybercrime for all 254 organizations in the study was_____________.

$11.7 million

Malicious code

(sometimes referred to as "malware") includes a variety of threats such as viruses, worms, Trojan horses, ransomware, and bots.

Symmetric key cryptography suffers from common flaws:

1. computers are so powerful and fast that these ancient means of encryption can be broken quickly 2. it requires that both parties share the same key. 3. For a team, companies would need a secret key for each of the parties with whom the company will transact with

Modern digital encryption systems use keys with _______________________ binary digits.

56, 128, 256, or 512

Botnets

A collection of captured computers used for malicious activities such as sending spam, participating in a DDoS attack or credential stuffing campaign (malicious login attempts), stealing information from computers, and storing network traffic for later analysis.

The most widely used symmetric key algorithm is _______.

Advanced Encryption Standard (AES)

What can we can conclude about the overall size of cybercrime?

Cybercrime against e-commerce sites is dynamic and changing all the time, with new risks appearing often. The amount of losses to businesses is significant and growing.

_________ is currency to cybercriminals and has a "street value" that can be monetized.

Data

Advances in technology have greatly reduced the entry costs and skills required to enter the cybercrime business because ________

Low-cost and readily available web attack kits enable hackers to create malware without having to write software from scratch.

______________________ use an application-centric approach to firewall control.

Next-generation firewalls

typically do not involve malicious code but instead rely on straightforward misrepresentation and fraud

Phishing attacks

_______ solves the problem of exchanging keys.

Public key cryptogrophy

_________________ provides data encryption, server authentication, optional client authentication, and message integrity for TCP/IP connections.

SSL/TLS

The most common form of securing channels is through the ________________.

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

_____________ was used extensively throughout World War II and is still a part of Internet cryptography.

Symmetric key cryptography

How do the sender and the receiver have the same key?

They have to send it over some communication media or exchange the key in person

E-commerce merchants have two concerns related to privacy.

They must establish internal policies that govern their own use of customer information, and they must protect that information from illegitimate or unauthorized use.

Cybercrime against e-commerce sites is dynamic and changing all the time, with new risks appearing often.

True

Next-generation firewalls are able to identify applications regardless of the port, protocol, or security evasion tools used; identify users regardless of device or IP address; decrypt outbound SSL; and protect in real-time against threats embedded in applications.

True

The Trojan horse is not itself a virus because it does not replicate, but is often a way for viruses or other malicious code such as bots or rootkits to be introduced into a computer system.

True

The firewall controls traffic to and from servers and clients, forbidding communications from untrustworthy sources, and allowing other communications from trusted sources to proceed

True

The most prevalent types of attacks were malware, such as viruses, worms, and Trojans, experienced by 98% of the companies surveyed, followed by phishing and social engineering attacks (69%), web-based attacks (67%), botnets (63%), malicious code (58%), and denial of service attacks (53%) (Ponemon Institute/Accenture, 2017).

True

secure negotiated session

a client-server session in which the URL of the requested document, along with the contents, contents of forms, and the cookies exchanged, are encrypted

spyware

a program used to obtain information such as a user's keystrokes, e-mail, instant messages, and so on

Good e-commerce security requires _________________________________________________ that, to the extent feasible, protect individuals and organizations from unexpected behavior in the e-commerce marketplace.

a set of laws, procedures, policies, and technologies

digital envelope

a technique that uses symmetric encryption for large documents, but public key cryptography to encrypt and send the symmetric key

Application gateways

a type of firewall that filters communications based on the application being requested, rather than the source or destination of the message

ransomeware

a type of malware (often a worm) that locks your computer or files to stop you from accessing them.

session key

a unique symmetric encryption key chosen for a single secure session, once used it is gone forever

Spam (junk) websites

also referred to as link farms; promise to offer products or services, but in fact are just collections of advertisements

hash function

an algorithm that produces a fixed-length number called a hash or message digest

BEC (business e-mail compromise) phishing

an attacker poses as a high-level employee of a company and requests that another employee transfer funds to a fraudulent account.

phishing

any deceptive, online attempt by a third party to obtain confidential information for financial gain Ex. Nigerian letter scam

Trojan horse

appears to be benign, but then does something other than expected. Often a way for viruses or other malicious code to be introduced into a computer system

The recipient of this signed cipher text first uses the sender's public key to ______________.

authenticate the message

Some elements of security are missing in public key cryptography. We can be quite sure the message was not understood or read by a third party; however, there is no assurance the message was not altered somehow in transit, there is no guarantee the sender really is the sender; that is, there is no _____________________.

authentication of the sender

Spoofing threatens _________

authenticity and integrity.

Spoofing a website sometimes involves pharming,

automatically redirecting a web link to an address different from the intended one, with the site masquerading as the intended destination

Digital envelope saves time because ___________________.

both encryption and decryption are faster with symmetric keys.

Symmetric Key Cryptography Secret key cryptography

both the sender and the receiver use the same key to encrypt and decrypt the message

SSL/TLS addresses the issue of authenticity

by allowing users to verify another user's identity or the identity of a server.

access controls

determine who can gain legitimate access to a network

Data Encryption Standard (DES)

developed by the National Security Agency (NSA) and IBM. Uses a 56-bit encryption key

To ensure the authenticity of the message and to ensure nonrepudiation, the sender encrypts the entire block of cipher text one more time using the sender's private key. This produces a ______________________.

digital signature

The ciphers or keys used to transform plain text into cipher text are

digital strings.

Proxy servers are sometimes called ____________ because they have two network interfaces.

dual-home systems

Facebook and Twitter have begun to use SSL/TLS for a variety of reasons, including the ability to thwart account hijacking using Firesheep over wireless networks by

encrypting cookies.

Triple DES Encryption Algorithm (TDEA)

encrypting the message three times, each with a separate key

Packet filters

examine data packets to determine whether they are destined for a prohibited port or originate from a prohibited IP address

intrusion detection system (IDS)

examines network traffic, watching to see if it matches certain patterns or preconfigured rules indicative of an attack

social engineering

exploitation of human fallibility and gullibility to distribute malware

Trojan horses are often used for _______ distributed via botnets.

financial malware

Outsider access controls include

firewalls and proxy servers

Hackers often demand victims pay using

g Bitcoin so their transactions are hidden from authorities.

To internal computers, a proxy server is known as the ____________.

gateway

A digital signature is a close parallel to a _______________________.

handwritten signature

intrusion prevention system (IPS)

has all the functionality of an IDS, with the additional ability to take steps to prevent and block suspicious activities

To check the integrity of a message and ensure it has not been altered in transit, a ___________________ is used first to create a digest of the message.

hash function

More complex hash functions produce_________________ that are unique to every message. The results of applying the hash function are sent by the sender to the recipient. Upon receipt, the recipient applies the hash function to the received message and checks to verify the same result is produced. If so, the message has not been altered. The sender then encrypts both the hash result and the original message using the recipient's public key, producing a single block of cipher text.

hashes or hash results

There are six key dimensions to e-commerce security:___________ E-commerce security is designed to protect these six dimensions.

integrity, nonrepudiation, authenticity, confidentiality, privacy, and availability.

spoofing

involves attempting to hide a true identity by using someone else's e-mail or IP address

Public key cryptography is based on the idea of

irreversible mathematical functions.

one-way irreversible mathematical function

is one in which, once the algorithm is applied, the input cannot be subsequently derived from the output

One downside of the packet filtering method ______________.

is that it is susceptible to spoofing, because authentication is not one of its roles.

SSL/TLS also protects the integrity of the messages exchanged. However, once the merchant receives the encrypted credit and order information, that information _____________.

is typically stored in unencrypted format on the merchant's servers.

While SSL/TLS provides secure transactions between merchant and consumer, ____________.

it only guarantees server-side authentication. Client authentication is optional

private key

key is kept secret by the owner

public key

key is widely disseminated

Proxies act primarily to ______________, although some proxy servers act as firewalls as well.

limit access of internal clients to external Internet servers

Insider access controls typically consist of

login procedures (usernames, passwords, and access codes).

To external computers, a proxy server is known as a _______________.

mail server or numeric address.

worm

malware that is designed to spread from computer to computer

Spoofing

misrepresenting oneself online, or claiming to be someone they are not

Like a handwritten signature, a digital signature is unique ____________.

only one person presumably possesses the private key.

There are two major methods firewalls use to validate traffic:

packet filters and application gateways.

Application gateways also process requests at the application level, farther away from the client computer than packet filters. By providing a central filtering point, application gateways ___________.

provide greater security than packet filters but can compromise system performance.

Often display a notice that says an authority such as the FBI, Department of Justice, or IRS has detected illegal activity on your computer and demands that you pay a fine in order to unlock the computer and avoid prosecution.

ransomware

firewall

refers to either hardware or software that filters communication packets and prevents some packets from entering the network based on a security policy

proxy server (proxy)

software server that handles all communications originating from or being sent to the Internet, acting as a spokesperson or bodyguard for the organization

Firewalls can filter traffic based on packet attributes such as ______________.

source IP address, destination port or IP address, type of service, the domain name of the source, and many other dimensions.

Packet filters specifically look at the ____________________, when determining whether the information may be transmitted.

source and destination information, as well as the port and packet type

Some malicious code, sometimes referred to as an exploit, is designed to

take advantage of software vulnerabilities in a computer's operating system, web browser, applications, or other software components.

spear phishing

targeting a known customer of a specific bank or other type of business

the firewall only allows connections from servers ___________.

that you requested service from

privacy

the ability to control the use of information about oneself

availability

the ability to ensure that an e-commerce site continues to function as intended

nonrepudiation

the ability to ensure that e-commerce participants do not deny (i.e., repudiate) their online actions

integrity

the ability to ensure that information being displayed on a website or transmitted or received over the Internet has not been altered in any way by an unauthorized party

confidentiality

the ability to ensure that messages and data are available only to those who are authorized to view them

authenticity

the ability to identify the identity of a person or entity with whom you are dealing on the Internet

From a technology perspective, there are three key points of vulnerability when dealing with e-commerce:

the client, the server, and the communications pipeline.

The strength of modern security protection is measured in terms of

the length of the binary key used to encrypt the data.

As a final step, the recipient applies the same hash function to the original text, and compares the result with the result sent by the sender. If the results are the same, the recipient now knows _____________.

the message has not been changed during transmission. The message has integrity

Advanced Encryption Standard (AES)

the most widely used symmetric key algorithm, offering 128-, 192-, and 256-bit keys

The price for various types of data vary depending on

the quantity being purchased, supply available, and "freshness."

Public and private keys can be used to encrypt and decrypt a message. However, once the keys are used to encrypt a message,

the same key cannot be used to unencrypt the message.

An encrypted report and a digital envelope are sent across the Web. The recipient first uses ___________.

their private key to decrypt the symmetric key

Once authenticated, the recipient uses his or her private key

to obtain the hash result and original message.

The nature of credit card fraud has changed greatly from the theft of a single credit card number and efforts to purchase goods at a few sites,

to the simultaneous theft of millions of credit card numbers and their distributions to thousands of criminals operating as gangs of thieves.

phishers create a website that purports to be a legitimate institution and cons users into entering financial information, or the site downloads malware such as a keylogger to the victim's computer

true

Digital strings can be transformed into cipher text is by multiplying each letter by another binary number.

true.

public key cryptography (also referred to as asymmetric cryptography)

two mathematically related digital keys are used: a public key and a private key. The private key is kept secret by the owner, and the public key is widely disseminated. Both keys can be used to encrypt and decrypt a message. However, once the keys are used to encrypt a message, that same key cannot be used to unencrypt the message

bot

type of malicious code that can be covertly installed on a computer when connected to the Internet. Once installed, the bot responds to external commands sent by the attacker; the computer becomes a "zombie" and is able to be controlled by an external third party

In addition to being exclusive to a particular individual, when used to sign a hashed document, the digital signature is also ______________.

unique to the document, and changes for every document.

Once the symmetric key is decrypted, the recipient _____________.

uses the symmetric key to decrypt the report.

The digital signature is even more unique than a handwritten signature _______________.

when used with a hash function

Every message that is to be sent or received from the network is processed by the firewall, ______________.

which determines if the message meets security guidelines established by the business.

A _________ does not necessarily need to be activated by a user or program in order for it to replicate itself.

worm

SSL/TLS cannot provide irrefutability- _____________.

—consumers can order goods or download information products, and then claim the transaction never occurred.

Why are companies hesitant to report the number of cybercrime cases?

Due to the fear of losing the trust of their customers.

____________________ are intended to build a wall around your network and the attached servers and clients.

Firewalls and proxy servers

In order to share the same key, the key must be sent over a presumably insecure medium where it could be stolen and used to decipher messages.

If the secret key is lost or stolen, the entire encryption system fails

Why is it difficult to estimate the actual amount of cybercrime?

In part, because many companies are hesitant to report, and because even if crime is reported, it may be difficult to quantify the actual dollar amount of the loss

Polymorphic malware is difficult to detect and remove because of which feature?

It enables attackers to generate a unique version of the malware for each victim, making it much more difficult for pattern-matching software used by security firms to detect.

A common default setting on hardware firewalls simply ignores efforts to communicate with ___________.

TCP port 445, the most commonly attacked port

Online credit card fraud is one of the most high-profile forms of e-commerce crime.

The average amount of credit card fraud loss experienced by any one individual is typically relatively small, the overall amount is substantial.


Ensembles d'études connexes

Chapter 15 "Medical Expense Insurance, Purpose, Base Plans" Insurance Questions

View Set

ONLINE SYSTEMS : FUNCTIONS AND PLATFORMS - E- TECH

View Set

Jason Dion Network+ N10 008 Missed Practice Test Questions

View Set

1.3 Economic Models Macroeconomics Hubbard 6th Edition

View Set

Electromagnetic Spectrum & Telescopes and Light

View Set

Int. economic quiz questions for test 2

View Set