E-Commerce Chapter 5
The Data Encryption Standard uses a(n) ________-bit key. 8 56 256 512
56
Which of the following statements about blockchain is not true? A blockchain system is a transaction processing system. A blockchain system is inherently centralized. A blockchain system is composed of a distributed network of computers. Cryptocurrencies are based on blockchain technology.
A blockchain system is inherently centralized.
Which of the following is an example of an integrity violation of e-commerce security? A website is not actually operated by the entity the customer believes it to be. A customer denies that he is the person who placed the order. A merchant uses customer information in a manner not intended by the customer. An unauthorized person intercepts an online communication and changes its contents.
An unauthorized person intercepts an online communication and changes its contents.
Which of the following is the leading cause of data breaches? hackers theft of a computer DDoS attacks accidental disclosures
Hackers
________ typically attack governments, organizations, and sometimes individuals for political purposes. Tiger teams Hacktivists Crackers Bounty hunters
Hacktivists
(T/F) A Trojan horse appears to be benign, but then does something other than expected.
True
(T/F) The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.
True
Which of the following dimensions of e-commerce security is not provided for by encryption? confidentiality message integrity nonrepudiation availability
availability
Accessing data without authorization on Dropbox is an example of a: cloud security issue. sniffing issue. social network security issue. mobile platform security issue.
cloud security issue.
All of the following are limitations of the existing online credit card payment system except: cost to merchant. social equity. cost to consumers. poor security.
cost to consumers.
Which dimensions of security is spoofing a threat to? availability and authenticity integrity and authenticity availability and integrity integrity and confidentiality
integrity and authenticity
PayPal is an example of which of the following types of payment system? digital checking system digital credit card system online stored value payment system accumulating balance system
online stored value payment system
Automatically redirecting a web link to a different address is an example of which of the following? pharming sniffing DDoS attack social engineering
pharming
Asymmetric key cryptography is also known as: PKI. secret key cryptography. public key cryptography. PGP.
public key cryptography.
Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as: a backdoor. spyware. a browser parasite. adware.
spyware
A digital certificate contains all of the following except the: subject's private key. digital signature of the certification authority. digital certificate serial number. subject's public key.
subject's private key.
Next generation firewalls provide all of the following except: the ability to identify users regardless of the device or IP address. the ability to automatically update applications on a client computer with security patches. the ability to identify applications regardless of the port, protocol, or security evasion tools used. an application-centric approach to firewall control.
the ability to automatically update applications on a client computer with security patches.
________ is the ability to ensure that e-commerce participants do not deny their online actions. Authenticity Nonrepudiation Availability Integrity
Nonrepudiation
What is the first step in developing an e-commerce security plan? Perform a security audit. Create a security organization. Perform a risk assessment. Develop a security policy.
Perform a risk assessment.
Which of the following was designed to cripple Iranian nuclear centrifuges? Shamoon Snake Storm Stuxnet
Stuxnet
