E-Commerce: Security and Payments
Beebone is an example of which of the following? -phishing -botnet -worm -hacktivism
Botnet
Accessing data without authorization on Dropbox is an example of a: -social network security issue -sniffing issue -mobile platform security issue -cloud security issue
Cloud security issue
Mint Bills is an example of which of the following EBPP business models? -consolidator -biller-direct -online banking -mobile
Consolidator
The attack against DYN servers is an example of a(n): -browser parasite -SQL injection attack -MitM attack -DDoS attack
DDoS attack
(T/F) Phishing attacks rely on browser parasites.
False.
All of the following about PKI are true EXCEPT: -PKI is not effective against insiders who have a legitimate access to corporate systems including customer information. -the term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties. -PKI guarantees that the verifying computer of the merchant is secure. -the acronym PKI stands for public key infrastructure.
PKI guarantees that the verifying computer of the merchant is secure.
All of the following are used for authentication EXCEPT: -biometric devices. -digital signatures. -packet filters. -certificates of authority.
Packet filters.
Asymmetric key cryptography is also known as: -secret key cryptography -public key cryptography -PGP -PKI
Public key cryptography
Next generation firewalls provide all of the following EXCEPT: -the ability to identify users regardless of the device or IP address. -the ability to automatically update applications on a client computer with security patches. -the ability to identify applications regardless of the port, protocol, or security evasion tools used. -an application-centric approach to firewall control.
The ability to automatically update applications on a client computer with security patches.
PCI-DSS is a standard established by which of the following? -the banking industry -the credit card industry -the retail industry -the federal government
The credit card industry
(T/F) Most computers and mobile devices today have built-in encryption software that users can enable.
Ture.
All of the following are examples of cryptocurrencies EXCEPT: -Monero -Zelle -Ethereum -Ripple
Zelle
The Data Encryption Standard uses a(n) _____-bit key. -8 -56 -256 -512
56
To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use: -an authorization management system. -a firewall. -an authorization policy. -security tokens.
An authorization management system.
All of the following statements about Apple Pay are true EXCEPT which of the following? -Apple Pay is an example of a universal mobile wallet. -Apple Pay is the most popular alternative payment method in the United States. -Apple Pay can be used for mobile payments at the point of sale at a physical store. -Apple Pay had more users than either Google Pay or Samsung Pay.
Apple Pay is the most popular alternative payment method in the United States.
Face ID is an example of which of the following? -biometrics -firewall -IDS -encryption
Biometrics
An intrusion detection system can perform all of the following functions EXCEPT: -examining network traffic. -setting off an alarm when suspicious activity is detected. -checking network traffic to see if it matches certain patterns or preconfigured rules. -blocking suspicious activity.
Blocking suspicious activity.
According to Ponemon Institute's 2019 survey, which of the following was NOT among the causes of the costliest cybercrimes? -malicious insiders -denial of service -web-based attacks -botnets
Botnets
All of the following ae limitations of the existing online credit card payment system EXCEPT: -cost to the consumers. -cost to the merchant. -poor security. -social equity.
Cost to the consumers.
Malware that comes with a downloaded file requested by a user is called a: -backdoor. -PUP. -drive-by download. -Trojan horse.
Drive-by download.
Proxy servers are also known as ______ because they have two network interfaces. -firewalls -application gateways -packet filter -dual home systems
Dual home systems
All of the following are methods of securing channels of communication EXCEPT: -digital certificates. -FTP. -VPN. -TLS.
FTP
(T/F) Bluetooth is the primary enabling technology for mobile wallets.
False.
(T/F) Exploit kits can be purchased by users to protect their computers from malware.
False.
A _______ is hardware or software that acts as a filter to prevent unwanted packets from entering a network. -virtual private network -proxy server -firewall -PPTP
Firewall
PayPal is an example of which of the following types of payment system? -digital checking system. -online stored value payment system. -accumulating balance system. -digital credit card system.
Online stored value payment system.
Automatically redirecting a web link to a different address is an example of which of the following? -DDoS attack. -pharming. -social engineering. -sniffing.
Pharming.
Confidentiality is sometimes confused with: -integrity -authenticity -privacy -nonrepudiation
Privacy
All of the following statements about public key cryptography are true EXCEPT: -public key cryptography is based on the idea of irreversible mathematical functions. -public key cryptography does not ensure message integrity. -public key cryptography uses two mathematically related digital keys. -public key cryptography ensures authentication of the sender.
Public key cryptography ensures authentication of the sender.
Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as: -adware a browser parasite -spyware -a backdoor
Spyware
A digital certificate contains all of the following EXCEPT the: -digital certificate serial number -digital signature of the certification authority -subject's private key -subject's public key
Subject's private key
All of the following statements about symmetric key cryptography are true EXCEPT: -the Data Encryption Standard is a symmetric key encryption system. -symmetric key cryptography is a key element in digital envelopes. -symmetric key cryptography is computationally slower. -in symmetric cryptography, both the sender and the receiver use the same key to encrypt and decrypt a message.
Symmetric key cryptography is computationally slower.
(T/F) A drive-way download is malware that comes with a downloaded file that a user intentionally or unintentionally requests.
True
(T/F) According to the most recent Fiserv's survey, 65% of consumers in the United States have used online bill payment.
True
(T/F)A Trojan horse appears to be benign, but then does something other than expected.
True
(T/F) FREAK is an example of a software vulnerability.
True.
(T/F) Spoofing is the attempt to hide a hacker's true identity by using someone else's e-mail or IP address.
True.
(T/F) The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.
True.
(T/F) There is finite number of Bitcoins that can be created.
True.
(T/F) Typically, the more security measures added to an e-Commerce site, the slower and more difficult it becomes to use.
True.
(T/F) WannaCry is an example of ransomware.
True.
Conficker is an example of a: -botnet -virus -worm -Trojan horse
Worm
All of the following are features of WPA3 EXCEPT: -it implements a more robust key exchange protocol. -it features expanded encryption for public networks. -it provides a more secure way to connect IoT devices. -it enables the creation of a VPN.
it enables the creation of a VPN.
