MIS 3203 Chapter 5
The Computer Security Institute reported in its 2011 survey that approximately _____ percent of responding organizations experienced a computer security incident within the previous 12 months.
45
The Data Encryption Standard uses a(n) _____-bit key.
56
Which of the following is an example of an integrity violation of e-commerce security?
An unauthorized person intercepts an online communication and changes its contents
Which of the following is a prominent hacktivist group?
Anonymous
_____ refers to the ability to identify the person or entity with whom you are dealing on the Internet.
Authenticity
_____ refers to the ability to ensure that an e-commerce site continues to function as intended.
Availability
Which of the following is the primary federal statute used to combat computer crime?
Computer Fraud and Abuse Act
_____ refers to the ability to ensure that messages and data are only available to those authorized to view them.
Confidentiality
All of the following statements about debit cards are true except:
Debit cards enable consumers to make purchases even if they do not have sufficient funds at the time of purchase
All of the following are methods of securing channels of communication except:
FTP
Credit cards are the dominant form of payment throughout the world.
False
All of the following are stakeholders in payment systems except:
ISPs
All of the following were computer crimes committed in 2011-2012 except:
Melissa worm spreads through Microsoft Word templates
The Conficker worm targeted:
Microsoft operating systems
Which of the following is a set of short-range wireless technologies used to share information among devices within about 2 inches of each other?
NFC
_____ refers to the ability to ensure that e-commerce participants do not deny their online actions.
Nonrepudiation
All of the following statements about PKI are true except:
PKI guarantees that the verifying computer of the merchant is secure
What is the last step in developing an e-commerce security plan?
Perform a security audit
A worm does not need to be activated by a user in order for it to replicate itself
True
Drive-by downloads are now the most common method of infecting computers
True
In order to accept payments by credit card, online merchants typically must have a merchant account established with a bank or financial institution.
True
The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.
True
Typically, the more security measures added to a Web site, the slower and more difficult it becomes to use.
True
To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use:
an authorization management system
Which of the following dimensions of e-commerce security is not provided for by encryption?
availability
Most of the world's spam is delivered via which of the following?
botnets
The six key dimensions to e-commerce security are nonrepudiation, authenticity, availability, integrity, privacy, and:
confidentiality
All of the following are limitations of the existing credit card payment system except:
cost to consumers
All of the following are examples of stored value payment systems except:
credit cards
Which of the following is not an example of an access control?
digital signatures
Malware that comes with a downloaded file that a user requests is called a:
drive-by download
Which of the following is not an example of a PUP?
drive-by download
Proxy servers are also known as:
dual home systems
If you used a symmetric key encryption for large documents, with public key encryption to encrypt and send the symmetric key, you would be using a digital______:
envelope
A _____ is a hardware or software that acts as a filter to prevent unwanted packets from entering a network.
firewall
Which dimension(s) of security is spoofing a threat to?
integrity and authenticity
All of the following are features of cash except:
it provides float
The overall rate of online credit card fraud is ____ percent of all online card transactions.
less than 1
According to the Computer Security Institute's 2011 Computer Crime and Security Survey, which of the following was the most commonly reported type of attack?
malware infection
All of the following are used for authentication except:
packet filters
What is the first step in developing an e-commerce security plan?
perform a risk assessment
Botnets are typically used for all of the following except:
phishing attacks
All of the following statements about public key encryption are true except:
public key encryption ensures authentication of the sender
Symmetric key encryption is also known as:
secret key encryption
All of the following are examples of malicious code except:
sniffers
Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as:
spyware
PSP payment systems are a variation on what type of payment system?
stored value payment system
None of the following payment systems offers immediate monetary value except:
stored value/debit card
A digital certificate contains all of the following except the:
subject's private key
All of the following statements about symmetric key encryption are true except:
symmetric key encryption is computationally slower
All of the following are factors in contributing to the increase in cybercrime except:
the Internet's similarity to telephone networks
Which of the following is not a key point of vulnerability when dealing with e-commerce?
the credit card companies
What is the most frequent cause of stolen credit cards and card information today?
the hacking and looting of corporate servers storing credit card information
Linden Dollars, created for use in Second Life, are an example of:
virtual currency
Netsky.P, which spreads by sending emails from an infected computer to all of the e-mail addresses found on that infected computer, is an example of:
worm/Trojan horse
An example of a privacy violation of e-commerce security is:
you online purchasing history being sold to other merchants without your consent
