ch05 e-commerce
A ________ is hardware or software that acts as a filter to prevent unwanted packets from entering a network. A) firewall B) virtual private network C) proxy server D) PPTP
A
________ refers to the ability to ensure that e-commerce participants do not deny their online actions. A) Nonrepudiation B) Authenticity C) Availability D) Integrity
A
________ refers to the ability to ensure that messages and data are only available to those authorized to view them. A) Confidentiality B) Integrity C) Privacy D) Availability
A
Accessing data without authorization on Dropbox is an example of which of the following? A) social network security issue B) cloud security issue C) mobile platform security issue D) sniffing
B
All of the following statements about public key encryption are true except A) public key encryption uses two mathematically related digital keys. B) public key encryption ensures authentication of the sender. C) public key encryption does not ensure message integrity. D) public key encryption is based on the idea of irreversible mathematical functions.
B
An example of a privacy violation of e-commerce security is: A) your e-mail being read by a hacker. B) your online purchasing history being sold to other merchants without your consent. C) your computer being used as part of a botnet. D) your e-mail being altered by a hacker.
B
In the United States, the primary form of online payment is: A) PayPal. B) credit cards. C) debit cards. D) Google Wallet.
B
Most of the world's malware is delivered via which of the following? A) botnets B) Trojan horses C) viruses D) worms
B
Which of the following dimensions of e-commerce security is not provided for by encryption? A) confidentiality B) availability C) message integrity D) nonrepudiation
B
________ refers to the ability to identify the person or entity with whom you are dealing on the Internet. A) Nonrepudiation B) Authenticity C) Availability D) Integrity
B
All of the following are examples of malicious code except: A) worms B) viruses C) sniffers D) bots
C
Paypal is an example of what type of payment system? A) digital checking system B) accumulating balance system C) online stored value payment system D) digital credit card system
C
What is the first step in developing an e-commerce security plan? A) Create a security organization. B) Develop a security policy. C) Perform a risk assessment. D) Perform a security audit.
C
Which of the following is the current standard used to protect Wi-Fi networks? A) WEP B) TLS C) WPA2 D) WPA3
C
Which of the following is the leading cause of data breaches? A) theft of a computer B) accidental disclosures C) hackers D) DDoS attacks
C
Which of the following is an example of an integrity violation of e-commerce security? A) A Web site is not actually operated by the entity the customer believes it to be. B) A merchant uses customer information in a manner not intended by the customer. C) A customer denies that he or she is the person who placed the order. D) An unauthorized person intercepts an online communication and changes its contents.
D
Which of the following is not a key point of vulnerability when dealing with e-commerce? A) the client computer B) the server C) the communications pipeline D) the credit card companies
D
Credit cards are the dominant form of online payment throughout the world.
FALSE
Phishing attacks rely on browser parasites.
FALSE
Spoofing involves attempting to hide a true identity by using someone else's e-mail or IP address.
FALSE
A Trojan horse appears to be benign, but then does something other than expected.
TRUE
A worm does not need to be activated by a user in order for it to replicate itself.
TRUE
The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.
TRUE
Typically, the more security measures added to an e-commerce site, the slower and more difficult it becomes to use.
TRUE
A(n) ________ is a feature of viruses, worms, and Trojans that allows an attacker to remotely access a compromised computer.
backdoor
A fingerprint or retina (eye) scan is an example of ________.
biometrics
Malicious code is sometimes also referred to as ________.
malware
________ relies on human curiosity, greed, and gullibility to trick people into taking action that will result in the downloading of malware.
social engineering
