Short Answers Chap 7-12

What is the purpose of an incubator?

An incubator is a company that offers start-up companies a physical location with offices, accounting and legal assistance, computers, and Internet connections at a very low monthly cost. Sometimes, the incubator offers seed money, management advice, and marketing assistance as well. In exchange, the incubator receives ownership interest in the company, typically between 10 percent and 50 percent.

Explain the three essential elements of a contract.

Any contract includes three essential elements: an offer, an acceptance, and consideration. The contract is formed when one party accepts the offer of another party. An offer is a commitment with certain terms made to another party, such as a declaration of willingness to buy or sell a product or service. An offer can be revoked as long as no payment, delivery of service, or other consideration has been accepted. An acceptance is the expression of willingness to take an offer, including all of its stated terms. Consideration is the agreed-upon exchange of something valuable, such as money, property, or future services. When a party accepts an offer based on the exchange of valuable goods or services, a contract has been created.

How are phishing attacks used for identity theft?

The Internet has opened new opportunities for organized crime in its traditional types of criminal activities and in new areas such as generating spam, phishing, and identity theft. Identity theft is a criminal act in which the perpetrator gathers personal information about a victim and then uses that information to obtain credit. After establishing credit accounts, the perpetrator runs up charges on the accounts and then disappears. Large criminal organizations can be highly efficient perpetrators of identity theft because they can exploit large amounts of personal information very quickly and efficiently. These organizations can use phishing attacks to gather personal information and then use it to perpetrate identity theft and other crimes.

Explain the factors required to measure a server's Web page delivery capability.

Throughput and response time are the two factors used to evaluate a server's Web page delivery capability. Throughput is the number of HTTP requests that a particular hardware and software combination can process in a unit of time. Response time is the amount of time a server requires to process one request.

What are the most important factors to evaluate when selecting a hosting service?

When considering hosting options for a Web site, a business must consider the functions it needs now and in the future, the reliability of the hosting provider, the volume of customers and transactions it needs to handle, security, provisions for backup, and the cost.

What are the six main elements included on a digital certificate?

A digital certificate includes six main elements, including: 1) Certificate owner's identifying information, such as name, organization address, and so on 2) Certificate owner's public key 3) Dates between which the certificate is valid 4) Serial number of the certificate 5) Name of the certificate issuer 6) Digital signature of the certificate issuer.

Explain the difference between a dynamic Web page and a static Web page.

A dynamic page is a Web page whose content is shaped by a program in response to user requests, whereas a static page is an unchanging page retrieved from a file or set of files stored on a Web server.

What is the difference between a credit card and a charge card?

A credit card, such as Visa or a MasterCard, has a spending limit based on the user's credit history. A user can pay off the entire credit card balance or pay a minimum amount each billing period. Credit card issuers charge interest on any unpaid balance. A charge card, offered by companies such as American Express, carries no spending limit, and the entire amount charged to the card is due at the end of the billing period. Charge cards do not involve lines of credit and do not accumulate interest charges.

How is a buffer vulnerable to security threats?

A buffer is an area of memory set aside to hold data read from a file or database. A buffer is necessary whenever any input or output operation takes place because a computer can process file information much faster than the information can be read from input devices or written to output devices. Programs filling buffers can malfunction and overfill the buffer, spilling the excess data outside the designated buffer memory area. This is called a buffer overrun or buffer overflow error. Usually, this occurs because the program contains an error or bug that causes the overflow, but it can also be intentional. An overflow condition can consume the resources of the computer until it can no longer function. A more insidious version of a buffer overflow attack writes instructions into critical memory locations so that when the intruder program has completed its work of overwriting buffers, the Web server resumes execution by loading internal registers with the address of the main attacking program's code. This type of attack can open the Web server to severe damage because the resumed program—which is now the attacker program—may regain control of the computer, exposing its files to disclosure and destruction by the attacking program.

Describe the role of a business manager in electronic commerce initiatives.

A business manager should be a member of the internal team that sets the objectives for the project. The business manager is responsible for implementing the elements of the business plan and reaching the objectives set by the internal team. If revisions to the plan are necessary as the project proceeds, the business manager develops specific proposals for plan modifications and additional funding and presents them to the internal team and top management for approval. The business manager should have experience and knowledge related to the business activity that is being implemented on the electronic commerce site. For example, if business managers are assigned to a retail consumer site, they should have experience managing a retail sales operation.

What is the difference between a static catalog and a dynamic catalog?

A static catalog is a simple list written in HTML that appears on a Web page or a series of Web pages. To add an item, delete an item, or change an item's listing, the company must edit the HTML of one or more pages. A dynamic catalog stores the information about items in a database, usually on a separate computer that is accessible to the server that is running the Web site itself. A dynamic catalog can feature multiple photos of each item, detailed descriptions, and a search tool that allows customers to search for an item and determine its availability.

Describe a tort and identify the types of tortious acts that can be committed.

A tort is an intentional or negligent action taken by a legal entity that causes harm to another legal entity. A business can commit a tortious act by selling a product that causes harm to a buyer. The tortious act can be a negligent tort, in which the seller unintentionally provides a harmful product, or it can be an intentional tort, in which the seller knowingly or recklessly causes injury to the buyer. The most common business-related intentional torts involve defamation, misrepresentation, fraud, and theft of trade secrets.

Describe the major components of a typical request message from a client to a server.

A typical request message from a client to a server consists of three major parts: request line, optional request headers, and optional entity body. The request line contains a command, the name of the target resource (a filename and a description of the path to that file on the server), and the protocol name and version number. Optional request headers can contain information about the types of files that the client will accept in response to this request. Finally, an optional entity body is sometimes used to pass bulk information to the server.

What is the difference between a virus and a worm?

A virus is software that attaches itself to another program and can cause damage when the host program is activated. A worm is a type of virus that replicates itself on the computers that it infects. Worms can spread quickly through the Internet.

Briefly discuss the application of import tariffs.

All countries in the world regulate the import and export of goods across their borders. In many cases, goods can only be imported into a country if a tariff is paid. A tariff, also called a customs duty or duty, is a tax levied on products as they enter the country. Countries have many reasons for imposing tariffs. Goods that are ordered online are subject to tariffs when they cross international borders. Even products that are delivered online (such as downloaded software) can be subject to tariffs. Many online shoppers have been surprised when an item they ordered from another country arrives with a bill from their government for the tariff.

Briefly discuss the built-in biases in the return on investment, or ROI, technique that can lead managers to make poor decisions.

First, ROI requires that all costs and benefits be stated in monetary units. Because it is usually easier to quantify costs than benefits, ROI measurements can be biased in a way that gives undue weight to costs. Second, ROI focuses on benefits that can be predicted. Many electronic commerce initiatives have returned benefits that were not foreseen by their planners. The benefits developed after the initiatives were in place. Another weakness of ROI is that it tends to emphasize short-run benefits over long-run benefits. The mathematics of ROI calculations do account for both correctly, but short-term benefits are easier to foresee, so they tend to get included in the ROI calculations. Long-term benefits are harder to imagine and quantify, so they tend to be included less often and less accurately in the ROI calculation.

What are the advantages and disadvantages of payment cards?

For merchants, payment cards provide fraud protection. When a merchant accepts payment cards for online payment or for orders placed over the telephone, the merchant can authenticate and authorize purchases using an interchange network. Payment card service companies do charge merchants per-transaction fees and monthly processing fees for processing payments, however, merchants consider them as a necessary cost of doing business. The consumer pays no per-transaction fees for using payment cards, but the prices of goods and services are slightly higher than they would be in an environment free of payment cards. Some credit cards and a few debit cards and charge cards assess consumers an annual fee.

Describe the process of partial outsourcing

In partial outsourcing, which is also called component outsourcing, a company identifies specific portions of a project that can be completely designed, developed, implemented, and operated by another firm that specializes in a particular function. For example, many smaller Web sites outsource their e-mail handling and response functions. Customers expect rapid and accurate responses to any e-mail inquiry they make of a Web site with which they are doing business. Many companies send the customer an automatic order confirmation by e-mail as soon as the order or credit card payment is accepted. A number of companies act as outsourcers by providing these e-mail auto response functions to other companies.

List at least five software components that large and complex electronic commerce sites can include in addition to a catalog display, shopping cart capabilities, and transaction processing.

Larger and more complex electronic commerce sites use software that adds other features and capabilities to the basic set of commerce tools. These additional software components can include: • Middleware that integrates the electronic commerce system with existing company information systems that handle inventory control, order processing, and accounting • Enterprise application integration • Web services • Integration with enterprise resource planning (ERP) software • Supply chain management (SCM) software • Customer relationship management (CRM) software • Content management software • Knowledge management software

What are the benefits of using a mall-style commerce service provider or a mall-style CSP? What are the costs associated with them?

Mall-style CSPs provide small businesses with a basic Web site, online store design tools, storefront templates, and an easy-to-use interface. These service providers charge a low monthly fee and may also charge one-time setup fees (similar to basic CSPs), however, others also charge a percentage of or fixed amount for each customer transaction. Mall-style CSPs provide shopping cart software or the ability to use another vendor's shopping cart software. They also provide payment-processing services so the online store can accept credit cards.

Describe some of the drawbacks of e-mail.

One annoyance associated with e-mail is the amount of time that businesspeople spend answering their e-mail today. Researchers have found that most managers can deal with e-mail messages at an average rate of about five minutes per message. Some messages can be deleted within a few seconds, but those are balanced by the e-mails that require the manager to spend much more time finding facts, checking files, making phone calls, and doing other tasks as part of answering e-mail. A second major irritation brought by e-mail is the computer virus, more simply known as a virus, which is a program that attaches itself to another program and can cause damage when the host program is activated. Probably the most frustrating and expensive problem associated with e-mail today is the issue of unsolicited commercial e-mail.

Discuss new 2013 rules directed to websites and online services that collect information from children under 13.

Post a clear and comprehensive online privacy describing their information practices for personal information collected online from children; provide direct notice to parent and obtain verifiable parental consent, with limited exception, before collecting personal information online from children; give parents the choice of consenting to the operator's collection and internal use of a children's information, but prohibiting the operator from disclosing that information to third parties (unless disclosure is integral to the site of service, in which case, this mus be made clear to parents); provide parents access to their child's personal information to review and /or have the information deleted; give parents the opportunity to prevent further use or online collection of a child's personal information; maintain the confidentiality, security, and integrity of information they collect from children, including by taking reasonable steps to release such information only to parties capable of maintaining its confidentiality and security

Processing a payment card transaction online involves two general processes. Describe these processes.

Processing a payment card transaction online involves two general processes, the acceptance of payment and clearing the transaction. Payment acceptance includes the steps necessary to determine that the card is valid and that the transaction will not exceed any credit limit that might exist for the card. Clearing the transaction includes all of the steps needed to move the funds from the card holder's bank account into the merchant's bank account.

Explain the roles of indexing and searching utility programs.

Search engines and indexing programs are important elements of many Web servers. Search engines or search tools search either a specific site or the entire Web for requested documents. An indexing program can provide full-text indexing that generates an index for all documents stored on the server. When a browser requests a Web site search, the search engine compares the index terms to the requester's search term to see which documents contain matches for the requested term or terms. More advanced search engine software (such as that used by the popular search engine site Google) uses complex relevance ranking rules that consider things such as how many other Web sites link to the target site. Many Web server software products also contain indexing software. Indexing software can often index documents stored in many different file formats.

Briefly describe the requirements for secure electronic commerce.

Secure electronic commerce should satisfy the following requirements. Secrecy: Prevent unauthorized persons from reading messages and business plans, obtaining credit card numbers, or deriving other confidential information. Integrity: Enclose information in a digital envelope so that the computer can automatically detect messages that have been altered in transit. Availability: Provide delivery assurance for each message segment so that messages or message segments cannot be lost undetectably. Key management: Provide secure distribution and management of keys needed to provide secure communications. Nonrepudiation: Provide undeniable, end-to-end proof of each message's origin and recipient. Authentication: Securely identify clients and servers with digital signatures and certificates.

What is the difference between shared hosting and dedicated hosting?

Shared hosting means that the client's Web site is on a server that hosts other Web sites simultaneously and is operated by the service provider at its location. With dedicated hosting, the service provider makes a Web server available to the client, but the client does not share the server with other clients of the service provider.

What is the difference between subject-matter jurisdiction and personal jurisdiction?

Subject-matter jurisdiction is a court's authority to decide a particular type of dispute. For example, in the United States, federal courts have subject-matter jurisdiction over issues governed by federal law (such as bankruptcy, copyright, patent, and federal tax matters), and state courts have subject-matter jurisdiction over issues governed by state laws (such as professional licensing and state tax matters). If the parties to a contract are both located in the same state, a state court has subject-matter jurisdiction over disputes that arise from the terms of that contract. Personal jurisdiction is, in general, determined by the residence of the parties. A court has personal jurisdiction over a case if the defendant is a resident of the state in which the court is located. In such cases, the determination of personal jurisdiction is straightforward. However, an out-of-state person or corporation can also voluntarily submit to the jurisdiction of a particular state court by agreeing to do so in writing or by taking certain actions in the state.

What is the purpose of supply chain management software?

Supply chain management (SCM) software helps companies to coordinate planning and operations with their partners in the industry supply chains of which they are members. SCM software performs two general types of functions: planning and execution. Most companies that sell SCM software offer products that include both components, but the functions are quite different. SCM planning software helps companies develop coordinated demand forecasts using information from each participant in the supply chain. SCM execution software helps with tasks such as warehouse and transportation management.

What are the disadvantages of using paper checks?

The cost of transporting tons of paper checks around the country has grown each year. In addition to the transportation costs, another disadvantage of using paper checks is the delay that occurs between the time that a person writes a check and the time that check clears the person's bank.

List the guidelines that acknowledge an organization's responsibility for respecting customer privacy and the importance of maintaining customer's trust.

The guidelines for the use of customer data are as follows: 1. Use data collected to provide improved service or other benefits to the customer. 2. Do not provide customer data to anyone outside your organization without the customer's express permission. 3. Give customers a description of what data is collected and provide clear explanations about how the data is used. 4. Give customers the right to have any of their data deleted. 5. Train employees in how to keep customer data safe and secure.

Describe the security dangers inherent in ActiveX controls.

The security danger with ActiveX controls is that once they are downloaded, they execute like any other program on a client computer. They have full access to all system resources, including operating system code. An ill-intentioned ActiveX control could reformat a user's hard disk, rename or delete files, send e-mails to all the people listed in the user's address book, or simply shut down the computer. Because ActiveX controls have full access to client computers, they can cause secrecy, integrity, or necessity violations.