BCIS 4720 Final
Which of the following statements about data breaches in 2019 is not true
According to the Identity Theft Resource Center, employee error was the leading cause of data breaches.
The Internet Advertising Bureau urges advertisers to abandon?
Adobe Flash
An example of an integrity violation of e-commerce security:
An unauthorized person intercepts an online communication and changes its contents.
Beebone is an example of which of the following A. Botnet B. Phishing C. Hactivism D. Worm
Botnet
According to Ponemon Institute's 2019 survey, which of the following was not among the causes of the costliest cybercrimes:
Botnets
Accessing data without authorization on Dropbox is an example of a
Cloud Security Issue
The attack against Dyn servers is an example of a(n
DDOS Attack
Technology aimed at reducing e-mail address spoofing and phishing: A. WPA B. TLS C. DMARC
DMARC
Not a key factor for establishing e-commerce security: A. Technology B. Organizational Policies C. Data integrity D. Laws/Industry Standards
Data Integrity
Not a piece of information stored in the SQLDataSource
DataReader Command
Exploit kits can be purchased by users to protect their computers from malware (T or F)
False
If you are not reading from the database, you still need a DataReader (T or F)
False
Phishing attacks rely on browser parasites (T or F)
False
Which dimensions of security is spoofing a threat
Integrity and Authenticity
NonRepudiation
is the ability to ensure that e-commerce participants do not deny their online actions.
Confidentiality
is the ability to ensure that messages and data are only available to those authorized to view them.
Authenticity
is the ability to identify the person or entity with whom you are dealing on the Internet.
Availability
the ability to ensure that an e-commerce site continues to function as intended
Example of an online privacy violation
your online purchasing history being sold to other merchants without your consent
What is the most frequent cause of stolen credit cards and card information today
The hacking and looting of corporate servers storing credit card information
A Trojan horse appears to be benign, but then does something other than expected (T or F)
True
A drive-by download is malware that comes with a downloaded file that a user intentionally or unintentionally requests (T or F)
True
FREAK is an example of a software vulnerability (T or F)
True
Spoofing is the attempt to hide a hacker's true identity by using someone else's email or IP address (T or F)
True
The SQLDataSource will automatically build INSERT, UPDATE, AND DELETE commands (T or F)
True
Typically, the more security measures added to an e-commerce site, the slower and more difficult it becomes to use (T or F)
True
WannaCry is an example of ransomware (T or F)
True
What are the three pieces of information needed by an SQLCommand
Parameters, Connection, and CommandText
A brute force attack which hackers launch via botnets and automated tools using known username and password combinations
Credential Stuffing
Malware that comes with a downloaded file requested by a user is called a:
Drive By Download
Leading cause of data breaches
Hackers
Typically attack governments, organizations, and sometimes individuals for political purposes
Hacktivists
Designed to cripple Iranian nuclear centrifuges
Stuxnet
Confidentiality is sometimes confused with
Privacy
Not a library we need to add to work with databases in C#
System.UI
Not an example of malicious code
Sniffer
Enables hackers to take control of the Twitter accounts of dozens of America's most prominent political, entertainment and technology leaders:
Social Engineering
Software that is used to obtain private user information such as a user's keystrokes or copies of email is referred to as:
Spyware
Conficker is an example of a
Worm
