chapter 5 e-commerce

software vulnerability

FREAK is an example

paypal is an example of

online stored value payment system

trojan horse

zeuse is an example

which of the following is a set of short-range wireless technologies used to share information among devices within about two inches of each other

NFC

all of the following are true about PKI except

PKI guarantees that the verifying computer of the merchant is secure

which of the following is an example of an integrity violation of e-commerce security

an unauthorized person intercepts an online communication and changes it contents

all of the following statements about apple pay are true except which

apple pay is available for both iPhone 5s and 6s

pharming

automatically redirecting a web link to a different address is an example

which of the following dimensions of e-commerce security is not provided for by encryption

availability

a fingerprint scan is an example of

biometrics

which of the following is not an example of an access control

digital signatures

proxy servers are also known as

dual home systems

digital cash is legal tender that is instantly convertible into other forms of value without the intermediation of any third parties

false

visiting attacks exploit SMS messages

false

a____ is hardware or software that acts as a filter to prevent unwanted packets from entering a network

firewall

which of the following is the leading cause of data breaches

hackers

the overall rate of online credit card fraud is _____ of all online card transactions

less than 1%

drive-by download

malware that comes with a downloaded file that a user requests

what is the first step in developing an e-commerce security plan

perform a risk assessment

botnet

rustock is an example

all of the following statements about symmetric key cryptography are true except

symmetric key cryptography is computationally slower

next generation firewalls provide all of the following except

the ability to automatically update applications with security patches

availability

the ability to ensure that an e-commerce site continues to function as intended

nonrepudiation

the ability to ensure that e-commerce participants do not deny their online actions

confidentiality

the ability to ensure that messages and data are only availably to those authorized to view them

authenticity

the ability to identify the person or entity with whom you are dealing on the internet

PCI-DSS is standard established by which of the following

the credit card industry

SLS/TLS cannot provide irrefutability

true

apple pay uses near field communication (NFC) chips

true

exploit knits are often rented or sold as commercial product

true

paypal is the most popular alternative payment method in the US

true

shellshock is an example of a software vulnerability

true

the easiest and least expensive way to prevent threats to system integrity is to install anti-virus software

true

there is a finite number of bitcoins that can be created

true

stuxnet

was designed to cripple iranian nuclear centrifuges