WebIT Ch5 Review Questions

Which of the following did the Internet Advertising Bureau urge advertisers to abandon? - Adobe Flash - HTML5 - HTML - Adobe Acrobat

- Adobe Flash

Which of the following is an example of an integrity violation of e-commerce security? - A website is not actually operated by the entity the customer believes it to be. - A customer denies that he is the person who placed the order. - A merchant uses customer information in a manner not intended by the customer - An unauthorized person intercepts an online communication and changes its contents

- An unauthorized person intercepts an online communication and changes its contents

________ is the ability to identify the person or entity with whom you are dealing on the Internet. - Integrity - Availability - Authenticity - Nonrepudiation

- Authenticity

________ is the ability to ensure that an e-commerce site continues to function as intended. - Nonrepudiation - Availability - Authenticity - Integrity

- Availability

________ is the ability to ensure that messages and data are only available to those authorized to view them. - Confidentiality - Privacy - Integrity - Availability

- Confidentiality

Which of the following technologies is aimed at reducing e-mail address spoofing and phishing? - DMARC - TLS - MFA - WPA

- DMARC

Phishing attacks rely on browser parasites. - True - False

- False

________ typically attack governments, organizations, and sometimes individuals for political purposes. - Hacktivists - Tiger teams - Crackers - Bounty hunters

- Hacktivists

________ is the ability to ensure that e-commerce participants do not deny their online actions. - Integrity - Availability - Authenticity - Nonrepudiation

- Nonrepudiation

Which of the following was designed to cripple Iranian nuclear centrifuges? - Snake - Storm - Stuxnet - Shamoon

- Stuxnet

A Trojan horse appears to be benign, but then does something other than expected. - True - False

- True

A drive-by download is malware that comes with a downloaded file that a user intentionally or unintentionally requests. - True - False

- True

FREAK is an example of a software vulnerability. - True - False

- True

Spoofing is the attempt to hide a hacker's true identity by using someone else's e-mail or IP address. - True - False

- True

Typically, the more security measures added to an e-commerce site, the slower and more difficult it becomes to use. - True - False

- True

WannaCry is an example of ransomware. - True - False

- True

Beebone is an example of which of the following? - botnet - phishing - worm - hacktivism

- botnet

According to Ponemon Institute's 2019 survey, which of the following was not among the causes of the costliest cybercrimes? - web-based attacks - denial of service - botnets - malicious insiders

- botnets

Accessing data without authorization on Dropbox is an example of a: - mobile platform security issue. - sniffing issue. - social network security issue. - cloud security issue.

- cloud security issue.

Which of the following is a brute force attack which hackers launch via botnets and automated tools using known user name and password combinations? - phishing - MitM attack - pharming - credential stuffing

- credential stuffing

Which of the following is not a key factor for establishing e-commerce security? - data integrity - technology - laws and industry standards - organizational policies

- data integrity

Which of the following is not an example of a potentially unwanted program (PUP)? - drive-by download - browser parasite - adware - spyware

- drive-by download

Which of the following is the leading cause of data breaches? - DDoS attacks - hackers - accidental disclosures - theft of a computer

- hackers

Automatically redirecting a web link to a different address is an example of which of the following? - DDoS attack - pharming - sniffing - social engineering

- pharming

Which of the following is not an example of malicious code? - sniffer - scareware - bot - Trojan horse

- sniffer

Which of the following types of attacks enabled hackers to take control of the Twitter accounts of dozens of America's most prominent political, entertainment and technology leaders? - ransomware - sniffing - social engineering - DDoS attack

- social engineering

Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as: - spyware. - a backdoor. - a browser parasite. - adware.

- spyware.

What is the most frequent cause of stolen credit cards and card information today? - phishing attacks - sniffing programs - the hacking and looting of corporate servers storing credit card information - lost cards

- the hacking and looting of corporate servers storing credit card information

Conficker is an example of a: - virus. - worm. - botnet. - Trojan horse.

- worm.

Which of the following is an example of an online privacy violation? - your computer being used as part of a botnet - your e-mail being read by a hacker - your e-mail being altered by a hacker - your online purchasing history being sold to other merchants without your consent

- your online purchasing history being sold to other merchants without your consent