Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/50

Click to flip

50 Cards in this Set

  • Front
  • Back

All of the following experienced high-profile data breaches in 2013 except:


A) Evernote.


B) Home Depot.


C) Sony.


D) Adobe.

C) Sony.

Bitcoins are an example of:


A) digital cash.


B) virtual currency.


C) a stored value payment system.


D) an EBPP system.

A) digital cash.

The overall rate of online credit card fraud is ________ % of all online card transactions.


A) less than 1


B) around 5


C) around 10


D) around 15

A) less than 1

In the United States, the primary form of online payment is:


A) PayPal.


B) Bill Me Later.


C) Amazon Payment.


D) Google Wallet.

A) PayPal.

Privacy is sometimes confused with:


A) confidentiality.


B) authenticity.


C) integrity.


D) nonrepudiation.

A) confidentiality.

________ refers to the ability to ensure that e-commerce participants do not deny their online actions.


A) Nonrepudiation


B) Authenticity


C) Availability


D) Integrity

A) Nonrepudiation

________ refers to the ability to identify the person or entity with whom you are dealing on the Internet.


A) Nonrepudiation


B) Authenticity


C) Availability


D) Integrity

B) Authenticity

Which of the following is an example of an integrity violation of e-commerce security?


A) A Web site is not actually operated by the entity the customer believes it to be.


B) A merchant uses customer information in a manner not intended by the customer.


C) A customer denies that he or she is the person who placed the order.


D) An unauthorized person intercepts an online communication and changes its contents.

D) An unauthorized person intercepts an online communication and changes its contents.

________ refers to the ability to ensure that an e-commerce site continues to function as intended.


A) Nonrepudiation


B) Authenticity


C) Availability


D) Integrity

C) Availability

An example of an online privacy violation is:


A) your e-mail being read by a hacker.


B) your online purchasing history being sold to other merchants without your consent.


C) your computer being used as part of a botnet.


D) your e-mail being altered by a hacker.

B) your online purchasing history being sold to other merchants without your consent.

________ refers to the ability to ensure that messages and data are only available to those authorized to view them.


A) Confidentiality


B) Integrity


C) Privacy


D) Availability

A) Confidentiality

Which of the following is not a key point of vulnerability when dealing with e-commerce?


A) the client computer


B) the server


C) the communications pipeline


D) the credit card companies

D) the credit card companies

Accessing data without authorization on Dropbox is an example of which of the following?


A) social network security issue


B) cloud security issue


C) mobile platform security issue


D) sniffing

B) cloud security issue

Which of the following is a prominent hacktivist group?


A) Anonymous


B) Anti-Phishing Working Group


C) IC3


D) Symantec

A) Anonymous

Most of the world's malware is delivered via which of the following?


A) viruses


B) worms


C) Trojan horses


D) botnets

C) Trojan horses

Which of the following is the leading cause of data breaches?


A) theft of a computer


B) accidental disclosures


C) hackers


D) DDoS attacks

C) hackers

Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as:


A) spyware.


B) a backdoor.


C) pupware.


D) adware.

A) spyware.

Next generation firewalls provide all of the following except:


A) an application-centric approach to firewall control


B) the ability to identify applications regardless of the port, protocol, or security evasion tools used


C) the ability to automatically update applications with security patches


D) the ability to identify users regardless of the device or IP address

C) the ability to automatically update applications with security patches

In 2013, the Target retail chain experienced which of the following?


A) a large-scale data breach


B) a DDoS attack that shut down its Web site


C) a hacktivist attack to protest its wage policies


D) a browser parasite

A) a large-scale data breach

What is the most frequent cause of stolen credit cards and card information today?


A) lost cards


B) the hacking and looting of corporate servers storing credit card information


C) sniffing programs


D) phishing attacks

B) the hacking and looting of corporate servers storing credit card information

Which dimension(s) of security is spoofing a threat to?


A) integrity


B) availability


C) integrity and authenticity


D) availability and integrity

C) integrity and authenticity

All of the following are examples of malicious code except:


A) viruses.


B) bots.


C) worms.


D) sniffers.

D) sniffers.

Symmetric key cryptography is also known as:


A) public key cryptography.


B) secret key cryptography.


C) PGP.


D) PKI.

B) secret key cryptography.

All the following statements about symmetric key cryptography are true except:


A) in symmetric key cryptography, both the sender and the receiver use the same key to encrypt and decrypt a message.


B) the Data Encryption Standard is a symmetric key encryption system.


C) symmetric key cryptography is computationally slower.


D) symmetric key cryptography is a key element in digital envelopes.

C) symmetric key cryptography is computationally slower.

The Data Encryption Standard uses a(n) ________-bit key.


A) 8


B) 56


C) 256


D) 512

B) 56

All of the following statements about public key cryptography are true except:


A) public key cryptography uses two mathematically related digital keys.


B) public key cryptography ensures authentication of the sender.


C) public key cryptography does not ensure message integrity.


D) public key cryptography is based on the idea of irreversible mathematical functions.

B) public key cryptography ensures authentication of the sender.

Which of the following is the current standard used to protect Wi-Fi networks?


A) WEP


B) TLS


C) WPA2


D) WPA3

C) WPA2

All of the following statements about PKI are true except:


A) The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties.


B) PKI is not effective against insiders who have a legitimate access to corporate systems including customer information.


C) PKI guarantees that the verifying computer of the merchant is secure.


D) The acronym PKI stands for public key infrastructure.

C) PKI guarantees that the verifying computer of the merchant is secure.

A digital certificate contains all of the following except the:


A) subject's private key.


B) subject's public key.


C) digital signature of the certification authority.


D) digital certificate serial number.

A) subject's private key.

Which of the following dimensions of e-commerce security is not provided for by encryption?


A) confidentiality


B) availability


C) message integrity


D) nonrepudiation

B) availability

All of the following are methods of securing channels of communication except:


A) SSL/TLS.


B) certificates.


C) VPN.


D) FTP.

D) FTP.

A ________ is hardware or software that acts as a filter to prevent unwanted packets from entering a network.


A) firewall


B) virtual private network


C) proxy server


D) PPTP

A) firewall

Proxy servers are also known as:


A) firewalls.


B) application gateways.


C) dual home systems.


D) packet filters.

C) dual home systems.

All of the following are used for authentication except:


A) digital signatures.


B) certificates of authority.


C) biometric devices.


D) packet filters.

D) packet filters.

What is the first step in developing an e-commerce security plan?


A) Create a security organization.


B) Develop a security policy.


C) Perform a risk assessment.


D) Perform a security audit.

C) Perform a risk assessment.

An intrusion detection system can perform all of the following functions except:


A) examining network traffic.


B) setting off an alarm when suspicious activity is detected.


C) checking network traffic to see if it matches certain patterns or preconfigured rules.


D) blocking suspicious activity.

D) blocking suspicious activity.

Which of the following is not an example of an access control?


A) firewalls


B) proxy servers


C) digital signatures


D) login passwords

C) digital signatures

Online bill payment now accounts for ________ of all bill payments, while paper checks account for ________.


A) less than 10%, less than 25%


B) about 25%, about 10%


C) more than 50%, less than 25%


D) 100%, 0%

C) more than 50%, less than 25%

To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use:


A) access controls.


B) an authorization management system.


C) security tokens.


D) an authorization policy.

B) an authorization management system.

Zeus is an example of which of the following?


A) SQL injection attack


B) browser parasite


C) DDoS attack


D) Trojan horse

D) Trojan horse

All of the following statements about Apple Pay are true except which of the following?


A) Apple Pay is available for both iPhone 5s and iPhone 6s.


B) Apple Pay is based on Touch ID biometric fingerprint scanning.


C) Apple Pay can be used for mobile payments at the point of sale at a physical store.


D) Apple Pay relies on the consumer having a credit card on file with Apple's iTunes.

A) Apple Pay is available for both iPhone 5s and iPhone 6s.

PayPal is an example of what type of payment system?


A) online stored value payment system


B) digital checking system


C) accumulating balance system


D) digital credit card system

A) online stored value payment system

In May 2014, the U.S. Department of Justice indicted five army members from which of the following countries for conducting industrial espionage against U.S. Steel and Westinghouse?


A) Russia


B) China


C) Iran


D) Iraq

B) China

Rustock is an example of which of the following?


A) worm


B) botnet


C) phishing


D) hacktivism

B) botnet

Which of the following is not a major trend in e-commerce payments in 2014-2015?


A) Mobile retail payment volume decreases.


B) PayPal remains the most popular alternative payment method.


C) Apple introduces Apple Pay.


D) Payment by credit and/or debit card remains the dominant form of online payment.

A) Mobile retail payment volume decreases.

Malware that comes with a downloaded file that a user requests is called a:


A) Trojan horse.


B) backdoor.


C) drive-by download.


D) PUP.

C) drive-by download.

Which of the following is not an example of a PUP?


A) adware


B) browser parasite


C) drive-by download


D) spyware

C) drive-by download

All of the following are limitations of the existing online credit card payment system except:


A) poor security.


B) cost to consumers.


C) cost to merchant.


D) social equity.

B) cost to consumers.

Linden Dollars, created for use in Second Life, are an example of:


A) digital cash.


B) virtual currency.


C) EBPP.


D) peer-to-peer payment systems.

B) virtual currency.

Which of the following is a set of short-range wireless technologies used to share information among devices within about 2 inches of each other?


A) DES


B) NFC


C) IM


D) text messaging

B) NFC