Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
66 Cards in this Set
- Front
- Back
|
T/F Large-scale data breaches continue to expose data about individuals to hackers and other cybercriminals |
TRUE |
|
|
TRUE OR FALSE Mobile malware presents a tangible threat as smartphones and other mobile devices become more common targets |
TRUE |
|
|
TRUE OR FALSE Distributed Denial of Service (DDoS) attacks are now capable of slowing Internet service within entire countries. |
TRUE |
|
|
Attacks where hackers target development environments to infect software that is then downloaded by end users |
Software supply chain |
|
|
TRUE OR FALSE The more security measures added, the more difficult a site is to use, and the slower it becomes |
TRUE |
|
|
The three key points of vulnerability in e-commerce environment |
1. Client 2. Server 3. Communications pipeline (Internet communications channels |
|
|
Largest botnet that delivers various malicious payloads, including ransom ware. First appeared in 2017,became the most prevalent malware in 2018,and continued to have appeared in 2017,became the most prevalent malware in 2018,and continued to have an impact in 2019. a) Emotet b) Zeus c) Conflicker |
EMOTET |
|
|
First appeared in 2017. Exploits vulnerabilities in older versions of Windows operating systems, encrypts data, and demands a ransom payment to decrypt them a) Emotet b) Zeus c) Wanna Cry |
WannaCry |
|
|
Variant of Zeus Trojan, focuses on the theft of authentication credentials and financial fraud. Botnets spreading Citadel were targets of Microsoft/FBI action in 2012. a) Citadel b) Emotet c) Conflicker |
CITADEL |
|
|
Sometimes referred to as king of financial malware.May install via driveby download and evades detection by taking control of web browser and stealing data that is exchanged with bank servers a) Emotet b) Zeus c) Conflicker |
Zeus |
|
|
One of the most prevalent malicious code families still active. In operation since 2010, but largely disappeared in 2015 after the botnet that spread it was taken down. Remerged in 2016 to become one of the most common financial trojans. a) Emotet b) Zeus c) Ramnit |
Ramnit |
|
|
First appeared in 2008.Targets Microsoft operating systems. Uses advanced malware techniques. Largest worm infection since Slammer in 2003.Used in 2017 in conjunction with various ransomware attacks a) Ramnit b) Zeus c) Conflicker |
Conficker |
|
|
First appeared in early 2003.It spread by gathering target e-mail addresses from the computers, then infected and sent e-mail to all recipients from the infected computer. It was commonly used by bot networks to launch spam and DoS attacks. a) Netsky.P b) Storm c) Conflicker |
Netsky.P |
|
|
First appeared in 2007. It spread in a manner similar to the Netsky.P worm.Could also download and run other Trojan programs and worms a) Netsky.P b) Storm c) Conflicker |
Storm |
|
|
First discovered in 2006. Spread by mass mailing;activated on the 3rd of every month, and attempted to destroy files of certain types a) Netsky.P b) Nymex c) Conflicker |
Nymex |
|
|
First appeared in 2005.Well-known worm that infected a number of U.S. media companies. a) Netsky.P b) Zotob c) Mydoom |
Zotob |
|
|
First appeared in 2004.One of the fastest spreading mass-mailer worms. a) Netsky.P b) Mydoom c) Conflicker |
Mydoom |
|
|
Launched in 2003. Caused widespread problems. a) Netsky.P b) Mydoom c) Slammer |
Slammer |
|
|
First spotted in 1999.At the time, the fastest spreading infectious program ever discovered. It attacked Microsoft Word's Normal.dot global template, infecting all newly created documents and also mailed an infected Word file to the first 50 entries in each user's Microsoft Outlook Address Book a) Melissa b) Mydoom c) Slammer |
Melissa |
|
|
includes a variety of threats such as viruses, worms, Trojan horses, and bots |
Malicious code (malware, exploits) |
|
|
Transforms data into cipher text readable only by sender and receiver Secures stored information and information transmission Provides 4 of 6 key dimensions of e-commerce security: |
Encryption |
|
|
4 key dimensions of e-commerce security: |
Message integrity Nonrepudiation Authentication Confidentiality |
|
|
Sender and receiver use same digital key to encrypt and decrypt message |
SYMMETRIC KEY ENCRYPTION |
|
|
Length of binary key used to encrypt data |
Data Encryption Standard (DES) |
|
|
Most widely used symmetric key encryption Uses 128-, 192-, and 256-bit encryption keys |
Advanced Encryption Standard (AES) |
|
|
Uses two mathematically related digital keys |
PUBLIC KEY ENCRYPTION |
|
|
Two mathematically related digital keys |
Public key (widely disseminated) Private key (kept secret by owner) |
|
|
Widely disseminated Choose the best answer a. Public key b. Private key |
a. Public key |
|
|
Kept secret by owner Choose the best answer a. Public key b. Private key |
b. Private key |
|
|
True or false Once key is used to encrypt message, same key cannot be used to decrypt message |
TRUE |
|
|
TRUE OR FALSE Sender uses recipient’s PRIVATE key to encrypt message; recipient uses PUBLIC key to decrypt it |
FALSE |
|
|
Mathematical algorithm that produces fixed-length number called message or hash digest Choose the best answer: a. Hash function b. Hash digest |
a. Hash function |
|
|
Address weaknesses of: Public key encryption Computationally slow, decreased transmission speed, increased processing time Choose the best answer: a. Digital envelope b. Digital certificate |
a. Digital envelope |
|
|
Establishes secure, negotiated client–server session a) Secure Sockets Layer (SSL) or Transport Layer Security (TLS) b) Virtual Private Network (VPN) c) Wireless (Wi-Fi) networks |
a. Secure Sockets Layer (SSL)/Transport Layer Security (TLS) |
|
|
Allows remote users to securely access internal network via the Internet Choose the best answer: a. Secure Sockets Layer (SSL)/Transport Layer Security (TLS) b. Virtual Private Network (VPN) c. Wireless (Wi-Fi) networks |
b. Virtual Private Network (VPN) |
|
|
Firewall can be a Hardware or a software True or false |
TRUE |
|
|
Software servers that handle all communications from or sent to the Internet a. Proxy servers b. Firewall |
Proxy servers (proxies) |
|
|
A software, easiest and least expensive way to prevent threats to system integrity Requires daily updates
|
Anti-virus software |
|
|
Managing risk includes: |
Technology Effective management policies Public laws and active enforcement |
|
|
TYPES OF PAYMENT SYSTEM |
Cash Checking Transfer Credit Card Stored value Accumulating balance |
|
|
Most common form of payment Instantly convertible into other forms of value •No float A. Cash B. Checking Transfer |
CASH |
|
|
Second most common payment form in United States A. Cash B. Checking Transfer |
CHECKING TRANSFER |
|
|
Credit card associations, Issuing banks, Processing centers A. Credit Card B. Stored value C. Accumulating balance |
Credit card |
|
|
Funds deposited into account, from which funds are paid out or withdrawn as needed Debit cards, gift certificates, Peer-to-peer payment systems A. Credit Card B. Stored value C. Accumulating balance |
Stored value |
|
|
Accounts that accumulate expenditures and to which consumers make period payments Example: Utility, phone, American Express account A. Credit Card B. Stored value C. Accumulating balance
|
Accumulating balance |
|
|
TRUE OR FALSE Large-scale data breaches continue to expose data about individuals to hackers and other cybercriminals |
TRUE |
|
|
TRUE OR FALSE Mobile malware presents an intangible threat as smartphones and other mobile devices become more common targets of cybercriminals, especially as their use for mobile payments rise |
FALSE - TANGIBLE |
|
|
HARDWARE supply chain attacks is where hackers target development environments to infect software that is then downloaded by end users TRUE OR FALSE |
FALSE - software |
|
|
These are the: Browser parasites, Adware, Spyware |
Potentially unwanted programs (PUPs) |
|
|
These are the: Social engineering E-mail scams Spear-phishing Identity fraud/theft |
PHISHING |
|
|
These are the: Hackers vs. crackers Types of hackers: White, black, grey hats Hacktivism |
HACKING |
|
|
Types of hackers hint: color |
BLACK, WHITE, GREY HATS |
|
|
Eavesdropping program that monitors information traveling over a network |
SNIFFING |
|
|
Disrupting, Defacing, destroying Web site |
CYBERVANDALISM |
|
|
this is used to protect internet communications |
ENCRYPTION |
|
|
Used in Securing channels of communication |
SSL,VPNs |
|
|
used to protecting networks, servers and clients |
FIREWALL |
|
|
Software servers that handle all communications from or sent to the Internet |
Proxy servers (proxies) |
|
|
PAYMENT SYSTEM STAKEHOLDERS |
Consumers Merchants Financial intermediaries Government regulators |
|
|
Payment stakeholder that concerns low-risk, low-cost, refutable, convenience, reliability A. Consumers B. Merchants |
CONSUMERS |
|
|
Payment stakeholder that concerns low-risk, low-cost, irrefutable, secure, reliable A. Merchants B. Financial intermediaries C.Government regulators |
MERCHANTS |
|
|
Payment stakeholder that concerns Secure, low-risk, maximizing profit A. Consumers B. Merchants C. Financial intermediaries |
FINANCIAL INTERMEDIARIES |
|
|
Payment stakeholders that concerns security, trust, protecting participants and enforcing reporting A. Financial intermediaries B. Government regulators C. Consumers D. Merchants
|
GOVERNMENT REGULATORS |
|
|
Use of mobile phones as payment devices A. Online stored value systems B. Mobile payment system |
Mobile payment system |
|
|
Mobile app designed to work with NFC chips a. PayPal b. Google wallet |
Google Wallet |
|
|
Verify transactions without central authority |
blockchain |
