Deck 10: Electronic Commerce Security

Active content elements are programs that run on the server.

Active content can be delivered as an e-mail attachment.

Threats that are unlikely to occur can be ignored when the cost to protect against the threat exceeds the value of the protected asset.

In the context of encryption, shorter keys usually provide significantly better protection than longer keys.

One significant threat to electronic commerce is theft of sensitive or personal information.

In the context of the elements of computer security, necessity refers to preventing data delays or denials.

The most complete way for Web site visitors to protect themselves from revealing private information or being tracked by cookies is to disable cookies entirely.

Applets typically run within the Web browser and are most often written in the Java programming language.

People who write programs or manipulate technologies to obtain unauthorized access to computers and networks are called crackers.

Persistent cookies refer to the category of cookies which exist until the Web client ends the connection.

Worms can spread quickly through the Internet.

Signed code or messages serve the same function as a photo on a driver's license or passport.

A digital certificate contains a means to send an encrypted message to the entity that sent the original Web page or e-mail message.

Active content is launched in a Web browser automatically prior to the browser loading the Web page containing active content.

Active content can pose a threat to the security of client devices.

The path taken by a message packet from a source node to a destination node can be controlled by Internet users.

A Trojan horse erasing or altering information in a client computer is said to be a secrecy violation.

Any message traveling on the Internet is subject to secrecy, integrity, and necessity threats.

Message packets on the Internet travel a planned path from a source node to a destination node.

Networks outside a firewall are referred to as trusted networks.

The Computer Emergency Response Team (CERT) is the most prominent organization that promotes computer security.

A passphrase is a sequence of words of text that is easy to remember, but not complex enough to serve as a good password.

Backdoor is a program that protects information from unauthorized access.

One disadvantage of private-key systems is that encryption and decryption are significantly slower than public-key systems.

A Web browser that has entered into a Secure Socket Layer session indicates that it is in an encrypted session.

A(n) _____ cookie originates from a Web site other than the site being visited.

A(n) _____ occurs when an Internet e-mail message is intercepted and its contents are changed before it is forwarded to its original destination.

In the context of elements of a security policy, _____ refers to the secure identification of clients and servers with digital signatures and certificates.

Cookies are categorized as session or persistent based on _____.

A(n) _____ is a procedure that recognizes, reduces, or eliminates a threat.

First-party cookies and third-party cookies represent classification of cookies by their _____.

Cookies placed on a client computer by a Web server site are called _____.

Briefly describe the requirements for secure electronic commerce.

When a Trojan horse has taken over a large number of computers, the person who planted the virus can take control of all the computers and form a(n) _____.

The process of proposing and accepting various transmission conditions is called _____.

A(n) _____ is a Trojan horse that secretly takes over another computer for the purpose of launching attacks on other computers.

The program that transforms normal text into cipher text is called a(n) _____.

_____ is the coding of information by using a mathematically based program and a secret key to produce a string of characters that is unintelligible.

_____ encryption encodes messages by using two mathematically related numeric keys.

Most browsers allow users to limit the actions taken by Java applets and scripting languages by running them in a(n) _____, which is a functional subset of the full browser.

A(n) _____ is usually a long binary number that is used with the encryption algorithm to "lock" the characters of the message being protected so that they are undecipherable without the number.

In some cities that have large concentrations of wireless networks, attackers, called _____, drive around in cars using their wireless-equipped laptop computers to search for accessible networks.

A(n) _____ is a type of virus that replicates itself on the computers that it infects.

A(n) _____ is an attachment to an e-mail message or program embedded in a Web page that verifies that the sender or Web site is who it claims to be.

Browser _____ are programs that enhance the capabilities of browsers, handle Web content that a browser cannot handle.

The purpose of a(n) _____ is to disrupt normal computer processing, or deny processing entirely.

A(n) _____ security device is one that uses an element of a person's biological makeup to perform identification.

An integrity threat, also known as _____, exists when an unauthorized party can alter a message stream of information.

The science that studies encryption is called _____.

Apps that contain malware or that collect information from a mobile device and forward it to perpetrators are called _____.

_____ are the computers on the Internet that maintain directories that link domain names to IP addresses.

​A ___________ virus can enter a computer system in several different ways.