Deck 5: E-Commerce Security and Payment Systems

A) less than 1
B) around 5
C) around 10
D) around 15

A) Evernote.
B) Home Depot.
C) Sony.
D) Adobe.

A) digital cash.
B) virtual currency.
C) a stored value payment system.
D) an EBPP system.

A) confidentiality.
B) authenticity.
C) integrity.
D) nonrepudiation.

A) PayPal.
B) Bill Me Later.
C) Amazon Payment.
D) Google Wallet.

A) public key cryptography.
B) secret key cryptography.
C) PGP.
D) PKI.

A) Nonrepudiation
B) Authenticity
C) Availability
D) Integrity

A) Nonrepudiation
B) Authenticity
C) Availability
D) Integrity

A) integrity
B) availability
C) integrity and authenticity
D) availability and integrity

A) A Web site is not actually operated by the entity the customer believes it to be.
B) A merchant uses customer information in a manner not intended by the customer.
C) A customer denies that he or she is the person who placed the order.
D) An unauthorized person intercepts an online communication and changes its contents.

A) the client computer
B) the server
C) the communications pipeline
D) the credit card companies

A) Confidentiality
B) Integrity
C) Privacy
D) Availability

A) 8
B) 56
C) 256
D) 512

A) a large-scale data breach
B) a DDoS attack that shut down its Web site
C) a hacktivist attack to protest its wage policies
D) a browser parasite

A) Anonymous
B) Anti-Phishing Working Group
C) IC3
D) Symantec

A) lost cards
B) the hacking and looting of corporate servers storing credit card information
C) sniffing programs
D) phishing attacks

A) social network security issue
B) cloud security issue
C) mobile platform security issue
D) sniffing

A) theft of a computer
B) accidental disclosures
C) hackers
D) DDoS attacks

A) Nonrepudiation
B) Authenticity
C) Availability
D) Integrity

A) in symmetric key cryptography, both the sender and the receiver use the same key to encrypt and decrypt a message.
B) the Data Encryption Standard is a symmetric key encryption system.
C) symmetric key cryptography is computationally slower.
D) symmetric key cryptography is a key element in digital envelopes.

A) an application-centric approach to firewall control
B) the ability to identify applications regardless of the port, protocol, or security evasion tools used
C) the ability to automatically update applications with security patches
D) the ability to identify users regardless of the device or IP address

A) viruses.
B) bots.
C) worms.
D) sniffers.

A) spyware.
B) a backdoor.
C) pupware.
D) adware.

A) viruses
B) worms
C) Trojan horses
D) botnets

A) your e-mail being read by a hacker.
B) your online purchasing history being sold to other merchants without your consent.
C) your computer being used as part of a botnet.
D) your e-mail being altered by a hacker.

A) Create a security organization.
B) Develop a security policy.
C) Perform a risk assessment.
D) Perform a security audit.

A) access controls.
B) an authorization management system.
C) security tokens.
D) an authorization policy.

A) Russia
B) China
C) Iran
D) Iraq

A) subject's private key.
B) subject's public key.
C) digital signature of the certification authority.
D) digital certificate serial number.

A) public key cryptography uses two mathematically related digital keys.
B) public key cryptography ensures authentication of the sender.
C) public key cryptography does not ensure message integrity.
D) public key cryptography is based on the idea of irreversible mathematical functions.

A) Apple Pay is available for both iPhone 5s and iPhone 6s.
B) Apple Pay is based on Touch ID biometric fingerprint scanning.
C) Apple Pay can be used for mobile payments at the point of sale at a physical store.
D) Apple Pay relies on the consumer having a credit card on file with Apple's iTunes.

A) WEP
B) TLS
C) WPA2
D) WPA3

A) SSL/TLS.
B) certificates.
C) VPN.
D) FTP.

A) less than 10%, less than 25%
B) about 25%, about 10%
C) more than 50%, less than 25%
D) 100%, 0%

A) SQL injection attack
B) browser parasite
C) DDoS attack
D) Trojan horse

A) worm
B) botnet
C) phishing
D) hacktivism

A) firewalls.
B) application gateways.
C) dual home systems.
D) packet filters.

A) firewall
B) virtual private network
C) proxy server
D) PPTP

A) digital signatures.
B) certificates of authority.
C) biometric devices.
D) packet filters.

A) Mobile retail payment volume decreases.
B) PayPal remains the most popular alternative payment method.
C) Apple introduces Apple Pay.
D) Payment by credit and/or debit card remains the dominant form of online payment.

A) examining network traffic.
B) setting off an alarm when suspicious activity is detected.
C) checking network traffic to see if it matches certain patterns or preconfigured rules.
D) blocking suspicious activity.

A) firewalls
B) proxy servers
C) digital signatures
D) login passwords

A) confidentiality
B) availability
C) message integrity
D) nonrepudiation

A) The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties.
B) PKI is not effective against insiders who have a legitimate access to corporate systems including customer information.
C) PKI guarantees that the verifying computer of the merchant is secure.
D) The acronym PKI stands for public key infrastructure.

A) online stored value payment system
B) digital checking system
C) accumulating balance system
D) digital credit card system

A) Trojan horse.
B) backdoor.
C) drive-by download.
D) PUP.

A) poor security.
B) cost to consumers.
C) cost to merchant.
D) social equity.

A) DES
B) NFC
C) IM
D) text messaging

A) digital cash.
B) virtual currency.
C) EBPP.
D) peer-to-peer payment systems.

A) adware
B) browser parasite
C) drive-by download
D) spyware