Professional Documents
Culture Documents
Full download E Commerce 2017 14th Edition Laudon Test Bank all chapter 2024 pdf
Full download E Commerce 2017 14th Edition Laudon Test Bank all chapter 2024 pdf
Test Bank
Go to download the full and correct content document:
https://testbankfan.com/product/e-commerce-2017-14th-edition-laudon-test-bank/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...
https://testbankfan.com/product/e-commerce-2017-13th-edition-
laudon-test-bank/
https://testbankfan.com/product/e-commerce-2017-13th-edition-
laudon-solutions-manual/
https://testbankfan.com/product/e-commerce-2018-14th-edition-
laudon-test-bank/
https://testbankfan.com/product/e-commerce-2018-14th-edition-
laudon-solutions-manual/
E-Commerce Essentials 1st Edition Laudon Test Bank
https://testbankfan.com/product/e-commerce-essentials-1st-
edition-laudon-test-bank/
https://testbankfan.com/product/e-commerce-2015-11th-edition-
laudon-test-bank/
https://testbankfan.com/product/e-commerce-2014-10th-edition-
laudon-test-bank/
https://testbankfan.com/product/e-commerce-essentials-1st-
edition-laudon-solutions-manual/
https://testbankfan.com/product/e-commerce-2015-11th-edition-
laudon-solutions-manual/
E-commerce 2018: Business. Technology. Society., 14e (Laudon/Traver)
Chapter 5 E-commerce Security and Payment Systems
2) ________ is the ability to ensure that e-commerce participants do not deny their online
actions.
A) Nonrepudiation
B) Authenticity
C) Availability
D) Integrity
Answer: A
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
3) ________ is the ability to identify the person or entity with whom you are dealing on the
Internet.
A) Nonrepudiation
B) Authenticity
C) Availability
D) Integrity
Answer: B
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
1
Copyright © 2019 Pearson Education, Inc.
4) Which of the following is an example of an integrity violation of e-commerce security?
A) A website is not actually operated by the entity the customer believes it to be.
B) A merchant uses customer information in a manner not intended by the customer.
C) A customer denies that he is the person who placed the order.
D) An unauthorized person intercepts an online communication and changes its contents.
Answer: D
Difficulty: Moderate
AACSB: Analytical thinking
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
5) ________ is the ability to ensure that an e-commerce site continues to function as intended.
A) Nonrepudiation
B) Authenticity
C) Availability
D) Integrity
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
7) ________ is the ability to ensure that messages and data are only available to those authorized
to view them.
A) Confidentiality
B) Integrity
C) Privacy
D) Availability
Answer: A
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
2
Copyright © 2019 Pearson Education, Inc.
8) Typically, the more security measures added to an e-commerce site, the slower and more
difficult it becomes to use.
Answer: TRUE
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
10) Which of the following statements about data breaches in 2016 is not true?
A) According to Symantec, the number of major breaches in 2016 increased from the number in
2015.
B) According to Symantec, the total number of data breaches in 2016 increased significantly
from the number in 2015.
C) According to Symantec, the total number of identities exposed by data breaches in 2016
increased to 1.1 billion.
D) According to the Identity Theft Resource Center, data breaches involving the business sector
represented over 45% of all breaches.
Answer: B
Difficulty: Difficult
AACSB: Application of knowledge
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
3
Copyright © 2019 Pearson Education, Inc.
12) The overall rate of online credit card fraud is ________ of all online card transactions.
A) less than 1%
B) around 5%
C) around 10%
D) around 15%
Answer: A
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
13) Which of the following has the Internet Advertising Bureau urged advertisers to abandon?
A) HTML
B) HTML5
C) Adobe Flash
D) Adobe Acrobat
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
15) Which of the following is not a key factor for establishing e-commerce security?
A) data integrity
B) technology
C) organizational policies
D) laws and industry standards
Answer: A
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
4
Copyright © 2019 Pearson Education, Inc.
16) Conficker is an example of a:
A) virus.
B) worm.
C) Trojan horse.
D) botnet.
Answer: B
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
18) Software that is used to obtain private user information such as a user's keystrokes or copies
of e-mail is referred to as:
A) spyware.
B) a backdoor.
C) browser parasite.
D) adware.
Answer: A
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
19) According to Symantec, almost half of the e-mail addresses involved in business e-mail
compromise (BEC) phishing that it analyzed had an IP address originating in:
A) China.
B) Russia.
C) Nigeria.
D) North Korea.
Answer: C
Difficulty: Easy
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
5
Copyright © 2019 Pearson Education, Inc.
20) What is the most frequent cause of stolen credit cards and card information today?
A) lost cards
B) the hacking and looting of corporate servers storing credit card information
C) sniffing programs
D) phishing attacks
Answer: B
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
23) The attack on Dyn Inc., in October 2016 is an example of which of the following?
A) SQL injection attack
B) browser parasite
C) DDoS attack
D) MitM attack
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
6
Copyright © 2019 Pearson Education, Inc.
24) Angler is an example of which of the following?
A) worm
B) exploit kit
C) phishing
D) hacktivism
Answer: B
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
25) Malware that comes with a downloaded file that a user requests is called a:
A) Trojan horse.
B) backdoor.
C) drive-by download.
D) PUP.
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
27) Which of the following was designed to cripple Iranian nuclear centrifuges?
A) Stuxnet
B) Flame
C) Snake
D) Storm
Answer: A
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
7
Copyright © 2019 Pearson Education, Inc.
28) Automatically redirecting a web link to a different address is an example of which of the
following?
A) sniffing
B) social engineering
C) pharming
D) DDoS attack
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
29) According to Symantec, the number of data breaches in 2016 increased by ________
compared to 2015.
A) 100%
B) 15%
C) 150%
D) 20%
Answer: D
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.1: Understand the scope of e-commerce crime and security problems, the
key dimensions of e-commerce security, and the tension between security and other values.
30) According to Ponemon Institute's 2017 survey, which of the following was not among the
causes of the most costly cybercrimes?
A) malicious insiders
B) malicious code
C) denial of service
D) botnets
Answer: D
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
31) ________ typically attack governments, organizations, and sometimes individuals for
political purposes.
A) Crackers
B) White hats
C) Grey hats
D) Hacktivists
Answer: D
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
8
Copyright © 2019 Pearson Education, Inc.
32) The Internet Advertising Bureau has urged advertisers to abandon Adobe Flash in favor of
HTML5.
Answer: TRUE
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
33) A Trojan horse appears to be benign, but then does something other than expected.
Answer: TRUE
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
36) Spoofing is the attempt to hide a hacker's true identity by using someone else's e-mail or IP
address.
Answer: TRUE
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
37) Exploit kits can be purchased by users to protect their computers from malware.
Answer: FALSE
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
38) A drive-by download is malware that comes with a downloaded file that a user intentionally
or unintentionally requests.
Answer: TRUE
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
9
Copyright © 2019 Pearson Education, Inc.
39) Changeup is an example of a software vulnerability.
Answer: TRUE
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
40) What is the Internet of Things (IoT) and what security issues and challenges does it raise?
Answer: The Internet of Things (IoT) involves the use of the Internet to connect a wide variety
of sensors, devices, and machines, and is powering the development of a multitude of smart
connected things, such as home electronics (smart TVs, thermostats, home security systems, and
more). IoT also includes connected cars, medical devices and industrial equipment that supports
manufacturing, energy, transportation, and other industrial sectors.
Unfortunately, IoT raises a host of security issues similar to existing security challenges, but
even more challenging, given the need to deal with a wider range of devices, operating in a less
controlled, and global environment. In a world of connected things, the devices, the data
produced and used by the devices, and the systems and applications supported by those devices,
can all potentially be attacked. For instance, many IoT devices, such as sensors, are intended to
be deployed on a much greater scale than traditional Internet-connected devices, creating a vast
quantity of interconnected links that can be exploited. Existing tools, methods, and strategies
need to be developed to deal with this unprecedented scale. Many instances of IoT consist of
collections of identical devices that all have the same characteristics, which magnifies the
potential impact of security vulnerabilities.
Many IoT devices are anticipated to have a much longer service life than typical equipment,
which raises the possibility that devices may "outlive" manufacturer, leaving them without long-
term support that creates persistent vulnerabilities. Many IoT devices are intentionally designed
without the ability to be upgraded, or the upgrade process is difficult, which raises the possibility
that vulnerable devices cannot or will not be fixed, leaving them perpetually vulnerable. Many
IoT devices do not provide the user with visibility into the workings of the device or the data
being produced, nor alert the user when a security problem arises, so users may believe an IoT
device is functioning as intended when in fact, it may be performing in a malicious manner.
Finally, some IoT devices, such as sensors, are unobtrusively embedded in the environment such
that a user may not even be aware of the device, so a security breach might persist for a long
time before being noticed.
Difficulty: Moderate
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
10
Copyright © 2019 Pearson Education, Inc.
41) Discuss the Great Cannon. Who developed it, how has it been used, and how does it differ
from the Great Firewall?
Answer: The Great Cannon is the nickname given by researchers to a tool believed to be
developed by China that was used to launch a major DDoS attack in 2015 against the software
development platform GitHub, aimed specifically at two Chinese anti-censorship projects hosted
on the platform. Although originally thought to be part of the Great Firewall, which is a system
developed by China that allows it to censor Internet traffic, further investigation revealed that the
Great Cannon appears to be a separate distinct offensive system that is co-located with the Great
Firewall. The Great Cannon enables hackers to hijack traffic to individual IP addresses and uses
a man-in-the-middle attack to replace unencrypted content between a web server and the user
with malicious JavaScript that would load the two GitHub project pages every two seconds.
Difficulty: Moderate
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
42) What is a sniffing attack and how does it differ from a MitM attack?
Answer: A sniffer is a type of eavesdropping program that monitors information traveling over a
network. When used legitimately in a sniffing attack, hackers use sniffers to steal proprietary
information from a network, including passwords, e-mail messages, company files, and
confidential reports. A man-in-the-middle (MitM) attack also involves eavesdropping but is more
active than a sniffing attack, which typically involves passive monitoring. In a MitM attack, the
attacker can intercept communications between two parties who believe they are directly
communicating with one another, when in fact the attacker is controlling the communications.
Difficulty: Moderate
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
43) Discuss and explain the various types of malicious code and how they work. Include the
different types of viruses.
Answer: Malicious code includes a variety of threats such as viruses, worms, Trojan horses,
ransomware, and bot programs. A virus is a computer program that can replicate or make copies
of itself and spread to other files. Viruses can range in severity from simple programs that
display a message or graphic as a "joke" to more malevolent code that will destroy files or
reformat the hard drive of a computer, causing programs to run incorrectly. Worms are designed
to spread not only from file to file but from computer to computer and do not necessarily need to
be activated in order to replicate. A Trojan horse is not itself a virus because it does not replicate
but it is a method by which viruses or other malicious code can be introduced into a computer
system. It appears benign and then suddenly does something harmful. For example, it may
appear to be only a game and then it will steal passwords and mail them to another person. A
backdoor is a feature of worms, viruses, and Trojans that allow attackers to remotely access
compromised computers. Ransomware is a type of malware (often a worm) that locks your
computer or files to stop you from accessing them. Bot programs are a type of malicious code
that can be covertly installed on a computer when it is attached to the Internet. Once installed,
the bot responds to external commands sent by the attacker, and many bots can be coordinated
by a hacker into a botnet.
Difficulty: Moderate
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.2: Identify the key security threats in the e-commerce environment.
11
Copyright © 2019 Pearson Education, Inc.
44) Next generation firewalls provide all of the following except:
A) an application-centric approach to firewall control.
B) the ability to identify applications regardless of the port, protocol, or security evasion tools
used.
C) the ability to automatically update applications with security patches.
D) the ability to identify users regardless of the device or IP address.
Answer: C
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
46) All the following statements about symmetric key cryptography are true except:
A) in symmetric key cryptography, both the sender and the receiver use the same key to encrypt
and decrypt a message.
B) the Data Encryption Standard is a symmetric key encryption system.
C) symmetric key cryptography is computationally slower.
D) symmetric key cryptography is a key element in digital envelopes.
Answer: C
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
12
Copyright © 2019 Pearson Education, Inc.
48) All of the following statements about public key cryptography are true except:
A) public key cryptography uses two mathematically related digital keys.
B) public key cryptography ensures authentication of the sender.
C) public key cryptography does not ensure message integrity.
D) public key cryptography is based on the idea of irreversible mathematical functions.
Answer: B
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
49) Which of the following is the current standard used to protect Wi-Fi networks?
A) WEP
B) TLS
C) WPA2
D) WPA3
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
50) All of the following statements about PKI are true except:
A) the term PKI refers to the certification authorities and digital certificate procedures that are
accepted by all parties.
B) PKI is not effective against insiders who have a legitimate access to corporate systems
including customer information.
C) PKI guarantees that the verifying computer of the merchant is secure.
D) the acronym PKI stands for public key infrastructure.
Answer: C
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
13
Copyright © 2019 Pearson Education, Inc.
52) Which of the following dimensions of e-commerce security is not provided for by
encryption?
A) confidentiality
B) availability
C) message integrity
D) nonrepudiation
Answer: B
Difficulty: Difficult
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
53) All of the following are methods of securing channels of communication except:
A) SSL/TLS.
B) digital certificates.
C) VPN.
D) FTP.
Answer: D
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
54) A ________ is hardware or software that acts as a filter to prevent unwanted packets from
entering a network.
A) firewall
B) virtual private network
C) proxy server
D) PPTP
Answer: A
Difficulty: Easy
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
14
Copyright © 2019 Pearson Education, Inc.
56) All of the following are used for authentication except:
A) digital signatures.
B) certificates of authority.
C) biometric devices.
D) packet filters.
Answer: D
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
57) An intrusion detection system can perform all of the following functions except:
A) examining network traffic.
B) setting off an alarm when suspicious activity is detected.
C) checking network traffic to see if it matches certain patterns or preconfigured rules.
D) blocking suspicious activity.
Answer: D
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
15
Copyright © 2019 Pearson Education, Inc.
60) Which of the following statements is not true?
A) Apple's Touch ID stores a digital replica of a user's actual fingerprint in Apple's iCloud.
B) Biometric devices reduce the opportunity for spoofing.
C) A retina scan is an example of a biometric device.
D) Biometric data stored on an iPhone is encrypted.
Answer: A
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
62) Which of the following is the most common protocol for securing a digital channel of
communication?
A) DES
B) SSL/TLS
C) VPN
D) HTTP
Answer: B
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
64) The easiest and least expensive way to prevent threats to system integrity is to install anti-
virus software.
Answer: TRUE
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
16
Copyright © 2019 Pearson Education, Inc.
65) Explain the difference between symmetric key cryptography and public key cryptography.
Which dimensions of e-commerce security does encryption address?
Answer: Symmetric key cryptography involves the use of a secret cipher that transforms plain
text into cipher text. Both the sender and the receiver use the same key to encrypt and decrypt the
message. The possibilities for simple substitution and transposition ciphers are endless, but there
are several flaws in these types of systems that make them inadequate for use today. First, for the
sender and the receiver to have the same key, it must be sent over a communication medium that
is insecure or they must meet in person to exchange the key. If the secret key is lost or stolen, the
encryption system fails. This method can be used effectively for data storage protection, but is
less convenient for e-mail since the correspondents must pass the secret key to one another over
another secure medium prior to commencing the communication. Second, in the digital age,
computers are so fast and powerful that these ancient encryption techniques can be quickly and
easily broken. Modern digital encryption systems must use keys with between 56 and 512 binary
digits to ensure that decryption would be unlikely. Third, for commercial use on an e-commerce
site each of the parties in a transaction would need a secret key. In a population of millions of
Internet users, thousands of millions of keys would be needed to accommodate all e-commerce
customers.
Public key cryptography solves the problem of exchanging keys. In this method every user has a
pair of numeric keys: private and public. The public key is not secret; on the contrary, it is
supposed to be disseminated widely. Public keys may be published in company catalogs or on
online. The public key is used by outside parties to encrypt the messages addressed to you. The
private or secret key is used by the recipient to decipher incoming messages. The main advantage
of a public key cryptographic system is its ability to begin secure correspondence over the
Internet without prior exchanging of the keys and, therefore, without the need for a meeting in
person or using conventional carriers for key exchange.
Encryption can provide four of the six key dimensions of e-commerce security. It can provide
assurance that the message has not been altered (integrity), prevent the user from denying that
he/she has sent the message (nonrepudiation), provide verification of the identity of the message
(authentication), and give assurance that the message has not been read by others
(confidentiality).
Difficulty: Moderate
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
17
Copyright © 2019 Pearson Education, Inc.
66) What dimensions do digital signatures and hash digests add to public key cryptography and
how do they work?
Answer: Digital signatures and hash digests can add authentication, nonrepudiation, and
integrity when used with public key encryption. Encryption technology also allows for digital
signatures and authentication. The sender encrypts the message yet again using their private key
to produce a digital signature.
To check the confidentiality of a message and ensure it has not been altered in transit, a hash
function is used first to create a digest of the message. A hash function is an algorithm that
produces a fixed-length number called a hash or message digest. To ensure the authenticity of the
message and to ensure nonrepudiation, the sender encrypts the entire block of cipher text one
more time using the sender's private key. This produces a digital signature or "signed" cipher
text. The result of this double encryption is sent over the Internet to the recipient. Then, the
recipient first uses the sender's public key to authenticate the message. Once authenticated, the
recipient uses his or her private key to obtain the hash result and original message. As a final
step, the recipient applies the same hash function to the original text and compares the result with
the result sent by the sender. If the results are the same, the recipient now knows the message has
not been changed during transmission. The message has integrity.
Difficulty: Difficult
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
18
Copyright © 2019 Pearson Education, Inc.
67) Discuss the security of communications channels. Include definitions and explanations for
the terms Secure Sockets Layer/Transport Layer Security (SSL/TLS), secure negotiated session,
session key, and VPN.
Answer: The Secure Sockets Layer of the Transmission Control Protocol/Internet Protocol
(TCP/IP) communications protocol is the main method for securing communications channels on
the Web. When you receive a message from a web server then you will be communicating
through a secure channel; this means that SSL/TLS will be used to establish a secure negotiated
session. A secure negotiated session is a client-server session in which the URL of the requested
document, its contents, and the contents of the forms filled out by the user on the page, as well as
the cookies that are exchanged, are all encrypted. The browser and the server exchange digital
certificates with one another, determine the strongest shared form of encryption, and begin
communicating using a unique symmetric encryption key, agreed upon for just this encounter.
This is called a session key. SSL/TLS provides data encryption, server authentication, optional
client authentication (as yet still rare for individual users), and message integrity for the TCP/IP
connections between two computers.
SSL/TLS addresses the threat of authenticity by allowing users to verify another user's identity
or the identity of a server. It also protects the integrity of the messages exchanged. However,
once the merchant receives the encrypted credit and order information, that information is
typically stored in unencrypted format on the merchant's servers. While SSL/TLS provides
secure transactions between merchant and consumer, it only guarantees server-side
authentication. Client authentication is optional. In addition, SSL/TLS cannot provide
irrefutability — consumers can order goods or download information products and then claim
the transaction never occurred.
Virtual private networks (VPNs) enable remote users to access an internal network from the
Internet. They use protocols to create a private connection between a user on a local ISP and a
private network. This process is called tunneling because it creates a private connection by
adding an encrypted wrapper around the message to hide its content. It is called virtual because it
appears to be a dedicated secure line when in fact it is a temporary secure line. VPNs are used
primarily for transactions between business partners because dedicated connections can be very
expensive. The Internet and VPNs can be used to significantly reduce the costs of secure
communications.
Difficulty: Moderate
AACSB: Analytical thinking; Information technology; Written and oral communication
Learning Objective: 5.3: Describe how technology helps secure Internet communications
channels and protect networks, servers, and clients.
19
Copyright © 2019 Pearson Education, Inc.
68) What is the first step in developing an e-commerce security plan?
A) Create a security organization.
B) Develop a security policy.
C) Perform a risk assessment.
D) Perform a security audit.
Answer: C
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.4: Appreciate the importance of policies, procedures, and laws in creating
security.
69) To allow lower-level employees access to the corporate network while preventing them from
accessing private human resources documents, you would use:
A) access controls.
B) an authorization management system.
C) security tokens.
D) an authorization policy.
Answer: B
Difficulty: Easy
AACSB: Information technology
Learning Objective: 5.4: Appreciate the importance of policies, procedures, and laws in creating
security.
71) All of the following are examples of social/mobile peer-to-peer payment systems except:
A) Venmo.
B) Bill Me Later.
C) Square Cash.
D) Google Wallet.
Answer: B
Difficulty: Moderate
AACSB: Information technology
Learning Objective: 5.5: Identify the major e-commerce payment systems in use today.
20
Copyright © 2019 Pearson Education, Inc.
Another random document with
no related content on Scribd:
tics, 396
Sheif, 347
Sheikh, the, 380
Shemar, 283
Shiel, Lady, 154
Shiraz, 218
climate, 224
famine at, 253
game at, 221
gardens of, 223
ladies, 219
lambs, 220
pipe-clay, 334
priest, 140
unhealthiness, 224
water, 241
wine, 229
women, intrigues of the, 276
Shirazi, gaiety of the, 219
Shirts, 317
Shitūr Gūlū, 226
Shoemakers, 190
Shoes, 321
Shooting antelope, 88
from the saddle, 84
Shopkeepers, 189
Shrine at Kūm, 387
of a saint, 362
Shulwar, 321
Shūr ab, 387
Shūrgistan, 261
Shushan, the palace, 109
Sick-leave, 207
Sick-room, a Persian, 244
Signs of wealth of Imād-u-Dowlet, 112
Silence of young married women, strange, 132
Silver doors, 196
Singers, Persian, 114
Sinsin, 386
Sir A. Kemball, 208
H. Rawlinson, 109
F. Goldsmid, 56, 157
Oliver St. John, 350
Sitting, mode of, 318
Skilled house-decorators, 164
Slavery in Persia, 326
Sleepers in mosques, 197
Smoking, 31
Snakes, 307
superstition as to, 306
Snipe, 116
double, 107
Snow-chair, 272
in Turkey, 213
Socks, 321
Soh, 384
Souhāli, 326
Soup Gework, 143
Spears, 179
Spurious cavalry officer, 73
Staff, health of the, 296
Stages, list of, 411
Stanley, the traveller, 224
Steamer, Caspian, 211
Steelyards, 221
Stone doors, 142
mortars, huge, 360
Storing wine, 58
Story, Persian, 285
Story-teller, 44
Straw, cut, its uses, 175
Stripped, I am, 263
Students, cells of, 197
Studs of horses, 89
Substitute for bells, 139
Successful Armenians, 143
Suez, 342
Suffid Rūd, 400
Suicide of a scorpion, 249
Suleiman Mirza, 90
Summer palace, 372
Sunset gun, 284
Sunstroke, dangers of, 375
Supposed lioness, 35
Surmeh, 260
Susmani girls, 114
Susmanis, 108
Swamp, shooting in a, 117
Swollen eyes, 213
Syudabad Pass, 101
Syud at Kasvin, 208
Houssein, 71
Syuds, dress of, 320
Hassan and Houssein, 153
the three, their fate, 156
T⸺, Mr., 27
Tabriz maund, 220
Tager, 188
Takhtrowan, 368
Taking quinine, 398
Talár, 57
Talisman, 290
Talking lark, 94
Tame pigs, 302
Tame gazelle, 167
lion, 306
partridges, 308
Tanks, 198
Tannūr or oven, 335
Tarantass, 12
Tarantulas, 248
Tattooing, 323
Tax-man at Dehbeed, 133
Tax of turkeys, 144
Taylor, Consul, 212
Taziana, the, 380
Tazzia, 279
Tazzias, dervishes at, 281
T-cloths, marks on, 194
Teachers of religion and law, 338
Teetotaler, a, 380
Teheran, 28, 372
races, 214
Teleet, 136
Telega, 11
Telegraph office, 198
flight of Baabi women to, 154
Telegraph poles, wooden, 80
Temple at Kangawar, 107
Tenets of Baabis, 339
Tent for Tazzia, 280
pitching, 399
Tents, 107
“The Sticks,” 377
Thief-catching, 85
Thieves, gang of, 269
Thorns in feet, 267
Tiflis, 14, 17
“Tiger’s boy,” 341
Tiled dome, 196
halls, 197
mosque, 197
Tile inscription, 177
work gates, 372
Titles, 38, 289
Tobeh, 388
Toffee, expensive, 80
Token, custom of the, 250
Tomb of Cyrus, 355
Esther and Mordecai, 75
Hafiz, 279
Saadi, 278
Tombs of the Kings, 119
Tombstone bridges, 163
Toolahs, 306
Trade credits, 188
in Teheran, 373
Traders, economy of, 172
Trades, 197
Traffic in drink in Julfa, 141
Transit of Venus, 331
Trap-horses, 352
Travellers’ law, 132
Travelling in Persia, 413
when ill, 208
Treasure finding, 76
of Darius, 78
trove in Julfa, 361
Trebizonde, 212
to Teheran, 213
Trees, sacred, 364
Tsaritzin, 406
Tumbakū, 30
Tūmbūn, 324
Turkeys, 375
in Julfa, 144
Turkish barber, 6
chibouques, 6
coffee-houses, 6
saddle, 7
use of, 24
Turkomanchai, 27
Turkoman horses, 104
Zalābi, 284
Zambūreks, 52
Zangi, Spring of, 241
Zenda Rūd, 135, 193
Zerejumah, 317
Zergūn, 260, 354
Zil-es-Sultan, 146, 154, 203, 205, 365
accident to, 255
and his dogs, 366
and the bear, 227
boat of, 248
character of, 366
conversation with, 155
dress of, 257
his kalāat, 258
illnesses of, 149
petition to, 155
politeness of, 366
procession of, 256
prospects of, 199
rudeness of, 367
Zinjan, 154, 272
Zoban-i-Gūngishk, 359
Zoological Gardens, 35
THE END.
WARD, LOCK AND CO., LONDON AND NEW YORK.
BY THE SAME AUTHOR.
PERSIA AS IT IS.
Being Sketches of Modern Persian Life and
Character.
“Qualified by residence, knowledge, and popularity, Dr. Wills draws
for us a most interesting picture of the Persians, their outer and inner
life. This book is utterly unaffected and full of keen observation.”—
The Spectator.
“Dr. Wills has done most acceptable work in giving us a second
volume of life and manners in Persia.”—The Academy.
“These bright sketches of Persian life form a worthy continuation
of the preceding volume, and augur a successful career in the paths
already trodden.”—The Athenæum.
JARDYNE’S WIFE.
A Novel in 3 Vols., price 31s. 6d. By C. J. WILLS.
Now Ready.
Important Illustrated Works by the
Editor of
the “Minerva Library.”
Uniform with the above, 988 pages, royal 8vo. Price 7s. 6d.
THE
MINERVA LIBRARY
OF FAMOUS BOOKS.
Edited by G. T. BETTANY, M.A., B.Sc., F.L.S.