............

is an online commercial transaction between a supplier and a

client.
a) Logistics
b) Bundling
c) E-Commerce
d) Retail
Answer: c

............ is an e-commerce type where two or more businesses make

transactions or collaborate electronically.
a) Consumer-to-Business(C2B)
b) Business-to-Business(B2B)
c) Consumer-to-Consumer(C2C)
d) Business-to-Consumer(B2C)
Answer: b

A wholesaler placing an order from a company's website and after

receiving the consignment, then selling the end product to the final
customer is an example of ............ e-commerce.
a) Business-to-Consumer(B2C)
b) Consumer-to-Consumer(C2C)
c) Business-to-Business(B2B)
d) Consumer-to-Business(C2B)
Answer: c

............ is an e-commerce type distinguished by the establishment of

electronic business relationships between businesses and final
consumers.
a) Business-to-Business(B2B)
b) Business-to-Consumer(B2C)
c) Consumer-to-Business(C2B)
d) Consumer-to-Consumer(C2C)
Answer: b

............ e-commerce is very common in crowdsourcing-based

projects where a large number of individuals make their services or
products available for purchase for companies seeking precisely
these types of services or products.
a) Consumer-to-Consumer(C2C)
b) Business-to-Business(B2B)
c) Consumer-to-Business(C2B)
d) Business-to-Consumer(B2C)
Answer: c

Sites where designers present several proposals for a company logo

and where only one of them is selected and effectively purchased are
an example of ............ e-commerce.
a) Business-to-Consumer(B2C)
b) Consumer-to-Consumer(C2C)
c) Consumer-to-Business(C2B)
d) Business-to-Business(B2B)
Answer: c

Markets that sell royalty-free photographs, images, media, and

design elements are an example of ............ e-commerce.
a) Business-to-Business(B2B)
b) Consumer-to-Business(C2B)
c) Business-to-Consumer(B2C)
d) Consumer-to-Consumer(C2C)
Answer: b

............ e-commerce encompasses all electronic transactions

conducted ​between consumers generally through a third party, which
provides the online platform where the transactions are actually
carried out.
a) Consumer-to-Business(C2B)
b) Consumer-to-Consumer(C2C)
c) Business-to-Business(B2B)
d) Business-to-Consumer(B2C)
Answer: b

Websites following a ............ business model help consumers sell

their assets like residential property, cars, motorcycles, etc... or rent
a room by publishing their information on the website.
a) Business-to-Consumer(B2C)
b) Consumer-to-Business(C2B)
c) Consumer-to-Consumer(C2C)
d) Business-to-Business(B2B)
Answer: c

............ is a variant of the B2B model. Such websites are used by the
government to trade and exchange information with various business
organizations.
a) Business-to-Business(B2B)
b) Business-to-Government(B2G)
c) Government-to-Citizen(G2C)
d) Consumer-to-Business(C2B)
Answer: b

Governments use a ............ model website to approach business

organizations. Such websites support auctions, tenders, and
application submission functionalities.
a) Government-to-Citizen(G2C)
b) Consumer-to-Business(C2B)
c) Government-to-Business(G2B)
d) Consumer-to-Consumer(C2C)
Answer: c

............ is a model used by governments to approach citizens by

building websites that provide services like registration for birth,
marriage, or death certificates.
a) Government-to-Business(G2B)
b) Government-to-Citizen(G2C)
c) Consumer-to-Business(C2B)
d) Business-to-Government(B2G)
Answer: b

The main objective of a ............ model website is to reduce the

average time of fulfilling requests for various government services.
a) Government-to-Business(G2B)
b) Government-to-Citizen(G2C)
c) Business-to-Government(B2G)
d) Consumer-to-Business(C2B)
Answer: b

The main advantages associated with e-commerce include:

a) Bringing suppliers closer to customers.
b) Increasing productivity and competitiveness for companies.
c) Benefiting consumers with an improvement in quality service.
d) All of the above.
Answer: d

The main advantages associated with e-commerce include:

a) Increasing productivity and competitiveness for companies.
b) E-commerce delays goods.
c) Strong dependence on information and communication
technologies(ICT).
d) All of the above.
Answer: a

The main disadvantages associated with e-commerce include:

a) Credit card fraud or identity theft.
b) Strong dependence on information and communication
technologies(ICT).
c) E-commerce delays goods.
d) All of the above.
Answer: d

The main disadvantages associated with e-commerce include:

a) Strong dependence on information and communication
technologies(ICT).
b) Bringing suppliers closer to customers.
c) Benefiting consumers with an improvement in quality service.
d) All of the above.
Answer: a

Electronic payment refers to ............ monetary transactions.

a) Recurring
b) Large
c) Critical
d) Paperless
Answer: d

Electronic payment has revolutionized business processing by:

a) Reducing paperwork, transaction costs, and labor costs.
b) Being user-friendly and less time-consuming than manual
processing.
c) Helping business organizations expand their market
reach/expansion.
d) All of the above.
Answer: d

Some of the modes of electronic payments include:

a) Electronic Fund Transfer (EFT).
b) Debit Card.
c) Both a and b.
d) None of the above.
Answer: c

When a customer purchases a product via credit card:

a) Credit card issuer bank pays on behalf of the customer and gives
the customer a time period to repay the bank.
b) The customer directly pays for the product.
c) Both a and b.
d) None of the above.
Answer: a

Actors in the credit card system include:

a) Cardholder and card brand.
b) Issuer/acquirer banks.
c) The merchant.
d) All of the above.
Answer: d

Which of the following is NOT part of the credit card payment

process?
a) The merchant validates the customer's identity by asking for
approval
from the card brand company.

b) The acquirer bank requests the card brand company to keep the
credit amount as is and gets the payment.

c) The card brand company authenticates the credit card and pays the
transaction by credit. The merchant keeps the sales slip.

d) The merchant submits the sales slip to acquirer banks and gets the
service charges paid to them.

Answer: b

Which of the following credit card payment steps is out of order?

a) The bank issues and activates a credit card to the customer on their
request.

b) The customer presents credit card information to the merchant site

or
to the merchant from whom they want to purchase a
product/service.

c) The merchant submits the sales slip to acquirer banks and gets the
service charges paid to them.

d) The card brand company authenticates the credit card and pays the
transaction by credit. The merchant keeps the sales slip.

Answer: c

Which of the following is NOT true for debit/credit cards

a) Payment through a debit card gets deducted from the card's bank
account immediately.
b) Payment through a credit card requires a sufficient balance in the
bank account for the transaction to be completed.
c) Payment through a debit card requires a sufficient balance in the
bank account for the transaction to be completed.
d) All of the above.
Answer: b

............ has the capacity to store customer work-related/personal

information on a small microprocessor chip embedded in it.
a) Credit card
b) Debit card
c) Smart card
d) Both a and b
Answer: c

............ transactions refer to situations where payment is done over

the network and the amount gets transferred from one financial body
to another financial body without any involvement of a middleman.
a) E-Money
b) Money laundering
c) Banknote
d) All of the above
Answer: a

............ is an electronic payment method to transfer money from one

bank account to another bank account in the same bank or a different
bank.
a) E-Money
b) E-Commerce
c) Electronic Fund Transfer
d) None of the above
Answer: c

............ means that information should not be accessible to an

unauthorized person. It should not be intercepted during
transmission.
a) Integrity
b) Availability
c) Confidentiality
d) Authenticity
Answer: c

............ means that information should not be altered during its

transmission over the network.
a) Confidentiality
b) Integrity
c) Non-Repudiability
d) Encryption
Answer: b

............ means that information should be available wherever and

whenever required within the time limit specified.
a) Availability
b) Authenticity
c) Encryption
d) Integrity
Answer: a

............ means that There should be a mechanism to authenticate a

user before giving them access to required information.
a) Authenticity
b) Availability
c) Non-Repudiability
d) Confidentiality
Answer: a

............ is protection against denial of order or denial of payment.

Once a sender sends a message, the sender should not be able to
deny sending the message. Similarly, the recipient of the message
should not be able to deny receipt.
a) Encryption
b) Availability
c) Integrity
d) Non-Repudiability
Answer: d

............ means that information should be encrypted and decrypted

only by authorized users.
a) Non-Repudiability
b) Encryption
c) Authenticity
d) Confidentiality
Answer: b
Which of the following is NOT an internet security protocol?
a) Secure Socket Layer (SSL)
b) Secure Hypertext Transfer Protocol (HTTPS)
c) Secure Electronic Transaction (SET)
d) None of the above
Answer: d

............ is a secure protocol developed by MasterCard and Visa in

collaboration and is theoretically the best security protocol.
a) Secure Socket Layer (SSL)
b) Secure Hypertext Transfer Protocol (HTTPS)
c) Secure Electronic Transaction (SET)
d) None of the above
Answer: c

............ is a software that allows cardholders to make secure

purchases online via point and click interface.
a) Data recovery software
b) Merchant software
c) Digital wallet software
d) Payment gateway server software
Answer: c

............ is a software that helps merchants to communicate with

potential customers and financial institutions in a secure manner.
a) Malware removal software
b) Merchant software
c) Digital wallet software
d) Payment gateway server software
Answer: b

............ is a software that provides an automatic and standard

payment process.
a) Email client software
b) Merchant software
c) Digital wallet software
d) Payment gateway server software
Answer: d

A/An ............ is a market mechanism by which sellers place offers

and buyers make sequential bids. It is characterized by the
competitive nature by which a final price is reached.
a) wholesale
b) auction
c) garage sale
d) All of the above
Answer: b

In ............ auctions there is one buyer, who wants to buy a product or

a service. Suppliers are invited to submit bids. The supplier that
submits the lowest bid wins. While in ............ auctions a single seller
auctions item(s) to many potential buyers.
a) forward, reverse
b) reverse, forward
c) English, Dutch
d) Dutch, English
Answer: b

In ............ auctions buyers bid on one item at a time. The bidding

price increases with additional bids. The highest bidder wins. While
in ............ auctions buyers bid on multiple, identical items. Prices are
set high and are reduced as the auction clock runs down until a bid
for a specific quantity is submitted. The first bidder wins.
a) forward, reverse
b) reverse, forward
c) English, Dutch
d) Dutch, English
Answer: c

The main benefits for sellers associated with electronic auctions

include:
a) Optimal price setting, determined by the market (more buyers)
b) Opportunities to find unique items and collectibles
c) Chance to bargain, instead of buying at a fixed price.
d) All of the above.
Answer: a

The main benefits for buyers associated with electronic auctions

include:
a) Optimal price setting, determined by the market (more buyers).
b) Increased revenues from broadening the customer base.
c) Chance to bargain, instead of buying at a fixed price.
d) All of the above.
Answer: c

The main benefits for auctioneers associated with electronic

auctions include:
a) High stickiness to the website generates more revenue.
b) Increased revenues from broadening the customer base.
c) Optimal price setting, determined by the market (more buyers).
d) All of the above.
Answer: a

The dividing of markets into specific groups is called:

a) Advertising
b) Consumerism
c) Segmentation
d) None of the above
Answer: c

"Online purchasing constitutes a fundamental change for customers"

is evident by:
a) Moving away from a physical shopping mall to an electronic mall
may not be simple.
b) Finding out what specific groups of consumers want is a major role
of market research.
c) The dividing of markets into specific groups.
d) All of the above.
Answer: a
An intelligent agent's strength lies in:
a) The ability to monitor movement on a website to check whether a
customer seems lost or ventures into areas that may not fit his profile.
b) The ability to notify customers and provide assistance.
c) The ability to contact other network resources on the Internet,
search for specific information or keywords, and report the results.
d) Both a and b.
Answer: d

An intelligent agent's strength lies in:

a) The ability to monitor movement on a website to check whether a
customer seems lost or ventures into areas that may not fit his profile.
b) The ability to notify customers and provide assistance.
c) The ability to help customers determine what to buy to satisfy a
specific need.
d) All of the above.
Answer: d

Unlike A/an ............ , A/an ............ uses expert, or knowledge-based,

capabilities to do more than just "search and match".
a) search engine, intelligent agent
b) intelligent agent, search engine
c) user, search engine
d) search engine, user
Answer: a

Once the consumer has decided what to buy, a ............ agent will
help in doing comparisons, usually of prices from different vendors.
a) filtering
b) comparison
c) search
d) all of the above.
Answer: b

A ............ is a potential for violation of security, while ............ is an

assault on system security.
a) attack, threat
b) circumstance, attack
c) threat, attack
d) None of the above
Answer: c

............ is a potential for violation of security, which exists when

there is a circumstance, capability, action, or event that could breach
security and cause harm.
a) Attack
b) Threat
c) Both a and b.
d) Exploit
Answer: b

............ is a mechanism used to leverage a vulnerability to

compromise an asset.
a) Attack
b) Threat
c) Both a and b.
d) Exploit
Answer: d

............ is the likelihood that a threat will exploit a vulnerability of an

asset and result in an undesirable consequence.
a) Attack
b) Threat
c) Risk
d) Exploit
Answer: c

............ is a weakness in a system or its design that could be

exploited by a threat.
a) Attack
b) Vulnerability
c) Risk
d) Exploit
Answer: b

............ are ethical hackers who use their programming skills for
good, ethical, and legal purposes.
a) White Hat Hackers
b) Grey Hat Hackers
c) Black Hat Hackers
d) None of the above
Answer: a
............ perform penetration tests to discover vulnerabilities and
report to developers before exploitation.
a) White Hat Hackers
b) Grey Hat Hackers
c) Black Hat Hackers
d) None of the above
Answer: a

............ commit crimes and do unethical things but not for personal
gain or to cause damage.
a) White Hat Hackers
b) Grey Hat Hackers
c) Black Hat Hackers
d) None of the above
Answer: b

............ may compromise the safety of a network and then disclose

the problem so the organization can fix the problem.
a) White Hat Hackers
b) Grey Hat Hackers
c) Black Hat Hackers
d) None of the above
Answer: b

............ are unethical criminals who violate security for personal

gain, or for malicious reasons, such as attacking networks.
a) White Hat Hackers
b) Grey Hat Hackers
c) Black Hat Hackers
d) None of the above
Answer: c

Threat actors is a term used to describe ............ hat hackers.

a) white and grey
b) grey and black
c) black and white
d) none of the above
Answer: b

............ are inexperienced hackers running existing tools and

exploits, to cause harm, but typically not for profit.
a) White Hat Hackers
b) Grey Hat Hackers
c) Black Hat Hackers
d) Script Kiddies
Answer: d

............ steal government secrets, gather intelligence, and sabotage

networks.
a) Hacktivists
b) Vulnerability Brokers
c) State-Sponsored Hackers
d) Script Kiddies
Answer: c
............ rally and protest against political and social ideas and post
articles and videos to leak sensitive information.
a) Hacktivists
b) Vulnerability Brokers
c) State-Sponsored Hackers
d) Script Kiddies
Answer: a

............ discover exploits and report them to vendors, sometimes for

prizes or rewards.
a) Hacktivists
b) Vulnerability Brokers
c) State-Sponsored Hackers
d) Script Kiddies
Answer: b

............ are common pen-testing tools.

a) Password crackers
b) Packet sniffers
c) Forensic tools
d) All of the above
Answer: d

............ attack constructs an IP packet that appears to originate from

a valid address inside the corporate intranet.
a) IP address spoofing
b) Denial-of-Service
c) Man-in-the-Middle
d) Password-based
Answer: a

In An/a ............ attack, hackers position themselves between a

source and destination to monitor, capture, and control
communication.
a) IP address spoofing
b) Denial-of-Service
c) Man-in-the-Middle
d) Password-based
Answer: c

............ attack prevents normal use of a computer or network by

valid users.
a) IP address spoofing
b) Denial-of-Service
c) Man-in-the-Middle
d) Password-based
Answer: b

............ attack uses stolen valid accounts to obtain lists of other

users and network information.
a) IP address spoofing
b) Denial-of-Service
c) Man-in-the-Middle
d) Password-based
Answer: d
............ is/are a non-replicating malicious code designed to look
legitimate. It exploits the privileges of the user that runs it and can
cause immediate damage, provide remote access to the system, or
access through a back door.
a) Trojan Horse
b) Worms
c) Ransomware
d) Adware
Answer: a

............ is/are a malware that executes arbitrary code and installs

itself in the memory of the infected device and automatically
replicates itself and spreads across the network from system to
system.
a) Trojan Horse
b) Worms
c) Ransomware
d) Adware
Answer: b

............ is/are a malware that denies access to the infected computer

system or its data, uses an encryption algorithm to encrypt system
files and data, and makes use of social engineering.
a) Trojan Horse
b) Worms
c) Ransomware
d) Adware
Answer: c
............ require a host program to run, while ............ can run by
themselves.
a) worms, viruses
b) worms, keyloggers
c) viruses, worms
d) worms, trojan horses
Answer: c

Which of the following trojan horse classifications are not correct?

a) FTP trojan horses enable unauthorized file transfer services on end
devices.
b) Destructive trojan horses corrupt or delete files.
c) DoS trojan horses slow or halt network activity.
d) None of the above.
Answer: d

Which of the following is NOT a component of computer worms?

a) Payload
b) Propagation mechanism
c) Enabling vulnerability
d) None of the above
Answer: d
............ is concerned with protecting information in all its forms,
whether written, spoken, electronic, graphical, or using other
methods of communication.
a) Information security
b) Network security
c) Both a and b
d) None of the above
Answer: a

............ is concerned with protecting data, hardware, and software on

a computer network.
a) Information security
b) Network security
c) Both a and b
d) None of the above
Answer: c

............ is an object’s ability to use, manipulate, modify, or affect

another object, while ............ is the organizational resource that is
being protected.
a) Access, Asset
b) Threat, Attack
c) Asset, Access
d) Attack, Threat
Answer: a

............ is an object’s ability to use, manipulate, modify, or affect

another object.
a) Access
b) Asset
c) Threat
d) Attack
Answer: a

............ is an assault on system security that derives from an

intelligent threat that is a deliberate attempt.
a) Access
b) Asset
c) Threat
d) Attack
Answer: d

............ is a potential for violation of security, which exists when

there is a circumstance, capability, action, or event that could breach
security and cause harm.
a) Access
b) Asset
c) Threat
d) Attack
Answer: c

............ is the organizational resource that is being protected.

a) Access
b) Asset
c) Threat
d) Attack
Answer: b

............ attempts to learn or make use of information from the

system but does not affect system resources, while ............ attempts
to alter system resources or affect their operation.
a) passive attack, active attack
b) active attack, passive attack
c) attack, threat
d) threat, attack
Answer: a

............ attempts to learn or make use of information from the

system but does not affect system resources.
a) attack
b) active attack
c) passive attack
d) threat
Answer: c

........... attempts to alter system resources or affect their operation.

a) attack
b) active attack
c) passive attack
d) threat
Answer: b
In A/an ........... attack, the message traffic is sent and received in an
apparently normal fashion and neither the sender nor receiver is
aware that a third party has read the messages or observed the
traffic pattern.
a) malware
b) active
c) insider
d) passive
Answer: d

Release of message contents and traffic analysis are two categories

of:
a) Malware
b) Active attacks
c) Passive attacks
d) Threats
Answer: c

Denial of service and masquerade are two categories of:

a) Malware
b) Active attacks
c) Passive attacks
d) Threats
Answer: b

........... attack prevents the normal use or management of

communications facilities by disrupting an entire network, either by
disabling the network or by overloading it with messages to degrade
performance.
a) Masquerade
b) Replay
c) Modification of messages
d) Denial of service
Answer: d

........... attack takes place when one entity pretends to be a different

entity.
a) Masquerade
b) Replay
c) Modification of messages
d) Denial of service
Answer: a

........... attack has some portion of a legitimate message altered, or

that message is delayed or reordered, to produce an unauthorized
effect.
a) Masquerade
b) Replay
c) Modification of messages
d) Denial of service
Answer: c

........... attack takes place when a different entity captures the

message from the source and later replays the message to the
destination
a) Masquerade
b) Replay
c) Modification of messages
d) Denial of service
Answer: b

In encryption terms ........... refers to the original message, while

........... refers to the coded message.
a) secret key, cipher
b) ciphertext, plaintext
c) plaintext, ciphertext
d) secret key, ciphertext
Answer: c

........... is an input to an encryption algorithm.

a) Secret key
b) Plaintext
c) Ciphertext
d) Both a and b
Answer: d

........... refers to the study of principles and methods of deciphering

ciphertext without knowing the key.
a) Decryption
b) Secret key
c) Cipher
d) Cryptanalysis
Answer: d
A ........... technique is one in which the letters of plaintext are
replaced by other letters or by numbers or symbols.
a) substitution
b) cipher
c) transposition
d) rail fence
Answer: a

A ........... technique is one in which some sort of permutation is

performed on the plaintext letters.
a) substitution
b) cipher
c) transposition
d) rail fence
Answer: c

A ........... technique is one in which the plaintext is written down as a

sequence of diagonals and then read off as a sequence of rows.
a) substitution
b) cipher
c) transposition
d) rail fence
Answer: d