Deck 10: Electronic Commerce Security

Message packets on the Internet travel a planned path from a source node to a destination node.

A digital certificate contains a means to send an encrypted message to the entity that sent the original Web page or e-mail message.

Active content can be delivered as an e-mail attachment.

One significant threat to electronic commerce is theft of sensitive or personal information.

Active content can pose a threat to the security of client devices.

In the context of the elements of computer security, necessity refers to preventing data delays or denials.

Applets typically run within the Web browser and are most often written in the Java programming language.

A Trojan horse erasing or altering information in a client computer is said to be a secrecy violation.

Active content elements are programs that run on the server.

The most complete way for Web site visitors to protect themselves from revealing private information or being tracked by cookies is to disable cookies entirely.

Any message traveling on the Internet is subject to secrecy, integrity, and necessity threats.

Worms can spread quickly through the Internet.

Java applets operating in a sandbox can perform file input, output, or delete operations.

The path taken by a message packet from a source node to a destination node can be controlled by Internet users.

People who write programs or manipulate technologies to obtain unauthorized access to computers and networks are called crackers.

Active content is launched in a Web browser automatically prior to the browser loading the Web page containing active content.

Networks outside a firewall are referred to as trusted networks.

Persistent cookies refer to the category of cookies which exist until the Web client ends the connection.

Threats that are unlikely to occur can be ignored when the cost to protect against the threat exceeds the value of the protected asset.

One disadvantage of private-key systems is that encryption and decryption are significantly slower than public-key systems.

In the context of encryption, shorter keys usually provide significantly better protection than longer keys.

Backdoor is a program that protects information from unauthorized access.

The Computer Emergency Response Team (CERT) is the most prominent organization that promotes computer security.

A Web browser that has entered into a Secure Socket Layer session indicates that it is in an encrypted session.

When a Trojan horse has taken over a large number of computers, the person who planted the virus can take control of all the computers and form a(n) _____.

Cookies placed on a client computer by a Web server site are called _____.

First-party cookies and third-party cookies represent classification of cookies by their _____.

In the context of elements of a security policy, _____ refers to the secure identification of clients and servers with digital signatures and certificates.

The purpose of a(n) _____ is to disrupt normal computer processing, or deny processing entirely.

A(n) _____ cookie originates from a Web site other than the site being visited.

Cookies are categorized as session or persistent based on _____.

Most browsers allow users to limit the actions taken by Java applets and scripting languages by running them in a(n) _____, which is a functional subset of the full browser.

A(n) _____ occurs when an Internet e-mail message is intercepted and its contents are changed before it is forwarded to its original destination.

A(n) _____ is a procedure that recognizes, reduces, or eliminates a threat.

A(n) _____ is usually a long binary number that is used with the encryption algorithm to "lock" the characters of the message being protected so that they are undecipherable without the number.

A(n) _____ security device is one that uses an element of a person's biological makeup to perform identification.

_____ is the coding of information by using a mathematically based program and a secret key to produce a string of characters that is unintelligible.

The program that transforms normal text into cipher text is called a(n) _____.

Briefly describe the requirements for secure electronic commerce.

A(n) _____ is a Trojan horse that secretly takes over another computer for the purpose of launching attacks on other computers.

In some cities that have large concentrations of wireless networks, attackers, called _____, drive around in cars using their wireless-equipped laptop computers to search for accessible networks.

A(n) _____ is a type of virus that replicates itself on the computers that it infects.

An integrity threat, also known as _____, exists when an unauthorized party can alter a message stream of information.

What are the six main elements included on a digital certificate?

How is a buffer vulnerable to security threats?

Apps that contain malware or that collect information from a mobile device and forward it to perpetrators are called _____.

The science that studies encryption is called _____.

_____ are the computers on the Internet that maintain directories that link domain names to IP addresses.

Describe the security dangers inherent in ActiveX controls.

_____ encryption encodes messages by using two mathematically related numeric keys.

Browser _____ are programs that enhance the capabilities of browsers, handle Web content that a browser cannot handle.

What is the difference between a virus and a worm?

A(n) _____ is an attachment to an e-mail message or program embedded in a Web page that verifies that the sender or Web site is who it claims to be.

The process of proposing and accepting various transmission conditions is called _____.