Category Archives: Internet

e-Commerce Self Quiz Chapter 10

1 of 40
The success and security of EC depend on the ________ of information and the business Web site.
encryption, functionality, and privacy
quality, reliability, and speed
authentication, authorization, and nonrepudiation
confidentiality, integrity, and availability
2 of 40
Digital signatures or digital certificates:
are used to validate the sender and time stamp of the transaction so it cannot be later claimed that the transaction was unauthorized or invalid, so is safer to use a VPN service as vpn cina to make these transactions.
have been compromised by phishers and spammers.
provide complete confidence that the transactions are secure.
Both A and B
3 of 40
A botnet is a:
collection of a few hundred hijacked Internet computers that have been set up to forward traffic, including spam and viruses, to other computers on the Internet.
piece of software code that inserts itself into a host or operating system to launch DOS attacks.
piece of code in a worm that spreads rapidly and exploits some known vulnerability.
coordinated network of computers that can scan and compromise other computers and launch DOS attacks.
4 of 40
Protection of the U.S. computer networks is in the hands of the Department of the Interior (DOI).
5 of 40
Seattle’s Northwest Hospital and Medical Center was attacked by malware that was able to enter their network through a Windows flaw.
6 of 40
Security functions or characteristics of digital signatures include all of the following except:
A digital signature is the electronic equivalent of a personal signature, which can be forged.
Digital signatures are based on public keys for authenticating the identity of the sender of a message or document.
Digital signatures ensure that the original content of an electronic message or document is unchanged.
Digital signatures are portable.
7 of 40
Which of the following statements about hardware and software security defenses is false?
Hardware and software security defenses protect against irresponsible business practices or corrupt management.
There is no single hardware or software solution appropriate for all companies.
If firewalls and antivirus software are not upgraded and monitored constantly, they will not remain useful.
After the EC security program and policies are defined and risk assessment completed, then the software and hardware needed to support and enforce them can be put in place.
8 of 40
Active tokens are storage devices (e.g., magnetic strip) that contain a secret code used in a two-factor authentication system.
9 of 40
Which of the following is not an underlying reason why a comprehensive EC security strategy is needed?
The Internet was designed for maximum efficiency without regard for its security or users with malicious intent.
The shift is toward profit-motivated crimes.
Managers treat EC security as a process.
Many companies fail to implement basic IT security management best practices, business continuity plans, and disaster recovery plans.
10 of 40
The process of determining what the authenticated entity is allowed to access and what operations it is allowed to perform is known as:
11 of 40
Risk creates vulnerability, which is the probability that this weakness will be known and used.
12 of 40
Administrators need to check the integrity of programs and patches that are installed; and new programs and tools should be installed in a test environment before putting them into a production environment.
13 of 40
Assurance that stored data has not been modified without authorization or a message that was sent is the same message that was received is referred to as:
14 of 40
The ________ translates or converts domain names to their IP addresses.
15 of 40
Social engineering is a type of technical attack to circumvent security measures by manipulating people to get them to reveal crucial authentication information.
It is a type of nontechnical attack.
16 of 40
An IP address uniquely identifies each computer connected to a network or the Internet.
17 of 40
According to the CSI 2008 Security Survey, the most expensive computer security incidents were those involving ________.
financial fraud
viruses and worms
unintentional human errors
targeted attacks
18 of 40
Acceptable use policies (AUP) inform users of their responsibilities when a cyberattack or network intrusion has occurred.
19 of 40
The ________ was invented by Netscape to use standard certificates for authentication and data encryption to ensure privacy or confidentiality.
certificate authority
public key infrastructure
secure socket layer
digital envelope
20 of 40
An EC security strategy requires multiple layers of defense against risks from malware, fraudsters, customers, and employees.
21 of 40
Biometric systems are authentication systems that identify a person by measurement of a biological characteristic, such as fingerprints, iris patterns, facial features, or voice.
22 of 40
Public key infrastructure (PKI) is an authentication method that:
has become the cornerstone for secure e-payments and intranet applications.
is based on the Data Encryption Standard, which is the standard symmetric encryption algorithm supported by U.S. government agencies.
encrypts and decrypts large amounts of data effectively.
uses encryption keys ranging from 64 bits to 128 bits.
23 of 40
Due care in EC is those actions that a company is reasonably expected to take based on the risks affecting its business and transactions.
24 of 40
Shoppers can rely on online fraud protection provided by credit card issuers to protect them from identity theft.
25 of 40
According to the CSI 2008 Security Survey, the most expensive security incidents were those involving viruses.
26 of 40
Fingerprint scanners, facial recognition systems, and voice recognition all are examples of ________ that recognize a person by some physical trait.
biometric systems
human firewalls
intrusion detection systems
access control lists
27 of 40
The Internet, or more specifically the Internet and network protocols, was never intended for use by untrusted users or components.
28 of 40
Hackers are able to easily gain access to a network when IS staff do not ensure that all traffic into and out of a network passes through a firewall.
29 of 40
Because the consequences of weak network security can be severe, it is necessary that senior management have a basic understanding of best practices in network risk management.
30 of 40
The incidence of online fraud and identify theft would increase for each of the following reasons except:
There is growth in EC sales and the number of shoppers with higher incomes.
Information is a valuable form of currency.
Hackers are increasingly motivated by fame and notoriety.
Scammers are outsourcing work to programmers to gain control of computers or wireless networks.
31 of 40
All of the following are characteristics of access control except:
Access control determines which persons, programs, or machines can legitimately use a network resource and which resources he, she, or it can use.
Access control lists (ACLs) define users’ rights, such as what they are allowed to read, view, write, print, copy, delete, execute, modify, or move.
All resources need to be considered together to identify the rights of users or categories of users.
After a user has been identified, the user must be authenticated.
Each resource needs to be considered separately. (pages 451 and 452).
32 of 40
The attacks and defense of computers can affect individuals, organizations, countries, or the entire Web.
33 of 40
The protection of information systems against unauthorized access to or modification of information that is stored, processed, or being sent over a network is referred to as:
information assurance.
data integrity.
information integrity.
human firewall.
34 of 40
The PCI data security standard was developed by the FTC to protect against credit card fraud and identity theft.
35 of 40
The assurance that an online customer or trading partner cannot falsely deny their purchase or transaction is referred to as:
36 of 40
The key reasons why EC criminals cannot be stopped include each of the following except:
Sophisticated hackers use browsers to crack into Web sites.
Strong EC security makes online shopping inconvenient and demanding on customers.
There is a lack of cooperation from credit card issuers and foreign ISPs.
Online shoppers do not take necessary precautions to avoid becoming a victim.
37 of 40
An EC security strategy and program begins with:
the commitment and involvement of executive management.
layers of hardware and software defenses.
information security policies and training.
secure design of EC applications.
38 of 40
Authentication can be based on the public key infrastructure (PKI) which is based on:
message digest.
plain text.
key space.
39 of 40
________ systems are highly useful for both law enforcement and for law breaking, for example, by providing a means to obtain passwords or encryption keys and thus bypassing other security measures.
Keystroke logging
Access control
Intrusion detection
40 of 40
Which is not an advantage of virtual private networks (VPN) for data communications?
They are less expensive than private leased lines because they use the public Internet to carry information.
They ensure the confidentiality and integrity of the data transmitted over the Internet without requiring encryption.
They can reduce communication costs dramatically because VPN equipment is cheaper than other remote solutions.
Remote users can use broadband connections rather than make long distance calls to access an organization’s private network.

Migrating WordPress Blog from Site5 to 1and1 (aka 1&1)

I can only speak for the 1and1 half of this as my friend did the sql dump at Site5.

I updated the database name in the sql dump. I uploaded it using MySQL 5.0 (I previously used MySQL 4.0) and phpMyAdmin. I made my edits using BDV Notepad.

When I had the sql dump file open in BDV Notepad, some characters (em dashes, smart quotes, u with umlaut, etc.) looked corrupted. However, after I uploaded the file, they appeared fine.

My previous attempt to edit the sql dump file in MS Notepad seemed to corrupt many special characters. My attempt to upload the file after editing failed several times. I think this had something to do with the UTF character encoding. The solution seemed to be to change as little as possible. Though, I did cut out around 2mb of unnecessary rss info that I think was generated by something called Magpie RSS.

I had all the WordPress directory ready to go on the new server. So, I followed the directions here:

4/20/2010 Update: I had to upgrade my MySQL version to upgrade WordPress (to v2.9.2) and found I had a really tough time working with the SQL dump. After several hours of searching, I finally came across this: SQLDumpSplitter. After installing this and splitting the file, the SQL import was simple.


All-in-One Gestures: Execute common commands using mouse gestures, rocker navigation, and scroll wheel navigation.

FoxReplace: Bring up replace field by pressing Shift + F2.

IE Tab: Embeds Internet Explorer in tabs of Firefox.
–Uninstalled. Crashed Firefox during first attempt at use. Mouse gestures aren’t usable in the IE tab the plug-in creates.

Tab Mix Plus: Duplicate tabs, control tab focus, undo closed tabs and windows, manage session.
–Open recently closed tab: Ctrl+Shift+T

Tab Wheel Scroll: Switch tabs by scrolling with the mouse wheel in the tab bar.

LaTeX and Tooltips


What is the inverse of the equation \log _{a}x=y?

Here is the answer with [latex] tags inside of the Tippy tags:

Here is the answer with “$”s inside of the Tippy tags:

Here is the answer with “$” in place of the “$”s inside of the Tippy tags:

WordPress Tooltip

Conclusion: Failed

WordPress Tooltips

No usage instructions.

Nice Tooltips

This makes all links display a tooltip on mouseover that, in turn, displays a link to the destination url.

Sinosplice Tooltips

Conclusion: Failed

WP Tool Tips

Conclusion: Failed

log _{a}x=y
$latex log _{a}x=y$