Final Review
Chapter 9
1.
Preventing vulnerability during the EC design and per-implementation stage is
far more expensive than mitigating problems later.
A.
True
B.
False
2.
Phishing is rampant because some people respond to it and make it profitable.
A.
True
B.
False
3.
Access control involves authorization and authentication.
A.
True
B.
False
4.
The key reasons why EC criminals cannot be stopped include each of the
following except:
A.
Online shoppers do not take necessary precautions to
avoid becoming a victim.
B.
Strong EC security makes online shopping inconvenient
and demanding on customers.
C.
Sophisticated
hackers use browsers to crack into Web sites.
D.
There is lack of cooperation from credit card issuers
and foreign ISPs.
5.
The assurance that an online customer or trading partner cannot falsely deny
their purchase or transaction is referred to as:
A.
nonrepudiation.
B.
integrity.
C.
availability.
D.
authentication.
6.
Fingerprint scanners, facial recognition systems, and voice recognition are
examples of ________ that recognize a person by some physical trait.
A.
access control lists
B.
human firewalls
C.
biometric
systems
D.
intrusion detection systems
7.
________ is the criminal, fraudulent process of attempting to acquire
confidential information by masquerading as a trustworthy entity.
A.
Phishing
B.
Pretexting
C.
Social engineering
D.
Spamming
8. A botnet is:
A.
a
huge number of hijacked Internet computers that have been set up to forward
traffic, including spam and viruses, to other computers on the Internet.
B.
a piece of code in a worm that spreads rapidly and
exploits some known vulnerability.
C.
a production system that looks like it does real work,
but that acts as a decoy and is watched to study how network intrusions occur.
D. a
piece of software code that inserts itself into a host or operating system to
launch DOS attacks.
9.
A summary of a message, converted into a string of digits after the hash has
been applied, best describes:
A.
digital envelope.
B.
hash.
C.
message
digest.
D.
digital signature.
10.
A law that makes it a crime to send commercial e-mail messages with false or
misleading message headers or misleading subject lines is:
A.
SSL.
B.
EEA.
C.
DCMA.
D.
CAN-SPAM.
11.
The work atmosphere that a company sets for its employees describes:
A.
standard of due care.
B.
internal
control environment.
C.
acceptable use policy.
D.
internal politics.
12.
The combination of the encrypted original message and the digital signature,
using the recipient's public key, best describes:
A.
digital
envelope.
B.
digital signature.
C.
hash.
D.
message digest.
13.
The success and security of EC is measured by:
confidentiality, integrity, and availability.
quality, reliability, and speed.
encryption, functionality, and privacy.
authentication, authorization, and
nonrepudiation.
14.
Each of the following is a true statement about access control except:
A. All resources need to be
considered together to identify the rights of users or categories of users.
B.
Access control lists (ACLs) define users' rights, such
as what they are allowed to read, view, write, print, copy, delete, execute,
modify, or move.
C.
Access control determines which persons, programs, or
machines can legitimately use a network resource and which resources he, she,
or it can use.
D.
After a user has been identified, the user must be
authenticated.
15.
Assurance that stored data has not been modified without authorization and a
message that was sent is the same message that was received is referred to as:
A.
nonrepudiation.
B.
availability.
C.
authentication.
D.
integrity.
16. The motives of hackers have shifted from the
desire for fame and notoriety to advancing personal and political agendas.
A.
True
B.
False
17.
Keystroke logging captures and records user keystrokes.
A.
True
B.
False
18.
Cybercrimes are intentional crimes carried out on the Internet.
A.
True
B.
False
19.
Social engineering is an example of an unintentional threat.
A.
True
B.
False
20.
Authentication provides the means to reconstruct what specific actions have
occurred and may help EC security investigators identify the person or program
that performed unauthorized actions.
A.
True
B.
False
21.
The process of verifying the real identity of an individual, computer, computer
program, or EC Web site best describes:
A.
authentication.
B.
nonrepudiation.
C.
availability.
D.
integrity.
22.
Encryption components include each of the following except:
A.
key value.
B.
encryption algorithm.
C.
ciphertext.
D.
internal
control environment.
23.
Protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification, perusal, inspection, recording, or
destruction best defines:
A.
anti-virus
protection.
B.
security
audit.
C.
incident
management.
D.
information security.
24. The protection of information systems against unauthorized
access to or modification of information that is stored, processed, or being
sent over a network is referred to as:
A.
data integrity.
B.
human firewall.
C.
information assurance.
D.
information integrity.
25. An attack on a website in which an attacker uses specialized
software to send a flood of data packets to the target computer with the aim of
overloading its resources best describes:
A.
botnet infestation.
B.
denial-of-service attack.
C.
cyberhijacking.
D.
cyberraid.
26. Which of the following
is not an advantage of virtual private networks (VPN) for data communications?
A.
They can reduce communication costs dramatically because VPN
equipment is cheaper than other remote solutions.
B.
They are less expensive than private leased lines because they use
the public Internet to carry information.
C.
They ensure the
confidentiality and integrity of the data transmitted over the Internet without
requiring encryption.
D.
Remote users can use broadband connections rather than make long
distance calls to access an organization's private network.
27. Security functions or characteristics of digital signatures
include each of the following except:
A.
A digital signature is the
electronic equivalent of a personal signature, which can be forged.
B.
Digital signatures ensure that the original content of an
electronic message or document is unchanged.
C.
Digital signatures are portable.
D.
Digital signatures are based on public keys for authenticating the
identity of the sender of a message or document.
28. A scheme for securing e-payments using public key encryption
and various technical components best describes:
A.
Data Encryption Standard.
B.
public key infrastructure.
C.
message digesting.
D.
key space.
29. A method of encryption that uses a pair of matched keys,
including a public key to encrypt a message and a private key to decrypt it,
describes:
A.
symmetric private key encryption.
B.
public asymmetric key
encryption.
C.
paired key encryption.
D.
data encryption standard.
Chapter 10
1. One problem with the Address
Verification System (AVS) for fraud prevention is the number of false
positives, meaning that the merchant rejects a valid order.
A. True
B. False
2.
In the authorization process, money is transferred from the buyer's to the merchant's
account.
A. True
B. False
3.
The disintermediation of cash and credit cards has been successful in the
online world.
A. True
B. False
4. Which of the following spurred the use
of debit cards by eliminating the requirement for merchants to issue receipts
for debit purchases of $15 or less?
A. U.S. Electronic Funds Transfer
Act
B. Federal Deposit Insurance Act
C. Bank Service Company Act
D. Bank Protection Act
5.
The type of contact card that is erasable and modifiable is:
A. EEPROM.
B. BIOS.
C. EPROM.
D. RAM.
6.
Factors influencing whether a particular e-payment method achieves critical
mass include:
A. independence.
B. security.
C. interoperability and portability.
D. all of the above.
7. A smart card containing a small gold
plate on the face that when inserted in a smart card reader makes contact and
passes data to and from the embedded microchip is a:
A. contact card.
B. proximity card.
C. plate card.
D. dedicated card.
8. Factors that determine whether a
particular method of e-payment achieves critical mass include each of the
following except:
A. full traceability of the
buyers.
B. interoperability with other enterprise systems and applications.
C. degree of security of the transfer.
D. hardware and software independence.
9. A file containing customer status and
customer information that is used when processing transactions to identify
known problem customers is a:
A. cancellation list.
B. rejection list.
C. problem child list.
D. negative list.
10.
Costs associated with fraudulent transactions include:
A. additional fees and penalties imposed by card associations for accepting
fraudulent transactions.
B. the revenue that is lost from rejecting orders that are valid.
C. the cost of manually reviewing orders.
D. all of the above.
11. The barrier to selling books online,
either hardcopy or electronic, is technical and not financial.
A. True
B. False
12. In the online world, virtually every
attempt to disintermediate cash and credit cards has failed.
A. True
B. False
13. The overwhelming majority of B2C
purchases are paid for by smart cards.
A. True
B. False
14. E-payment systems that require the
payer to install specialized security software have proven more likely to
succeed.
A. True
B. False
15. The success of an e-payment method
depends on its interoperability with existing enterprise systems and
applications.
A. True
B. False
16. To succeed, special e-payment methods,
such as e-cash, have to maintain anonymity.
A. True
B. False
17. E-payment methods that can address the
lower or higher end of the price continuum are unlikely to be widely accepted
because of cost and security issues.
A. True
B. False
18. In the settlement process, the systems
must determine whether a buyer's card is active and whether the cardholder has
sufficient
funds available for the purchase.
A. True
B. False
19. The processing of card payments has
two major phases: identification and settlement.
A. True
B. False
20. Credit cards, charge cards, and debit
cards are three forms of online payment cards.
A. True
B. False
21. Thirty-eight percent of all merchants
use negative lists, which are files that include a customer's information and
the status of that customer. A customer's transaction is matched against these
files and flagged if the customer is a known problem.
A. True
B. False
22. An electronic card that contains
information that can be used for payment purposes best describes:
A. host card.
B. pocket card.
C. funds card.
D. payment card
23. For a given type of payment card and
processing system, the processes and participants are essentially the same for
offline (card present) and online (card not present) purchases.
A. True
B. False
24. In the online world, merchants are not
held liable for fraudulent transactions.
A. True
B. False
25. Because of their visibility and large
sales volumes, larger firms are more susceptible to fraud than medium-sized
firms.
A.
True
B.
False
Chapter 11
1. A searchable database of computer hardware that meets a strict
set of environmental criteria best describes:
A) Environmental
Protection Computing Resource.
B) One
Step To Green Computing.
C) Electronic Product Environmental
Assessment Tool.
D) Information
Technology Assessment Tool.
2. Productivity benefits from using EC are difficult to measure
because:
A) qualitative
benefits do not count.
B) the
payoffs are too short.
C) there
is no time lag in EC gains.
D) EC gains in certain areas of the
company may be offset by losses in other areas.
3. For ________ companies, it may be even more important to change
strategies quickly.
A) retail
B) service
C) pure-play
D) traditional
4. ________ is an umbrella
term for any of several arrangements that allow a vendor of content in
electronic form to control the material and restrict its usage.
A) Digital rights management
B) Fair
use
C) Patent
management
D) Intellectual
property management
5. Metrics are used to describe each of the following except:
A) costs.
B) standards.
C) benefits.
D) ratio
of costs to benefits.
6. The study and practice of ecofriendly computing resources, and
it is now a key concern of businesses in all industries best describes:
A) blue
computing.
B) green computing.
C) energy
efficient computing.
D) natural
computing.
7. Worldwide purchases of EPEAT-registered products result in each
of the following except:
A) reduced
use of toxic waste materials.
B) reduced
use of primary materials.
C) reduced staffing requirements.
D) avoiding
the disposal of tons of hazardous waste.
8. Google and eBay have similar core competencies.
A) True
B) False
9. Blue computing is the study and practice of ecofriendly
computing resources.
A) True
B) False
10. In the strategy implementation phase, general long-term plans
are continuously evaluated.
A) True
B) False
11. Project management is the process of making the selected
applications and projects a reality, including hiring staff; purchasing
equipment; and licensing, purchasing, or writing software.
A) True
B) False
12. Trends that may slow EC and Web 2.0, and even cripple the
Internet include:
A) copyright
complaints.
B) security
concerns.
C) lack
of net neutrality.
D) all of the above.
13. Internet capabilities that make it more difficult for
companies to capture profits include each of the following except:
A) The
Internet allows buyers and sellers to find and transact business with one
another more easily.
B) The
Internet makes information widely available.
C) The
Internet reduces the difficulty of purchasing, marketing, and distribution.
D) The Internet makes it easier to make
secure payments.
14. Google's ________ is its expertise in information search
technology.
A) value
proposition
B) company
analysis
C) core competency
D) SWOT
15. Which U.S. law mandates the use of filtering technologies in
schools and libraries that receive certain types of federal funding?
A) Computer
Fraud and Abuse Act
B) Children's Internet Protection Act
C) Homeland
Security Act
D) Privacy
Protection Act
16. Many companies use different names, colors, sizes, and
packaging for their overseas products and services. This practice is referred
to as:
A) geo-focus.
B) world
trade.
C) specialization.
D) localization.
17. The threat of substitute products or services is a major force
that can endanger a company's position in a given industry.
A) True
B) False
18. Ethics is the branch of philosophy that deals with what is
considered to be right and wrong.
A) True
B) False
19. Forecasting means identifying business, technological,
political, economic, and other relevant trends that are currently affecting the
business or that have the potential to do so in the future.
A) True
B) False
20. An agreement that requires computer users to take specific steps
to allow the collection of personal information is called:
A) opt-in.
B) user
acceptance agreement.
C) informed
consent.
D) opt-out.
21. The legal term for the use of the work without permission or
contracting for payment of a royalty is
A) theft
of digital rights.
B) infringement.
C) copyright
violation.
D) theft
of intellectual property.
22. In law, fair use refers to the use of copyrighted material for
________ purposes.
A) educational
B) entertainment
C) commercial
D) noncommercial
23. Intangible metrics in the model for IT project justification
include each of the following except:
A) services
to society.
B) growth
enabler.
C) lead-time.
D) competitive
advantage.
24. Traditional methods for evaluating EC investments include all
of the following EXCEPT:
A) ROI
B) Break-even
or payback period
C) Discount rate
D) NPV
25. Justifying an EC investment by comparing the costs of each
project against its benefits is known as a cost-benefit analysis.
A) True
B) False
Chapter 12
1. Web site usability means that
people who use the Web site can do so quickly and easily to accomplish their
tasks and may also consider such factors as cost-effectiveness and usefulness.
A)
True
B)
False
2. Unlike the brick-and-mortar
marketplace, the failure rate for online companies is low.
A)
True
B)
False
3. Business process management systems monitor
the execution of the business processes so that managers can analyze and change
processes in response to data, rather than on just a hunch.
A)
True
B)
False
4.
Insuring:
A)
connects people, data, and diverse systems.
B)
is
the in-house development of applications.
C)
is a method of transferring the management and/or
day-to-day execution of an entire business function to a third-party service
provider.
D)
is a class of systems that integrates large systems.
5.
Basic options for developing an EC Web site include each of the following
except:
A)
lease the application.
B)
develop the site in-house.
C)
buy a packaged application.
D)
clone
a competitor's Web site.
6.
In organizational transformation:
A)
the change may affect only one or a few of the
functional areas of the business.
B)
there
is always a sharp break with the past and every aspect of the business will
probably change.
C)
there are incremental changes to the ways things have
always been done.
D)
there is a change in outlook, but rarely a change in
procedures or investment in infrastructure.
7.
Factors determining usability include:
A)
efficiency of use.
B)
memorability.
C)
ease of learning.
D)
all
of the above.
8.
Reprise Electronics, a conglomerate that manufactures and sells all kinds of
electronic goods under several brand names, currently has separate Web sites
for each of its brands. The company decides to bring all of the Web sites
together through a single site that, in addition to providing links to the
brand pages, will also provide general information about how to select
electronic merchandise and informational pages about the Reprise Company today
and its management team. This is an example of adding:
A)
a reverse auction.
B)
a
portal.
C)
e-procurement.
D)
a Webstore.
9.
Secondary content that offers a coupon, rebate, or special service is called:
A)
cross-selling.
B)
comment.
C)
promotion.
D)
up-selling.
10.
The primary reason for writing a business plan is to:
A)
provide an operational framework for the business.
B)
provide strategic direction to employees.
C)
acquire
external funding.
D)
help the founders remember what they are trying to
accomplish.
11. Syndicated content is Web content that
matches the needs and expectations of the individual visitor.
A)
True
B)
False
12.
Content creation and management for a large EC site can be slow and expensive.
A)
True
B)
False
13. A plan for organizing the
underlying infrastructure and applications of a site best describes:
A)
IT architecture.
B)
IT infrastructure.
C)
business plan.
D)
EC
architecture.
14.
The process of selecting a software vendor and EC package includes each of the
following except:
A)
establish a service-level agreement.
B)
determine the evaluation criteria.
C)
close
vendor contract.
D)
evaluate vendors and packages.
15. Outsourcing options for creating and operating
EC applications include:
A)
software houses, such as IBM.
B)
telecommunications companies, such as MCI.
C)
outsourcers, such as EDS.
D)
all
of the above.
16. ________ is the name-based address that
identifies an Internet-connected server.
A)
URL name
B)
Host name
C)
Domain
name
D)
IP address
17. When creating a new business, the first step
is to:
A)
acquire financing needed to make the business
successful.
B)
investigate all existing opportunities.
C)
identify
a consumer or business need that is not presently being met.
D)
write a business case or plan.
18. ________ is money invested in a business by
an individual, a group of individuals, or a funding company in exchange for
equity in the business.
A)
Advancement
B)
Venture
capital
C)
Operating capital
D)
Start-up funding
19.
The first step in creating a new company or adding an online project is to
identify a consumer or business need in the marketplace.
A)
True
B)
False
20.
Chaplin's Pet Store has been in business for many years. Chaplin, the present
owner, decides to open an online sales channel where he can advertise and sell
the same gourmet pet food. This is an example of adding:
A)
a portal.
B)
a
Webstore.
C)
e-procurement.
D)
a reverse auction.
21.
Which of the following is true regarding a second round of financing?
A)
The angel investor will pay the highest price per
share.
B)
The venture capitalist will pay the highest price per
share.
C)
The entrepreneur will pay the highest price per share.
D)
IPO
investors will pay the highest price per share.
22.
A major entertainment company has four studios that have been in the same
location for more than ten years. The company includes a page on its Web site
with addresses, phone numbers, and general e-mail addresses for each of these
studios. None of this information has changed since the Web site was developed.
This is an example of ________ content.
A)
dynamic
B)
functional
C)
static
D)
organizational
23.
Disadvantages for using the off-the-shelf approach as an EC development
strategy include:
A)
Software
may not exactly meet the company's needs.
B)
Limited off-the-shelf software packages are available.
C)
The company must hire programmers specifically
dedicated to an EC project.
D)
The vendor rarely updates the software.
24.
Reviews, testimonials, expert advice, or further explanation about the product
are called:
A)
up selling.
B)
comment.
C)
cross-selling.
D)
promotion.
25.
A _________________ is a wealthy individual who contributes personal funds and
possibly expertise at the earliest stage of business development.
A)
entrepreneur
B)
venture capitalist
C)
angel
D)
incubator
26.
A______________ is a company, university, or nonprofit organization that
supports promising businesses in their initial stages of development.
A)
entrepreneur
B)
venture capitalist
C)
angel
D)
incubator
27.
The difference between a business plan and a business case is:
A)
all
new businesses should have a business plan, but only existing businesses
planning a major EC or IT initiative should develop a business case.
B)
business cases are brief and general, while business
plans are long and detailed.
C)
a business case is a part of every business plan.
D)
all businesses need a business case, but only new
businesses need a business plan.
28.
The key difference between an e-business plan and a traditional business plan
is that the entrepreneur must:
A)
understand all aspects of the technology required to
implement the plan.
B)
understand
that the Internet is a unique sales channel.
C)
understand that traditional rules do not apply when
doing business on the Internet.
D)
develop a ten-year plan.
29.
The greatest difficulty in dealing with venture capital is:
A)
finding the money a venture capitalist will require.
B)
the loss of control a venture capitalist demands.
C)
relocating the business to an incubator.
D)
finding
a willing venture capitalist.
30.
A__________________ Web site does little more than provide information about
the business and its products.
A)
informational
B)
interactive
C)
transactional
D)
dynamic