Chapter 5
1. Why is it less risky to steal online? Explain some of the ways criminals deceive consumers and merchants.
The internet makes it possible to rob people remotely and alomst anonymously. Downloading free music from online is stealing but it is easier than stealing original CD from store so that stealing online is a lot less risky.
The internet makes it possible to rob people remotely and alomst anonymously. Downloading free music from online is stealing but it is easier than stealing original CD from store so that stealing online is a lot less risky.
2. Give an example of security breaches as they relate to each of the six dimensions of
e-commerce security. For instance, what would be a privacy incident?
Integrity- Redirecting a bank wire transfer, Nonrepudiation- Ordering items online and deny, Identifying the real person whom they dealing with on the Internet, Confidentiality- Only the authorized person can view the messages and data, Privacy- protecting the informations from the illegitimate or unauthorized users, Availability- ensure that an e-commerce site continues to function as intended.
e-commerce security. For instance, what would be a privacy incident?
Integrity- Redirecting a bank wire transfer, Nonrepudiation- Ordering items online and deny, Identifying the real person whom they dealing with on the Internet, Confidentiality- Only the authorized person can view the messages and data, Privacy- protecting the informations from the illegitimate or unauthorized users, Availability- ensure that an e-commerce site continues to function as intended.
3. How would you protect your firm against a Denial of Service attack?
I would have some sort of security system or censor that can watch hacker like that and block them before they start attacking the web site.
I would have some sort of security system or censor that can watch hacker like that and block them before they start attacking the web site.
4. How does spoofing threaten a Web site’s operations?
Spoofing threaten the intergrity of a site such as redirect customers to a fake website to steal the payment from true site, changing orders and send them to true web site so that the company will ship the wrong order to customers.
Spoofing threaten the intergrity of a site such as redirect customers to a fake website to steal the payment from true site, changing orders and send them to true web site so that the company will ship the wrong order to customers.
5. What are some of the steps a company can take to curtail cybercriminal activity from within a business?
An Encryption can protect all the messeges and text from cybercriminal, only sender and receiver can read the messages.
An Encryption can protect all the messeges and text from cybercriminal, only sender and receiver can read the messages.
6. Identify and discuss the five steps in developing an e-commerce security plan.
A security plan begins with risk assessment- an assessment of the risks and points of vulnerability, security policy- a set of statements prioritizing the information risks, identifying acceptable risk targets, and identifying the mechanisms for achieving these targets, implementation plan- the steps you will take to achieve the security plan goals, security organization- educates and trains users; keeps management aware of security threats and breakdowns, Access controls determine which outsiders and insiders can gain legitimate access to the networks, Security audit involves the routine review of access logs.
A security plan begins with risk assessment- an assessment of the risks and points of vulnerability, security policy- a set of statements prioritizing the information risks, identifying acceptable risk targets, and identifying the mechanisms for achieving these targets, implementation plan- the steps you will take to achieve the security plan goals, security organization- educates and trains users; keeps management aware of security threats and breakdowns, Access controls determine which outsiders and insiders can gain legitimate access to the networks, Security audit involves the routine review of access logs.
7. What are tiger teams, who uses them, and what are some of the tactics they use in their work?
Tiger teams are the hacker teams that corporate security departments used to test their own security measures. White hats are helping organizations locate and fix security flaws. Black hats are hackers who engage in the same kinds of activities but without pay or any buy-in from the targeted organization, and with the intention of causing harm. Gray hats are hackers who believe they are pursuing some grater good by breaking in and revealing system flaws.
Tiger teams are the hacker teams that corporate security departments used to test their own security measures. White hats are helping organizations locate and fix security flaws. Black hats are hackers who engage in the same kinds of activities but without pay or any buy-in from the targeted organization, and with the intention of causing harm. Gray hats are hackers who believe they are pursuing some grater good by breaking in and revealing system flaws.
8. How do the interests of the four major payment systems stakeholders impact each other?
No comments:
Post a Comment