Purpose of Ecommerce Security - Quiz Explanation

The answers you selected are indicated below, along with text that explains the correct answers.
1. A message digest provides:
Please select the best answer.
  A. Data security
  B. Data integrity
  C. Data authentication
  D. Data confidentiality
  The correct answer is B. A message digest is created and attached to transmissions to provide data integrity. Answers A, C and D are incorrect. Although a message digest provides data security on some level, it primarily serves to ensure data integrity. Data authentication is provided by public-key encryption certificates, or digital signatures, and data confidentiality is provided by encryption and decryption.

2. Authentication is achieved by the use of:
Please select the best answer.
  A. Data security
  B. Anonymity
  C. Access control restrictions
  D. Digital signatures
  The correct answer is D. Digital signatures are used to achieve authentication. Answers A, B, and C are incorrect. Data security is achieved in many ways other than authentication. Identification addresses anonymity by ensuring that someone is who he or she claims to be, but does not directly achieve authentication. Access control restrictions protect against the unauthorized use of accessible resources.

3. Types of access control restrictions include:
Please select the best answer.
  A. Userids, passwords, and firewalls
  B. Non-repudiation, identification, and authentication
  C. Message digests and hash algorithms
  D. Digital signatures, certification, and public-key encryption
  The correct answer is A. Userids, passwords, and firewalls are employed to restrict access to software and networks. Answers C and D are incorrect because message digests and hash algorithms are used to determine data integrity, while digital signatures, certification, and public-key encryption are used for identification purposes.

4. The process that proves a transaction has been conducted between a specific customer and merchant is called:
Please select the best answer.
  A. Authorization
  B. Identification
  C. Authentication
  D. Non-repudiation
  The correct answer is D. Non-repudiation is the proof that a transaction has been conducted between two specific parties. Authorization is the process of getting approval, such as payment authorization given by a bank. Web transaction authentication and identification ensure that a user is who he or she claims to be.