Ecommerce Security   «Prev  Next»

Security Policy - Quiz

Each question is worth one point. Select the best answer or answers for each question.
 
1. Your company is in the process of developing a security policy. What should that policy include?
Please select all the correct answers.
  A. An action plan in the event of a security breach.
  B. Notification of restricted access to software and/or hardware.
  C. Accessibility via the company's intranet and commercial site.
  D. Examples of past breeches in protocol and the disciplinary action taken.

2. You have ensured that your company's Web servers are behind a proxy-based firewall. Which of the following services does a firewall primarily provide in regard to e-commerce sites?
Please select the best answer.
  A. It provides a user authentication service.
  B. It provides a data protection service.
  C. It provides a TCP tracking service.
  D. It provides a user access service.

3. Which of the following methods is a way to secure an e-commerce Web server?
Please select the best answer.
  A. Use virus scanning software, forbid directory listing, and secure your CGI applications.
  B. Stop and restart the HTTP service periodically.
  C. Change the default port from 80 to 8080.
  D. Reconfigure the firewall.

4. Which of the following best describes a Trojan?
Please select the best answer.
  A. It is a system bug that resides on the system.
  B. It is a denial of service attack that incapacitates the system.
  C. It is an illicit service that resides on the system.
  D. It is a weakness in the system.

5. Your team has created a special middleware Java servlet. It resides on server A. It uses ephemeral port 45566 to communicate. You want it to communicate with server B, which is behind a firewall. Currently, you cannot get server A to communicate with server B on this port. You have verified that server A can communicate with other servers that are not behind the firewall protecting server B. What is the problem in this instance, and what is the solution?
Please select the best answer.
  A. The problem exists with the application itself. Rewrite the middleware application so that it uses another port number.
  B. The firewall is blocking packets for this port and IP address. Purchase an industry-standard middleware application.
  C. The problem exists with the application itself. Create another middleware application to mediate between the Web server and the firewall.
  D. The firewall is blocking packets for this port and IP address. Reconfigure the firewall to allow this custom software to work.

6. What is the primary means of ensuring data privacy in an e-commerce setting?
Please select the best answer.
  A. Using encryption
  B. Creating middleware servers
  C. Nonrepudiation
  D. Using CGI scripts

7. Which of the following answers best describes some of the attributes of an effective security system?
Please select the best answer.
  A. Stores alarms and reports so the Administrator can access them conveniently.
  B. It is flexible and scalable, and has superior alarming and reporting.
  C. It requires constant, significant changes to your business practices, and has an intuitive interface.
  D. Requires employees to pass through several layers of protocols to access their files.

8. What type of encryption uses hash functions to create encrypted data that cannot be decrypted and is used for signing data?
Please select the best answer.
  A. Symmetric key encryption
  B. Asymmetric key encryption
  C. One-way encryption
  D. Email encryption