Payment Transactions and Payment Processing Review - Quiz Explanation

The answers you selected are indicated below, along with text that explains the correct answers.

1. You are installing IBM Net.Commerce. Which of the following e-commerce elements does it contain?
Please select the best answer.
  A. A merchant ID (MID)
  B. A payment gateway
  C. A terminal ID (TID)
  D. An online merchant account
  B is correct. Advanced software packages such as IBM Net.Commerce contain their own payment gateways. Merchant and terminal IDs are provided by an acquirer. An online merchant account comprises a MID and a TID.

2. You wish to allow online credit card purchases. You wish to prove your Web server's identity to your customers. Which of the following items do you require to be installed on your server?
Please select the best answer.
  A. A digital signature
  B. SSL
  C. A digital certificate
  D. Both A and C
  C is correct. A digital certificate helps ensure authentication. SSL ensures encryption. The Web server uses the certificate to begin an SSL session.

3. You wish to automate the processing of credit card information after you have received it. Which of the issues below should you consider?
Please select the best answer.
  A. Properly configured international currency translation options
  B. Proper use of the public key
  C. A properly configured digital certificate
  D. Proper use of the private key
  A is correct. After you receive all the proper authorizations, one of your concerns is the ability to translate currency into the currency desired by your payment gateway. After credit card information has entered your system, you do not need SSL, so this rules out the use of public or private keys, as well as the use of certificates.

4. You are using digital cash as a payment option. To implement the point-of-sale module, you must:
Please select the best answer.
  A. Use CGI scripts
  B. Secure the payment gateway
  C. Use digital cash for the gateway
  D. Register with the electronic cash component supplier
  D is the correct answer. Unless you register with the supplier, the supplier will not be able to process information passed on by the merchant. Once you have implemented the point-of-sale module, you are ready to accept digital cash payments from customers. Although CGI scripts are essential for an e-commerce site in general, they do not apply to this specific question. Securing the payment gateway applies to SET, as opposed to using digital cash.

5. Which of the following industry standards was devised with the purpose of establishing a universal way to create, manage, and store certificates?
Please select the best answer.
  A. SSL
  B. SET
  C. PKI
  D. RFC
  C is the correct answer. Public key infrastructure (PKI) is a standard that helps determine how to use certificates. SSL is an encryption standard. SET is a specific procedure for authenticating users and transferring sensitive information across the network wire. RFC refers to the Internet Engineering Task Force (IETF) Request for Comments documents that help create standards for the Internet.

6. Which of the following items is NOT found in standard digital certificates?
Please select the best answer.
  A. The certificate holder's name
  B. The name of the CA
  C. Validity dates
  D. Personal preferences
  D is correct. Digital certificates authenticate users. Currently, they cannot be used to track user preferences. Digital certificates can, however, inform you about who holds the certificate, how long the certificate is valid, and the name of the CA that signed the certificate.

7. You just revoked your certificate a month ago. However, you now realize this certificate is actually valid. What can you do to make this certificate trusted again?
Please select the best answer.
  A. Petition your CA
  B. Restore it from a system backup
  C. Resubmit it to your CA
  D. Create a new key pair and submit it to your CA
  D is the correct answer. Once you have revoked a key, it is no longer trusted. There is no way to restore it. You will have to begin the process all over again and create a new certificate with your CA of choice.

8. Which of the below standards describes the contents of all digital certificates?
Please select the best answer.
  A. SSL
  B. SET
  C. X.509v3
  D. PKI
  C is correct. The X.509v3 standard defines the acceptable contents of a digital certificate. SSL is an encryption protocol standard. It does not describe the elements contained by a digital certificate. SET describes a procedure for transmitting information across a wire. PKI describes how to create, manage, and store digital certificates.

9. What is another name for a device run by a merchant bank that enables it to query a card holder's account to see if it is valid?
Please select the best answer.
  A. An issuer
  B. An acquirer
  C. A payment gateway
  D. A card holder bank
  B is correct. A merchant bank uses an acquirer to speak to the cardholder's bank (that is, the issuer). A payment gateway is software that communicates between the merchant and the merchant bank. A card holder bank is another phrase for an issuer.