ISM 4480 EXAM 3 STUDY GUIDE
Exam 3 is a 100 point exam. It consists of MC, short-answer, and essay questions.
Questions will be taken from Chapters 9-12, lectures, quizzes, and class discussions.
Know the following terms: catalogue, shopping cart, middleware, virus, Trojan horse, worm, backdoor, Bluetooth, Bluespike, ASP, JSP, sandbox, sniffer, spoofer, Anonymizer, message digest.
Why is the checkout process critical for B2C sites?
What approaches help to overcome the stateless system problem?
What is ERP? what does it do? how is it integrated with Web servers?
What is data mining? How does it differ from data analysis (or OLAP)?
With what back-office systems do e-commerce systems interact?
What is an application server?
When does transaction processing take place? What activities are involved? Why should it be on a separate server?
Differentiate between various types of firewalls including gateway servers, proxy servers, application firewalls, packet-filtering firewalls.
What are the primary forms of electronic cash?
Identify e-commerce software for small, medium, and large businesses. What are the main differences between them other than price?
What are some free or low-cost hosting services?
Define all three of the following threats: Integrity, Necessity, and Secrecy.
How does privacy differ from secrecy?
What is a denial of service attack? What are zombies?
Understand each of the following and its characteristics: public key encryption, private key encryption, and hash coding. How is a digital signature created?
What is necessary to protect integrity? authenticity? non-repudiation?
How are the following protocols different from one another: SSL, S-HTTP, and SET.
What is the difference between an untrusted applet, a trusted applet, and a signed applet?
What is ActiveX and what problems could be associated with it?
What are the different ways that support communication between Web servers and databases?
What two factors determine encryption strength?
What is RSA? 3DES? MD5? Why may DES be preferred to RSA, particularly for large messages?
What is steganography? digital watermarking? How can they be used to support secrecy and protect intellectual property?
What is meant by the term ‘computer forensics?’
What is a smart card? What is Mondex?
What are the characteristics of electronic cash? What potential problems does e-cash pose?
What is the highest wireless security standard?
What standard would allow customers to enter data only once, simplifying the form-filling process?
What is the W3C? CERT? WIPO?
What are the advantages of electronic cash? Where can e-cash be stored?
What low-cost service offers data-mining capability?
Who (or what) is VeriSign and what services do they offer?