33) Which of the following statements about symmetric key encryption is not true?
A) In symmetric key encryption, both the sender and the receiver use the same key to encrypt and decrypt a message.
B) The Data Encryption Standard is a symmetric key encryption system.
C) Symmetric key encryption is computationally slower.
D) Symmetric key encryption is a key element in digital envelopes.
34) The Data Encryption Standard uses a(n) __-bit key.
A) 8
B) 56
C) 256
D) 512
35) Which of the following statements about public key encryption is not true?
A) Public key encryption uses two mathematically related digital keys.
B) Public key encryption ensures authentication of the sender.
C) Public key encryption does not ensure message integrity.
D) Public key encryption is based on the idea of irreversible mathematical functions.
36) Which of the following statements about PKI is not true?
A) The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties.
B) PKI is not effective against insiders who have a legitimate access to corporate systems including customer information.
C) PKI guarantees that the verifying computer of the merchant is secure.
D) The acronym PKI stands for public key infrastructure.
37) A digital certificate contains all of the following except the:
A) subject’s private key.
B) subject’s public key.
C) digital signature of the certification authority.
D) digital certificate serial number.
38) Which of the following dimensions of e-commerce security is not provided for by encryption?
A) confidentiality
B) availability
C) message integrity
D) nonrepudiation
39) All of the following are methods of securing channels of communication except:
A) SSL/TLS.
B) certificates.
C) VPN.
D) FTP.
40) A __ is hardware or software that acts as a filter to prevent unwanted packets from entering a network.
A) firewall
B) virtual private network
C) proxy server
D) PPTP
41) Proxy servers are also known as:
A) firewalls.
B) application gateways.
C) dual home systems.
D) packet filters.
42) P2P payment systems are a variation on what type of payment system?
A) stored value payment system
B) digital checking system
C) accumulating balance system
D) digital credit card system
The Correct Answer and Explanation is :
Correct Answers:
33) C) Symmetric key encryption is computationally slower.
34) B) 56
35) C) Public key encryption does not ensure message integrity.
36) C) PKI guarantees that the verifying computer of the merchant is secure.
37) A) subject’s private key.
38) B) availability.
39) D) FTP.
40) A) firewall.
41) B) application gateways.
42) A) stored value payment system.
Explanation:
33) Symmetric key encryption is computationally slower – False
Symmetric encryption is actually faster than asymmetric encryption because it uses a single key for encryption and decryption, avoiding the computational overhead of key pair operations.
34) Data Encryption Standard (DES) uses a 56-bit key
DES, a widely used symmetric encryption algorithm, employs a 56-bit key, which makes it vulnerable to brute-force attacks.
35) Public key encryption does not ensure message integrity – False
Public key encryption provides confidentiality and authentication but does not inherently ensure message integrity. Integrity is usually provided through hashing techniques like HMAC.
36) PKI guarantees that the verifying computer of the merchant is secure – False
PKI (Public Key Infrastructure) provides a framework for managing digital certificates and encryption keys but does not guarantee the security of a merchant’s computer.
37) Digital certificates do not contain the subject’s private key
A digital certificate contains the subject’s public key, certificate authority’s digital signature, and a unique serial number but never the private key.
38) Encryption does not provide availability
Availability ensures that systems and data are accessible when needed. Encryption focuses on confidentiality, integrity, and non-repudiation but does not inherently improve availability.
39) FTP is not a secure channel
FTP (File Transfer Protocol) is an old protocol that does not provide encryption, making it unsuitable for secure communication.
40) A firewall filters unwanted packets
Firewalls prevent unauthorized access by filtering incoming and outgoing traffic based on predefined security rules.
41) Proxy servers are also called application gateways
Proxy servers act as intermediaries for requests, filtering traffic for security and anonymity, and are often referred to as application gateways.
42) P2P payment systems are a variation of stored value payment systems
Peer-to-Peer (P2P) payment systems, like PayPal and Venmo, rely on stored value, where funds are held digitally before transactions occur.