Chapter 12—Electronic Commerce Systems
TRUE/FALSE
1. Because of network protocols, protocols, users users of networks built built by different manufacturers are able to communicate and share data. ANS: T 2. lectroni lectronicc commerce commerce refers only only to direct direct consumer consumer marketi marketin! n! on the "nterne "nternet. t. ANS: # $. Business Business to consum consumer er is the lar!e lar!est st se!ment se!ment of "nternet "nternet commer commerce. ce. ANS: # %. The phrase phrase &.com' &.com' has become become an "nternet "nternet bu(( word. word. "t refers refers to a top)le*el top)le*el domain domain name name for communications or!ani(ations. or!ani(ations. ANS: # +. The standar standard d format format for an e)mail e)mail addres addresss is -A"N -A"N NA/0S NA/0S NA. NA. ANS: # . The network parado3 is that networks networks e3ist to pro*ide pro*ide user access to shared resources while while one of of its most important ob4ecti*es is to control access. ANS: T 5. Business risk is the possibility possibility of loss loss or in4ury that can reduce or eliminate an or!ani(ation6s or!ani(ation6s ability to achie*e its ob4ecti*es. ANS: T 7. "8 spoofin! spoofin! is a form of mas9ueradin! to to !ain unauthori(ed unauthori(ed access to a eb eb ser*er. ser*er. ANS: T ;. The rules rules that make it possibl possiblee for users of networks networks to communica communicate te are called called protocols. protocols. ANS: T 1<. A factor that contributes to computer crime is the the reluctance of many or!ani(ations or!ani(ations to prosecute prosecute criminals for fear of ne!ati*e publicity. ANS: T 11. 11. =ookies =ookies are files created created by user user computers computers and stored stored on eb eb ser*ers ser*ers.. ANS: #
12. Sniffin! Sniffin! is the unautho unauthori(ed ri(ed transmi transmittin ttin! ! of information information across across an "ntranet "ntranet.. ANS: # APPEND! "UEST#N
1$. The client)s client)ser*er er*er model model can only only be applied applied to rin! rin! and star topol topolo!ies o!ies.. ANS: # 1%. The most most popular popular topolo!y topolo!y for local local area networ networks ks is the bus bus topolo!y topolo!y.. ANS: T 1+. A network network topolo topolo!y !y is the physical physical arran!eme arran!ement nt of the components components of the network network.. ANS: T 1. A bus bus topolo!y topolo!y is less less costly costly to install install than than a rin! topolo!y topolo!y.. ANS: T 15. "n a hierarchical hierarchical topolo!y, topolo!y, network nodes nodes communicate communicate with each each other *ia *ia a central central host computer. computer. ANS: T 17. 8ollin! 8ollin! is one one techni9ue techni9ue used used to control control data data collisi collisions. ons. ANS: T 1;. The most most fre9uen fre9uentt use of of " is is in makin! makin! *endo *endorr payments. payments. ANS: # 2<. " is the inter)company inter)company e3chan!e of of computer processible business information in standard standard format. ANS: T $ULTPLE C%#CE APPEND! "UEST#N
1. The primary primary differenc differencee between between a >AN >AN and a A AN is a. the !eo! !eo!rap raphic hical al area area co*ere co*ered d by the the networ network k b. the transmission technolo!y technolo!y used c. the the type type of of work workst stat atio ion n used used d. the the si( si(ee of of the the comp company any ANS: A 2. To physically physically connect connect a worksta workstation tion to to a >AN re9uires re9uires a a. file se ser*er
b. network interface card c. multiple3er d. brid!e ANS: B $. -ne ad*a ad*anta nta!e !e of netw network ork tech technol nolo!y o!y is is a. brid!es brid!es and !ateway !atewayss connect connect one works workstatio tation n with anothe anotherr workstatio workstation n b. the network interface card permits different networks networks to share data c. file ser*ers ser*ers permit permit softw software are and data data to be be shared shared with other other netwo network rk users users d. a uni*ersal uni*ersal topol topolo!y o!y facilit facilitates ates the the transfer transfer of data data amon! amon! networks networks ANS: = %. hich topolo!y topolo!y has a lar!e central computer computer with direct connections connections to a periphery of smaller computers? Also Also in this topolo!y, topolo!y, the central computer mana!es and controls data communications amon! the network nodes. a. star to topolo!y b. bus topolo!y c. rin! to topolo!y d. clie client nt@s @ser er*e *err topo topolo lo!y !y ANS: A +. "n a star star topolo topolo!y !y,, when when the the central central site fails a. indi*idu indi*idual al workst workstatio ations ns can communica communicate te with with each each other other b. indi*idual workstations workstations can function function locally but cannot communicate with other other workstations c. indi*idu indi*idual al workstatio workstations ns cannot cannot function function locally locally and cannot cannot communicate communicate with with other workstations d. the function functionss of the central central site site are taken o*er o*er by a desi!nated desi!nated workst workstatio ation n ANS: B . hich of of the followin! followin! statem statements ents is correct correct?? The client)s client)ser*er er*er model model a. is best suited suited to the the token)rin! token)rin! topolo topolo!y !y because because the random)acc random)access ess method method used by this this model detects data collisions. b. distributes both both data and processin! tasks tasks to the ser*er6s node. c. is most most effec effecti* ti*ee used used with with a bus topo topolo!y lo!y.. d. is more more effici efficient ent than than the the bus bus or rin! topolo!ie topolo!ies. s. ANS: B 5. hat do you call a system of computers that connects the internal users of an or!ani(ation or!ani(ation that is distributed o*er a wide !eo!raphic area? a. >AN b. decentrali(ed network network c. mult multid idro rop p netw networ ork k d. "ntranet ANS: 7. Snif Sniffe ferr soft softwa ware re is a. software software used by malicio malicious us eb eb sites sites to sniff sniff data from cookies cookies stored stored on the user6s hard hard dri*e b. used by network administrators administrators to analy(e analy(e network traffic
c. used by bus bus topolo!y topolo!y "ntranet "ntranetss to sniff sniff for a carrier carrier before before transmitti transmittin! n! a messa!e messa!e to a*oid data collisions d. ille!al ille!al pro!rams pro!rams download downloaded ed from the Net to sniff sniff passwords passwords from the the encrypted encrypted data of "nternet customers ANS: B ;. "n a rin rin! ! top topol olo! o!y y a. all all node nodess are are of e9u e9ual al sta statu tuss b. nodes mana!e pri*ate pro!rams pro!rams and databases locally c. shared shared resources resources are are mana!ed mana!ed by a file ser*er ser*er which is a node node on the the rin! rin! d. all all of of th the abo abo*e *e ANS: 1<. 1<. The client client@se @ser*e r*err techn technolo olo!y !y a. increases increases the the amount of of data that that is transmitted transmitted betwee between n the central central file file and the network network node b. eliminates the need for for nodes to communicate with with each other c. reduces reduces the number number of records records that must must be locked locked by ha*in! ha*in! the file file ser*er ser*er perform record record searches d. functi functions ons only only with with a rin! rin! and and bus topo topolo!y lo!y ANS: = 11. 11. A star star topo topolo!y lo!y is appro appropri priate ate a. for a wide wide area area network network with with a mainfram mainframee for a centra centrall compute computer r b. for centrali(ed databases databases only c. for en*ironme en*ironments nts where where network network nodes routin routinely ely communica communicate te with each each other d. when the the central central database database does does not not ha*e to be be concurrent concurrent with with the the nodes nodes ANS: A 12. 12. "n a rin rin! ! top topol olo! o!y y a. the network network consis consists ts of a central central computer computer which which mana!es mana!es all communi communicatio cations ns between between nodes b. has a host computer connected connected to se*eral le*els of subordinate computers computers c. all nodes nodes are of e9ual status status responsi responsibili bility ty for mana!in! mana!in! communica communication tionss is distribute distributed d amon! the nodes d. informatio information n processin! processin! units units rarely communicat communicatee with each each other other ANS: = 1$. hich method method does does not mana!e mana!e or control control data collisio collisions ns that mi!ht mi!ht occur on a network? network? a. multi ultip ple3 le3in! in! b. pollin! c. car carrier rier sen sensin! in! d. toke token n pas passin! in! ANS: A 1%. Network Network protocol protocolss fulfill fulfill all of the followi followin! n! ob4ecti* ob4ecti*es es e3cept e3cept a. facilitate facilitate physical physical connectio connection n between between network network de*ic de*ices es b. pro*ide a basis for error checkin! checkin! and measurin! network network performance c. promo promote te compat compatibi ibili lity ty amon! amon! network network de*ic de*ices es d. resul resultt in infle3 infle3ibl iblee stan standar dards ds
ANS: 1+. All of the follow followin! in! are true true about the the -pen System System "nterface "nterface -S"C -S"C protocol protocol e3cept e3cept a. within within one node node different different layers layers commun communicat icatee with other other layers layers at that that node node b. one protocol is de*eloped de*eloped and applied to all all the -S" layers c. specific specific layers layers are dedicate dedicated d to hardware hardware tasks tasks and other other layers are are dedicated dedicated to software software tasks d. layers layers at each node communica communicate te lo!ically lo!ically with with their counter counterpart part layers layers across across nodes ANS: B 1. hich of the followin! followin! statement statementss is correct correct?? T=8@"8 T=8@"8 a. is the basic basic protoc protocol ol that that permits permits communic communication ation betwee between n "nternet "nternet sites. sites. b. controls eb eb browsers browsers that access the . . c. is the the file file format format used used to produ produce ce eb eb pa!e pa!es. s. d. is a low)le*el low)le*el encryp encryption tion scheme scheme used used to secure secure transmissio transmissions ns in DTT8 DTT8 format. format. ANS: A 15. EB> a. is the basic basic protoc protocol ol that that permits permits communic communication ation betwee between n "nternet "nternet sites. sites. b. controls eb eb browsers browsers that access the eb. eb. c. is the the document document format format used used to produce produce eb eb pa!es. pa!es. d. was desi!ned desi!ned to pro*ide pro*ide the financia financiall community community with a standard standardi(ed i(ed method method for preparin! preparin! e. is a low)le*el low)le*el encryption encryption scheme scheme used to secure secure transmissio transmissions ns in hi!her)l hi!her)le*el e*el DTT8C DTT8C format. ANS: 17. #T8 a. is the the document document format format used used to produce produce eb eb pa!es. pa!es. b. controls eb eb browsers browsers that access the eb. eb. c. is used used to conne connect ct to 0senet 0senet !roups !roups on the the "ntern "nternet et d. is used to transfer transfer te3t te3t files, pro!rams pro!rams,, spreadsheets spreadsheets,, and databases databases across across the "nternet. "nternet. e. is a low)le*el low)le*el encryption encryption scheme scheme used to secure secure transmissio transmissions ns in hi!her)l hi!her)le*el e*el C format. format. ANS: 1;. DT> a. is the the document document format format used used to produce produce eb eb pa!es. pa!es. b. controls eb eb browsers browsers that access the eb. eb. c. is used used to connect connect to 0senet 0senet !roups !roups on on the the "nternet. "nternet. d. is used to transfer transfer te3t te3t files, pro!rams pro!rams,, spreadsheets spreadsheets,, and databases databases across across the "nternet. "nternet. e. is a low)le*el low)le*el encryption encryption scheme scheme used to secure secure transmissio transmissions ns in hi!her)l hi!her)le*el e*el C format. format. ANS: A 2<. hich one of of the followin followin! ! stateme statements nts is is correct? correct? a. =ookie =ookiess alway alwayss contai contain n encryp encrypted ted data data.. b. =ookies are te3t files and ne*er contain encrypted encrypted data. c. =ookies =ookies contain contain the 0>s 0>s of of sites sites *isited *isited by the the user. user. d. e eb b browsers browsers cannot cannot functio function n without without cookies. cookies. ANS: =
21. A messa!e that is made to look as thou!h it it is comin! from from a trusted source source but is not is called a. a den denia iall of of ser* ser*ic icee att attac ack k b. di!ital si!nature si!nature for!in! c. "nte "ntern rnet et prot protoc ocol ol spo spoof ofin in! ! d. 0> 0> mas9 mas9ue uera radi din! n! ANS: = 22. 22. A di! di!it ital al si! si!na natu ture re is is a. the encryp encrypted ted mathema mathematical tical *alue *alue of the the messa!e messa!e sender6 sender6ss name name b. deri*ed from the di!est of a document that has been encrypted encrypted with the sender6s sender6s pri*ate key c. the compu computed ted di!es di!estt of the the sender6 sender6ss di!it di!ital al certifi certificate cate d. allows allows di!ital di!ital messa! messa!es es to be sent sent o*er o*er analo! analo! telephon telephonee lines ANS: B 2$. DTT8 a. is the the document document format format used used to produce produce eb eb pa!es. pa!es. b. controls eb eb browsers browsers that access the eb. eb. c. is used used to conne connect ct to 0senet 0senet !roups !roups on the the "ntern "nternet et d. is used to transfer transfer te3t te3t files, pro!rams pro!rams,, spreadsheets spreadsheets,, and databases databases across across the "nternet. "nternet. e. is a low)le*el low)le*el encryption encryption scheme scheme used to secure secure transmissio transmissions ns in hi!her)l hi!her)le*el e*el C format. format. ANS: B 2%. hich of the the follow followin! in! statem statements ents is correct? correct? a. 8acket 8acket switchin! switchin! combines combines the messa!e messa!ess of multiple multiple users into into a &packet' &packet' for transmissio transmission. n. At the recei*in! end, the packet is disassembled into the indi*idual messa!es and distributed to the intended users. b. The decision to partition partition a database assumes assumes that no identifiable identifiable primary user e3ists in the the or!ani(ation. c. essa!e essa!e switchin! switchin! is used used to establish establish temporary temporary connect connections ions between between network network de*ices de*ices for for the duration of a communication session. d. A deadlock deadlock is a temporary temporary phenomenon phenomenon that that disrupts disrupts transaction transaction processin processin!. !. "t will resol*e resol*e itself when the primary computer completes processin! its transaction and releases the data needed by other users. ANS: = 2+. NNT8 a. is the the document document format format used used to produce produce eb eb pa!es. pa!es. b. controls eb eb browsers browsers that access the eb. eb. c. is used used to conne connect ct to 0senet 0senet !roups !roups on the the "ntern "nternet et d. is used to transfer transfer te3t te3t files, pro!rams pro!rams,, spreadsheets spreadsheets,, and databases databases across across the "nternet. "nternet. e. is a low)le*el low)le*el encryption encryption scheme scheme used to secure secure transmissio transmissions ns in hi!her)l hi!her)le*el e*el DTT8C DTT8C format. ANS: = S%#RT ANS&ER
1. hat hat is packet packet switc switchin hin!? !? ANS:
8acket switchin! is a transmission whereby messa!es are di*ided into small packets. "ndi*idual packets of the same messa!e may may take different routes to their destinations. destinations. ach packet contains contains address and se9uencin! codes so they can be r eassembled into the ori!inal complete messa!e at the recei*in! end. 2. hat hat is an e3tr e3tran anet et?? ANS: An e3tranet is a *ariant on "nternet technolo!y. This is a password)controlled network for pri*ate users rather than the !eneral public. 3tranets are used to pro*ide access between tradin! partner internal databases. $. hat hat is a 0> 0>? ANS: A 0> is the address that defines the path to a facility or file on the eb. eb. 0>s are typed t yped into the browser to access eb eb site homepa!es homepa!es and indi*idual indi*idual eb eb pa!es, pa!es, and can be embedded in eb eb pa!es to pro*ide hyperte3t links to other pa!es. %. hat hat is an "8 addr addres ess? s? ANS: *ery computer node and host attached to the "nternet must ha*e a uni9ue "nternet protocol "8C address. #or a messa!e to be sent, the "8 addresses of both the sendin! and the recipient nodes must be pro*ided. +. hat hat is spoo spoofi fin! n!?? ANS: Spoofing is is a form of mas9ueradin! to !ain unauthori(ed access to a eb ser*er to perpetrate an unlawful act without r e*ealin! ones identity. . Name the the three three types types of addre addresses sses used used on on the "ntern "nternet. et. ANS: The three types of addresses used on the "nternet are: e)mail addresses of indi*iduals, eb eb site 0>C addresses of pa!es, and "8 addresses of indi*idual computers attached to the "nternet. 5. hat is is E E>? ANS: E> is a meta)lan!ua!e for describin! markup lan!ua!es. The term e3tensible means, that any markup lan!ua!e can be created usin! E>. This includes the creation of markup lan!ua!es capable of storin! data in relational form, where ta!s formattin! commandsC are mapped to data *alues. 7. hat hat is EB>? B>? ANS: !'RL (E)tensi*le '+siness Reportin, Lan,+a,e- is an E>)based lan!ua!e that was desi!ned to pro*ide the financial community with a standardi(ed standardi(ed method for preparin!, preparin!, publishin! and automatically e3chan!in! financial information, includin! financial statements of publicly held companies. ;. hat hat is is EB> EB> Ta3ono a3onomy my??
ANS: EB> ta3onomies are classification schemes that are compliant with the EB> specifications, to accomplish a specific information e3chan!e or reportin! ob4ecti*es. 1<. 3plain 3plain the the parts of of an e)mail e)mail address address and !i*e !i*e an e3ample e3ample your your own?C. own?C. ANS: The two parts of an e)mail address are the user name and the domain name. #or e3ample, hsa*a!e/cc.ysu.edu is hsa*a!e/cc.ysu.edu is the address of Delen Sa*a!e at the computer center site at Foun!stown State 0ni*ersity. 11. 11. 3plai 3plain n a denial denial of ser*i ser*ice ce attac attack. k. ANS: A denial of service attack is is an assault on a eb eb ser*er to pre*ent it from fr om ser*in! its users. The normal connectin! on the "nternet in*ol*es a three)way handshake: 1C from the ori!inatin! ser*er to the recei*in! ser*er, 2C from the recei*in! ser*er to the ori!inatin!, and $C from the ori!inatin! ser*er to the recei*in!. "n a denial of ser*ice attack, step three is omitted by the attackin! entity, entity, and this locks up the recei*in! ser*er and pre*ents either completin! the connection or usin! their ports to respond to other in9uiries. This is somewhat like a callin! party on a phone bein! able to pre*ent the called party from breakin! the connection, hence makin! the phone unusable. 12. 12. hat hat are cook cookies ies and and why why are are they used? used? ANS: Cookies are Cookies are files containin! user information that are created b y the eb eb ser*er of the site bein! *isited and are then stored on the *isitor6s own computer hard dri*e. They can contain the addresses of sites *isited by the user. "f the site is re*isited, the browser sends the cookiesC to the eb ser*er. This was ori!inally intended to enhance efficiency. efficiency. any 9uestions now e3ist about the use of cookies, especially with re!ard to user pri*acy and the security of user information such as passwords. 1$. >ist at at least fi*e fi*e top)le top)le*el *el domain domain names names used in the 0nited 0nited States. States. ANS: Amon! the top)le*el domain names used in the 0.S. are: .comGa commercial entity .netGa network pro*ider .or!Gan non)profit or!ani(ation or!ani(ation .eduGan educational or research entity .!o*Ga !o*ernment entity APPEND! "UEST#N
1%. hen are are networks networks connect connected ed with a brid! brid!ee and with with a !ateway? !ateway? ANS: Brid!es connect >ANs of the same t ype !ateways connect >ANs of different manufacturers and different types. 1+. escribe escribe an ad*ant ad*anta!e a!e to the the client@se client@ser*er r*er topolo!y topolo!y.. ANS:
=lient@ser*er technolo!y reduces the number of records that ha*e to be locked and reduces the amount of data that is transmitted o*er the network. 1. escribe escribe one primary primary ad*anta ad*anta!e !e of pollin! pollin! as a network network control control method method.. ANS: 8ollin! is noncontentious so data collisions are pre*ented. #irms can prioriti(e data communications by pollin! important nodes more fre9uently than less important nodes. 15. escribe escribe one disad* disad*anta! anta!ee to carrier carrier sensin! sensin! as a network network control control method. method. ANS: =ollisions can occur when two messa!es are sent simultaneously. 17. hy is is network network control control needed needed?? hat hat tasks tasks are perform performed? ed? ANS: Network control establishes establishes a communication communication session between between sender and recei*er, recei*er, mana!es the flow of data across the network, detects and resol*es data collisions, and detects errors in data caused by line failure or si!nal de!eneration. 1;. 1;. efine efine A AN, >AN, >AN, and HA HAN. ANS: A AN is a wide area network , a >AN is a local area network, and network, and a HAN is a value-added network . 2<. hat are the the fi*e fi*e basic basic network network archit architectu ectures? res? ANS: The fi*e basic network architectures are: star, hierarchical, rin!, bus, and client@ser*er. ESSA. APPEND! "UEST#N
1. =ontrast a >AN and a A AN. Typically Typically,, who owns owns and maintains maintains a AN AN?? ANS: A >AN is a local area network co*erin! a limited !eo!raphic area a room, a buildin!, se*eral buildin!s within within a restricted !eo!raphic !eo!raphic distanceC. "nformation processin! processin! units connected connected to a >AN are usually microcomputer)based workstations. Typically, >ANs are pri*ately owned and controlled. 2. escribe escribe the basic basic difference differencess between between the star, star, rin!, and bus bus topolo!ies. topolo!ies. ANS: The star topolo!y is a confi!uration of "80s with a lar!e central computer the hostC at the hub or centerC that has connections to a number of smaller computers. =ommunication between nodes is mana!ed from the host. The rin! topolo!y connects many computers of e9ual status. There is no host. ana!ement of communication is distributed amon! the nodes.
"n the bus topolo!y, all nodes are connected to a common cable, the bus. =ommunication and file transfer are controlled centrally by one or more ser*er. $. hat securi security ty 9uestions 9uestions must must be considere considered d with re!ard re!ard to "nternet "nternet commerc commerce? e? ANS: Security 9uestions that must be answered to safe!uard "nternet commerce relate to: pri*ate or confidential confidential financial data stored on a host or ser*er that could could be accessed by unauthori(ed unauthori(ed indi*iduals, interception of pri*ate information sent between sites, such as credit card numbers, and the risk of destruction of data and pro!rams by *irus attacks and other malice. %. hat hat is the the o orld id idee e eb? ANS: The orld ide eb is an "nternet facility that links user sites locally and around the world. "t was ori!inally de*eloped to share scientific information o*er the "nternet. Althou!h Althou!h the eb is the part of the "nternet that is most familiar to a*era!e users, it is 4ust a part. -ther "nternet tools include file transfer usin! #T8, remote connection to another computer usin! Telnet, and access to the menuin! system Iopher. "ts popularity popularity is in part due to the ease of access that is pro*ided by "nternet browser software. The basic eb document is written in hyperte3t markup lan!ua!e that contains numerous links to other pa!es, thus permittin! easy mo*ement. +. iscuss iscuss the the three three le*els le*els of "ntern "nternet et busines businesss models. models. ANS: Dow much benefit an or!ani(ation !ains from the "nternet depends on how much of its function is used. Three le*els of uses can be made: a. At the the sim simpl ples estt le*e le*el, l, the the information information level , the or!ani(ation uses the "nternet to display information about the company, its products, ser*ices, and business policies. "n other words, it pro*ides information information only. only. b. At the transaction level , the or!ani(ation uses the "nternet to accept orders from customers and@or to place them with their suppliers. "n other words, transactions occur. occur. c. At the the hi! hi!he hest st le*e le*el, l, the the distribution distribution level , the or!ani(ation uses the "nternet to both sell and deli*er di!ital productsGonline news, software, music, *ideo, etc. . efine efine risk risk in in an electroni electronicc commerce commerce settin!. settin!. ANS: The typical definition of business risk is is the possibility of loss or in4ury that can reduce or eliminate an or!ani(ation6s or!ani(ation6s ability to achie*e its ob4ecti*es. "n the area of e)commerce, risk relates to the loss, theft, or destruction of data and@or the use or !eneration of data or computer pro!rams that financially or physically harm an or!ani(ation. or!ani(ation. 5. iscuss the the four areas of concern as they are are related to e)commerce: data security, security, business business policy, policy, pri*acy, pri*acy, and business process process inte!rity. inte!rity. ANS: Data security relates security relates to the le*el of protection o*er stored and transmitted dataGthe security of internal databases and protection from unauthori(ed access b y indi*iduals inside and outside the or!ani(ations. Business policies policies relate relate to the need of consumers and tradin! partners to know a company6s policies policies re!ardin! billin!, payment, merchandise returns, shippin!, products, and sales ta3 collection.
Privacy refers Privacy refers to the le*el of confidentiality used by an or!ani(ation in mana!in! customer and tradin! partner data. Business process process integrity relates integrity relates to the accuracy, completeness, completeness, and consistency with which an or!ani(ation processes its business transactions. 7. efine efine and contras contrastt di!ital di!ital certific certificate ate and and di!ital di!ital si!natu si!nature. re. ANS: A digital certificate is like an electronic identification identification card that is used in con4unction with a public key encryption system to *erify the authenticity of the messa!e sender. These are issued by certification authorities. A digital signature is signature is an electronic authentication techni9ue that ensures that the transmitted messa!e ori!inated with the authori(ed sender and that it was not tampered with after the si!nature was applied. ;. 3plain 3plain the the function function of the the two parts parts of of the T=8@"8 T=8@"8 protocol protocol.. ANS: The two parts of the T=8@"8 protocol are the transfer control protocol T=8C and the "nternet protocol "8C. This controls how the indi*idual packets of data are formatted, transmitted, and recei*ed. The T=8 supports the transport function of the -S" -pen System "nterfaceC model that has been adopted by the "nternational "nternational Standards -r!ani(ation -r!ani(ation for the communication communication community. community. This ensures ensures that the full messa!e is recei*ed. The "8 component pro*ides the routin! mechanism. "t contains a network address and is used to route messa!es to their destinations. 1<. hat are are network network protocol protocols? s? hat hat function functionss do they they perform? perform? ANS: Network protocols protocols are the rules and standards !o*ernin! the desi!n desi!n of hardware and software that that permit users of networks networks manufactured by different different *endors to communicate communicate and share data. 8rotocols 8rotocols perform a number of different different functions. a. They facil facilitate itate the physi physical cal connect connection ion betwee between n network network de*ices de*ices.. b. They synchroni(e the the transfer of data between physical physical de*ices. c. They pro*i pro*ide de a basis basis for error error checkin! checkin! and and measurin measurin! ! network network perform performance. ance. d. They promote promote compa compatibi tibility lity amon! network network de*ice de*ices. s. e. They promot promotee network network desi!ns desi!ns that are are fle3ible, fle3ible, e3pandab e3pandable, le, and cost)ef cost)effect fecti*e. i*e. 11. 11. >ist and briefly briefly define define the pri*acy pri*acy conditio conditions ns inherent inherent to the Safe Darbor Darbor a!reement a!reement ANS: Notice -r!ani(ations -r!ani(ations must pro*ide indi*iduals with with clear notice of, &the purposes for which it collects and uses information about them, the types of third parties to which it discloses the information, and how to contact the company with in9uiries or complaints.' Choice Before any data is collected, an or!ani(ation must must !i*e its customers the opportunity to choose whether to share their sensiti*e information e.!., data related to factors such as health, race, or reli!ionC. #n0ar Transer 0nless they ha*e the indi*idual6s indi*idual6s permission permission to do otherwise, or!ani(ations or!ani(ations may share information only with those third parties that belon! to the Safe Darbor A!reement A!reement or follow its principles.
-r!ani(ations need to ensure that the data they maintain is accurate, Sec+rity an Data nte,rity -r!ani(ations complete, and current, and thus reliable, for use. They must also ensure the security of the information by protectin! it a!ainst a!ainst loss, misuse, unauthori(ed unauthori(ed access, disclosure, disclosure, alteration, and destruction. destruction. Access 0nless they would be unduly burdened or *iolate the ri!hts of others, or!ani(ations must !i*e indi*iduals &access to personal data about themsel*es and pro*ide an opportunity to correct, amend, or delete such data.'
-r!ani(ations must &enforce compliance, pro*ide recourse for indi*iduals who belie*e Enorcement -r!ani(ations their pri*acy ri!hts ha*e been *iolated, and impose sanctions on their employees and a!ents for non) compliance.' 12. iscuss iscuss three audit implicati implications ons of EB> EB> ANS: Audit implications include: Taxonomy Creation. Creation . Ta3onomy Ta3onomy may be !enerated incorrectly, incorrectly, resultin! in an incorrect mappin! between data and ta3onomy ta3onomy elements that could result in material misrepresentation of financial data. =ontrols must be desi!ned and in place to ensure the correct !eneration of EB> ta3onomies. alidation of !nstance Documents . As noted, once the mappin! is complete and ta!s ha*e been stored in the internal database, EB> instance documents reportsC can be !enerated. "ndependent *erification procedures need to be established to *alidate the instance documents to ensure that appropriate ta3onomy and ta!s ha*e been applied before postin! to web ser*er. "udit Scope and Timeframe Timeframe.. =urrently, auditors are responsible for printed financial statements and other materials associated with the statements. hat will be the impact on the scope of auditor responsibility as a conse9uence of real time distribution of financial statements across the "nternet? Should auditors also be responsible for the accuracy of other related data that accompany EB> financial statements, such as te3tual reports? 1$. hat is a =ertification =ertification Authority Authority and what are the implications implications for the accountin! profession? ANS: A certification authority authority is independent and trusted third party e mpowered with responsibility to *ouch for the identity of or!ani(ations and indi*iduals en!a!in! in "nternet commerce. The 9uestion then becomes who *ouches for for the =A? Dow does one know know that the =A who awarded a seal of authenticity to an indi*idual is itself reputable and was meticulous in establishin! his or her identity? These 9uestions hold specific implication for the accountin! profession. profession. Since they en4oy a hi!h de!ree of public confidence, public accountin! firms are natural candidates for certification authorities.
