 |
A.
Learning Objectives |
|
B.
What is risk, in the context of electronic commerce? |
|
C.
Risks to Customers |
|
D.
Malicious web |
|
E.
Man in the Middle Attacks |
|
F.
Privacy |
|
G.
Cookies |
|
H.
Party Line Connections |
|
I.
Risks to Selling Agents - Customer Impersonation |
|
J.
Denial of Service Attacks |
|
K.
File Upload Attacks |
|
L.
Sabotage by Employees |
|
M.
Sniffers |
|
N.
Downloading of Data |
|
O.
E-mail Spoofing |
|
P.
Social Engineering |
|
Q.
Intranet vs. Extranets |
|
R.
Intranet - internal telecommunications links within a company
to allow employees to share data.
Typically placed behind a firewall. |
|
S.
Extranet - limited outside access is made possible to data in
the Intranet, typically with identified business partners |
|
T.
Uses of Extranets |
|
U.
Important Techniques used to prevent/detect data interception |
|
V.
Archival Stored Data... |
|
W.
Hoaxes... |
·
To understand the necessity of standards.
·
To understand the impact that the global environment has on
standard setting processes.
·
To identify the seven layers in the Open Systems
Interconnections Model.
·
To identify common Internet protocols and languages.
|
B.
Standards...What is a “standard” and why are they
necessary? |
|
C.
Interoperability |
|
D.
EDI - 2 competing standards |
|
E.
ASC X12 Alignment Task Force |
|
F.
ISO |
|
G.
NIST |
|
H.
ISOC |
|
I.
Request For Comments (RFC) |
|
J.
Internet Corporation for Assigned Names and Numbers ICANN |
|
K.
Domain Names |
|
L.
World Wide Consortium (W3C) |
|
M.
Open Buying on the Internet (OBI) |
|
N.
Global Information Infrastructure Commission (GIIF) |
|
O.
Computer Emergency Response Team Coordination Center (CERT) |
|
P.
Open Systems Interconnections (OSI) Model |
|
Q.
IP addresses |
|
R.
FTP and Telnet |
|
S.
HTTP and HTTP-NG |
|
T.
Secure-HTTP (S-HTTP) |
|
U.
Secure Sockets Layer (SSL) |
|
V.
DOMs Document Object Model |
|
W.
Web-based EDI/XML is popular alternative |
|
X.
eXtensible Markup Language - XML |
|
Y.
European XML/EDI Pilot Project |
|
Z.
Java |
|
AA.
Basic Mail Protocols |
|
BB.
Internet secure mail |
|
CC.
SET: Secure Electronic Transmission |
|
A.
Learning Objectives |
|
B.
Encryption…. |
|
C.
Industry Solution |
|
D.
Symmetric Key Challenge |
|
E.
Key Pairs |
|
F.
Integrity Check Values. |
|
G.
Digital Signatures |
|
H.
Attacks against encryption |
|
I.
Digital Wrapper or Envelope |
|
J.
Compressed Files |
|
K.
Elliptic Curve Cryptography |
|
L.
Key Management |
|
M.
Public Key Infrastructure |
|
N.
Public Certification Authority |
|
O.
Certification Authority |
|
P.
Private or Enterprise CAs |
|
Q.
Private Certification Authority |
|
R.
Hybrid Certification Authority |
|
S.
What tasks are involved in Key Management systems? |
|
T.
Additional Authentication Methods |
|
U.
Additional Non-Repudiation Techniques |
|
A.
Learning Objectives |
|
B.
What is a firewall? |
|
C.
Characteristics of Good Firewalls |
|
D.
Transmission Control Protocol/ Internet Protocol - TCP/IP |
|
E.
4 Basic Layers of
TCP/IP |
|
F.
Open Systems Interconnect (OSI) |
|
G.
Firewall Filtering |
|
H.
Static Firewalls |
|
I.
Dynamic Firewalls |
|
J.
Components of Firewalls |
|
K.
Firewall Functions |
|
L.
Packet-Filtering |
|
M.
Packet Filtering Routers |
|
N.
Proxies |
|
O.
IP Spoofing |
|
P.
Real-Time Monitoring |
|
Q.
Demilitarized Zone |
|
R.
Securing the Firewall - Policy |
|
S.
Securing the Firewall - Administration |
|
T.
Securing the Firewall - Services |
|
U.
Securing the Firewall - Internal Firewalls |
|
V.
Securing the Firewall - Operating System Controls |
|
W.
Firewall Design Factors |
|
X.
Choosing a Firewall Vendor |
|
Y.
Limitations of Security Provided by Firewalls |
|
A.
Chapter 10 Objectives |
|
B.
Secure Sockets Layer (SSL) |
|
C.
Secure Electronic Transaction (SET) |
|
D.
Set Version 1.0 Features |
|
E.
Set vs. SSL |
|
F.
|
|
G.
Four SET Components |
|
H.
Key Management |
|
I.
What tasks are involved in Key Management systems? |
|
J.
Certificate Trust Chain |
|
K.
Dual Signatures |
|
L.
SET Compliance Testing |
|
M.
Version 2.0 and other Update
Planned Enhancements |
|
N.
Food for Thought... |
|
O.
Magnetic Strip Cards |
|
P.
Smart Cards |
|
Q.
Electronic Checks |
|
R.
Biller Presentment Systems |
|
S.
FSTC’s Electronic Check |
|
T.
FSTC’s BIPS Specification |
|
U.
Electronic or Digital Cash |
