PrepAway - Latest Free Exam Questions & Answers

which digitally signs it and sends it on to its process…

Which protocol makes USE of an electronic wallet on a customer’s PC and sends encrypted credit card
information to merchant’s Web server, which digitally signs it and sends it on to its processing bank?

PrepAway - Latest Free Exam Questions & Answers

A.
SSH (Secure Shell)

B.
S/MIME (Secure MIME)

C.
SET (Secure Electronic Transaction)

D.
SSL (Secure Sockets Layer)

Explanation:
Secure Electronic Transaction (SET) is a security technology proposed by Visa and MasterCard to allow for
more secure credit card transaction possibilities than what is currently available. SET has been waiting in the
wings for full implementation and acceptance as a standard for quite some time. Although SET provides an
effective way of transmitting credit card information, businesses and users do not see it as efficient because it
requires more parties to coordinate their efforts, more software installation and configuration for each entity
involved, and more effort and cost than the widely used SSL method.
SET is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the
Internet. The following entities would be involved with a SET transaction, which would require each of them to
upgrade their software, and possibly their hardware:
Issuer (cardholder’s bank) The financial institution that provides a credit card to the individual.
Cardholder The individual authorized to use a credit card.
Merchant The entity providing goods.
Acquirer (merchant’s bank) The financial institution that processes payment cards.
Payment gateway This processes the merchant payment. It may be an acquirer.
Incorrect Answers:
A: SSH is a network protocol that allows for a secure connection to a remote system. Developed to replace
Telnet and other insecure remote shell methods. This is not what is described in the question.
B: S/MIME stands for Secure/Multipurpose Internet Mail Extensions, which outlines how public key
cryptography can be used to secure MIME data types. This is not what is described in the question.
D: SSL (Secure Sockets Layer) is most commonly used to Internet connections and e-commerce transactions.
It is used instead of SET but is not what is described in the question.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 856


Leave a Reply