Deck 17: E-Commerce Fraud

A) A vital part of the security of any electronic system
B) The use of unique features of the human body to create secure access controls
C) The most important aspect of internal control in an organization
D) An authorization that reassures users that transactions are valid

A) Troubleshooting
B) Intrusion detection
C) Encryption
D) Security audit

A) Encryption
B) Spoofing
C) Physical control
D) Biometric control

A) Social engineering
B) Spoofing
C) Data theft
D) Customer impersonation

A) Internet worm
B) Bot
C) Middleware
D) Spyware

A) Authorization control
B) Secure socket layer
C) Security through obscurity
D) Biometrics

A) reducing pressures.
B) buying and implementing anti-virus software.
C) reducing fraud opportunities.
D) hiring security experts.

A) Sniffing
B) Spoofing
C) Hijacking
D) Impersonation

A) P2P programs
B) Internet worms
C) Trojan horses
D) Spyware

A) Social engineering has made it easy to do so.
B) Many managers lack the technical expertise to prevent and detect data theft.
C) Data can be transferred easily and quickly to any location in the world.
D) Subtle differences in Internet host names often go unnoticed by Internet users.

A) Financial statement fraud
B) Data theft
C) Theft of money
D) Asset misappropriation

A) Digital signatures
B) Passwords
C) Biometrics
D) Firewalls

A) Database query injection
B) HTML
C) Cross-site scripting
D) Java

A) virtual private networks.
B) traditional EDI settings.
C) e-business.
D) unsecured online transactions.

A) Password selection is left to the end user and cannot be fully controlled.
B) Systems cannot handle complex passwords.
C) Any password can be easily hacked.
D) No other control can better prevent fraud than the wise use of passwords.

A) digital certificates
B) biometrics
C) anti-virus software
D) passwords

A) Using a subtly different Internet host name to mimic another business
B) Changing the information in e-mail headers or IP addresses
C) Extracting personal or corporate computer information from employees
D) Viewing the information that passes along a network line

A) Audit committee
B) Control policies
C) Control system
D) Personnel

A) Adequate separation of duties
B) Independent checks on performance
C) Proper authorization of transactions and activities
D) Use of internal auditors

A) the use of encryption which protects confidential and sensitive information from being stolen.
B) that information about the transactions is captured in databases that can be analyzed in numerous ways.
C) the absence of hard-copy documentation, the very essence of e-commerce.
D) that they not only make fraud easier to commit, but also make it much easier to detect.

A) Sniffing
B) Crawling
C) Phishing
D) Wartrapping

A) Height
B) Fingerprints
C) Complexion
D) Weight

A) Social engineering
B) Spoofing
C) Phishing
D) Wartrapping

A) Phishing
B) Sniffing
C) Vandalism
D) Wartrapping

A) A fraudster impersonating a customer and buying equipment on the customer's account
B) A fraudster viewing design data of a special project that is being transferred over a network
C) A fraudster using another employee's passwords to access sensitive information
D) An Internet site mimicking another site by using .org instead of .com

A) Write computer scripts
B) Gain access to large networks
C) Monitor logs and detect potential break-ins
D) Troubleshoot networks

A) Identify the frauds that can occur in the type of business being investigated
B) Determine the symptoms of e-business fraud within the business being investigated
C) Gain an understanding of the business being investigated
D) Investigate any anomalies observed within the business being investigated

A) Deleting a customer data file
B) Pouring hot coffee on a company keyboard
C) Stealing company data lists
D) Throwing a computer monitor

A) Investigate all symptoms of e-fraud found
B) Use information systems to highlight possible fraud activity
C) Analyze the results of database searches
D) Determine if the activity noted is an anomaly or usual business activity

A) SQL injection
B) HTML
C) Cross-site scripting
D) Java

A) Routinely search databases for symptoms
B) Utilize intrusion detection programs
C) Secure company systems
D) Train employees to recognize probable fraud

A) Internet worms
B) Trojan horse
C) Wartrapping
D) Phishing

A) A Trojan horse
B) A normal computer virus
C) Adware
D) An Internet worm

A) information about the transactions is captured in databases that are impossible to analyze.
B) correctly specifying the types of frauds that can occur and the symptoms they will generate.
C) the lack of hard-copy documentation, the very essence of e-business.
D) using technology to catch technology fraud.

A) Gaining an understanding of the tools and methods perpetrators use in e-business fraud
B) Gaining a working knowledge of computer networking systems
C) Learning the strengths and weaknesses of Windows
D) Getting to know each company employee's interactions with the systems

A) Virtual private network
B) Public-key encryption
C) Cross-site scripting
D) SQL injection