Deck 17: E-Commerce Fraud

A)social engineering has made it easy to do so.
B)many managers lack the technical expertise to prevent and detect data theft.
C)data can be transferred easily and quickly to any location in the world.
D)subtle differences in Internet host names often go unnoticed by Internet users.

A)Digital Signatures
B)Passwords
C)Biometrics
D)Firewalls

A)risk-assessment
B)security through obscurity
C)digital signature
D)biometrics

A)Audit committee
B)Control policies
C)Control system
D)Personnel

A)Adequate separation of duties
B)Independent checks on performance
C)Proper authorization of transactions and activities
D)Use of internal auditors

A)Authorization control
B)Secure socket layer
C)Security through obscurity
D)Biometrics

A)Financial statement fraud
B)Identity theft
C)Theft of money
D)Information theft

A)Using a subtly different Internet host name to mimic another business.
B)Changing the information in e-mail headers or IP addresses.
C)Extracting personal or corporate computer information from employees.
D)Viewing the information that passes along a network line.

A)digital certificates
B)biometrics
C)anti-virus software
D)passwords

A)social engineering
B)spoofing
C)data theft
D)customer impersonation

A)Password selection is left to the end user and cannot be fully controlled.
B)Systems cannot handle complex passwords.
C)Any password can be easily hacked.
D)No other control can better prevent fraud than the wise use of passwords.

A)reducing pressures.
B)buying and implementing anti-virus software.
C)reducing fraud opportunities.
D)hiring security experts.

A)Internet worm
B)Bot
C)Middleware
D)Spyware

A)virtual private networks.
B)traditional EDI settings.
C)e-business.
D)unsecured online transactions.

A)Sniffing
B)Spoofing
C)Hijacking
D)Impersonation

A)physical controls
B)segregation of duties
C)authorization controls
D)checks on performance

A)P2P programs
B)Internet worms
C)Trojan Horses
D)Spyware

A)Financial statement fraud
B)Data theft
C)Theft of money
D)Asset misappropriation

A)A vital part of the security of any electronic system.
B)The use of unique features of the human body to create secure access controls.
C)The most important aspect of internal control in an organization.
D)An authorization that reassures users that transactions are valid.

A)​internet worms
B)​a Trojan horse
C)​wartrapping
D)​phishing

A)SQL injection
B)HTML
C)Cross-site scripting
D)Java

A)the use of encryption which protects confidential and sensitive information from being stolen.
B)that information about the transactions is captured in databases that can be analyzed in numerous ways.
C)the absence of hard-copy documentation, the very essence of e-commerce.
D)that they not only make fraud easier to commit, but also make it much easier to detect.

A)phishing
B)sniffing
C)vandalism
D)wartrapping

A)Virtual private network
B)Public-key encryption
C)Cross-site scripting
D)SQL injection

A)trojan
B)sniffer
C)spoofer
D)phisher

A)​deleting a customer data file
B)​pouring hot coffee on a company keyboard
C)stealing company data lists ​
D)​throwing a computer monitor

A)​gaining an understanding of the tools and methods perpetrators use in e-business fraud
B)​gaining a working knowledge of computer networking systems
C)​learning the strengths and weaknesses of Windows
D)​getting to know each company employee's interactions with the systems

A)A fraudster impersonating a customer and buying equipment on the customer's account.
B)A fraudster viewing design data of a special project that is being transferred over a network.
C)A fraudster using another employee's passwords to access sensitive information.
D)An Internet site mimicking another site by using .org instead of .com.

A)​Routinely search databases for symptom.s
B)Utilize intrusion detective programs.
C)​Secure company systems.
D)​Train employees to recognize probable fraud.

A)Height
B)Fingerprints
C)Complexion
D)Weight

A)troubleshooting
B)intrusion detection
C)encryption
D)security audit

A)A trojan horse
B)A normal computer virus
C)An adware
D)An Internet worm

A)Sniffing
B)Crawling
C)Phishing
D)Wartrapping

A)​Investigate all symptoms of e-fraud found.
B)​Use information systems to highlight possible fraud activity.
C)​Analyze the results of database searches.
D)​Determine if the activity noted is an anomaly or usual business activity.

A)social engineering
B)spoofing
C)phishing
D)wartrapping

A)​Identify the frauds that can occur in the type of business being investigated.
B)​Determine the symptoms of e-business fraud within the business being investigated.
C)​Gain an understanding of the business being investigated.
D)​Investigate any anomalies observed within the business being investigated.

A)Encryption
B)Spoofing
C)Physical control
D)Biometric control

A)Database query injection
B)HTML
C)Cross-site scripting
D)Java

A)information about the transactions is captured in databases that are impossible to analyze.
B)correctly specifying the types of frauds that can occur and the symptoms they will generate.
C)the lack of hard-copy documentation, the very essence of e-business.
D)to use technology to catch technology fraud.