Deck 17: Fraud in E-Commerce

A)Financial statement fraud
B)Identity theft
C)Theft of money
D)Information theft

A)physical controls
B)segregation of duties
C)authorization controls
D)checks on performance

A)Adequate separation of duties
B)Independent checks on performance
C)Proper authorization of transactions and activities
D)Use of internal auditors

A)risk-assessment
B)security through obscurity
C)digital signature
D)biometrics

A)Digital Signatures
B)Passwords
C)Biometrics
D)Firewalls

A)P2P programs
B)Internet worms
C)Trojan Horses
D)Spyware

A)Internet worm
B)Bot
C)Middleware
D)Spyware

A)reducing pressures.
B)buying and implementing anti-virus software.
C)reducing fraud opportunities.
D)hiring security experts.

A)virtual private networks.
B)traditional EDI settings.
C)e-business.
D)unsecured online transactions.

A)Sniffing
B)Spoofing
C)Hijacking
D)Impersonation

A)Financial statement fraud
B)Data theft
C)Theft of money
D)Asset misappropriation

A)Password selection is left to the end user and cannot be fully controlled.
B)Systems cannot handle complex passwords.
C)Any password can be easily hacked.
D)No other control can better prevent fraud than the wise use of passwords.

A)Pressure
B)Opportunity
C)Rationalization
D)Interaction

A)social engineering
B)spoofing
C)data theft
D)customer impersonation

A)Using a subtly different Internet host name to mimic another business.
B)Changing the information in e-mail headers or IP addresses.
C)Extracting personal or corporate information from employees.
D)Viewing the information that passes along a network line.

A)social engineering has made it easy to do so.
B)many managers lack the technical expertise to prevent and detect data theft.
C)data can be transferred easily and quickly to any location in the world.
D)subtle differences in Internet host names often go unnoticed by Internet users.

A)A vital part of the security of any electronic system.
B)The use of unique features of the human body to create secure access controls.
C)The most important aspect of internal control in an organization.
D)An authorization that reassures users that transactions are valid.

A)digital certificates
B)biometrics
C)anti-virus software
D)passwords

A)Authorization control
B)Secure socket layer
C)Security through obscurity
D)Biometrics

A)information about the transactions is captured in databases that are impossible to analyze.
B)correctly specifying the types of frauds that can occur and the symptoms they will generate.
C)the lack of hard-copy documentation,the very essence of e-business.
D)to use technology to catch technology fraud.

A)A fraudster impersonating a customer and buying equipment on the customer's account.
B)A fraudster viewing design data of a special project that is being transferred over a network.
C)A fraudster using another employee's passwords to access sensitive information.
D)An Internet site mimicking another site by using .org instead of .com.

A)Database query injection
B)HTML
C)Cross-site scripting
D)Java

A)the use of encryption which protects confidential and sensitive information from being stolen.
B)that information about the transactions is captured in databases that can be analyzed in numerous ways.
C)the absence of hard-copy documentation,the very essence of e-commerce.
D)that they not only make fraud easier to commit,but also make it much easier to detect.

A)social engineering
B)spoofing
C)phishing
D)wartrapping

A)troubleshooting
B)intrusion detection
C)encryption
D)security audit

A)phishing
B)sniffing
C)vandalism
D)wartrapping

A)SQL injection
B)HTML
C)Cross-site scripting
D)Java

A)Virtual private network
B)Public-key encryption
C)Cross-site scripting
D)SQL injection

A)A trojan horse
B)A normal computer virus
C)An adware
D)An Internet worm

A)trojan
B)sniffer
C)spoofer
D)phisher

A)Encryption
B)Spoofing
C)Physical control
D)Biometric control

A)Height
B)Fingerprints
C)Complexion
D)Weight

A)Sniffing
B)Crawling
C)Phishing
D)Wartrapping