Question 1

Which of the following would be least effective to reduce exposure to a computer virus?

Accepted Answer

A) Only transfer files between employees with USB flash drives. 
B) Install and frequently update antivirus software. 
C) Install all new software on a stand-alone computer until it is tested. 
D) Do not open e-mail attachments from unknown senders. 
A) Only transfer files between employees with USB flash drives. 
B) Install and frequently update antivirus software. 
C) Install all new software on a stand-alone computer until it is tested. 
D) Do not open e-mail attachments from unknown senders.

Question 2

What is a denial of service attack?

Accepted Answer

A) It is an attack when the perpetrator is inserting malicious query in input such that it is passed to and executed by an application program. 
B) It is an attack when the perpetrator is inputting so much data that the input buffer overflows.The overflow contains code that takes control of the company's computer. 
C) It is an attack when the perpetrator uses software to guess company's addresses,send employees blank e-mails,and add unreturned messages to spammer e-mail list. 
D) It is an attacked when the perpetrator sends hundreds of messages from randomly generated false addresses,overloading an Internet service provider's e-mail server. 
A) It is an attack when the perpetrator is inserting malicious query in input such that it is passed to and executed by an application program. 
B) It is an attack when the perpetrator is inputting so much data that the input buffer overflows.The overflow contains code that takes control of the company's computer. 
C) It is an attack when the perpetrator uses software to guess company's addresses,send employees blank e-mails,and add unreturned messages to spammer e-mail list. 
D) It is an attacked when the perpetrator sends hundreds of messages from randomly generated false addresses,overloading an Internet service provider's e-mail server.

Question 3

Which of the following is the easiest method for a computer criminal to steal output without ever being on the premises?

Accepted Answer

A) dumpster diving 
B) use of a Trojan horse 
C) using a telescope to peer at paper reports 
D) electronic eavesdropping on computer monitors 
A) dumpster diving 
B) use of a Trojan horse 
C) using a telescope to peer at paper reports 
D) electronic eavesdropping on computer monitors

Question 4

Which of the following is not a method of identity theft?

Accepted Answer

A) Scavenging 
B) Phishing 
C) Shoulder surfing 
D) Phreaking 
A) Scavenging 
B) Phishing 
C) Shoulder surfing 
D) Phreaking

Question 5

A ________ is similar to a ________,except that it is a program rather than a code segment hidden in a host program.

Accepted Answer

A) worm;virus 
B) Trojan horse;worm 
C) worm;Trojan horse 
D) virus;worm 
A) worm;virus 
B) Trojan horse;worm 
C) worm;Trojan horse 
D) virus;worm

Question 6

Illegally obtaining and using confidential information about a person for economic gain is known as

Accepted Answer

A) eavesdropping. 
B) identity theft. 
C) packet sniffing. 
D) piggybacking. 
A) eavesdropping. 
B) identity theft. 
C) packet sniffing. 
D) piggybacking.

Question 7

Taking control of a phone to make calls,send text messages,listen to calls,or read text messages is called

Accepted Answer

A) masquerading. 
B) bluebugging. 
C) eavesdropping. 
D) podslurping. 
A) masquerading. 
B) bluebugging. 
C) eavesdropping. 
D) podslurping.

Question 8

Creating a seemingly legitimate business,collecting personal data while making a sale,and never delivering items sold is known as

Accepted Answer

A) hacking. 
B) spamming. 
C) posing. 
D) hijacking. 
A) hacking. 
B) spamming. 
C) posing. 
D) hijacking.

Question 9

Hunter Carr is an accountant with AcctSmart.The firm has a very strict policy of requiring all users to change their passwords every sixty days.In early March,Hunter received an e-mail claiming that there had been an error updating his password and it provided Hunter with a link to a website with instructions for re-updating his password.Something about the e-mail made Hunter suspicious,so he called AcctSmart's information technology department and found that the e-mail was fictitious.The e-mail was an example of

Accepted Answer

A) social engineering. 
B) piggybacking. 
C) spamming. 
D) phishing. 
A) social engineering. 
B) piggybacking. 
C) spamming. 
D) phishing.

Question 10

In November of 2005 it was discovered that many of the new CDs distributed by Sony BMG installed software when they were played on a computer.The software was intended to protect the CDs from copying.Unfortunately,it also made the computer vulnerable to attack by malware run over the Internet.The scandal and resulting backlash was very costly.The software installed by the CDs is a

Accepted Answer

A) virus. 
B) worm. 
C) rootkit. 
D) squirrel. 
A) virus. 
B) worm. 
C) rootkit. 
D) squirrel.

Question 11

What is a SQL injection attack?

Accepted Answer

A) It is an attack when the perpetrator is inserting malicious query in input such that it is passed to and executed by an application program. 
B) It is an attack when the perpetrator is inputting so much data that the input buffer overflows.The overflow contains code that takes control of the company's computer. 
C) It is an attack when the perpetrator uses software to guess company's addresses,send employees blank e-mails,and add unreturned messages to spammer e-mail list. 
D) It is an attacked when the perpetrator sends hundreds of messages from randomly generated false addresses,overloading an Internet service provider's e-mail server. 
A) It is an attack when the perpetrator is inserting malicious query in input such that it is passed to and executed by an application program. 
B) It is an attack when the perpetrator is inputting so much data that the input buffer overflows.The overflow contains code that takes control of the company's computer. 
C) It is an attack when the perpetrator uses software to guess company's addresses,send employees blank e-mails,and add unreturned messages to spammer e-mail list. 
D) It is an attacked when the perpetrator sends hundreds of messages from randomly generated false addresses,overloading an Internet service provider's e-mail server.

Question 12

Ashley Baker works in the information technology department of Core Company.On Monday morning,she arrived at work,scanned her identity card,and entered her access code.At that moment,a man in a delivery uniform came up behind Ashley with a bunch of boxes.Although Ashley held the door for the delivery man,she later wondered if the man was engaged in

Accepted Answer

A) pretexting. 
B) piggybacking. 
C) posing. 
D) spoofing. 
A) pretexting. 
B) piggybacking. 
C) posing. 
D) spoofing.

Question 13

Computers that are part of a botnet and are controlled by a bot herder are referred to as

Accepted Answer

A) sniffers. 
B) zombies. 
C) botsquats. 
D) evil twins. 
A) sniffers. 
B) zombies. 
C) botsquats. 
D) evil twins.

Question 14

Using a small device with storage capacity (iPod,Flash drive)to download unauthorized data from
A computer is called

Accepted Answer

A) masquerading. 
B) bluebugging. 
C) eavesdropping. 
D) podslurping. 
A) masquerading. 
B) bluebugging. 
C) eavesdropping. 
D) podslurping.

Question 15

Social engineering is

Accepted Answer

A) verifying credit card validity;buying and selling stolen credit cards. 
B) inserting a sleeve into an ATM so that it will not eject the victim's card,pretending to help the
Victim as a means of obtaining his PIN,and using the card and PIN to drain the account. 
C) a technique that tricks a person into disclosing confidential information. 
D) changing data before,during,or after it is entered into the system in order to delete,alter,or add key system data. 
A) verifying credit card validity;buying and selling stolen credit cards. 
B) inserting a sleeve into an ATM so that it will not eject the victim's card,pretending to help the
Victim as a means of obtaining his PIN,and using the card and PIN to drain the account. 
C) a technique that tricks a person into disclosing confidential information. 
D) changing data before,during,or after it is entered into the system in order to delete,alter,or add key system data.

Question 16

What is social engineering? Provide an example.

Accepted Answer

Social engineering refers to techniques

Question 17

Describe ways to help minimize social engineering.

Accepted Answer

Never let people follow you into a restr

Question 18

Describe the differences between a worm and a virus.

Accepted Answer

A computer virus is a segment of executa

Question 19

Individuals who control an army of malware-infected zombie computers are referred to as

Accepted Answer

A) malware owners. 
B) malware writers. 
C) botnet owners. 
D) bad actors. 
A) malware owners. 
B) malware writers. 
C) botnet owners. 
D) bad actors.

Question 20

Which method of fraud is physical in its nature rather than electronic?

Accepted Answer

A) cracking 
B) hacking 
C) eavesdropping 
D) scavenging 
A) cracking 
B) hacking 
C) eavesdropping 
D) scavenging

Which of the following would be least effective to reduce exposure to a computer virus?

What is a denial of service attack?

Which of the following is the easiest method for a computer criminal to steal output without ever being on the premises?

Which of the following is not a method of identity theft?

A is similar to a ,except that it is a program rather than a code segment hidden in a host program.

Illegally obtaining and using confidential information about a person for economic gain is known as

Taking control of a phone to make calls,send text messages,listen to calls,or read text messages is called

Creating a seemingly legitimate business,collecting personal data while making a sale,and never delivering items sold is known as

What is a SQL injection attack?

Computers that are part of a botnet and are controlled by a bot herder are referred to as

Using a small device with storage capacity (iPod,Flash drive)to download unauthorized data from A computer is called

Social engineering is

What is social engineering? Provide an example.

Describe ways to help minimize social engineering.

Describe the differences between a worm and a virus.

Individuals who control an army of malware-infected zombie computers are referred to as

Which method of fraud is physical in its nature rather than electronic?

Conceptual Foundations of Accounting Information Systems

Overview of Transaction Processing and Enterprise Resource Planning Systems

Systems Documentation Techniques

Relational Databases

Computer Fraud

Control and Accounting Information Systems

Controls for Information Security

Confidentiality and Privacy Controls

Processing Integrity and Availability Controls

Auditing Computer-Based Information Systems

The Revenue Cycle: Sales to Cash Collections

The Expenditure Cycle: Purchasing to Cash Disbursements

The Production Cycle

The Human Resources Management and Payroll Cycle

General Ledger and Reporting System

Database Design Using the Rea Data Model

Implementing an Rea Model in a Relational Database

Special Topics in Rea Modeling

Introduction to Systems Development and Systems Analysis

Ais Development Strategies

Systems Design, implementation, and Operation

Filters

Exam 6: Computer Fraud and Abuse Techniques

Which of the following would be least effective to reduce exposure to a computer virus?

What is a denial of service attack?

Which of the following is the easiest method for a computer criminal to steal output without ever being on the premises?

Which of the following is not a method of identity theft?

A ________ is similar to a ________,except that it is a program rather than a code segment hidden in a host program.

Illegally obtaining and using confidential information about a person for economic gain is known as

Taking control of a phone to make calls,send text messages,listen to calls,or read text messages is called

Creating a seemingly legitimate business,collecting personal data while making a sale,and never delivering items sold is known as

What is a SQL injection attack?

Computers that are part of a botnet and are controlled by a bot herder are referred to as

Using a small device with storage capacity (iPod,Flash drive)to download unauthorized data from A computer is called

Social engineering is

What is social engineering? Provide an example.

Describe ways to help minimize social engineering.

Describe the differences between a worm and a virus.

Individuals who control an army of malware-infected zombie computers are referred to as

Which method of fraud is physical in its nature rather than electronic?

Conceptual Foundations of Accounting Information Systems

Overview of Transaction Processing and Enterprise Resource Planning Systems

Systems Documentation Techniques

Relational Databases

Computer Fraud

Control and Accounting Information Systems

Controls for Information Security

Confidentiality and Privacy Controls

Processing Integrity and Availability Controls

Auditing Computer-Based Information Systems

The Revenue Cycle: Sales to Cash Collections

The Expenditure Cycle: Purchasing to Cash Disbursements

The Production Cycle

The Human Resources Management and Payroll Cycle

General Ledger and Reporting System

Database Design Using the Rea Data Model

Implementing an Rea Model in a Relational Database

Special Topics in Rea Modeling

Introduction to Systems Development and Systems Analysis

Ais Development Strategies

Systems Design, implementation, and Operation

Filters

A is similar to a ,except that it is a program rather than a code segment hidden in a host program.