Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 17: E-Commerce Fraud

Full screen (f)
exit full mode
Question
Passwords, biometrics, and digital signatures are examples of which of the following?

A) Physical controls
B) Segregation of duties
C) Authorization controls
D) Checks on performance
Use Space or
up arrow
down arrow
to flip the card.
Question
What is biometrics?

A) A vital part of the security of any electronic system
B) The use of unique features of the human body to create secure access controls
C) The most important aspect of internal control in an organization
D) An authorization that reassures users that transactions are valid
Question
What is the term that describes the act of trying to gain access to networks and secure information during a risk assessment?

A) Troubleshooting
B) Intrusion detection
C) Encryption
D) Security audit
Question
What is the primary electronic transaction and document control used in e-commerce?

A) Encryption
B) Spoofing
C) Physical control
D) Biometric control
Question
What is the term for when a hacker calls a targeted user posing as technical support and asks the victim to divulge the account information so that immediate steps can be taken to prevent data loss from the account?

A) Social engineering
B) Spoofing
C) Data theft
D) Customer impersonation
Question
Which of the following installs monitoring software in addition to the regular software that a user downloads or buys?

A) Internet worm
B) Bot
C) Middleware
D) Spyware
Question
Which of the following refers to the tactic of keeping security holes, encryption algorithms, and processes secret to confuse attackers?

A) Authorization control
B) Secure socket layer
C) Security through obscurity
D) Biometrics
Question
Generally, the best way to prevent fraud in e-business settings is to focus on:

A) reducing pressures.
B) buying and implementing anti-virus software.
C) reducing fraud opportunities.
D) hiring security experts.
Question
Which of the following is described as the viewing of information that passes along a network line?

A) Sniffing
B) Spoofing
C) Hijacking
D) Impersonation
Question
Which of the following are self-contained programs that represent one of the biggest threats in e-commerce fraud?

A) P2P programs
B) Internet worms
C) Trojan horses
D) Spyware
Question
Why is it that Internet users' information can be hijacked when they conduct web visits?

A) Social engineering has made it easy to do so.
B) Many managers lack the technical expertise to prevent and detect data theft.
C) Data can be transferred easily and quickly to any location in the world.
D) Subtle differences in Internet host names often go unnoticed by Internet users.
Question
What is normally the primary goal of fraud in an electronic environment?

A) Financial statement fraud
B) Data theft
C) Theft of money
D) Asset misappropriation
Question
Which of the following can be defined as the use of unique features of the human body to create secure access controls?

A) Digital signatures
B) Passwords
C) Biometrics
D) Firewalls
Question
What is the term for a method of injecting Javascript and other browser commands into the Web site data?

A) Database query injection
B) HTML
C) Cross-site scripting
D) Java
Question
The threat of falsified identity is less of a concern in the case of:

A) virtual private networks.
B) traditional EDI settings.
C) e-business.
D) unsecured online transactions.
Question
Why are passwords often considered the "Achilles' heel" of electronic systems?

A) Password selection is left to the end user and cannot be fully controlled.
B) Systems cannot handle complex passwords.
C) Any password can be easily hacked.
D) No other control can better prevent fraud than the wise use of passwords.
Question
In an electronic environment, no other control can better prevent fraud than the wise use of .

A) digital certificates
B) biometrics
C) anti-virus software
D) passwords
Question
What is spoofing?

A) Using a subtly different Internet host name to mimic another business
B) Changing the information in e-mail headers or IP addresses
C) Extracting personal or corporate computer information from employees
D) Viewing the information that passes along a network line
Question
What is the most important aspect of internal control?

A) Audit committee
B) Control policies
C) Control system
D) Personnel
Question
Which of the following is NOT a general type of control activity?

A) Adequate separation of duties
B) Independent checks on performance
C) Proper authorization of transactions and activities
D) Use of internal auditors
Question
The advantage of e-business transactions in detecting electronic fraud is:

A) the use of encryption which protects confidential and sensitive information from being stolen.
B) that information about the transactions is captured in databases that can be analyzed in numerous ways.
C) the absence of hard-copy documentation, the very essence of e-commerce.
D) that they not only make fraud easier to commit, but also make it much easier to detect.
Question
A hacker sends an e-mail impersonating technical support to two hundred employees of a company. Four employees respond with their password, thereby allowing the hacker to access the company's internal networks. Which technique is being discussed here?

A) Sniffing
B) Crawling
C) Phishing
D) Wartrapping
Question
Which of the following human features is generally used in biometrics?

A) Height
B) Fingerprints
C) Complexion
D) Weight
Question
What is the term for a technique in which hackers go to known business traveler locations like airports and set up access points (which look like regular wireless networks) through their laptops to the Internet?

A) Social engineering
B) Spoofing
C) Phishing
D) Wartrapping
Question
Which of the terms below best describes the act of employees using sophisticated denial-of-service attempts on local machines?

A) Phishing
B) Sniffing
C) Vandalism
D) Wartrapping
Question
Which of the following examples illustrates sniffing?

A) A fraudster impersonating a customer and buying equipment on the customer's account
B) A fraudster viewing design data of a special project that is being transferred over a network
C) A fraudster using another employee's passwords to access sensitive information
D) An Internet site mimicking another site by using .org instead of .com
Question
An IDS is used to:

A) Write computer scripts
B) Gain access to large networks
C) Monitor logs and detect potential break-ins
D) Troubleshoot networks
Question
Which of the following is the first step in looking for e-business fraud?

A) Identify the frauds that can occur in the type of business being investigated
B) Determine the symptoms of e-business fraud within the business being investigated
C) Gain an understanding of the business being investigated
D) Investigate any anomalies observed within the business being investigated
Question
Which of the following is NOT an act of vandalism?

A) Deleting a customer data file
B) Pouring hot coffee on a company keyboard
C) Stealing company data lists
D) Throwing a computer monitor
Question
Which of the following is the last step taken by fraud examiners during an examination of a business when looking for e-business fraud?

A) Investigate all symptoms of e-fraud found
B) Use information systems to highlight possible fraud activity
C) Analyze the results of database searches
D) Determine if the activity noted is an anomaly or usual business activity
Question
A hacker sends a database command after regular data in an online submission form. This command inserts an unauthorized record giving access to the hacker. Which risk is being discussed here?

A) SQL injection
B) HTML
C) Cross-site scripting
D) Java
Question
Which of the following is NOT a means of using technology to spot technology fraud?

A) Routinely search databases for symptoms
B) Utilize intrusion detection programs
C) Secure company systems
D) Train employees to recognize probable fraud
Question
Which of the following e-commerce threats spreads via direct transfer or e-mail?

A) Internet worms
B) Trojan horse
C) Wartrapping
D) Phishing
Question
Which of these is a program that claims to do something useful, but also contains hidden behavior?

A) A Trojan horse
B) A normal computer virus
C) Adware
D) An Internet worm
Question
The most difficult aspect of detecting e-business fraud is:

A) information about the transactions is captured in databases that are impossible to analyze.
B) correctly specifying the types of frauds that can occur and the symptoms they will generate.
C) the lack of hard-copy documentation, the very essence of e-business.
D) using technology to catch technology fraud.
Question
Which of the following activities would be the least practical for a fraud examiner?

A) Gaining an understanding of the tools and methods perpetrators use in e-business fraud
B) Gaining a working knowledge of computer networking systems
C) Learning the strengths and weaknesses of Windows
D) Getting to know each company employee's interactions with the systems
Question
What allows information to be sent in encoded format over unsecured networks like the Internet and is widely used to protect data and ensure privacy?

A) Virtual private network
B) Public-key encryption
C) Cross-site scripting
D) SQL injection
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/37
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 17: E-Commerce Fraud
1
Passwords, biometrics, and digital signatures are examples of which of the following?

A) Physical controls
B) Segregation of duties
C) Authorization controls
D) Checks on performance
C
2
What is biometrics?

A) A vital part of the security of any electronic system
B) The use of unique features of the human body to create secure access controls
C) The most important aspect of internal control in an organization
D) An authorization that reassures users that transactions are valid
B
3
What is the term that describes the act of trying to gain access to networks and secure information during a risk assessment?

A) Troubleshooting
B) Intrusion detection
C) Encryption
D) Security audit
B
4
What is the primary electronic transaction and document control used in e-commerce?

A) Encryption
B) Spoofing
C) Physical control
D) Biometric control
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
5
What is the term for when a hacker calls a targeted user posing as technical support and asks the victim to divulge the account information so that immediate steps can be taken to prevent data loss from the account?

A) Social engineering
B) Spoofing
C) Data theft
D) Customer impersonation
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following installs monitoring software in addition to the regular software that a user downloads or buys?

A) Internet worm
B) Bot
C) Middleware
D) Spyware
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following refers to the tactic of keeping security holes, encryption algorithms, and processes secret to confuse attackers?

A) Authorization control
B) Secure socket layer
C) Security through obscurity
D) Biometrics
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
8
Generally, the best way to prevent fraud in e-business settings is to focus on:

A) reducing pressures.
B) buying and implementing anti-virus software.
C) reducing fraud opportunities.
D) hiring security experts.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following is described as the viewing of information that passes along a network line?

A) Sniffing
B) Spoofing
C) Hijacking
D) Impersonation
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following are self-contained programs that represent one of the biggest threats in e-commerce fraud?

A) P2P programs
B) Internet worms
C) Trojan horses
D) Spyware
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
11
Why is it that Internet users' information can be hijacked when they conduct web visits?

A) Social engineering has made it easy to do so.
B) Many managers lack the technical expertise to prevent and detect data theft.
C) Data can be transferred easily and quickly to any location in the world.
D) Subtle differences in Internet host names often go unnoticed by Internet users.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
12
What is normally the primary goal of fraud in an electronic environment?

A) Financial statement fraud
B) Data theft
C) Theft of money
D) Asset misappropriation
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following can be defined as the use of unique features of the human body to create secure access controls?

A) Digital signatures
B) Passwords
C) Biometrics
D) Firewalls
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
14
What is the term for a method of injecting Javascript and other browser commands into the Web site data?

A) Database query injection
B) HTML
C) Cross-site scripting
D) Java
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
15
The threat of falsified identity is less of a concern in the case of:

A) virtual private networks.
B) traditional EDI settings.
C) e-business.
D) unsecured online transactions.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
16
Why are passwords often considered the "Achilles' heel" of electronic systems?

A) Password selection is left to the end user and cannot be fully controlled.
B) Systems cannot handle complex passwords.
C) Any password can be easily hacked.
D) No other control can better prevent fraud than the wise use of passwords.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
17
In an electronic environment, no other control can better prevent fraud than the wise use of .

A) digital certificates
B) biometrics
C) anti-virus software
D) passwords
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
18
What is spoofing?

A) Using a subtly different Internet host name to mimic another business
B) Changing the information in e-mail headers or IP addresses
C) Extracting personal or corporate computer information from employees
D) Viewing the information that passes along a network line
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
19
What is the most important aspect of internal control?

A) Audit committee
B) Control policies
C) Control system
D) Personnel
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following is NOT a general type of control activity?

A) Adequate separation of duties
B) Independent checks on performance
C) Proper authorization of transactions and activities
D) Use of internal auditors
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
21
The advantage of e-business transactions in detecting electronic fraud is:

A) the use of encryption which protects confidential and sensitive information from being stolen.
B) that information about the transactions is captured in databases that can be analyzed in numerous ways.
C) the absence of hard-copy documentation, the very essence of e-commerce.
D) that they not only make fraud easier to commit, but also make it much easier to detect.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
22
A hacker sends an e-mail impersonating technical support to two hundred employees of a company. Four employees respond with their password, thereby allowing the hacker to access the company's internal networks. Which technique is being discussed here?

A) Sniffing
B) Crawling
C) Phishing
D) Wartrapping
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following human features is generally used in biometrics?

A) Height
B) Fingerprints
C) Complexion
D) Weight
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
24
What is the term for a technique in which hackers go to known business traveler locations like airports and set up access points (which look like regular wireless networks) through their laptops to the Internet?

A) Social engineering
B) Spoofing
C) Phishing
D) Wartrapping
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
25
Which of the terms below best describes the act of employees using sophisticated denial-of-service attempts on local machines?

A) Phishing
B) Sniffing
C) Vandalism
D) Wartrapping
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
26
Which of the following examples illustrates sniffing?

A) A fraudster impersonating a customer and buying equipment on the customer's account
B) A fraudster viewing design data of a special project that is being transferred over a network
C) A fraudster using another employee's passwords to access sensitive information
D) An Internet site mimicking another site by using .org instead of .com
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
27
An IDS is used to:

A) Write computer scripts
B) Gain access to large networks
C) Monitor logs and detect potential break-ins
D) Troubleshoot networks
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
28
Which of the following is the first step in looking for e-business fraud?

A) Identify the frauds that can occur in the type of business being investigated
B) Determine the symptoms of e-business fraud within the business being investigated
C) Gain an understanding of the business being investigated
D) Investigate any anomalies observed within the business being investigated
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
29
Which of the following is NOT an act of vandalism?

A) Deleting a customer data file
B) Pouring hot coffee on a company keyboard
C) Stealing company data lists
D) Throwing a computer monitor
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
30
Which of the following is the last step taken by fraud examiners during an examination of a business when looking for e-business fraud?

A) Investigate all symptoms of e-fraud found
B) Use information systems to highlight possible fraud activity
C) Analyze the results of database searches
D) Determine if the activity noted is an anomaly or usual business activity
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
31
A hacker sends a database command after regular data in an online submission form. This command inserts an unauthorized record giving access to the hacker. Which risk is being discussed here?

A) SQL injection
B) HTML
C) Cross-site scripting
D) Java
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
32
Which of the following is NOT a means of using technology to spot technology fraud?

A) Routinely search databases for symptoms
B) Utilize intrusion detection programs
C) Secure company systems
D) Train employees to recognize probable fraud
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following e-commerce threats spreads via direct transfer or e-mail?

A) Internet worms
B) Trojan horse
C) Wartrapping
D) Phishing
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
34
Which of these is a program that claims to do something useful, but also contains hidden behavior?

A) A Trojan horse
B) A normal computer virus
C) Adware
D) An Internet worm
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
35
The most difficult aspect of detecting e-business fraud is:

A) information about the transactions is captured in databases that are impossible to analyze.
B) correctly specifying the types of frauds that can occur and the symptoms they will generate.
C) the lack of hard-copy documentation, the very essence of e-business.
D) using technology to catch technology fraud.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
36
Which of the following activities would be the least practical for a fraud examiner?

A) Gaining an understanding of the tools and methods perpetrators use in e-business fraud
B) Gaining a working knowledge of computer networking systems
C) Learning the strengths and weaknesses of Windows
D) Getting to know each company employee's interactions with the systems
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
37
What allows information to be sent in encoded format over unsecured networks like the Internet and is widely used to protect data and ensure privacy?

A) Virtual private network
B) Public-key encryption
C) Cross-site scripting
D) SQL injection
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree