Deck 5: Computer Fraud and Security

A)misappropriation of assets.
B)employee fraud.
C)fraudulent financial reporting.
D)theft of assets.

A)concealment; theft
B)theft; concealment
C)conversion; theft
D)conversion; concealment

A)a feeling of not being appreciated
B)failing to receive a deserved promotion
C)believing that their pay is too low relative to others around them
D)All of the above emotions could be sources of pressure.

A)theft.
B)conversion.
C)concealment.
D)embezzlement.

A)human errors and omissions.
B)physical threats such as natural disasters.
C)dishonest employees.
D)fraud and embezzlement.

A)many companies in one locale can be seriously affected at one time by a disaster.
B)losses are absolutely unpreventable.
C)there are a large number of major disasters every year.
D)disaster planning has largely been ignored in the literature.

A)computer fraud
B)data transmission errors
C)human carelessness
D)natural and political disasters

A)Accident
B)Corruption
C)Power outage
D)Terrorist attack

A)Earthquake
B)Logic error
C)Operating system crash
D)Sabotage

A)pressure to commit fraud
B)opportunity to commit fraud
C)desire to get even with the employer
D)rationalization for the crime

A)a power outage
B)sabotage
C)high winds
D)a logic error

A)insiders are more dishonest than outsiders.
B)insiders know more about the system and its weaknesses than outsiders.
C)outsiders are more likely to get caught than insiders.
D)insiders have more need for money than outsiders.

A)Innocent error
B)Operating system crash
C)Sabotage
D)Terrorist attack

A)few differences exist between white-collar criminals and the general public.
B)white-collar criminals eventually become violent criminals.
C)most white-collar criminals invest their illegal income rather than spend it.
D)most white-collar criminals are older and not technologically proficient.

A)outsiders.
B)employees.
C)computer hackers.
D)vendors.

A)a big change for the better in an employee's lifestyle
B)an employee suddenly acquires lots of credit cards
C)inadequate internal controls
D)too close association with suppliers or customers

A)Computer fraud
B)Employee fraud
C)Fraudulent financial reporting
D)Management fraud

A)financial fraud.
B)misstatement fraud.
C)fraudulent financial reporting.
D)audit failure fraud.

A)spark.
B)pressure.
C)flash-point.
D)catalyst.

A)input
B)processor
C)computer instructions
D)output

A)the failure to have any internal controls
B)the failure to enforce the system of internal controls
C)the failure to have the correct controls
D)the failure to realize that fraud could occur

A)Companies are reluctant to report computer crimes because a highly visible computer fraud is a public relations nightmare.
B)Such crimes are difficult,costly,and time-consuming to investigate and prosecute.
C)Law enforcement and the courts are often too busy with violent crimes that little time is left for fraud cases.
D)all of the above

A)by paying a fictitious or ghost employee
B)by increasing pay rates without permission
C)by keeping a real but terminated employee on the payroll
D)All of the above situations are possible.

A)A denial of service attack occurs when the perpetrator sends hundreds of messages from randomly generated false addresses,overloading an Internet service provider's e-mail server.
B)A denial of service attack occurs when an e-mail message is sent through a re-mailer,who removes the message headers making the message anonymous,then resends the message to selected addresses.
C)A denial of service attack occurs when a cracker enters a system through an idle modem,captures the PC attached to the modem,and then gains access to the network to which it is connected.
D)A denial of service attack occurs when the perpetrator e-mails the same message to everyone on one or more Usenet newsgroups LISTSERV lists.

A)any crime in which a computer is used.
B)an illegal act in which knowledge of computer technology is essential.
C)any act in which cash is stolen using a computer.
D)an illegal act in which a computer is an integral part of the crime.

A)by creating cash through the transfer of money between banks
B)by the conversion of stolen assets into cash
C)by stealing cash from customer A and then using customer B's balance to pay customer A's accounts receivable
D)by charging the stolen item to an expense account

A)perpetrators usually only steal very small amounts of money at a time,thus requiring a long period of time to have elapsed before they're discovered.
B)perpetrators can commit a fraud and leave little or no evidence.
C)most perpetrators invest their illegal income rather than spend it,thus concealing key evidence.
D)most computer criminals are older and are considered to be more cunning when committing such a fraud.

A)data theft.
B)output theft.
C)disbursement fraud.
D)a trap door technique.

A)pays too much for ordered goods.
B)pays for goods never received.
C)laps cash payments at the bank.
D)Both A and B are correct.

A)pressures
B)opportunities
C)rationalizations
D)none of the above

A)kiting
B)laundering
C)bogus expense
D)lapping

A)pressures
B)opportunities
C)rationalizations
D)none of the above

A)Rarely is cash stolen in computer fraud.
B)The fraud may leave little or no evidence it ever happened.
C)Computers provide more opportunities for fraud.
D)Computer fraud perpetrators are just cleverer than other types of criminals.

A)gaining unauthorized access to and use of computer systems,usually by means of a personal computer and a telecommunications network
B)unauthorized copying of company data such as computer files
C)unauthorized access to a system by the perpetrator pretending to be an authorized user
D)changing data before,during,or after it is entered into the system in order to delete,alter,or add key system data

A)disbursement fraud.
B)inventory fraud.
C)payroll fraud.
D)cash receipts fraud.

A)alter computer input.
B)alter computer output.
C)modify the processing.
D)corrupt the data base.

A)the organization placing excessive trust in key employees
B)inadequate staffing within the organization
C)company policies within the organization are unclear
D)All of the above situations make it easy for someone to commit a fraud.

A)lapping.
B)misappropriation of assets.
C)kiting.
D)concealment.

A)Data leakage
B)Eavesdropping
C)Masquerading
D)Phishing

A)worm; virus
B)Trojan horse; worm
C)worm; Trojan horse
D)virus; worm

A)Eavesdropping
B)Identity theft
C)Packet sniffing
D)Piggybacking

A)data diddling.
B)dumpster diving.
C)eavesdropping.
D)piggybacking.

A)superzapping.
B)data leakage.
C)hacking.
D)piggybacking.

A)a Trojan horse.
B)a trap door.
C)the salami technique.
D)superzapping.

A)a virus protection program
B)a virus identification program
C)a virus detection program
D)none of the above

A)a Trojan horse.
B)a trap door.
C)the salami technique.
D)superzapping.

A)Trojan horse
B)round down
C)salami
D)trap door

A)Scavenging
B)Phishing
C)Shoulder surfing
D)Phreaking

A)encrypt data and programs
B)use forensic accountants
C)maintain adequate insurance
D)require vacations and rotate duties

A)cracking
B)hacking
C)eavesdropping
D)scavenging

A)superzapping.
B)data diddling.
C)using a trap door.
D)piggybacking.

A)trap door.
B)data diddle.
C)logic bomb.
D)virus.

A)Software that tells the user if anyone is spying on his computer
B)Software that monitors whether spies are looking at the computer
C)Software that monitors computing habits and sends the data it gathers to someone else
D)None of the above

A)Hacking
B)Hijacking
C)Phreaking
D)Sniffing

A)Logic bomb
B)Spyware
C)Trap door
D)Trojan horse

A)Hacking
B)Hijacking
C)Phreaking
D)Sniffing

A)dumpster diving
B)by use of a Trojan horse
C)using a telescope to peer at paper reports
D)electronic eavesdropping on computer monitors

A)cracking.
B)masquerading.
C)hacking.
D)superzapping.

A)hackers.
B)crackers.
C)phreakers.
D)jerks.

A)Bluesnarfing.
B)splogging.
C)vishing.
D)typosquatting.

A)Bluesnarfing.
B)splogging.
C)vishing.
D)typosquatting.

A)virus.
B)zero-day attack.
C)denial of service attack.
D)dictionary attack.

A)denial-of-service attack.
B)zero-day attack.
C)malware attack.
D)cyber-extortion attack.

A)The shipper has insurance that will reimburse ISC for the cost of the tape.
B)ISC has a copy of the tape onsite,so a new copy for storage offsite can easily be prepared.
C)The tape was encrypted and password protected.
D)ISC has a comprehensive disaster recovery plan.

A)phreaker; dumpster diving
B)hacker; social engineering
C)phreaker; the salami technique
D)hacker; password cracking

A)posers.
B)zombies.
C)botsquats.
D)evil twins.

A)social engineering.
B)phishing.
C)piggybacking.
D)spamming.

A)Bluesnarfing.
B)splogging.
C)vishing.
D)typosquatting.

A)virus.
B)worm.
C)rootkit.
D)squirrel.

A)Trojan horse.
B)key logger..
C)spoof.
D)back door.

A)Bluesnarfing.
B)splogging.
C)vishing.
D)typosquatting.

A)a denial-of-service attack.
B)Internet terrorism.
C)hacking.
D)cyber-extortion.

A)latenography.
B)obfuscography.
C)cryptography.
D)steganography.

A)monitor all employee behavior using video cameras.
B)require all employees to take annual vacations.
C)explain to employees that fraud is illegal and that it will be severely punished.
D)monitor employee bank accounts and net worth.

A)typosquatting.
B)carding.
C)pharming.
D)phishing.

A)phreakers.
B)hackers.
C)hijackers.
D)superzappers.

A)kiting.
B)data diddling.
C)data leakage.
D)phreaking.

A)phreaking.
B)war dialing.
C)identity theft.
D)social engineering.

A)typosquatting.
B)piggybacking.
C)posing.
D)spoofing.