Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 17: Fraud in E-Commerce

Full screen (f)
exit full mode
Question
What is the most important aspect of internal control?

A)Audit committee
B)Control policies
C)Control system
D)Personnel
Use Space or
up arrow
down arrow
to flip the card.
Question
What is usually the primary goal in traditional fraud?

A)Financial statement fraud
B)Identity theft
C)Theft of money
D)Information theft
Question
Passwords,biometrics,and digital signatures are examples of _____.

A)physical controls
B)segregation of duties
C)authorization controls
D)checks on performance
Question
Which of the following is NOT a general type of control activity?

A)Adequate separation of duties
B)Independent checks on performance
C)Proper authorization of transactions and activities
D)Use of internal auditors
Question
One of the greatest fallacies of e-commerce security is a prevention measure known as _________.

A)risk-assessment
B)security through obscurity
C)digital signature
D)biometrics
Question
________ is the use of unique features of the human body to create secure access controls.

A)Digital Signatures
B)Passwords
C)Biometrics
D)Firewalls
Question
____ are self-contained programs that represent today's biggest threat and spread via direct transfer,email,or another mechanism.

A)P2P programs
B)Internet worms
C)Trojan Horses
D)Spyware
Question
A (n)_____,similar to a trojan horse,installs monitoring software in addition to the regular software that a user downloads or buys.

A)Internet worm
B)Bot
C)Middleware
D)Spyware
Question
Generally,the best way to prevent fraud in e-business settings is to focus on:

A)reducing pressures.
B)buying and implementing anti-virus software.
C)reducing fraud opportunities.
D)hiring security experts.
Question
The threat of falsified identity is less of a concern in the case of:

A)virtual private networks.
B)traditional EDI settings.
C)e-business.
D)unsecured online transactions.
Question
_____ is the viewing of information that passes along a network line,and it is a common method of gathering information from unencrypted communications.

A)Sniffing
B)Spoofing
C)Hijacking
D)Impersonation
Question
What is normally the primary concern in an electronic environment?

A)Financial statement fraud
B)Data theft
C)Theft of money
D)Asset misappropriation
Question
Why are passwords often considered the "Achilles' heel" of electronic systems?

A)Password selection is left to the end user and cannot be fully controlled.
B)Systems cannot handle complex passwords.
C)Any password can be easily hacked.
D)No other control can better prevent fraud than the wise use of passwords.
Question
Which element of the fraud triangle can easily be reduced in preventing fraud in e-business?

A)Pressure
B)Opportunity
C)Rationalization
D)Interaction
Question
A hacker calls a targeted user and pose as technical support.The hacker asks the victim to divulge the account information so that immediate steps can be taken to prevent data loss from the account.What is this an example of?

A)social engineering
B)spoofing
C)data theft
D)customer impersonation
Question
What is spoofing?

A)Using a subtly different Internet host name to mimic another business.
B)Changing the information in e-mail headers or IP addresses.
C)Extracting personal or corporate information from employees.
D)Viewing the information that passes along a network line.
Question
E-mail messages and Web visits can be hijacked because:

A)social engineering has made it easy to do so.
B)many managers lack the technical expertise to prevent and detect data theft.
C)data can be transferred easily and quickly to any location in the world.
D)subtle differences in Internet host names often go unnoticed by Internet users.
Question
What is biometrics?

A)A vital part of the security of any electronic system.
B)The use of unique features of the human body to create secure access controls.
C)The most important aspect of internal control in an organization.
D)An authorization that reassures users that transactions are valid.
Question
In an electronic environment,no other control can better prevent fraud than the wise use of _________.

A)digital certificates
B)biometrics
C)anti-virus software
D)passwords
Question
Which of the following refers to the tactic of keeping security holes,encryption algorithms,and processes secret in an effort to confuse attackers?

A)Authorization control
B)Secure socket layer
C)Security through obscurity
D)Biometrics
Question
The most difficult aspect of detecting e-business fraud is:

A)information about the transactions is captured in databases that are impossible to analyze.
B)correctly specifying the types of frauds that can occur and the symptoms they will generate.
C)the lack of hard-copy documentation,the very essence of e-business.
D)to use technology to catch technology fraud.
Question
Which of the following examples illustrates sniffing?

A)A fraudster impersonating a customer and buying equipment on the customer's account.
B)A fraudster viewing design data of a special project that is being transferred over a network.
C)A fraudster using another employee's passwords to access sensitive information.
D)An Internet site mimicking another site by using .org instead of .com.
Question
_______ is a method of injecting Javascript and other browser commands into the Web site data.

A)Database query injection
B)HTML
C)Cross-site scripting
D)Java
Question
The advantage of e-business transactions is:

A)the use of encryption which protects confidential and sensitive information from being stolen.
B)that information about the transactions is captured in databases that can be analyzed in numerous ways.
C)the absence of hard-copy documentation,the very essence of e-commerce.
D)that they not only make fraud easier to commit,but also make it much easier to detect.
Question
A technique in which hackers go to known business traveler locations like airports and set up access points (look like regular wireless networks)through their laptops to the Internet is called _____.

A)social engineering
B)spoofing
C)phishing
D)wartrapping
Question
Firms specializing in ______ try to gain access to networks and secure information,and they report their findings directly to management.

A)troubleshooting
B)intrusion detection
C)encryption
D)security audit
Question
From sophisticated denial-of-service attempts on local machines to deletion of files to physical damage,_________ is an easy way for employees to harm internal systems.

A)phishing
B)sniffing
C)vandalism
D)wartrapping
Question
A hacker sends a database command after regular data in an online submission form.This command inserts an unauthorized record giving access to the hacker.Which risk is being discussed here?

A)SQL injection
B)HTML
C)Cross-site scripting
D)Java
Question
What allows information to be sent in encoded format over unsecured networks like the Internet and is widely used to protect data and ensure privacy?

A)Virtual private network
B)Public-key encryption
C)Cross-site scripting
D)SQL injection
Question
Which of these is a program that claims to do something useful,but also contains hidden behavior?

A)A trojan horse
B)A normal computer virus
C)An adware
D)An Internet worm
Question
A person who sends e-mail or pop-up messages to users asking for personal information in inventive ways is called a _________.

A)trojan
B)sniffer
C)spoofer
D)phisher
Question
What is the primary electronic transaction and document control used in e-commerce?

A)Encryption
B)Spoofing
C)Physical control
D)Biometric control
Question
Which of the following human features is generally used in biometrics?

A)Height
B)Fingerprints
C)Complexion
D)Weight
Question
A hacker sends an e-mail impersonating technical support to two hundred employees of a company.Four employees respond with their password,thereby allowing the hacker to access the company's internal networks.Which technique is being discussed here?

A)Sniffing
B)Crawling
C)Phishing
D)Wartrapping
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/34
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 17: Fraud in E-Commerce
1
What is the most important aspect of internal control?

A)Audit committee
B)Control policies
C)Control system
D)Personnel
D
2
What is usually the primary goal in traditional fraud?

A)Financial statement fraud
B)Identity theft
C)Theft of money
D)Information theft
C
3
Passwords,biometrics,and digital signatures are examples of _____.

A)physical controls
B)segregation of duties
C)authorization controls
D)checks on performance
C
4
Which of the following is NOT a general type of control activity?

A)Adequate separation of duties
B)Independent checks on performance
C)Proper authorization of transactions and activities
D)Use of internal auditors
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
5
One of the greatest fallacies of e-commerce security is a prevention measure known as _________.

A)risk-assessment
B)security through obscurity
C)digital signature
D)biometrics
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
6
________ is the use of unique features of the human body to create secure access controls.

A)Digital Signatures
B)Passwords
C)Biometrics
D)Firewalls
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
7
____ are self-contained programs that represent today's biggest threat and spread via direct transfer,email,or another mechanism.

A)P2P programs
B)Internet worms
C)Trojan Horses
D)Spyware
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
8
A (n)_____,similar to a trojan horse,installs monitoring software in addition to the regular software that a user downloads or buys.

A)Internet worm
B)Bot
C)Middleware
D)Spyware
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
9
Generally,the best way to prevent fraud in e-business settings is to focus on:

A)reducing pressures.
B)buying and implementing anti-virus software.
C)reducing fraud opportunities.
D)hiring security experts.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
10
The threat of falsified identity is less of a concern in the case of:

A)virtual private networks.
B)traditional EDI settings.
C)e-business.
D)unsecured online transactions.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
11
_____ is the viewing of information that passes along a network line,and it is a common method of gathering information from unencrypted communications.

A)Sniffing
B)Spoofing
C)Hijacking
D)Impersonation
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
12
What is normally the primary concern in an electronic environment?

A)Financial statement fraud
B)Data theft
C)Theft of money
D)Asset misappropriation
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
13
Why are passwords often considered the "Achilles' heel" of electronic systems?

A)Password selection is left to the end user and cannot be fully controlled.
B)Systems cannot handle complex passwords.
C)Any password can be easily hacked.
D)No other control can better prevent fraud than the wise use of passwords.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
14
Which element of the fraud triangle can easily be reduced in preventing fraud in e-business?

A)Pressure
B)Opportunity
C)Rationalization
D)Interaction
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
15
A hacker calls a targeted user and pose as technical support.The hacker asks the victim to divulge the account information so that immediate steps can be taken to prevent data loss from the account.What is this an example of?

A)social engineering
B)spoofing
C)data theft
D)customer impersonation
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
16
What is spoofing?

A)Using a subtly different Internet host name to mimic another business.
B)Changing the information in e-mail headers or IP addresses.
C)Extracting personal or corporate information from employees.
D)Viewing the information that passes along a network line.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
17
E-mail messages and Web visits can be hijacked because:

A)social engineering has made it easy to do so.
B)many managers lack the technical expertise to prevent and detect data theft.
C)data can be transferred easily and quickly to any location in the world.
D)subtle differences in Internet host names often go unnoticed by Internet users.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
18
What is biometrics?

A)A vital part of the security of any electronic system.
B)The use of unique features of the human body to create secure access controls.
C)The most important aspect of internal control in an organization.
D)An authorization that reassures users that transactions are valid.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
19
In an electronic environment,no other control can better prevent fraud than the wise use of _________.

A)digital certificates
B)biometrics
C)anti-virus software
D)passwords
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following refers to the tactic of keeping security holes,encryption algorithms,and processes secret in an effort to confuse attackers?

A)Authorization control
B)Secure socket layer
C)Security through obscurity
D)Biometrics
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
21
The most difficult aspect of detecting e-business fraud is:

A)information about the transactions is captured in databases that are impossible to analyze.
B)correctly specifying the types of frauds that can occur and the symptoms they will generate.
C)the lack of hard-copy documentation,the very essence of e-business.
D)to use technology to catch technology fraud.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
22
Which of the following examples illustrates sniffing?

A)A fraudster impersonating a customer and buying equipment on the customer's account.
B)A fraudster viewing design data of a special project that is being transferred over a network.
C)A fraudster using another employee's passwords to access sensitive information.
D)An Internet site mimicking another site by using .org instead of .com.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
23
_______ is a method of injecting Javascript and other browser commands into the Web site data.

A)Database query injection
B)HTML
C)Cross-site scripting
D)Java
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
24
The advantage of e-business transactions is:

A)the use of encryption which protects confidential and sensitive information from being stolen.
B)that information about the transactions is captured in databases that can be analyzed in numerous ways.
C)the absence of hard-copy documentation,the very essence of e-commerce.
D)that they not only make fraud easier to commit,but also make it much easier to detect.
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
25
A technique in which hackers go to known business traveler locations like airports and set up access points (look like regular wireless networks)through their laptops to the Internet is called _____.

A)social engineering
B)spoofing
C)phishing
D)wartrapping
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
26
Firms specializing in ______ try to gain access to networks and secure information,and they report their findings directly to management.

A)troubleshooting
B)intrusion detection
C)encryption
D)security audit
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
27
From sophisticated denial-of-service attempts on local machines to deletion of files to physical damage,_________ is an easy way for employees to harm internal systems.

A)phishing
B)sniffing
C)vandalism
D)wartrapping
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
28
A hacker sends a database command after regular data in an online submission form.This command inserts an unauthorized record giving access to the hacker.Which risk is being discussed here?

A)SQL injection
B)HTML
C)Cross-site scripting
D)Java
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
29
What allows information to be sent in encoded format over unsecured networks like the Internet and is widely used to protect data and ensure privacy?

A)Virtual private network
B)Public-key encryption
C)Cross-site scripting
D)SQL injection
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
30
Which of these is a program that claims to do something useful,but also contains hidden behavior?

A)A trojan horse
B)A normal computer virus
C)An adware
D)An Internet worm
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
31
A person who sends e-mail or pop-up messages to users asking for personal information in inventive ways is called a _________.

A)trojan
B)sniffer
C)spoofer
D)phisher
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
32
What is the primary electronic transaction and document control used in e-commerce?

A)Encryption
B)Spoofing
C)Physical control
D)Biometric control
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following human features is generally used in biometrics?

A)Height
B)Fingerprints
C)Complexion
D)Weight
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
34
A hacker sends an e-mail impersonating technical support to two hundred employees of a company.Four employees respond with their password,thereby allowing the hacker to access the company's internal networks.Which technique is being discussed here?

A)Sniffing
B)Crawling
C)Phishing
D)Wartrapping
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 34 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree