ACC 564 Quiz 2 – Strayer New
ACC 564 Week 5 Quiz 2 Chapter 6
Through 9
Click On The
Link Below To Purchase
Instant Download
Chapter
6 Computer Fraud and Abuse Techniques
1) Wally Hewitt
maintains an online brokerage account. In early March, Wally received an email
from the firm that explained that there had been a computer error and that
provided a phone number so that Wally could verify his customer information.
When he called, a recording asked that he enter the code from the email, his
account number, and his social security number. After he did so, he was told
that he would be connected with a customer service representative, but the
connection was terminated. He contacted the brokerage company and was informed
that they had not sent the email. Wally was a victim of
A) Bluesnarfing.
B) splogging.
C) vishing.
D)
typosquatting.
Answer:
Page
Ref: 157
Objective: Learning Objective 2
Difficulty
: Easy
AACSB: Analytic
2)
When a computer criminal gains access to a system by searching records or the
trash of the target company, this is referred to as
A)
data diddling.
B)
dumpster diving.
C)
eavesdropping.
D)
piggybacking.
Answer:
Page
Ref: 159
Objective: Learning Objective 2
Difficulty
: Easy
AACSB: Analytic
3)
Jerry Schneider was able to amass operating manuals and enough technical data
to steal $1 million of electronic equipment by
A)
scavenging.
B)
skimming.
C)
Internet auction fraud.
D)
cyber extortion.
Answer:
Page
Ref: 159
Objective: Learning Objective 2
Difficulty
: Easy
AACSB:
Analytic
4)
A part of a program that remains idle until some date or event occurs and then
is activated to cause havoc in the system is a
A)
trap door.
B)
data diddle.
C)
logic bomb.
D)
virus.
Answer:
Page
Ref: 161
Objective: Learning Objective 3
Difficulty
: Easy
AACSB: Analytic
5)
The unauthorized copying of company data is known as
A)
data leakage.
B)
eavesdropping.
C)
masquerading.
D)
phishing.
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
6)
Computer fraud perpetrators who use telephone lines to commit fraud and other
illegal acts are typically called
A)
hackers.
B)
crackers.
C)
phreakers.
D)
jerks.
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB:
Analytic
7)
What is a denial of service attack?
A)
A denial of service attack occurs when the perpetrator sends hundreds of
messages from randomly generated false addresses, overloading an Internet
service provider's e-mail server.
B)
A denial of service attack occurs when an e-mail message is sent through a
re-mailer, who removes the message headers making the message anonymous, then
resends the message to selected addresses.
C)
A denial of service attack occurs when a cracker enters a system through an
idle modem, captures the PC attached to the modem, and then gains access to the
network to which it is connected.
D)
A denial of service attack occurs when the perpetrator e-mails the same message
to everyone on one or more Usenet newsgroups LISTSERV lists.
Answer:
Page
Ref: 150
Objective: Learning Objective 1
Difficulty
: Moderate
AACSB: Analytic
8)
Gaining control of someone else's computer to carry out illicit activities
without the owner's knowledge is known as
A)
hacking.
B)
hijacking.
C)
phreaking.
D)
sniffings.
Answer:
Page
Ref: 150
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
9)
Illegally obtaining and using confidential information about a person for
economic gain is known as
A)
eavesdropping.
B)
identity theft.
C)
packet sniffing.
D)
piggybacking.
Answer:
Page
Ref: 156
Objective: Learning Objective 2
Difficulty
: Easy
AACSB:
Analytic
10)
Tapping into a communications line and then entering the system by accompanying
a legitimate user without their knowledge is called
A)
superzapping.
B)
data leakage.
C)
hacking.
D)
piggybacking.
Answer:
Page
Ref: 153
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
11)
Which of the following is not a method of identify theft?
A)
Scavenging
B)
Phishing
C)
Shoulder surfing
D)
Phreaking
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
12)
Which method of fraud is physical in its nature rather than electronic?
A)
cracking
B)
hacking
C)
eavesdropping
D)
scavenging
Answer:
Page
Ref: 159
Objective: Learning Objective 2
Difficulty
: Easy
AACSB: Analytic
13)
Which of the following is the easiest method for a computer criminal to steal
output without ever being on the premises?
A)
dumpster diving
B)
by use of a Trojan horse
C)
using a telescope to peer at paper reports
D)
electronic eavesdropping on computer monitors
Answer:
Page
Ref: 159
Objective: Learning Objective 2
Difficulty
: Easy
AACSB:
Analytic
14)
The deceptive method by which a perpetrator gains access to the system by
pretending to be an authorized user is called
A)
cracking.
B)
masquerading.
C)
hacking.
D)
superzapping.
Answer:
Page
Ref: 153
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
15)
The unauthorized access to, and use of, computer systems is known as
A)
hacking.
B)
hijacking.
C)
phreaking.
D)
sniffing.
Answer:
Page
Ref: 149
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
16)
A fraud technique that slices off tiny amounts from many projects is called the
________ technique.
A)
Trojan horse
B)
round down
C)
salami
D)
trap door
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB:
Analytic
17)
Data diddling is
A)
gaining unauthorized access to and use of computer systems, usually by means of
a personal computer and a telecommunications network.
B)
unauthorized copying of company data such as computer files.
C)
unauthorized access to a system by the perpetrator pretending to be an
authorized user.
D)
changing data before, during, or after it is entered into the system in order
to delete, alter, or add key system data.
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
18)
Spyware is
A)
software that tells the user if anyone is spying on his computer.
B)
software that monitors whether spies are looking at the computer.
C)
software that monitors computing habits and sends the data it gathers to
someone else.
D)
none of the above
Answer:
Page
Ref: 159
Objective: Learning Objective 3
Difficulty
: Easy
AACSB: Analytic
19)
The unauthorized use of special system programs to bypass regular system
controls and perform illegal act is called
A)
a Trojan horse.
B)
a trap door.
C)
the salami technique.
D)
superzapping.
Answer:
Page
Ref: 162
Objective: Learning Objective 3
Difficulty
: Easy
AACSB:
Analytic
20)
Computer fraud perpetrators that modify programs during systems development,
allowing access into the system that bypasses normal system controls are using
A)
a Trojan horse.
B)
a trap door.
C)
the salami technique.
D)
superzapping.
Answer:
Page
Ref: 162
Objective: Learning Objective 3
Difficulty
: Easy
AACSB: Analytic
21)
A fraud technique that allows a perpetrator to bypass normal system controls
and enter a secured system is called
A)
superzapping.
B)
data diddling.
C)
using a trap door.
D)
piggybacking.
Answer:
Page
Ref: 162
Objective: Learning Objective 3
Difficulty
: Easy
AACSB: Analytic
22)
A set of unauthorized computer instructions in an otherwise properly
functioning program is known as a
A)
logic bomb.
B)
spyware.
C)
trap door.
D)
Trojan horse.
Answer:
Page
Ref: 161
Objective: Learning Objective 3
Difficulty
: Easy
AACSB:
Analytic
23)
A ________ is similar to a ________, except that it is a program rather than a
code segment hidden in a host program.
A)
worm; virus
B)
Trojan horse; worm
C)
worm; Trojan horse
D)
virus; worm
Answer:
Page
Ref: 163
Objective: Learning Objective 3
Difficulty
: Easy
AACSB: Analytic
24) Wally Hewitt
is an accountant with a large accounting firm. The firm has a very strict
policy of requiring all users to change their passwords every sixty days. In
early March, Wally received an email from the firm that explained that there
had been an error updating his password and that provided a link to a Web site
with instructions for re-entering his password. Something about the email made
Wally suspicious, so he called the firm's information technology department and
found that the email was fictitious. The email was an example of
A) social
engineering.
B) phishing.
C) piggybacking.
D) spamming.
Answer:
Page
Ref: 157
Objective: Learning Objective 2
Difficulty
: Easy
AACSB: Analytic
25) Developers
of computer systems often include a user name and password that is hidden in
the system, just in case they need to get into the system and correct problems
in the future. This is referred to as a
A) Trojan horse.
B) key logger.
C) spoof.
D) back door.
Answer:
Page
Ref: 162
Objective: Learning Objective 3
Difficulty
: Easy
AACSB:
Analytic
26) In the
1960s, techniques were developed that allowed individuals to fool the phone
system into providing free access to long distance phone calls. The people who
use these methods are referred to as
A) phreakers.
B) hackers.
C) hijackers.
D) superzappers.
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
27) During a
routine audit, a review of cash receipts and related accounting entries
revealed discrepancies. Upon further analysis, it was found that figures had
been entered correctly and then subsequently changed, with the difference
diverted to a fictitious customer account. This is an example of
A) kiting.
B) data
diddling.
C) data leakage.
D) phreaking.
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
28) It was late
on a Friday afternoon when Troy Willicott got a call at the help desk for
Taggitt Finances. A man with an edge of panic clearly discernible in his voice
was on the phone. "I'm really in a bind and I sure hope that you can help
me." He identified himself as Chet Frazier from the Accounting Department.
He told Troy that he had to work on a report that was due on Monday morning and
that he had forgotten to bring a written copy of his new password home with
him. Troy knew that Taggitt's new password policy, that required that passwords
must be at least fifteen characters long, must contain letters and numbers, and
must be changed every sixty days, had created problems. Consequently, Troy
provided the password, listened as it was read back to him, and was profusely
thanked before ending the call. The caller was not Chet Frazier, and Troy
Willicott was a victim of
A) phreaking.
B) war dialing.
C) identity
theft.
D) social
engineering.
Answer:
Page
Ref: 156
Objective: Learning Objective 2
Difficulty
: Easy
AACSB:
Analytic
29) Chiller451
was chatting online with 3L3tCowboy. "I can't believe how lame some people
are! :) I can get into any system by checking out the company web site to see
how user names are defined and who is on the employee directory. Then, all it
takes is brute force to find the password." Chiller451 is a ________ and
the fraud he is describing is ________.
A) phreaker;
dumpster diving
B) hacker;
social engineering
C) phreaker; the
salami technique
D) hacker;
password cracking
Answer:
Page
Ref: 153
Objective: Learning Objective 1
Difficulty
: Moderate
AACSB: Analytic
30) After graduating
from college with a communications degree, Sylvia Placer experienced some
difficulty in finding full-time employment. She free-lanced during the summer
as a writer and then started a blog in the fall. Shortly thereafter she was
contacted by Clickadoo Online Services, who offered to pay her to promote their
clients by mentioning them in her blog and linking to their Web sites. She set
up several more blogs for this purpose and is now generating a reasonable level
of income. She is engaged in
A) Bluesnarfing.
B) splogging.
C) vishing.
D)
typosquatting.
Answer:
Page
Ref: 150
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
31) Telefarm
Industries is a telemarketing firm that operates in the Midwest. The turnover
rate among employees is quite high. Recently, the information technology
manager discovered that an unknown employee had used a Bluetooth-enabled mobile
phone to access the firm's database and copy a list of customers from the past
three years that included credit card information. Telefarm was a victim of
A) Bluesnarfing.
B) splogging.
C) vishing.
D)
typosquatting.
Answer:
Page
Ref: 165
Objective: Learning Objective 3
Difficulty
: Easy
AACSB:
Analytic
32) Jim Chan decided to Christmas shop online. He
linked to Amazon.com, found a perfect gift for his daughter, registered, and
placed his order. It was only later that he noticed that the Web site's URL was
actually Amazom.com. Jim was a victim of
A) Bluesnarfing.
B) splogging.
C) vishing.
D)
typosquatting.
Answer:
Page
Ref: 158
Objective: Learning Objective 2
Difficulty
: Easy
AACSB: Analytic
33) Computers
that are part of a botnet and are controlled by a bot herder are referred to as
A) posers.
B) zombies.
C) botsquats.
D) evil twins.
Answer:
Page
Ref: 150
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
34) Jiao Jan had
been the Web master for Folding Squid Technologies for only three months when
the Web site was inundated with access attempts. The only solution was to shut
down the site and then selectively open it to access from certain Web
addresses. FST suffered significant losses during the period. The company had
been the victim of a(an)
A)
denial-of-service attack.
B) zero-day
attack.
C) malware
attack.
D)
cyber-extortion attack.
Answer:
Page
Ref: 150
Objective: Learning Objective 1
Difficulty
: Easy
AACSB:
Analytic
35) Jiao Jan had
been the Web master for Folding Squid Technologies for only three months when
he received an anonymous email that threatened to inundate the company Web site
with access attempts unless a payment was wired to an account in Eastern
Europe. Jiao was concerned that FST would suffer significant losses if the
threat was genuine. The author of the email was engaged in
A) a
denial-of-service attack.
B) Internet
terrorism.
C) hacking.
D)
cyber-extortion.
Answer:
Page
Ref: 154
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
36) Mo Chauncey
was arrested in Emporia, Kansas, on February 29, 2008, for running an online
business that specialized in buying and reselling stolen credit card
information. Mo was charged with
A)
typosquatting.
B) carding.
C) pharming.
D) phishing.
Answer:
Page
Ref: 158
Objective: Learning Objective 2
Difficulty
: Easy
AACSB: Analytic
37) I work in
the information technology department of a company I'll call CMV. On Wednesday
morning, I arrived at work, scanned in my identity card and punched in my code.
This guy in a delivery uniform came up behind me carrying a bunch of boxes. I
opened the door for him, he nodded and went on in. I didn't think anything of
it until later. Then I wondered if he might have been
A) pretexting.
B) piggybacking.
C) posing.
D) spoofing.
Answer:
Page
Ref: 153
Objective: Learning Objective 1
Difficulty
: Easy
AACSB:
Analytic
38) The call to
tech support was fairly routine. A first-time computer user had purchased a
brand new PC two months ago and it was now operating much more slowly and
sluggishly than it had at first. Had he been accessing the Internet? Yes. Had
he installed any "free" software? Yes. The problem is likely to be
a(an)
A) virus.
B) zero-day
attack.
C) denial of
service attack.
D) dictionary
attack.
Answer:
Page
Ref: 163
Objective: Learning Objective 3
Difficulty
: Easy
AACSB: Analytic
39) In November
of 2005 it was discovered that many of the new CDs distributed by Sony BMG
installed software when they were played on a computer. The software was
intended to protect the CDs from copying. Unfortunately, it also made the
computer vulnerable to attack by malware run over the Internet. The scandal and
resulting backlash was very costly. The software installed by the CDs is a
A) virus.
B) worm.
C) rootkit.
D) squirrel.
Answer:
Page
Ref: 162
Objective: Learning Objective 3
Difficulty
: Moderate
AACSB: Analytic
40)
Which of the following would be least effective to reduce exposure to a
computer virus?
A)
Only transfer files between employees with USB flash drives.
B)
Install and frequently update antivirus software.
C)
Install all new software on a stand-alone computer for until it is tested.
D)
Do not open email attachments from unknown senders.
Answer:
Page
Ref: 164
Objective: Learning Objective 3
Difficulty
: Moderate
AACSB:
Analytic
41)
Which of the following is not an example of social engineering?
A)
Obtaining and using another person's Social Security Number, credit card, or
other confidential information
B)
Creating phony Web sites with names and URL addresses very similar to
legitimate Web sites in order to obtain confidential information or to
distribute malware or viruses
C)
Using email to lure victims into revealing passwords or user IDs
D)
Setting up a computer in a way that allows the user to use a neighbors
unsecured wireless network
Answer:
Page
Ref: 156-159
Objective: Learning Objective 2
Difficulty
: Moderate
AACSB: Analytic
42)
How can a system be protected from viruses?
43)
Describe at least six computer attacks and abuse techniques.
44)
Describe at least four social engineering techniques.
45)
Describe the differences between a worm and a virus?
Accounting
Information Systems, 12e (Romney/Steinbart)
Chapter
7 Control and Accounting Information
Systems
1)
What is one reason why AIS threats are increasing?
A)
LANs and client/server systems are easier to control than centralized,
mainframe systems.
B)
Many companies do not realize that data security is crucial to their survival.
C)
Computer control problems are often overestimated and overly emphasized by
management.
D)
Many companies believe that protecting information is a strategic requirement.
Answer:
Page
Ref: 184
Objective: Learning Objective 1
Difficulty
: Easy
AACSB: Analytic
No comments:
Post a Comment