Chapter 5 Review Questions PDF

Preview

Summary

Chapter 5 review questions and answers ...

Description

CHAPTER 5 REVIEW QUESTIONS MULTIPLE CHOICE 1. Which of the following is NOT an example of an early cybercriminal activity? a. Kevin Mitnick’s attack on the U.S. phone system b. Theft of classified information on the U.S. military by Dark Dante c. Russian hacker Vladimir Levin’s $10 million theft from CitiGroup d. Ross Ulbricht’s underground website Silk Road Answer: d Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in the illegal activity. Page Number: 97 Level: Difficult 2. Which of the following is NOT an inherent weakness early cybercriminals exploited in computer systems and networks? a. Poor process controls that did not consider reviewing application or system error logs b. Salami slicing c. Poorly coded applications accessible through the Internet d. Library access controls on systems attached to the globally connected Internet Answer: b Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in the illegal activity. Page Number: 98 Level: Intermediate 3. __________________ has its roots as an elementary and basic tradecraft. a. Espionage b. Insider fraud c. Sabotage d. Embezzlement Answer: a Objective: Define and describe various types of espionage. Page Number: 99 Level: Intermediate

4. _______________________ is the misappropriation of trade secrets with the knowledge or intent that the offense will benefit a foreign government, foreign instrumentality, or foreign agent. a. Industrial espionage b. Economic espionage c. Corporate espionage d. Criminal espionage Answer: b Objective: Define and describe various types of espionage. Page Number: 99 Level: Intermediate 5. __________________ is the misappropriation of trade secrets related to or included in a product that is produced for or placed in interstate or foreign commerce to the economic benefit of anyone other than the owner. a. Industrial espionage b. Economic espionage c. Corporate espionage d. Criminal espionage Answer: a Objective: Define and describe various types of espionage. Page Number: 99 Level: Intermediate 6. The first documented case of industrial espionage occurred in the: a. 1600s b. 1700s c. 1800s d. 1900s Answer: b Objective: Define and describe various types of espionage. Page Number: 101 Level: Basic

7. The U.S. Department of Commerce has estimated that employee theft played a role in ________ of business failures. a. 55% b. 75% c. 85% d. 95% Answer: d Objective: Define and describe various types of insider fraud. Page Number: 102 Level: Basic 8. a. b. c. d.

Losses from insider fraud are primarily due to: misappropriation of cash only by employees. misappropriation of cash only by nonemployees. misappropriation of cash and/or noncash assets by employees. misappropriation of cash and/or noncash assets by nonemployees.

Answer: c Objective: Define and describe various types of insider fraud. Page Number: 102 Level: Basic 9. When insiders conspire with or are recruited by outside organized crime groups, the fraud is typically related to: a. Financial gains resulting from system manipulation b. Financial gains resulting from data manipulation c. Bulk exfiltration of data to the outsiders d. All of the above Answer: d Objective: Define and describe various types of insider fraud. Page Number: 103 Level: Intermediate 10. Which of the following is NOT a milestone of fraud cases according to the CERT Insider Threat Study on Illicit Cyber Activity Involving Fraud? a. Applying for a job at the target company b. Getting hired by the target company c. The target company detecting fraud d. The target company reporting the fraud Answer: a Objective: Define and describe various types of insider fraud. Page Number: 103 Level: Intermediate

11. According to the CERT Insider Threat Study on Illicit Cyber Activity Involving Fraud, what is the average time between beginning fraud and the company detecting the fraud? a. Approximately 6 months b. Approximately 12 months c. Approximately 24 months d. Approximately 32 months Answer: d Objective: Define and describe various types of insider fraud. Page Number: 104 Level: Intermediate 12. According to CERT the primary reason for an act of sabotage is: a. unmet expectations. b. becoming disgruntled after being demoted. c. an excessive amount of privileges. d. none of the above. Answer: a Objective: Define and describe various types of insider fraud. Page Number: 105 Level: Intermediate 13. Which of the following is an example of sabotage? a. Hitachi’s acquisition of the IBM Adironack Workbooks b. Yonggang’s misappropriation of Dupont’s trade secrets c. Cecere’s removing, modifying, and mistranslation of numerous documents concerning organized crime investigations d. All of the above Answer: c Objective: Define and describe various types of insider fraud. Page Number: 106 Level: Intermediate

14. A recent study by the United Nations estimated that over ________________ percent of all cybercrime worldwide was perpetrated by organized crime associations. a. 50 b. 60 c. 70 d. 80 Answer: d Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 107 Level: Intermediate 15. Which of the following is NOT a country associated with Balkan criminal enterprises? a. Albania b. Croatia c. Bulgaria d. Russia Answer: d Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 111 Level: Intermediate 16. Which is the largest organized crime group in the world? a. La Cosa Nostra b. Japanese Yakuza c. Chinese triads d. Los Zetas Answer: b Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 111 Level: Intermediate

17. Which organized crime enterprises have traditional clan structures? a. Eurasian criminal enterprises b. Asian criminal enterprises c. Balkan criminal enterprises d. African criminal enterprises Answer: c Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 112 Level: Intermediate 18. The _________________ is an underground website named after a great East-to-West trade route. a. Silk Road b. Chiffon Road c. Gold Road d. Money Road Answer: d Objective: Discuss the underground marketplace referred to as the “deep web” or Tor Net. Page Number: 119 Level: Basic 19. Which of the following is NOT a characteristic of the cybercriminal profile as described by the Cyberpunk Project? a. Primarily female b. College or self-educated c. Reserved in public d. Limited use of alcohol and/or drugs Answer: a Objective: Discuss the underground marketplace referred to as the “deep web” or Tor Net. Page Number: 121 Level: Intermediate

20. Which of the following best describes the Tor Network? a. A secretive online world where mainly legal activities flourish b. A secretive online world that law enforcement routinely accesses c. A secretive online world that where real-time illegal transactions take place d. A secretive online world that does not encrypt communication Answer: c Objective: Discuss the underground marketplace referred to as the “deep web” or Tor Net. Page Number: 116 Level: Intermediate

TRUE/FALSE 1. The first cyber-related attack on the United States occurred in 1870 on the electronic phone system. a. True b. False Answer: a Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in the illegal activity. Page Number: 97 Level: Intermediate 2. Cybercrime is an evolved state of traditional crime. a. True b. False Answer: a Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in the illegal activity. Page Number: 97 Level: Basic 3. The Computer Fraud and Abuse Act of 1986 is the first federal act to define and enforce penalties for trade secret theft. a. True b. False Answer: b Objective: Define and describe various types of espionage. Page Number: 99 Level: Intermediate 4. Espionage as a Service is not like traditional corporate espionage where one company targets a competitor. a. True b. False Answer: a Objective: Define and describe various types of espionage. Page Number: 100 Level: Intermediate

5. Espionage as a Service actors are usually better trained and better financed than state actors and typically do not leave forensic traces of their activities. a. True b. False Answer: b Objective: Define and describe various types of espionage. Page Number: 102 Level: Intermediate 6. According to the U.S. Department of Commerce, employee theft costs U.S. businesses almost a billion dollars per week. a. True b. False Answer: a Objective: Define and describe various types of insider fraud. Page Number: 102 Level: Intermediate 7. In fraud crime involving management-level employees, average losses are higher than in lower-level employee crimes. a. True b. False Answer: a Objective: Define and describe various types of insider fraud. Page Number: 103 Level: Intermediate 8. Fraudsters primarily use company data to commit identity theft, insurance fraud, and embezzlement when working alone or with other internal co-conspirators. a. True b. False Answer: a Objective: Define and describe various types of insider fraud. Page Number: 103 Level: Basic

9. According to the CERT Insider Threat Study on Illicit Cyber Activity Involving Fraud, the average time between getting hired and starting fraud is just under 8 months. a. True b. False Answer: b Objective: Define and describe various types of insider fraud. Page Number: 104 Level: Basic 10. The Russian Business Network focuses on criminal cyber activities full time. a. True b. False Answer: a Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 107 Level: Basic 11. Organized cartels use social media sites to collect intelligence about their targets. a. True b. False Answer: a Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 108 Level: Basic 12. Nigerian fraud schemes cost the United States an estimated $1 billion to $2 billion each year. a. True b. False Answer: a Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 110 Level: Basic

13. Most U.S.-based Middle Eastern criminal enterprises are found in Illinois, Ohio, New Jersey, and New York. a. True b. False Answer: a Objective: Identify and discuss various types of sophisticated criminal organizations or enterprises engaged in digital crime (cybercrime). Page Number: 115 Level: Basic 14. Bitcoins are not an anonymous form of electronic payment. a. True b. False Answer: b Objective: Discuss the underground marketplace referred to as the “deep web” or Tor Net. Page Number: 119 Level: Basic 15. The profiles of individuals at the higher levels of drug trafficking and cybercrime share common personality traits. a. True b. False Answer: a Objective: Discuss the underground marketplace referred to as the “deep web” or Tor Net. Page Number: 121 Level: Basic...