Computers are Your Future, 10e (Coyle)

Chapter 9 Privacy, Crime, & Security

1) An individual's ability to restrict or eliminate the collection, use, and sale of confidential
personal information is known as:
A) basic rights.
B) privacy.
C) confidentiality.
D) cyber-trust.

Reference: Privacy in Cyberspace

2) The ability to convey a message without disclosing your name or identity is known as:
A) privacy.
B) confidentiality.
C) anonymity.
D) cyber-blocking.

Reference: Technology and Anonymity

3) Which of the following is NOT an example of a credit reporting agency?

A) TransUnion
B) Equifax
C) Experian
D) InfoUSA

Reference: The Problem: Collection of Information Without Consent

4) Anonymity can be abused because it frees people from:

A) tracking.
B) privacy.
C) confidentiality.
D) accountability.

Reference: Technology and Anonymity

1
5) Which of the following is NOT a technology that threatens online anonymity?
A) Phreaking
B) Cookies
C) Ubiquitous computing
D) Radio frequency identification

Reference: Technology and Anonymity

6) What is the best definition of a cookie?

A) It is a plain-text file written to your hard disk by a Web site you visit.
B) It is a virus appended to an online shopping transaction.
C) It is a file containing consumer information sold by an online store to a marketing company.
D) It is an unsolicited advertisement that pops up on your computer.

Reference: Cookies

7) Which of the following is TRUE of cookies?

A) They have no legitimate purpose.
B) They help companies track browsing habits and preferences of users.
C) They are malicious programs embedded in useful software.
D) They are popup ads used to sell products.

Reference: Cookies

8) When you visit a site that has contracted with an Internet ad network, a(n) ________ is
deposited on your hard drive.
A) IP address
B) spy worm
C) cookie
D) None of the above

Reference: Privacy in Cyberspace

9) A word-processing document with an embedded ________ could be traced back to the

computer upon which it was created.
A) cookie
B) GUID
C) macro
D) .NET passport

Reference: Privacy in Cyberspace

2
10) Which of the following technologies has been chastised for removing anonymity from
Internet usage?
A) Electronic Data Interchange (EDI)
B) Global unique identifier (GUID)
C) Unprotected communications protocol (UCP)
D) Secure Electronic Transaction (SET)

Reference: Privacy in Cyberspace

11) Which organization has reported that many color laser printers embed printer tracking dots
on nearly every page at the urging of the U.S. government?
A) National Printer Alliance
B) Patriot Organization
C) Electronic Frontier Foundation
D) National Counterfeit Tracking Organization

Reference: Privacy in Cyberspace

12) Printer tracking dots can identify all of the following EXCEPT the:
A) printer owner.
B) printer serial number.
C) printer manufacturing code.
D) document date and time.

Reference: Privacy in Cyberspace

13) An emerging trend in which individuals interact with multiple networked devices that are
often embedded in everyday objects is called:
A) internetworked computing.
B) ubiquitous computing.
C) wide area networked computing.
D) None of the above.

Reference: Privacy in Cyberspace

3
14) Which type of technology uses radio waves to track a chip or tag placed in or on an object?
A) EDI
B) WAN
C) RFID
D) RFAN

Reference: Privacy in Cyberspace

15) A new passport card approved in 2008 as part of ________ uses an encrypted chip in the
passport.
A) NATO
B) the U.S. Government Patriot Act
C) the North American Travel Initiative
D) the Western Hemisphere Travel Initiative

Reference: Privacy in Cyberspace

16) In the European Union, a basic human rights declaration grants citizens all of the following
privacy rights EXCEPT the right to:
A) know what information is being collected and how it will be used.
B) be informed of the sale of personal information from one marketing company to another.
C) choose whether or not to divulge requested information.
D) request personal information be removed from a marketing database.

Reference: Protecting Your Privacy

17) Which of the following best describes a Web bug?

A) A virus embedded in a Web page
B) Erroneous HTML code that causes a Web page to malfunction
C) A component of a Web page that tracks and collects information about visitors
D) An embedded popup ad seen when a consumer visits a Web site

Reference: Techtalk sidebar

18) Which of the following is NOT a way of safeguarding your Internet privacy?
A) Disabling popup menus in your browser
B) Using a throwaway e-mail address
C) Choosing not to fill out site registration forms
D) Using software such as Anonymizer

Reference: Protecting Your Privacy

4
19) Which of the following is NOT a technique you can effectively use to reduce the amount of
unauthorized e-mail on your computer?
A) Use a temporary e-mail address when visiting a chat room
B) Avoid giving your name and e-mail address on marketing questionnaires
C) Disable cookies on your Web browser
D) Reply to spam and ask to be removed from the mailing list

Reference: Protecting Your Privacy

20) ________ allows an employer to observe employee phone calls, e-mails, and Web browsing.
A) Employee watching
B) Employee monitoring
C) Worker watching
D) Worker monitoring

Reference: Protecting Your Privacy

21) The new emerging legal field that tracks and combats computer-related crimes is called:
A) Internet crime fighting.
B) cyberlaw.
C) Web law.
D) Web policing.

Reference: Computer Crime & Cybercrime

22) Which of the following is NOT a rule to protect your privacy at work?
A) Do not use your employer's phone system for personal calls.
B) Do not use your work e-mail account for personal purposes.
C) Always shred personal faxes and documents.
D) Assume that everything that you do at work is monitored.

Reference: Protecting Your Privacy

23) Assume you open your credit card bill and see several large unauthorized charges.
Unfortunately, you may have been the victim of:
A) a computer virus.
B) a cracker.
C) a trap door.
D) identity theft.

Reference: Types of Computer Crime

5
24) In which type of attack does the attacker poses as a legitimate company in an e-mail or Web
site?
A) Phishing
B) Phreaking
C) Spiffing
D) Spying

Reference: Types of Computer Crime

25) This type of software collects your personal information, monitors your Web surfing habits,
and distributes this information to a third party.
A) Popup-ware
B) Advertisement software
C) Spyware
D) Malware

Reference: Types of Computer Crime

26) Many computer viruses are spread by:

A) CDs and DVDs.
B) e-mail attachments.
C) LAN and WAN connected computers.
D) software downloaded from the Internet.

Reference: Types of Computer Crime

27) Most viruses act as file infectors by attaching themselves to a:

A) hard drive sector.
B) directory.
C) data file.
D) program file.

Reference: Types of Computer Crime

28) Which type of software records keystrokes and relays the information to others?
A) Keyboarders
B) Data entry loggers
C) Keyloggers
D) Keyboard loggers

Reference: Types of Computer Crime

6
29) Which of the following is NOT an extension of a Microsoft Windows executable file?
A) .exe
B) .pdf
C) .com
D) .bat

Reference: Types of Computer Crime

30) Microsoft Word and other productivity software can contain ________ that take advantage
of the automatic command execution capabilities of the software.
A) cookies
B) help files
C) macro viruses
D) time bombs

Reference: Types of Computer Crime

31) Security experts expect the number of viruses and Trojan horses to exceed ________ by
2009.
A) 500,000
B) 1 million
C) 5 million
D) 1 billion

Reference: Types of Computer Crime

32) Boot sector viruses can lead to the destruction of all data stored on a ________.
A) hard drive
B) USB drive
C) CD drive
D) DVD drive

Reference: Types of Computer Crime

33) A spam text message is known as:

A) spam-text.
B) macro.
C) spim.
D) spem.

Reference: Types of Computer Crime

7
34) Which of the following is NOT an example of a virus?
A) Spring Break
B) File Infector
C) Disk Killer
D) Wazzu

Reference: Types of Computer Crime

35) Which type of rogue program is disguised as a useful program but contains hidden
instructions to perform a malicious task?
A) Trojan horse
B) Adware
C) Spartan horse
D) Mal-worm

Reference: Types of Computer Crime

36) When a virus self-modifies itself, the new copy is known as a(n):
A) beta.
B) macro virus.
C) variant.
D) child virus.

Reference: Types of Computer Crime

37) A destructive program that remains on a computer system until the occurrence of a special
event or time is called a:
A) time bomb.
B) Trojan horse.
C) Web bug.
D) worm.

Reference: Types of Computer Crime

8
38) An Internet ________ attack occurs when an Internet server is purposely overloaded so that
it cannot process legitimate transmissions.
A) denial of service
B) mailing list
C) Trojan horse
D) worm

Reference: Types of Computer Crime

39) A ________ is a program that does NOT have to be executed in order to propagate over a
network.
A) time bomb
B) macro virus
C) Trojan horse
D) worm

Reference: Types of Computer Crime

40) In a denial of service attack, the commandeered computers form a botnet, and the individual
computers are called:
A) slaves.
B) worms.
C) attackers.
D) zombies.

Reference: Types of Computer Crime

41) What percentage of computer thefts are inside jobs?

A) 45
B) 70
C) 85
D) 97

Reference: Types of Computer Crime

9
42) Assume you are sitting in a crowded Internet cafe and log in to your company network to
check e-mail over lunch. In this situation, you are susceptible to a technique of password
collection called:
A) dumpster diving.
B) password guessing.
C) shoulder surfing.
D) data diddling.

Reference: Types of Computer Crime

43) Which type of crime occurs when a small amount of money is removed from multiple bank
accounts and is transferred to an embezzler's account?
A) Data diddling
B) Dumpster diving
C) Forgery
D) Salami shaving

Reference: Types of Computer Crime

44) When Internet data appears to come from one place when it's really coming from another,
this is known as:
A) forgery.
B) salami shaving.
C) blackmail.
D) data diddling.

Reference: Types of Computer Crime

45) Using a technique known as ________, a message is sent to a computer system using an IP
address disguised as one from a trusted source.
A) electronic data collection
B) hacking
C) illegal access
D) IP spoofing

Reference: Techtalk sidebar

10
46) What is the best definition of a computer hacker?
A) A hacker is a person who investigates a computer system to understand both its full
capabilities and vulnerabilities.
B) A hacker is a criminal who invades computer systems to obtain information or money.
C) A hacker is a slang term for a professional programmer.
D) A hacker is a person who is highly skilled in computer programming but has had no formal
education.

Reference: Meet the Attackers

47) Offering goods for sale and then not delivering them is called:
A) rip and tear.
B) pumping and dumping.
C) salami shaving.
D) rob-n-run.

Reference: Meet the Attackers

48) Internet auction sites are susceptible to the unsavory practices of shills who:
A) auction items that do not exist.
B) secretly bid on items to artificially drive up prices.
C) auction an attractive item and then mail an inferior version to the winning bidder.
D) auction an item as "one-of-a-kind" when, in fact, thousands are available.

Reference: Meet the Attackers

49) Which population has been found to be MOST at risk from the threat of cyberstalking?
A) Elderly people
B) People with a low level of computer literacy
C) Public officials
D) College women

Reference: Meet the Attackers

11
50) ________ is when a person drives around with a notebook computer to look for wireless
networks.
A) Network surfing
B) Network sniffing
C) Warcruising
D) Wardriving

Reference: Security Risks

51) What is the name for a security hole created by employees for the purpose of exploiting the
company after the employee leaves?
A) Open door
B) Hidden door
C) Trap door
D) Back door

Reference: Security Risks

52) Which of the following groups of people present the greatest threat to a company's
information structure?
A) Company insiders
B) Hackers
C) Shills
D) White hats

Reference: Security Risks

53) Using information technologies to alter or wipe out an enemy's information and industrial
infrastructure is called:
A) information warfare.
B) infrastructure warfare.
C) information combat.
D) infrastructure combat.

Reference: Security Risks

12
54) Which of the following passwords provides the MOST secure choice?
A) 3R2Wvx8a
B) OpenSesame
C) QWERTY
D) Snoopy

Reference: Protecting Your Computer System

55) Of the currently employed access control methods, ________ is the most secure, because it
involves identification of the user's body, such as his or her eyes or fingerprints.
A) biometric authentication
B) callback
C) "know and have" authentication
D) smart card

Reference: Protecting Your Computer System

56) Firewalls are used to:

A) check for viruses on a company's network.
B) eavesdrop on employee e-mail.
C) restrict outsiders from accessing internal data.
D) prevent employees from sending e-mail beyond the confines of the network.

Reference: Protecting Your Computer System

57) What is the study of converting information into encoded or scrambled formats called?
A) Paleontology
B) Cryptography
C) Epistemology
D) Numerology

Reference: The Encryption Debate

58) ________ key encryption requires that the receiver obtain the key to decrypt the message.
A) Asymmetric
B) Digital certificate
C) Digital signature
D) Symmetric

Reference: Encryption Basics

13
59) Public key encryption is used to implement ________, a technique that guarantees a message
has not been tampered with.
A) cybertext
B) digital signatures
C) public key infrastructure
D) symmetric key encryption

Reference: Public Key Encryption

60) The goal of Secure Electronic Transmissions (SET) is to:

A) create safe online transactions using digital certificates.
B) alert the network administrator to packet sniffing activities.
C) provide firewall standards for all network servers.
D) add public key encryption techniques to all Internet traffic.

Reference: Public Key Encryption

61) A ________ is a uniform set of encryption standards that could facilitate secure Internet
transactions.
A) ciphertext
B) pretty good privacy (PGP) policy
C) public key infrastructure (PKI)
D) key escrow plan

Reference: Public Key Encryption

62) ________ refers to the capability of sending a message without disclosing your identity.

Reference: Technology and Anonymity

63) A(n) ________ is an identification number generated by a hardware component or a

program.

Reference: Technology and Anonymity

64) Companies such as uLocate and Wherify can use the GPS in your ________ to determine
your location.

Reference: Protecting Your Privacy

65) Spector is a software application that is used for ________.

Reference: Protecting Your Privacy

14
66) Crimes that use the Internet are called ________.

Reference: Computer Crime & Cybercrime

67) A(n) ________ attempts to gather personal information by pretending to be a legitimate

company in an e-mail or on a Web site.

Reference: Types of Computer Crime

68) The term malware is short for ________.

Reference: Types of Computer Crime

69) Code hidden within a program that damages or destroys files is called a computer ________.

Reference: Types of Computer Crime

70) Opening a(n) ________ file attachment presents the greatest risk of virus infection.

Reference: Types of Computer Crime

71) ________ record all the keystrokes you type.

Reference: Types of Computer Crime

72) Your best defense against malware is to install ________ software.

Reference: Types of Computer Crime

73) A spam text message is known as ________.

Reference: Types of Computer Crime

74) Another name for a time bomb is a(n) ________ bomb.

Reference: Types of Computer Crime

75) A(n) ________ virus installs itself on the beginning tracks of a hard disk where system code
is maintained.

Reference: Types of Computer Crime

76) Sasser and Slammer are examples of ________.

Reference: Types of Computer Crime

15
77) If you play a game downloaded from the Internet and find out that it harmed your computer
system, you may have been the victim of a destructive program called a(n) ________.

Reference: Types of Computer Crime

78) A DoS attack is a denial of ________ attack.

Reference: Types of Computer Crime

79) DDoS is an acronym for ________.

Reference: Types of Computer Crime

80) A DoS attack is also called ________.

Reference: Types of Computer Crime

81) Memory ________ is the practice of removing some RAM chips but leaving a sufficient
amount to start the computer.

Reference: Types of Computer Crime

16
82) Going through trash looking for documents that contain user IDs and password is called
________.

Reference: Types of Computer Crime

83) A(n) ________ is a program that examines traffic on a network, searching for names,
passwords, or credit card information.

Reference: Types of Computer Crime

84) Using a bogus phone call or e-mail message to request a user's password is called ________.

Reference: Types of Computer Crime

85) ________ is when an insider modifies data by altering accounts or database records in order
to steal funds.

Reference: Types of Computer Crime

86) Adverse publicity fears can be used to ________ organizations into not reporting computer
crime.

Reference: Types of Computer Crime

87) Ethical hackers are also known as ________.

Reference: Meet the Attackers

88) Hackers generally subscribe to an unwritten code of conduct called the ________.

Reference: Meet the Attackers

89) Groups of hackers are called ________.

Reference: Meet the Attackers

17
90) Computer virus ________ create viruses and other types of malware to vandalize computer
systems.

Reference: Meet the Attackers

91) Like hackers, ________ are obsessed with their reputations and leave calling cards on the
systems they penetrate.

Reference: Meet the Attackers

92) ________ is another term for a cracker.

Reference: Computer Crime & Cybercrime

93) Bogus work-at-home opportunities, pyramid schemes, and chain letters are the work of
________.

Reference: Meet the Attackers

94) Similar to phishing, ________ phishing targets specific people such as senior citizens or
members of a particular organization.

Reference: Techtalk sidebar

95) ________ is a serious Internet-related crime in which a person harasses or threatens someone
else through electronic media.

Reference: Meet the Attackers

96) Situations in which one or more minors harass or threaten another minor using the Internet is
known as ________.

Reference: Meet the Attackers

97) A computer ________ is an event, action, or situation that can lead to the loss or destruction
of computer systems or their data.

Reference: Security Risks

98) NetStumbler and MiniStumbler are examples of ________ applications.

Reference: Security Risks

99) Wireless LANs pose challenges to security, especially ________ that are designed for open
access.

Reference: Security Risks

18
100) Unlike wired networks, which send traffic over private, dedicated lines, wireless LANs are
more susceptible to security issues because traffic is sent across shared space called ________.

Reference: Security Risks

101) WPA is an acronym for ________.

Reference: Security Risks

102) AES is an acronym for ________.

Reference: Security Risks

103) ________ usually refers to the unauthorized access of company information to benefit
competitors.

Reference: Security Risks

104) The perpetrators of corporate espionage are often ________ who have been hired by a
competing firm.

Reference: Security Risks

105) Sending sensitive data to USB drives, iPods, or other small storage devices is known as
________.

Reference: Security Risks

19
106) ________ is a national cyber watch and warning center that coordinates activities with the
private sector.

Reference: Security Risks

107) Once every two years, the DHS and US-CERT coordinate a national simulation known as
________.

Reference: Security Risks

108) SATAN is an example of a security ________ detection program.

Reference: Security Risks

109) A(n) ________ is a battery-powered piece of equipment that provides backup power to a
computer for a limited time.

Reference: Protecting Your Computer System

110) ________ are often caused by lightning storms or fluctuations in electrical currents.

Reference: Protecting Your Computer System

111) To safeguard your equipment and data against power-related issues, you should always use
a(n) ________ protector.

Reference: Protecting Your Computer System

112) Know-and-have authentication requires the use of ________, which are handheld electronic
devices that generate a logon code.

Reference: Protecting Your Computer System

113) ________ are devices the size of a credit card with their own internal memories.

Reference: Protecting Your Computer System

20
114) A(n) ________ is a computer program that permits a user on the internal network to access
the Internet but severely restricts transmissions from the outside.

Reference: Protecting Your Computer System

115) Personal firewalls are programs or devices that protect home computers from unauthorized
access.

Reference: Protecting Your Computer System

116) A message that has been coded with an encryption key is referred to as encrypto-text.

Reference: Encryption Basics

117) Cryptography is the study of transforming information into encoded format.

Reference: The Encryption Debate

118) Stealing the key used for encryption is called key intermediation.

Reference: Encryption Basics

119) Individuals who practice cryptography are known as cryptographers.

Reference: The Encryption Debate

120) The universal key technique uses two different keys, one for encryption of a message and a
different one for decryption.

Reference: Public Key Encryption

121) Private key encryption is considered essential for e-commerce.

Reference: Public Key Encryption

21
122) A digital signature guarantees that a message has NOT been tampered with.

Reference: Public Key Encryption

123) Before it is encrypted, a readable message is known as ciphertext.

Reference: Encryption Basics

124) A backdoor is a vulnerability that could enable someone to crack an encryption code.

Reference: Public Key Encryption

125) The public nature of the Internet is lessening privacy issues.

Reference: Chapter Introduction

126) The Electronic Privacy Information Center (EPIC) is an excellent source of privacy
information.

Reference: Privacy in Cyberspace

127) Online retailers use cookies to implement "shopping carts."

Reference: Technology and Anonymity

128) Internet ad networks do NOT use cookies to track users' browsing actions.

Reference: Technology and Anonymity

129) When you browse from site to site, the cookie that has been loaded onto the computer's
hard drive is NOT detected, read, and matched with previous browsing activity.

Reference: Technology and Anonymity

130) A concept similar to GUIDs exists in color laser printers.

Reference: Technology and Anonymity

22
131) The printer tracking dots found on the pages printed by color laser printers are designed to
track the location of the printer.

Reference: Technology and Anonymity

132) Companies that introduce GUIDs into their products generally disclose the information up
front to consumers.

Reference: Technology and Anonymity

133) Ubiquitous computing is defined as individuals interacting with one computer at a time.

Reference: Technology and Anonymity

134) RFID tags are often used as a means of inventory control.

Reference: Technology and Anonymity

135) Privacy concerns arise when RFID technology is used for personal items or individuals.

Reference: Technology and Anonymity

136) FERPA establishes standards for the transmission of electronic health care information.

Reference: Protecting Your Privacy

137) HIPAA protects the privacy of student education records.

Reference: Protecting Your Privacy

138) The CAN-SPAM Act of 2004 prohibited ISPs from combating spammers.

Reference: Protecting Your Privacy

139) The FTC and Department of Justice have primary jurisdiction over spammers.

Reference: Protecting Your Privacy

23
140) All new cell phones in the United States must have GPS awareness.

Reference: Protecting Your Privacy

141) Privacy and computer crime are the same.

Reference: Protecting Your Privacy

142) Malware includes spyware, computer viruses, and various rogue programs.

Reference: Types of Computer Crime

143) A keylogger is hidden code within a program that may damage or destroy infected files.

Reference: Types of Computer Crime

144) In a DDoS attack, the commandeered computers are called zombies and the individual
computers are called botnets.

Reference: Types of Computer Crime

145) IP spoofing takes place when a hacker sends a message with an IP address disguised as an
incoming message.

Reference: Techtalk sidebar

Match the following terms to their meanings:

146) Banner ad

Reference: Technology and Anonymity

147)Cookie

Reference: Technology and Anonymity

148) GUID

Reference: Technology and Anonymity

24
149) Ubiquitous computing

Reference: Technology and Anonymity

150) Web bug

Reference: Technology and Anonymity

A) A Web page component that tracks visitors

B) Advertisement supplied by an ad network when a Web page
is viewed
C) An identification number that is generated by a hardware component or a program
D) A small text file containing personal information stored on a consumer's hard disk
E) The process of interacting with multiple networked devices

Match the following terms to their meanings:

151) Dumpster diving

Reference: Types of Computer Crime

152) Shoulder surfing

Reference: Types of Computer Crime

153) Packet sniffer

Reference: Types of Computer Crime

154) Password guessing

Reference: Types of Computer Crime

155) Superuser status

Reference: Types of Computer Crime

A) Program that monitors network traffic for passwords and other valuable information
B) Theft of a poorly chosen password
C) Examination of a company's trash for user IDs or passwords
D) Theft of a user ID or password by watching someone enter keyboard data
E) Theft of computer user information by using system administrator access

Match the following terms to their meanings:

156) Boot sector virus

25
Reference: Types of Computer Crime

157) Macro virus

Reference: Types of Computer Crime

158) Time bomb

Reference: Types of Computer Crime

159) Trojan horse

Reference: Types of Computer Crime

160) Worm

Reference: Types of Computer Crime

A) Takes advantage of automatic command execution capabilities

B) Propagates through networks
C) Installed on the hard drive and infects your computer when you start it
D) Disguised as a game or a utility program
E) Triggered on a certain date or event

Match the following terms to their meanings:

161) Ciphertext

Reference: The Encryption Debate

162) Digital signature

Reference: The Encryption Debate

163) Digital certificate

Reference: The Encryption Debate

164) Plaintext

Reference: The Encryption Debate

26
165) Public key

Reference: The Encryption Debate

A) Used to validate one's identity

B) Unencrypted message that can be read
C) Guarantees a message was not altered
D) Published key used to encrypt a message
E) Scrambled message that cannot be read

27