Home > Articles

This chapter is from the book

This chapter is from the book

Computer Security Fundamentals, 2nd EditionComputer Security Fundamentals, 2nd Edition

Learn More Buy

This chapter is from the book

This chapter is from the book

Computer Security Fundamentals, 2nd EditionComputer Security Fundamentals, 2nd Edition

Learn More Buy

Test Your Skills

Multiple Choice

  1. The most common Internet investment fraud is known as what?

    1. The Nigerian fraud
    2. The Manhattan fraud
    3. The pump and dump
    4. The bait and switch

  2. What is the most likely problem with unsolicited investment advice?

    1. You might not earn as much as claimed.
    2. The advice might not be truly unbiased.
    3. The advice might not be from a legitimate firm.
    4. You might lose money.

  3. Artificially inflating a stock in order to sell it at a higher value is referred to as what?

    1. Bait and switch
    2. The Nigerian fraud
    3. Pump and dump
    4. The Wall Street fraud

  4. What is the top rule for avoiding Internet fraud?

    1. If it seems too good to be true, it probably is.
    2. Never use your bank account numbers.
    3. Only work with people who have verifiable email addresses.
    4. Don’t invest in foreign deals.

  5. Which of the following is not one of the Security and Exchange Commission’s tips for avoiding investment fraud?

    1. Don’t invest online.
    2. Consider the source of the offer.
    3. Always be skeptical.
    4. Always research the investment.

  6. What are the four categories of auction fraud?

    1. Failure to send, failure to disclose, sending to wrong address, failure to deliver
    2. Failure to send, failure to disclose, sending something of lesser value, failure to deliver
    3. Failure to disclose, sending something to wrong address, failure to send, failure to deliver
    4. Failure to disclose, sending something of lesser value, failure to send, sending something of greater value

  7. A seller bidding on his or her own item to drive up the price is referred to as what?

    1. Bid siphoning
    2. Bid shielding
    3. Shill bidding
    4. Ghost bidding

  8. Submitting a fake but very high bid to deter other bidders is referred to as what?

    1. Bid siphoning
    2. Bid shielding
    3. Shill bidding
    4. Ghost bidding

  9. Identity theft is most often attempted in order to accomplish what goal?

    1. To make illicit purchases
    2. To discredit the victim
    3. To avoid criminal prosecution
    4. To invade privacy

  10. According to the U.S. Department of Justice, identity theft is generally motivated by what?

    1. Malicious intent
    2. Personal hostility towards the victim
    3. Economic gain
    4. Thrill seeking

  11. Why is cyber stalking a serious crime?

    1. It is frightening to the victim.
    2. It can be a prelude to violent crime.
    3. It is using interstate communication.
    4. It can be a prelude to identity theft.

  12. What is cyber stalking?

    1. Any use of the Internet to send or post threats
    2. Any use of electronic communications to stalk a person
    3. Only use of email to send threats
    4. Only the use of email to stalk a person

  13. What will law enforcement officials usually require of the victim in order to pursue harassment allegations?

    1. A verifiable threat of death or serious injury
    2. A credible threat of death or serious injury
    3. A verifiable threat of harm
    4. A credible threat of harm

  14. If you are posting anonymously in a chat room and another anonymous poster threatens you with assault or even death, is this person’s post harassment?

    1. Yes, any threat of violence is harassment.
    2. Probably not, because both parties are anonymous, so the threat is not credible.
    3. Yes, chat room threats are no different than threats in person.
    4. Probably not, because making a chat room threat is not the same as making a threat in person.

  15. What must exist for cyber stalking to be illegal in a state or territory?

    1. Specific laws against cyber stalking in that state or territory.
    2. Specific laws against cyber stalking in that nation.
    3. Nothing; existing stalking laws can apply.
    4. Nothing; existing international cyber stalking laws apply.

  16. What is the first step in protecting yourself from identity theft?

    1. Never provide any personal data about yourself unless absolutely necessary.
    2. Routinely check your records for signs of identity theft.
    3. Never use your real name on the Internet.
    4. Routinely check for spyware on your computer.

  17. What can you do on your local computer to protect your privacy?

    1. Install a virus scanner.
    2. Install a firewall.
    3. Set your browser’s security settings.
    4. Set your computer’s filter settings.

  18. What is a cookie?

    1. A piece of data that web servers gather about you.
    2. A small file made that contains data and then is stored on your computer.
    3. A piece of data that your web browser gathers about you.
    4. A small file made that contains data and then is stored on the web server.

  19. Which of the following is not an efficient method of protecting yourself from auction fraud?

    1. Only use auctions for inexpensive items.
    2. Only use reputable auction sites.
    3. Only work with well-rated sellers.
    4. Only bid on items that seem realistic.

  20. The top rule for chat room safety is what?

    1. Make certain you have antivirus software installed.
    2. Never use your real name or any real personally identifying characteristics.
    3. Only use chat rooms that encrypt transmissions.
    4. Use chat rooms that are sponsored by well-known websites or companies.

  21. Why is it useful to have a separate credit card dedicated to online purchases?

    1. If the credit card number is used illegally, you will limit your financial liability.
    2. You can keep better track of your auction activities.
    3. If you are defrauded, you can possibly get the credit card company to handle the problem.
    4. You can easily cancel that single card, if you need to do so.

  22. What percentage of cyber stalking cases escalate to real-world violence?

    1. Less than 1%
    2. 25%
    3. 90% or more
    4. About 19%

  23. If you are a victim of cyber stalking, what should you do to assist the police?

    1. Nothing; it is their job and you should stay out of it.
    2. Attempt to lure the stalker into a public place.
    3. Keep electronic and hard copies of all harassing communications.
    4. Try to provoke the stalker into revealing personal information about himself or herself.

  24. What is the top way to protect yourself from cyber stalking?

    1. Do not use your real identity online.
    2. Always use a firewall.
    3. Always use a virus scanner.
    4. Do not give out email addresses.

Exercises

Exercise 3.1: Setting Web Browser Privacy in Internet Explorer

  1. This process was described in detail with images in the chapter, but we will walk through the process here:
  • Select Tools from the drop-down menu at the top of Internet Explorer, then choose Internet Options.
  • Select the third tab, which is labeled Privacy.
  • Click the Advanced button.
  • Set your browser to accept first party cookies, prompt for third-party cookies, and accept session cookies.

Exercise 3.2: Using Alternative Web Browsers

  1. Download the Firefox browser from www.mozilla.org.
  2. Set privacy and security settings.

Exercise 3.3: Tracking in a Chat Room

The purpose of this exercise is to grasp how easy it is to obtain personal information about someone from his or her online activities.

  1. Enter any chat room. If you are not familiar with chat rooms or have not used them before, any of the following websites would make a good starting point for you:

    http://chat.icq.com/icqchat/

    www.aol.com/community/chat/allchats.html

    www.javachatrooms.net/

    www.chat-avenue.com/

  2. Note those people who use their real names.
  3. Note those people who reveal personal details.
  4. Compile as much information as you can about posers in the chat room.

Caution

The purpose of this exercise is merely to show you how easy it is for someone to learn about another person from his or her online activities. In no case would you consider using this information to invade another person’s privacy or to harass or embarrass another person.

Projects

Project 3.1: Finding Out about Cyber Stalking and the Law

  1. Using the Web or other resources, find out what your state, country, or province’s laws are regarding cyber stalking.
  2. Write a brief paper describing those laws and what they mean. You may select to do a quick summary of several laws or a more in-depth examination of one law. If you choose the former, then simply list the laws and write a brief paragraph explaining what they cover. If you choose the latter option, then discuss the law’s authors, why it was written, and possible ramifications of the law.

Project 3.2: Looking for Auction Fraud

Go to any auction site and try to identify if there are any sellers you feel might be fraudulent. Write a brief paper explaining what about that seller indicated that he or she may not be dealing honestly.

Project 3.3: Examining Cyber Stalking Case Studies

  1. Using the Web, find a case of cyber stalking not mentioned in this chapter. You may find some of the following websites helpful:

    www.safetyed.org/help/stalking/

    www.cyber-stalking.net/

    www.technomom.com/harassed/index.shtml

  2. Write a brief paper discussing this case, with particular attention to steps you think might have helped avoid or ameliorate the situation.

Case Study

Consider the case of an intrepid identity thief. The perpetrator, Jane, encounters the victim, John, online in a chat room. John is using his real first name, but only his last initial. However, over a series of online conversations between Jane and John, he does reveal personal details about his life (marital status, children, occupation, region he lives in, and so forth). Eventually, Jane offers John some piece of information, such as perhaps an investment tip, as a trick to get John’s email address from him. Once she gets his email address, an email exchange begins outside of the chat room, wherein Jane purports to give John her real name, thus encouraging John to do the same. Of course, the perpetrator’s name is fictitious, such as “Mary.” But Jane now has John’s real name, city, marital status, occupation, and so on.

Jane has a number of options she can try, but we will choose a simple one. She begins by using the phone book or the Web to get John’s home address and phone number. She can then use this information to get John’s social security number, in a variety of ways. The most straightforward would be to go through John’s trash while he is at work. However, if John works in a large company, Jane can just call (or enlist someone to call), claiming to be John’s wife or another close relative, wanting to verify personnel data. If Jane is clever enough, she may come away with John’s social security number. Then it is a trivial matter (as we will see in Chapter 13, “Cyber Detective”) to get John’s credit report and to get credit cards in his name.

From this scenario, consider the following questions:

  1. What reasonable steps could John have taken to protect his identity in the chat room?
  2. What steps should any employer take to prevent being unwittingly complicit in identity theft?

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020