TEST BANK for Cyber Crime and Cyber Terrorism 5th Edition By Robert Taylor, Eric Fritsch, Michael Sa by ACADEMIAMILL

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 1 Introduction and Overview of Cyber Crime and Cyber Terrorism 1.1 Multiple Choice Questions 1) Which of the following is MOST true? A) Digital crimes are not of great concern to the public. B) The public perception is that law enforcement and government officials are well-equipped to deal with cyber crime. C) The public relies on computers for a host of societal functions including military operations, finance, communications, utilities, and mass transit. D) Threats of cyber terrorism are grossly exaggerated. Answer: C Page Ref: 3 Objective: Describe the current issues, trends, and problems in cyber crime and cyber terrorism. Level: Intermediate 2) Which of the following is MOST true? A) All forms of digital crimes are covered in the text. B) The text focuses mainly on Macintosh-based systems. C) Practitioners in both the criminal justice field and the computer science field typically have limited knowledge of each other's occupations. D) The authors of the text treat digital crime and digital terrorism as separate concepts. Answer: C Page Ref: 6 Objective: Understand the intended audience, purpose, and scope of this text. Level: Basic 3) Which of the following is NOT an example of Donn Parker's work as an early commentator on problems associated with computer crime? A) The ease with which criminals could misuse information. B) The observation that researchers felt that computer crime was not worthy of specific explicit research. C) The "cyber" prefix describes computer crimes. D) The observation that losses increase substantially with intentional acts involving computers. Answer: C Page Ref: 7 Objective: Understand the intended audience, purpose, and scope of this text. Level: Difficult

4) Which of the following is MOST true? A) The character and nature of cyber crime and their frequency of occurrence has changed significantly since 1995. B) Cyber crime is well researched. C) Law enforcement is prepared to handle the newest threats of digital crime. D) Cyber victimization is likely leveling off. Answer: A Page Ref: 7 Objective: Understand the intended audience, purpose, and scope of this text. Level: Intermediate 5) Criminal statistics/data on computer crime are: A) Collected by the FBI B) Very accurate and reliable C) Inconsistent because there is an absence of any attempt to collect offense data systematically D) Submitted by all federal agencies and represent a fairly accurate picture of the problem Answer: C Page Ref: 7 Objective: Understand the intended audience, purpose, and scope of this text. Level: Basic 6) Which of the following is NOT a common theme to emerge from the research on the problems of computer crime? A) Computer fraud within government agencies B) The work of hackers C) Incidences of network incursion D) Behavioral approaches of cyber criminals Answer: D Page Ref: 8-9 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Difficult 7) Which of the following is MOST true? A) Case studies offer generalizations on cyber criminals. B) Most research of cyber crime focuses on behavioral approaches. C) Early researchers felt that computer crime would be a large problem. D) A great deal of effort is dedicated to computer security. Answer: D Page Ref: 9 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Difficult

8) Which country has the highest rate of cyber victimization? A) United States B) England C) China D) North Korea Answer: A Page Ref: 10 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Basic 9) Which of the following is MOST true? A) The processes and dynamics involved in the production of cyber crime and cyber terrorism are virtually the same. B) Cyber terrorism does not pose as great a threat as digital crime. C) Cyber crime is another term for digital terrorism. D) Cyber crime and digital terrorism are not on parallel tracks. Answer: A Page Ref: 11 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 10) Which of the following is NOT a characteristic noted by Anderson and colleagues in 2012? A) Traditional crimes that are now "cyber" because they are conducted online. B) Traditional crimes that have changed with the advent of the Internet. C) New crimes that have been originated since the advent of the Internet. D) Crimes that facilitate other crimes through the proper use of computers. Answer: D Page Ref: 13 Objective: Understand the estimates of the costs of cyber crime. Level: Difficult 11) Which of the following is NOT considered in the calculation of costs associated with each type of computer crime? A) Reputational damage B) Anti-virus software C) Loss of revenue D) All of these Answer: D Page Ref: 1 Objective: Understand the estimates of the costs of cyber crime. Level: Intermediate

12) Which of the following is MOST true? A) Estimates concerning the costs of cyber crime are derived from crime statistics. B) Indirect costs have not traditionally been considered in the calculation of costs. C) Estimates of costs are easy to calculate across different categories of computer crime. D) Employers always report computer crimes committed by employees. Answer: B Page Ref: 13 Objective: Understand the estimates of the costs of cyber crime. Level: Intermediate 13) Which of the following is NOT an example of indirect cost associated with cyber crime? A) Damages to international trade B) Damages to competitiveness C) Physical damages to the computer D) Damages to innovation Answer: C Page Ref: 14 Objective: Understand the estimates of the costs of cyber crime. Level: Basic 14) Which of the following is NOT one of the four categories of computer crime? A) The computer as a target B) Computer vandalism C) The computer as incidental to the crime D) Crimes associated with the prevalence of computers Answer: B Page Ref: 15 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic 15) Data alteration, denial of service, network intrusions, thefts of information, and computer vandalism are examples of which type of computer crime? A) Computer as a target B) Computer as an instrument of a crime C) Computer as incidental to crime D) Crimes associated with the prevalence of computers Answer: A Page Ref: 15-16 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic

16) Network intrusion: A) Is characteristic of the computer criminal who commits these offenses B) Is not sophisticated C) Often targets the server and may cause harm to the network owners or the operation of their business D) Requires punishment imposed for the offenses Answer: C Page Ref: 16 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 17) Which type of computer crime describes actions in which the computer is used only to further a criminal end? In other words, the computer or data contained therein is not the object of the crime. A) Computer as a target B) Computer as an instrument of a crime C) Computer as incidental to a crime D) Crimes associated with the prevalence of computers Answer: B Page Ref: 16 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic 18) The Nigerian bank scheme and pyramid schemes are examples of which type of computer crime? A) Computer as a target B) Computer as an instrument of a crime C) Computer as incidental to a crime D) Crimes associated with the prevalence of computers Answer: B Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic 19) Child pornography is an example of which type of computer crime? A) Computer as a target B) Computer as an instrument of a crime C) Computer as incidental to a crime D) Crimes associated with the prevalence of computers Answer: C Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic 5 Copyright © 2024 Pearson Education, Inc.

20) Intellectual property violations and corporate espionage are examples of which type of computer crime? A) Computer as a target B) Computer as an instrument of a crime C) Computer as incidental to a crime D) Crimes associated with the prevalence of computers Answer: D Page Ref: 18-19 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic 1.2 True/False Questions 1) Computer crime is not an international problem. Answer: FALSE Page Ref: 2 Objective: Describe the current issues, trends, and problems in cyber crime and cyber terrorism. Level: Basic 2) Identity theft is perhaps the most feared online crime. Answer: TRUE Page Ref: 4 Objective: Describe the current issues, trends, and problems in cyber crime and cyber terrorism. Level: Basic 3) The text seeks to merge knowledge of criminal justice with knowledge of computer science. Answer: TRUE Page Ref: 6 Objective: Understand the intended audience, purpose, and scope of this text. Level: Basic 4) "Cyber" refers to almost anything "real" or "virtual" attached to a computer or network. Answer: TRUE Page Ref: 7 Objective: Understand the intended audience, purpose, and scope of this text. Level: Basic 5) The Department of Justice systematically collects computer crime data. Answer: FALSE Page Ref: 7 Objective: Describe the current issues, trends, and problems in cyber crime and cyber terrorism. Level: Basic

6) Case studies offer generalizations about trends in cyber criminality or patterns of offending. Answer: FALSE Page Ref: 9 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Basic 7) Rapid growth in the computer security industry has largely occurred without adequate research on the nature of cyber crimes and criminals. Answer: TRUE Page Ref: 9 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Basic 8) In general, the threat of computer crime victimization increases with industrialization. Answer: TRUE Page Ref: 10 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 9) Research has shown that most dangers of economic computer crimes come from outsiders. Answer: FALSE Page Ref: 10 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 10) Computers may be used as both criminal instruments and weapons of warfare. Answer: TRUE Page Ref: 11 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Basic 11) Estimates on the cost of cyber crime are largely derived from criminal reports. Answer: FALSE Page Ref: 11 Objective: Understand the estimates of the costs of cyber crime. Level: Basic

12) The full extent of the cost of cyber crime is hard to determine, in part, because some government and law enforcement officials tend to underreport or underestimate these costs in order to manage public perceptions and potential fears about the problem. Answer: TRUE Page Ref: 12-13 Objective: Understand the estimates of the costs of cyber crime. Level: Basic 13) It is relatively easy to place a monetary value on the indirect costs. Answer: FALSE Page Ref: 13 Objective: Understand the estimates of the costs of cyber crime. Level: Intermediate 14) Computer "vandalism" falls under the category of crimes where the computer is a target. Answer: TRUE Page Ref: 16 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 15) Computerized theft never deprives a legitimate owner of a tangible asset. Answer: FALSE Page Ref: 16 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Basic 1.3 Fill in the Blank Questions 1) More closely related to the goals of this text, the ________ pandemic also had an enormous impact on the prevalence and character of cyber crime. Answer: Covid-19 Page Ref: 2 Objective: Describe the current issues, trends, and problems in cyber crime and cyber terrorism. Level: Basic 2) Malware is often referred to as malicious software or computer ________. Answer: contaminant Page Ref: 7 Objective: Understand the intended audience, purpose, and scope of this text. Level: Basic

3) One of the earliest commentators on the problems associated with computer crime, Donn ________, recognized the potential for computer-related criminality even in systems that in comparison to today's systems are archaic. Answer: Parker Page Ref: 8 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 4) The Cuckoo's Egg and ________ are case studies that looked at specific instances of network incursion. Answer: Takedown Page Ref: 9 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 5) Cyber victimization can be referred to as "crimes" and can be defined as acts of "________." Answer: Terrorism Page Ref: 10-11 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 6) ________ has been described as the world's first precision guided cybermunition. Answer: Stuxnet Page Ref: 11 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 7) Early studies by the American Bar Association gave estimated costs of cyber crime, which mainly derived from ________ of corporations and government agencies. Answer: Surveys Page Ref: 11 Objective: Understand the estimates of the costs of cyber crime. Level: Intermediate 8) ________ schemes have found a new source of legitimacy with professional-appearing websites and official-sounding Web addresses. Answer: Pyramid Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate

9) The ________ bank scheme is a computer crime that convinces unsuspecting victims to send their bank account numbers overseas, with the promise of getting millions of dollars in return. Answer: Nigerian Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 10) Anderson developed a classification scheme in which ________ crime are crimes that have changed with the advent of the Internet. Answer: Transitional Page Ref: 20 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate

1.4 Matching Questions Match the term in Column 1 to the appropriate category or definition/statement in Column 2. A) Uses convincing and extremely accurate fraudulent Websites to trick victims into providing their financial information to a criminal. B) Falls under the category of the computer as a target. C) Defined, along with "acts of terrorism" by the National Infrastructure Protection Plan as among the most important evolving threats to critical infrastructure. D) Any destructive software aimed at disrupting normal computer network services, collecting sensitive information, or gaining access to private computers, systems, and/or networks. E) The illegal act of copying, duplicating, or sharing a digital work without the permission of the copyright holder or owner of that work. F) Traditional crimes that are now "cyber" because they are conducted online as identified by Anderson and colleagues. G) Falls under the category of the computer as an instrument of a crime. H) Falls under the category of the computer as incidental to a crime. I) Have found a new source of legitimacy with professional-looking Web sites and official sounding Web addresses. 1) Digital piracy Page Ref: 4 Objective: Describe the current issues, trends, and problems in cyber crime and cyber terrorism. Level: Intermediate 2) Malware Page Ref: 7 Objective: Understand the intended audience, purpose, and scope of this text. Level: Intermediate 3) Cyberthreats Page Ref: 11 Objective: Understand the estimates of the costs of cyber crime. Level: Intermediate 4) Cost of cyber crime Page Ref: 13 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 5) Data alteration Page Ref: 16 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 11 Copyright © 2024 Pearson Education, Inc.

6) Child pornography Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 7) Cyberstalking Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 8) Money laundering Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 9) Phishing Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate 10) Pyramid schemes Page Ref: 17 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate Answers: 1) E 2) D 3) C 4) F 5) B 6) H 7) G 8) H 9) A 10) I

1.5 Essay Questions 1) What are some of the efforts in place to combat cyber crime? Answer: (should include points such as): Firewalls and cyber security Encryption technologies Awareness of the problem and the need to address it Changes in legislation, law enforcement, policy, procedure, law, and convictions Page Ref: 9 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Basic 2) Discuss the debate regarding cyber victimization coming from "insiders" versus "outsiders." Answer: (should include points such as): Van Duyn in the 1980s suggests insider threats were far more serious because they were familiar with the data and how it was processed. One study estimated that 90% of economic computer crime was committed by employees. Merit of outsiders has recently increased due to the emergence of networking. Outsiders have an expansive growth of user friendly Internet protocols and adaptable databases. Page Ref: 10 Objective: Discuss the developmental perspective on the problem and changes in cyber victimization. Level: Intermediate 3) What are the four categories of computer crime identified by Carter? In your answer, provide examples of the types of crimes that fall under each category. Answer: (should include points such as): The computer as a target, which involves seeking to deny the legitimate user access to his or her data or computer. This category also includes alteration of data and computer "vandalism." The second category is using the computer as an instrument, most often as a vehicle to commit fraud. Examples include Nigerian bank schemes, Pyramid schemes, phishing, and attempts to harass or threaten individuals. The third category is the computer as an incidental, which uses the computer as a facilitator for loansharking, money laundering, and child pornography. The fourth category includes crimes associated with the prevalence of computers. Examples of this category might be considered white collar crimes, identity theft, and cell phone theft. Page Ref: 15-19 Objective: Describe the schemes for classifying computer crimes, and compare and contrast them. Level: Intermediate

1.6 Critical Thinking Questions 1) A major corporation has just discovered that a significant amount of money has been embezzled. Why would this corporation be hesitant to report such a computer crime? Answer: (should include points such as): To limit the public perception of vulnerability Unable to determine the amount of money embezzled Unable to trace it back to a particular person Expose potential security threats Page Ref: 7-11 Objective: Understand the estimates of the costs of cyber crime. Level: Difficult 2) Find a recent example of a cyber crime (one not discussed in this chapter), and write a summary of your findings. Be sure to discuss the incident, how it was discovered, the cost of the crime, the outcome of the case, and what category the crime fell into. Answer: Answers will vary. Page Ref: n/a Objective: Multiple Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 2 Cyber Terrorism and Information Warfare 2.1 Multiple Choice Questions 1) Which of the following is NOT a component of information warfare? A) Psychological operations B) Physical destruction C) Propaganda D) Security measures Answer: C Page Ref: 27 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Intermediate 2) Which of the following is LEAST true? A) Cyber terrorism is premeditated. B) Cyber terrorism is a politically or ideologically motivated attack. C) Cyber terrorism may include attacks against civilians. D) Cyber terrorism is defined by the group perpetrating it. Answer: D Page Ref: 28 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Basic 3) Which of the following is NOT a category of cyber terrorism? A) Physical attacks B) Promotion C) Technological facilitation D) Information attacks Answer: A Page Ref: 29 Objective: List the categories of attacks that encompass cyber terrorism and/or information warfare. Level: Basic 4) Which of the following is one of the four categories that encompasses cyber terrorism and/or information warfare? A) Steganography B) Promotion C) Unauthorized intrusions D) Cryptography Answer: B Page Ref: 29 Objective: List the categories of attacks that encompass cyber terrorism and/or information warfare. Level: Basic 1 Copyright © 2024 Pearson Education, Inc.

5) Which of the following is NOT a wave in the development of warfare as identified by Alvin Toffler? A) Information wave B) Agrarian wave C) Renaissance wave D) Industrial wave Answer: C Page Ref: 29 Objective: List the categories of attacks that encompass cyber terrorism and/or information warfare. Level: Basic 6) Which of the following is NOT one of the five essential components of infrastructure? A) Communication networks B) People C) Information networks D) Government Answer: D Page Ref: 31-32 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Basic 7) The Achilles' heel of civil aviation security is: A) Identity theft among employees B) Hacking into communication systems C) Its heavy reliance on other types of infrastructure D) Malicious insiders Answer: C Page Ref: 33 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Intermediate 8) What major category of information warfare/cyber terrorism does "website defacement" fall into? A) Infrastructure attacks B) Information attacks C) Technological facilitation D) Promotion Answer: B Page Ref: 36 Objective: Define and describe an information attack. Level: Basic

9) What major category of information warfare/cyber terrorism do "cyber-plagues" fall into? A) Infrastructure attacks B) Information attacks C) Technological facilitation D) Promotion Answer: B Page Ref: 37 Objective: Define and describe an information attack. Level: Intermediate 10) Distributed denial-of-service attacks are an example of: A) Infrastructure attacks B) Information attacks C) Cyber and technological facilitation D) Propaganda and promotion Answer: B Page Ref: 39 Objective: Define and describe an information attack. Level: Basic 11) The type of attack the hacker group "Anonymous" carried out against the private intelligence industry provider Stratfor is considered: A) Website defacement B) A distributed denial-of-service attacks C) An unauthorized intrusion D) Propaganda Answer: C Page Ref: 40 Objective: Define and describe an information attack. Level: Intermediate 12) What is the best tool for terrorist organizations and adversarial nations for the purposes of propaganda and recruitment because it remains largely unregulated and has the potential to reach so many? A) Television B) Radio C) The Internet D) All of these Answer: C Page Ref: 42 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Intermediate

13) What major category of information warfare/cyber terrorism does "data hiding" fall into? A) Infrastructure attacks B) Information attacks C) Technological facilitation D) Promotion Answer: C Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Intermediate 14) Steganography: A) Is an infrastructure attack B) Is data hiding C) Is cryptography D) Is a propaganda and promotion technique Answer: B Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Basic 15) What major category of information warfare/cyber terrorism does "cryptography" fall into? A) Infrastructure attacks B) Information attacks C) Technological facilitation D) Promotion Answer: C Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Intermediate 16) What major category of information warfare/cyber terrorism does "recruiting" fall into? A) Infrastructure attacks B) Information attacks C) Technological facilitation D) Promotion Answer: D Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Intermediate

17) Requesting funds for a terrorist organization through a chat room is an example of: A) Direct solicitation B) E-commerce C) Exploitation of online payment tools D) Charitable donations Answer: A Page Ref: 45 Objective: Explain the active roles of China and al Qaeda in recent cyberattacks against the United States. Level: Intermediate 18) Which of the following is NOT true? A) Al Qaeda leaders have claimed to be actively planning a "cyber jihad" against the United States. B) U.S. officials have found evidence of al Qaeda researching digital switches that run critical infrastructure. C) Al Qaeda produced the computer virus "Stuxnet." D) U.S. officials have found evidence of al Qaeda using LOphtCrack. Answer: C Page Ref: 47-48 Objective: Explain the active roles of China and al Qaeda in recent cyberattacks against the United States. Level: Difficult 19) Which of the following is NOT true? A) The Russians view cyber capabilities as tools of information warfare. B) The Russians view information warfare from a holistic approach. C) The Russians carry out cyber operations alongside psychological operations. D) The Russians view military cyber operations differently than those cyber operations employed for hacktivism, cyber aggression, and cyber crime. Answer: D Page Ref: 49 Objective: Discuss the concept of information warfare from the Russian and Chinese perspectives. Level: Difficult 20) Which of the following is LEAST true? A) Information warfare is considered necessary to the Chinese government to support its objectives and strategy. B) China views cyberspace as a way of compensating for its deficiency in conventional warfare. C) Cyber warfare is incorporated in military training in China. D) The Chinese government restricts the use of cyber warfare to the Chinese military. Answer: D Page Ref: 50 Objective: Discuss the concept of information warfare from the Russian and Chinese perspectives. Level: Difficult 5 Copyright © 2024 Pearson Education, Inc.

2.2 True/False Questions 1) Information warfare is always a component of cyber terrorism. Answer: FALSE Page Ref: 27 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Basic 2) Information attacks are the use of cyber communication to distribute or coordinate plans for a terrorist attack, incite an attack, or otherwise assist in the facilitation of terrorism. Answer: FALSE Page Ref: 27 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Intermediate 3) Infrastructure attacks are those designed to destroy a system that includes critical data. Answer: TRUE Page Ref: 29 Objective: List the categories of attacks that encompass cyber terrorism and/or information warfare. Level: Intermediate 4) The United States' critical infrastructure is likely the nation's most vulnerable to technological attacks. Answer: TRUE Page Ref: 30 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Basic 5) Critical infrastructure is not an attractive target for terrorists. Answer: FALSE Page Ref: 32 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Basic 6) A virus is a piece of code that attaches itself to other pieces of computer software. Answer: TRUE Page Ref: 37 Objective: Define and describe an information attack. Level: Basic

7) A worm is a program that reproduces itself over a computer network by breaking into computers much like a virtual hacker. Answer: TRUE Page Ref: 37 Objective: Define and describe an information attack. Level: Basic 8) An unauthorized intrusion is easy to identify once it has occurred. Answer: FALSE Page Ref: 40 Objective: Define and describe an information attack. Level: Basic 9) Data hiding is difficult to accomplish, but relatively easy to discover in Internet files. Answer: FALSE Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Basic 10) A cryptographic key is necessary to read encoded material. Answer: TRUE Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Basic 11) The Internet is the best tool for propaganda and recruitment among terrorists. Answer: TRUE Page Ref: 42 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Basic 12) Recruitment and mobilization are important parts of a terrorist's Web presence. Answer: TRUE Page Ref: 43 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Basic

13) According to the Russian perspective, employing cyber crime and cyber terrorism techniques are well within the arsenal of information warfare. Answer: TRUE Page Ref: 49 Objective: Discuss the concept of information warfare from the Russian and Chinese perspectives. Level: Intermediate 14) The nation of Japan currently poses a larger threat to the United States in terms of information warfare than that posed by China. Answer: FALSE Page Ref: 50 Objective: Discuss the concept of information warfare from the Russian and Chinese perspectives. Level: Intermediate 15) Despite its contention that modern technological advancements are incompatible with fundamentalist Islamic culture, al Qaeda has become a primary foe in the cyber terrorism area. Answer: TRUE Page Ref: 47 Objective: Explain the active roles of China and al Qaeda in recent cyberattacks against the United States. Level: Intermediate 2.3 Fill in the Blank Questions 1) ________ operations use information to affect the state of the mind of adversary. Answer: Psychological Page Ref: 27 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Basic 2) Promotion includes fundraising, ________, and recruitment. Answer: solicitation Page Ref: 29 Objective: List the categories of attacks that encompass cyber terrorism and/or information warfare. Level: Intermediate 3) ________ was a large program written primarily for espionage and information gathering that allows attacks to seek and secure drawings, plans, policies, and other documents stored within a computer or computer network. Answer: Flame Page Ref: 31 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Basic 8 Copyright © 2024 Pearson Education, Inc.

4) ________ insiders are those who have been given access to a system for valid reasons and present the greatest threat to infrastructure. Answer: Malicious Page Ref: 32 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Basic 5) A ________ runs off weaknesses in popular software in order to reproduce quickly and can affect tens of thousands of computers in as little as 2 or 3 hours. Answer: Worm Page Ref: 38 Objective: Define and describe an information attack. Level: Basic 6) The hacker group ________ claimed responsibility for a coordinated series of attacks against private intelligence industry provider, Stratfor. Answer: Anonymous Page Ref: 42 Objective: Define and describe an information attack. Level: Intermediate 7) For terrorists, recruiting is made easier by tracking which ________ is accessed most on a Web site and tailoring messages to fit that particular audience. Answer: propaganda Page Ref: 44 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Intermediate 8) Another word for data hiding is ________. Answer: Steganography Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Basic 9) The Russians view cyber capabilities as tools of information ________. Answer: Warfare Page Ref: 49 Objective: Discuss the concept of information warfare from the Russian and Chinese perspectives. Level: Intermediate

10) Members of al Qaeda have declared a ________ jihad or holy war against the United States and its allies. Answer: cyber Page Ref: 47 Objective: Explain the active roles of China and al Qaeda in recent cyberattacks against the United States. Level: Intermediate 2.4 Matching Questions Match the term in Column 1 to the appropriate definition or statement in Column 2. A) For terrorists, these activities include the online sale of goods, including books and recordings that support their cause. B) The act of taking a piece of information and hiding it within another piece of data, such as an image, sound recording, or word processing file. C) View cyber capabilities as tools of information warfare, which combines intelligence, counterintelligence, disinformation, electronic warfare, debilitation of communications, degradation of navigation, psychological pressure, and destruction of enemy computer capabilities. D) A program that reproduces itself over a computer network by breaking into computers much like a virtual hacker. E) An attempt by a cyberattacker to prevent legitimate usage of service and can take the form of destruction or alteration of configuration information for a system. F) Seeks to undermine the equality, accuracy, and availability of an adversary's information, while also inhibiting the adversary's information-collection abilities. G) A computer worm program jointly developed by Israel and the United States whose purpose was to infect the operating systems of specific computers that manage the controller devices primarily found within the pumps and gas centrifuges used in the Natanz nuclear enrichment facilities in Iran. H) A piece of code that attaches itself to other pieces of computer software. I) This is made easier for terrorists by tracking which propaganda is accessed most on a Web site and tailoring the message to fit that particular audience. J) A category of cyber terrorism that focuses on demolishing or altering the content of electronic files or computer systems. 1) Electronic warfare Page Ref: 27 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Intermediate 2) Information attacks Page Ref: 29 Objective: List the categories of attacks that encompass cyber terrorism and/or information warfare. Level: Intermediate 10 Copyright © 2024 Pearson Education, Inc.

3) Stuxnet Page Ref: 30 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Intermediate 4) Virus Page Ref: 37 Objective: Define and describe an information attack. Level: Intermediate 5) Worm Page Ref: 37 Objective: Define and describe an information attack. Level: Intermediate 6) Distributed denial-of-service attack Page Ref: 39 Objective: Define and describe an information attack. Level: Intermediate 7) Data hiding Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Intermediate 8) Recruiting Page Ref: 44 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Intermediate 9) E-commerce Page Ref: 45 Objective: Explain the active roles of China and al Qaeda in recent cyberattacks against the United States. Level: Intermediate 10) Russians Page Ref: 49 Objective: Discuss the concept of information warfare from the Russian and Chinese perspectives. Level: Intermediate Answers: 1) F 2) J 3) G 4) H 5) D 6) E 7) B 8) I 9) A 10) C 11 Copyright © 2024 Pearson Education, Inc.

2.5 Essay Questions 1) Why is it difficult to define terms like "cyber crime," "cyber terrorism," and "information warfare"? Answer: (should include points such as): They are broad concepts. Often it depends on who is defining these terms. Can encompass a range of activities by a variety of different people. These terms and concepts may overlap and elements may be difficult to separate. Page Ref: 27 Objective: Define the concepts of "cyber crime," "cyber terrorism," and "information warfare." Level: Basic 2) Explain how promotion falls into one of the four categories of attacks that encompass cyber terrorism. Answer: (should include points such as): The Internet is largely unregulated and has the potential to reach a lot of people Used to influence public opinion Used to generate funding Used for recruitment and mobilization Page Ref: 42-44 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Basic 3) Explain data hiding. Answer: (should include points such as): Taking a piece of information and hiding it within another piece of data Digital images or recordings are altered without losing their functionality Not perceived by the human eye or ear Fairly easy to do because there are free programs on the Internet Hard to find Page Ref: 42 Objective: Define the words "steganography" and "cryptography," and relate their use in information warfare and cyber terrorism. Level: Basic

2.6 Critical Thinking Questions 1) Pick a critical infrastructure in your area. Discuss why it would be considered a critical infrastructure and what actions should be or have been done to protect it. Answer: Answers will vary. Examples of critical infrastructures are outlined in the textbook. Page Ref: 30-35 Objective: Identify various elements of our critical infrastructure that are potentially vulnerable to cyber terrorism and/or information warfare. Level: Difficult 2) Based on the information provided by the textbook on the Chinese use of information warfare against the United States, give your opinion on what counter actions you think the United States should take against China. Answer: Answers will vary. Page Ref: 50-51 Objective: Describe some of the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 3 The Criminology of Computer Crime 3.1 Multiple Choice Questions 1) Which of the following is NOT a reason that choice theory became popular among criminologists in the 1970s? A) The reported crime rate in the 1960s and 1970s increased significantly. B) The practice of rehabilitation came under attack after the "Nothing Works" article appeared. C) Crime-producing traits and factors were discovered. D) The public began to view punishment as the primary reason for incarceration. Answer: C Page Ref: 58 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Intermediate 2) A university enacts a policy in which any student who is caught illegally downloading media files will be automatically expelled from the university. The university hopes that students will be deterred from engaging in illegal downloading. This policy is an example of which theory? A) Routine Activities Theory B) Strain Theory C) Learning Theory D) Choice Theory Answer: D Page Ref: 58 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Intermediate 3) According to Cohen and Felson, crime occurs when there is a convergence in time and space of three factors. Which of the following is NOT one of those factors? A) A motivated offender B) An adequate sight line from the location C) The absence of a capable guardian D) A suitable target Answer: B Page Ref: 59 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Basic

4) Which of the following is NOT a finding of Holt and Bossler's empirical study of routine activities theory and online harassment? A) Routine computer use increased the odds of online harassment. B) Personal and peer involvement in deviance had no influence on the risk of online harassment. C) Individuals engaging in media piracy and viewing pornography were at increased risk of malware infection. D) Computer software created specifically to decrease malware victimization had no impact. Answer: B Page Ref: 59 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Intermediate 5) A judge tells a defendant, "You are sentenced to prison not because of your crimes, but so that others will not engage in the same crimes." This is an example of which type of deterrence? A) General deterrence B) Group deterrence C) Specific deterrence D) Individual deterrence Answer: A Page Ref: 60 Objective: Describe the assumptions of deterrence theory and its utility. Level: Basic 6) ________ is designed to impose a sanction on convicted offenders in order to prevent them from continuing to commit criminal acts in the future. A) Specific deterrence B) Individual deterrence C) General deterrence D) Group deterrence Answer: A Page Ref: 60 Objective: Describe the assumptions of deterrence theory and its utility. Level: Basic 7) Which of the following is NOT an assumption of deterrence theory? A) Individuals are rational actors. B) Individuals view the risks of particular crimes as unpleasant. C) Offenders must be aware of the penalty for particular crimes. D) Sanctions must be swift, severe, and absolute. Answer: D Page Ref: 60 Objective: Describe the assumptions of deterrence theory and its utility. Level: Intermediate

8) According to Kohlberg, right corresponds to seeing one's own needs met, taking responsibility for oneself, and allowing others to do the same in which stage of moral development? A) Social contract, legalistic orientation stage B) Law and order orientation stage C) Punishment and obedience orientation stage D) Hedonistic orientation stage Answer: D Page Ref: 62 Objective: Discuss the impact of personality disorders on cyber crime. Level: Intermediate 9) According to Kohlberg, which two stages of moral development are completed by age 7? A) Social contract, legalistic orientation stage and punishment and obedience orientation stage B) Hedonistic orientation stage and interpersonal concordance stage C) Law and order orientation stage and hedonistic orientation stage D) Punishment and obedience orientation stage and hedonistic orientation stage Answer: D Page Ref: 63 Objective: Discuss the impact of personality disorders on cyber crime. Level: Difficult 10) Which of the following is NOT a personality characteristic conducive to crime identified by the Gluecks? A) Lack of self-esteem B) Impulsivity C) Lack of self-control D) Resentment Answer: A Page Ref: 63 Objective: Discuss the impact of personality disorders on cyber crime. Level: Intermediate 11) According to Merton, a(n) ________ accepts the goal of economic success but rejects the institutionalized means to obtain it. A) Ritualist B) Conformist C) Innovator D) Rebel Answer: C Page Ref: 66 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Intermediate

12) An individual that engages in computer crime, fraud, and robbery in an effort to obtain financial success has adopted which form of Merton's modes of adaptation? A) Ritualism B) Conformity C) Retreatism D) Innovation Answer: D Page Ref: 66 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Intermediate 13) According to Agnew's General Strain Theory, which of the following is NOT a source of strain? A) Failure to achieve positively valued goals B) Cultural goal of economic success C) Presentation of negative stimuli D) Disjunction between expectations and achievements Answer: B Page Ref: 67 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Intermediate 14) Which of the following theorists developed a learning theory of crime? A) Kohlberg B) Merton C) Sutherland D) Agnew Answer: C Page Ref: 68 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 15) Which technique of neutralization occurs when an individual states that his or her behavior was an accident or resulted from forces beyond his or her control? A) Denial of responsibility B) Denial of injury C) Denial of victim D) Appeal to higher loyalties Answer: A Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic

16) Which technique of neutralization occurs when an individual believes that the victim "had it coming"? A) Denial of responsibility B) Denial of injury C) Denial of victim D) Appeal to higher loyalties Answer: C Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 17) Hackers appear to exhibit a subculture that includes: A) Slang B) Group customs and norms C) Socialization processes D) All of these Answer: D Page Ref: 75-76 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 18) According to Hirschi, a person's tendency to commit crime can be found in his or her level of: A) Commitment B) Self-esteem C) Self-control D) Attachment Answer: C Page Ref: 78 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 19) A terrorist group that hacks into an electrical power grid in order to cause a massive blackout and disrupt normalcy in the name of economic equality has subscribed to which theory? A) Learning theory B) Social structure theory C) Political theory D) Choice theory Answer: C Page Ref: 79 Objective: Describe the relationship between terrorism and political theory. Level: Intermediate

20) Which of the following is NOT a characteristic of Marxist thought? A) Successful revolutionary strategy began with a core group of leading individuals. B) Political change can be achieved without conflict. C) Groups of people revolting against ruling elites have changed history. D) Trust, order, and security maintained the ruling status of the wealthy elites. Answer: B Page Ref: 80 Objective: Describe the relationship between terrorism and political theory. Level: Intermediate 3.2 True/False Questions 1) "Three strikes and you're out" is an example of policy based on choice theory. Answer: TRUE Page Ref: 58 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Basic 2) Cohen and Felson argue that the motivation to commit crime and the supply of offenders are constant. Answer: TRUE Page Ref: 58 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Basic 3) Deterrence theory assumes that individuals are rational actors. Answer: TRUE Page Ref: 60 Objective: Describe the assumptions of deterrence theory and its utility. Level: Basic 4) Research has shown that the threat of arrest greatly deters would-be criminals. Answer: FALSE Page Ref: 61 Objective: Describe the assumptions of deterrence theory and its utility. Level: Intermediate 5) Research has shown that most criminals fall into stage 3 or 4 of Kohlberg's stages of moral development. Answer: FALSE Page Ref: 63 Objective: Discuss the impact of personality disorders on cyber crime. Level: Intermediate

6) Psychological theory identifies the specific reasons a person becomes a pedophile. Answer: FALSE Page Ref: 64-65 Objective: Discuss the impact of personality disorders on cyber crime. Level: Intermediate 7) According to Merton, the cultural goal of American society is economic success. Answer: TRUE Page Ref: 65 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Basic 8) A ritualist rejects the cultural goal of economic success but accepts the institutionalized means to obtain the cultural goal. Answer: TRUE Page Ref: 66 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Basic 9) White-collar crime cannot be applied to contemporary strain theory because of the assumption that only lower-class individuals commit crimes. Answer: FALSE Page Ref: 66 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Intermediate 10) Sutherland's theory of differential association argues that criminal behavior is a function of learning. Answer: TRUE Page Ref: 69 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 11) The propagation of a worm that does not actually damage anything and is more of a nuisance than anything else is a form of denial of injury according to Sykes and Matza's techniques of neutralization. Answer: FALSE Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 12) A subculture is a set of values, norms, and beliefs that differ from those of the dominant culture. Answer: TRUE Page Ref: 73 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 7 Copyright © 2024 Pearson Education, Inc.

13) Many hackers acknowledge their activities are illegal, but legitimize and justify their actions using various rationales. Answer: TRUE Page Ref: 75 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 14) Social control theory assumes that people will violate the law. Answer: TRUE Page Ref: 77 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 15) According to Marxist thought, no government would willingly give up power and wealth; therefore, this power and wealth has to be taken violently. Answer: FALSE Page Ref: 80 Objective: Describe the relationship between terrorism and political theory. Level: Basic 3.3 Fill in the Blank Questions 1) According to Cohen and Felson, crime occurs where there is a convergence in ________ and space of these three factors: a motivated offender, a suitable target, and the absence of a capable guardian. Answer: Time Page Ref: 59 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Basic 2) The two types of deterrence are ________ and specific. Answer: General Page Ref: 60 Objective: Describe the assumptions of deterrence theory and its utility. Level: Basic 3) The Diagnostic and Statistical Manual of the American Psychiatric Association defines the essential feature of ________ personality disorder as "a pervasive pattern of disregard for, and the violation of, the rights of others that begin in childhood or early adolescence and continues into adulthood." Answer: antisocial Page Ref: 63 Objective: Discuss the impact of personality disorders on cyber crime. Level: Intermediate

4) Blocked opportunity theory is another term for ________ theory. Answer: Strain Page Ref: 65 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Basic 5) ________ deprivation offers an explanation as to why crimes such as money laundering and/or corporate espionage are primarily committed by individuals who may already be materially successful. Answer: Relative Page Ref: 66 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Basic 6) The principle of ________ association states that a person becomes criminal because of an excess of definitions favorable to the violation of the law over definitions unfavorable to the violation of the law. Answer: differential Page Ref: 70 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Intermediate 7) A ________ is any group having certain values, norms, traditions, and rituals that set them apart from the dominant culture. Answer: Subculture Page Ref: 73 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 8) Research on the hacker subculture has found that there are three consistent ideas or values that guide hacker behavior: technology, secrecy, and ________. Answer: Mastery Page Ref: 75 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 9) According to Hoffman, terrorism is thus violence-or equally important, the threat of violenceused and directed in pursuit of, or in service of a ________ aim. Answer: Political Page Ref: 79 Objective: Describe the relationship between terrorism and political theory. Level: Intermediate

10) According to Marxist thought, the ________ represented the frontlines of violent activity. Answer: Vanguard Page Ref: 80 Objective: Describe the relationship between terrorism and political theory. Level: Basic 3.4 Matching Questions Match the statement from Column 1 to the appropriate technique of neutralization in Column 2. A) Denial of injury B) Appeal to higher loyalties C) Condemnation of the condemners D) Denial of victim E) Denial of responsibility 1) "I did not mean to do it." Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 2) "They had it coming." Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 3) "Why is everyone picking on me?" Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 4) "I didn't even hurt anyone." Page Ref: 72 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic 5) "I did it for my friends." Page Ref: 73 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic Answers: 1) E 2) D 3) C 4) A 5) B

Match the theory or term in Column 1 to the appropriate definition or statement in Column 2. A) The first and perhaps the most important assumption of this theory is that individuals are rational actors; offenders weigh the potential risks and benefits of committing a criminal act and then make a conscious decision about whether to commit the offense. B) This type of individual rejects both the cultural goal of economic success and the institutionalized means to obtain it. C) Based on rational choice; argues that the motivation to commit crime and the supply of offenders are constant. D) Assumes that individuals develop in a sequential manner. E) To the dedicated Marxist, this represented contemporary terrorist groups. 6) Routine activities theory Page Ref: 58 Objective: Discuss the tenets of choice theory, including routine activity theory, and its applicability to cyber crimes. Level: Basic 7) Deterrence theory Page Ref: 60 Objective: Describe the assumptions of deterrence theory and its utility. Level: Basic 8) Cognitive development theory Page Ref: 61 Objective: Discuss the impact of personality disorders on cyber crime. Level: Basic 9) Retreatism Page Ref: 66 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Basic 10) Vanguard Page Ref: 80 Objective: Describe the relationship between terrorism and political theory. Level: Basic Answers: 6) C 7) A 8) D 9) B 10) E

3.5 Essay Questions 1) List the assumptions of deterrence theory. Answer: (should include points such as): Individuals are rational actors. Offenders must be aware of the penalty for particular crimes. Offenders must view the risks as unpleasant. Assumed that the sanction is swift, certain, and severe. Page Ref: 66 Objective: Describe the assumptions of deterrence theory and its utility. Level: Intermediate 2) How does white-collar crime fit within strain theory? Answer: (should include points such as): Concept that white-collar crime is committed because there is a blocked legitimate opportunity. White-collar criminals are innovators. Page Ref: 72-73 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Intermediate 3) What are the five techniques of neutralization? Provide an example of each. Answer: (should include points such as): Denial of responsibility Denial of injury Denial of victim Condemnation of the condemners Appeal to higher loyalties Examples will vary. Page Ref: 60 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Basic

3.6 Critical Thinking Questions 1) Explain how cyber stalking and harassment could be the result of strains, according to Agnew. Answer: (should include points such as): Negative affective states Failure to achieve positively valued goals Disjunction between expectations and achievements Removal of positively valued stimuli Presentation of negative stimuli Page Ref: 66-67 Objective: Discuss the major social structure theories that apply to cyber crime. Level: Difficult 2) Describe how hackers have formed their own subculture. Answer: (should include points such as): Rejection of goals and opportunities of dominant culture Acknowledgement of illegal activity Techniques of neutralization Adaption of unique slang Values of hacker behavior: technology, secrecy, and mastery Disdain for average computer users Page Ref: 75-78 Objective: Discuss the learning and social control theories that apply to cyber crime. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 4 Hackers 4.1 Multiple Choice Questions 1) Which word was originally used to refer to an unorthodox problem solver and master programmer? A) Hacker B) Cyberpunk C) Virus D) Lone wolf Answer: A Page Ref: 85 Objective: Describe some of the difficulties associated with defining hackers. Level: Basic 2) Which of the following involves the manipulation, theft, or use of telephone networks for illegal activities? A) Programming software B) hacktivism C) Software cracking D) Phone phreaking Answer: D Page Ref: 87 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 3) Which of the following is NOT a characteristic of the original phone phreaks? A) Paranoia B) Counterculture attitude of the 1960s and 1970s C) Restriction to the technology of the phone company D) Blue boxing Answer: C Page Ref: 87 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic

4) The contemporary warez scene has expanded to include which of the following? A) Digitally compressed movies before they are actually released B) DVD decoding C) Console games D) All of these Answer: D Page Ref: 88 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 5) Which of the following is defined in terms of their activities related to denial-of-service attacks? A) Cracker B) Script kiddie C) White hat D) Gray hat Answer: B Page Ref: 89 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 6) A hacker who uses his skills and attitudes to convey a political message is known as a: A) White hat hacker B) Black hat hacker C) Script kiddie D) Hacktivist Answer: D Page Ref: 89 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic

7) Which of the following is NOT a social engineering tactic? A) Camaraderie B) Identity theft C) Bluster D) Technical detail Answer: B Page Ref: 90 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 8) Which of the following is NOT a characteristic of the "Hacker Ethic"? A) Computers can change your life for the better. B) Hackers should not be judged by their hacking. C) All information should be free. D) You can create art and beauty on a computer. Answer: B Page Ref: 91 Objective: Explain shifts in how society has perceived hackers over time. Level: Intermediate 9) Which of the following forms of technology expanded the scope of hacker activities? A) Personal computers B) Computer networks C) Modems D) All of these Answer: D Page Ref: 92 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Basic 10) Which 1983 film introduced the public to the unexplored world of computer hacking? A) The War Room B) Computer Wars C) War Games D) Computer Games Answer: C Page Ref: 92 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate

11) What famous text introduced in 1986 railed against adults, law enforcement, and schools and evoked the angst of young hackers? A) The Hacker Bible B) The Hacker Encyclopedia C) The Hacker Diaries D) The Hacker Manifesto Answer: D Page Ref: 93 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate 12) Which magazine has tried to establish credibility among important figures in computer culture by refusing to stigmatize the word "hacker"? A) Cyberpunk B) Science C) Wired D) Consumer Reports Answer: C Page Ref: 94 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate 13) This group tends to define hackers and their activities in terms of the illegality of hacking. A) Media B) Law enforcement C) Hacker subculture D) None of the above Answer: B Page Ref: 96 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic 14) Which of the following is defined as a malicious hacker? A) Cracker B) Script kiddie C) White hat D) Gray hat Answer: A Page Ref: 97 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic

15) This group tends to define hackers and their activities in terms of creative problem solving and as a "prosocial" activity. A) Media B) Law enforcement C) Hacker subculture D) None of the above Answer: C Page Ref: 97 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic 16) Which of the following is a term borrowed from the military that describes a hacker or team of hackers hired to penetration-test the defenses of an organization? A) Script kiddies B) Tiger team C) Gray hat teams D) Guru hackers Answer: B Page Ref: 100 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic 17) Which of the following is defined as a hacker who performs both legal and illegal hacker activities? A) Cracker B) Script kiddie C) White hat D) Gray hat Answer: D Page Ref: 101 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic 18) Which of the following is NOT a characteristic of the hacker subculture norm technology? A) Eleet speek or k-rad B) Using online resources to exchange information with other hackers C) Mentoring inexperienced hackers D) The use of multiplayer computer games to help give hackers an interest in technology Answer: C Page Ref: 102-103 Objective: Recognize the importance of hacker subculture in the promotion of hacking and the maintenance of hacker norms among hackers themselves. Level: Difficult 5 Copyright © 2024 Pearson Education, Inc.

19) Following the continuing changes and improvements in technology is an example of which type of hacker subculture norm? A) Technology B) Knowledge C) Commitment D) Law Answer: C Page Ref: 106 Objective: Recognize the importance of hacker subculture in the promotion of hacking and the maintenance of hacker norms among hackers themselves. Level: Intermediate 20) Which hacker subculture norm is concerned with the potential criminal charges of information sharing in the real world and in cyberspace? A) Technology B) Knowledge C) Commitment D) Law Answer: D Page Ref: 108 Objective: Provide a framework for the mitigation of hacking based on hackers' motivation and the cultural norms of hackers defined within the chapter. Level: Intermediate 4.2 True/False Questions 1) Psychological operations use information to affect the state of mind of the adversary. Answer: TRUE Page Ref: 27 Objective: Describe some of the difficulties associated with defining hackers. Level: Basic 2) Hackers only gain entry into websites through the use of advanced computer skills. Answer: FALSE Page Ref: 88 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Intermediate 3) The form of fraud referred to as "social engineering" was introduced by phone phreaks. Answer: TRUE Page Ref: 90 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Intermediate 6 Copyright © 2024 Pearson Education, Inc.

4) Hackers of the 1960s believed information should be free to all to understand how things work and can be improved. Answer: TRUE Page Ref: 91 Objective: Explain shifts in how society has perceived hackers over time. Level: Intermediate 5) One of the primary tenets of the "hacker code" as conceived by Levy is that information should be free to all users. Answer: TRUE Page Ref: 91 Objective: Explain shifts in how society has perceived hackers over time. Level: Intermediate 6) Hackers were generally considered to be criminals as early as the 1960s. Answer: FALSE Page Ref: 92 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate 7) From the 1950s through the 1970s, hackers never worried about breaking computer laws. Answer: TRUE Page Ref: 92 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate 8) Malicious hackers became the focus of law enforcement during the mid- to late-1980s. Answer: TRUE Page Ref: 93 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate 9) Federal statute makes it a crime to illegally access or damage a "protected" computer. Answer: TRUE Page Ref: 96 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic

10) The primary difference between simple network intrusion and data alteration is the intent of the intruder. Answer: TRUE Page Ref: 97 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic 11) The distinction between hackers who commit crimes and other computer criminals rests upon the attitudes with which a hacker approaches the activity. Answer: TRUE Page Ref: 99 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Difficult 12) Software testing by manufacturing is a form of gray hat hacking. Answer: FALSE Page Ref: 99 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate 13) A gray hacker is someone who typically behaves in an ethical manner, but sometimes violates accepted ethics. Answer: TRUE Page Ref: 101 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate 14) Experienced hackers make it a point to mentor inexperienced hackers. Answer: FALSE Page Ref: 104 Objective: Recognize the importance of hacker subculture in the promotion of hacking and the maintenance of hacker norms among hackers themselves. Level: Basic 15) Most hackers claim to benefit the systems they intrude upon because they do not destroy data and they alert system administrators to security flaws. Answer: TRUE Page Ref: 91 Objective: Provide a framework for the mitigation of hacking based on hackers' motivation and the cultural norms of hackers defined within the chapter. Level: Intermediate

4.3 Fill in the Blank Questions 1) The ________ file defines and translates hacker slang. Answer: Jargon Page Ref: 86 Objective: Describe some of the difficulties associated with defining hackers. Level: Basic 2) Phone ________ involves the manipulation, theft, or use of telephone networks for illegal activities. Answer: Phreaking Page Ref: 87 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 3) ________ kiddies are described as a scourge or pestilence on the Internet. Answer: Script Page Ref: 89 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 4) Social ________ is the process of deceiving people into giving away access or confidential information. Answer: Engineering Page Ref: 90 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Basic 5) The word ________ has long been used to describe elaborate college pranks that MIT students would regularly devise. Answer: Hack Page Ref: 90-91 Objective: Explain shifts in how society has perceived hackers over time. Level: Intermediate 6) During the ________, a new breed of computer user challenged the hacker ethic. Answer: 1980s Page Ref: 92 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Basic 9 Copyright © 2024 Pearson Education, Inc.

7) The primary difference between simple network intrusion and data alteration is the ________ of the intruder. Answer: Intent Page Ref: 97 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate 8) The hacker ________ is a group of like-minded individuals who share a set of values defined in the hacker ethic. Answer: Subculture Page Ref: 97-98 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Basic 9) The term ________ teams describes a hacker or team of hackers hired to penetration-test the defenses of an organization. Answer: Tiger Page Ref: 100 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate 10) The hacker identity is built upon a devotion to learn and understand ________. Answer: Technology Page Ref: 102 Objective: Recognize the importance of hacker subculture in the promotion of hacking and the maintenance of hacker norms among hackers themselves. Level: Basic

4.4 Matching Questions Match the hacking activity or hacker description in Column 1 to the appropriate type of hacker in Column 2. A) White hat hacker B) Gray hat hacker C) Black hat hacker 1) Reverse engineering Page Ref: 100 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate 2) Network intrusion Page Ref: 101 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate 3) Does not cause intentional harm to a computer system Page Ref: 101 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate Answers: 1) A 2) C 3) B

Match the term in Column 1 to the appropriate definition or statement in Column 2. A) Term used to describe the role of former or "reformed" hackers who now work within the legitimate field of computer security. B) A word that had long been used to describe the elaborate college pranks that MIT students would regularly devise. C) Originally, this term referred to an unorthodox problem solver and master programmer. D) Dialect that began to permeate the language of hackers during the 1970s and 1980s. E) Subset of hackers that use malware created by more experienced and skilled hackers that do not have enough skill to write their own programs or explore new exploits for themselves. F) Involves overcoming copy protection devices in electronic media to copy and distribute them. G) Term used to describe hackers who were malicious. 4) Hacker Page Ref: 85 Objective: Describe some of the difficulties associated with defining hackers. Level: Intermediate 5) Software cracking Page Ref: 87 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Intermediate 6) Eleet speek Page Ref: 103 Objective: Recognize the importance of hacker subculture in the promotion of hacking and the maintenance of hacker norms among hackers themselves. Level: Intermediate 7) Cracker Page Ref: 94 Objective: Classify hackers into broad categories based on their activities and the degree to which their behaviors are criminal. Level: Intermediate 8) Hack Page Ref: 90 Objective: Explain shifts in how society has perceived hackers over time. Level: Intermediate 9) White hat hacker Page Ref: 100 Objective: Provide a framework for the mitigation of hacking based on hackers' motivation and the cultural norms of hackers defined within the chapter. Level: Intermediate 12 Copyright © 2024 Pearson Education, Inc.

10) Script kiddies Page Ref: 88 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Intermediate Answers: 4) C 5) F 6) D 7) G 8) B 9) A 10) E 4.5 Essay Questions 1) What are the various forms of social engineering tactics that hackers employ? Describe and provide an example of each. Answer: (should include points such as): Camaraderie Bluster Technical detail Examples will vary. Page Ref: 90 Objective: Define and distinguish some of the various forms of hacking, including phone phreaking, software cracking, script kiddies, hacktivists, social engineering, and dumpster diving. Level: Intermediate 2) Define white hat hackers and provide some examples of white hat hacking. Answer: (should include points such as): They are defined as good or ethical hackers whose primary goals involve the identification of network vulnerabilities so that they can be mitigated. Some examples of white hat hacking include (among others): Software testing by manufacturers Independent verification of software function and security Reverse engineering Training Examples will vary. Page Ref: 99-100 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Intermediate

3) What are the five social norms of hacker subculture? Describe and provide an example of each. Answer: (should include points such as): Technology Knowledge Commitment Categorization Law Examples will vary. Page Ref: 102-111 Objective: Recognize the importance of hacker subculture in the promotion of hacking and the maintenance of hacker norms among hackers themselves. Level: Intermediate 4.6 Critical Thinking Questions 1) What is meant by prosocial? Answer: (should include points such as): Hackers don't believe their activities are deviant Define their activities as beneficial because they point out a weakness They are creating problem solving and education Page Ref: 98 Objective: Define and explain the different points of view on hacking in terms of the media, law enforcement, and hackers themselves. Level: Difficult 2) Search Internet news sources and find a recent article on hacking. Summarize the article and describe the tone in regard to hacking. What does the article convey with regard to stigmas and labels surrounding the hacker? Answer: Answers will vary. Page Ref: n/a Objective: Provide a framework for the mitigation of hacking based on hackers' motivation and the cultural norms of hackers defined within the chapter. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 5 Sophisticated Cyber Criminal Organizations 5.1 Multiple Choice Questions 1) Which of the following is NOT an example of early cyber criminal activity? A) Kevin Mitnick's attack on the U.S. phone system B) Theft of classified information on the U.S. military by Dark Dante C) Russian hacker Vladimir Levin's $10 million theft from CitiGroup D) Ross Ulbricht's underground website Silk Road Answer: D Page Ref: 117 Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Difficult 2) Which of the following is NOT an inherent weakness that early cyber criminals exploited in computer systems and networks? A) Poor process controls that did not consider reviewing application or system error logs B) Salami slicing C) Poorly coded applications accessible through the Internet D) Liberal access controls on systems attached to the globally connected Internet Answer: B Page Ref: 117 Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Intermediate 3) ________ has its roots as an elementary and basic tradecraft. A) Espionage B) Insider fraud C) Sabotage D) Embezzlement Answer: A Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate

4) ________ is the misappropriation of trade secrets with the knowledge or intent that the offense will benefit a foreign government, foreign instrumentality, or foreign agent. A) Industrial espionage B) Economic espionage C) Corporate espionage D) Criminal espionage Answer: B Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 5) ________ is the misappropriation of trade secrets related to or included in a product that is produced for or placed in interstate or foreign commerce to the economic benefit of anyone other than the owner, with the knowledge or intent that the offense will injure the owner of that trade secret. A) Industrial espionage B) Economic espionage C) Corporate espionage D) Criminal espionage Answer: A Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 6) The first documented case of industrial espionage occurred in the: A) 1600s. B) 1700s. C) 1800s. D) 1900s. Answer: B Page Ref: 120 Objective: Define and describe the various types of espionage. Level: Basic 7) Criminal activities related to corporate espionage are prosecuted under which of the following federal statutes? A) USC Title 18, Part I, Chapter 119 B) USA PATRIOT Act C) Computer Fraud and Abuse Act of 1986 D) All of these Answer: D Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Basic

8) Losses from insider fraud are primarily due to: A) Misappropriation of cash only by employees B) Misappropriation of cash only by nonemployees C) Misappropriation of cash and/or noncash assets by employees D) Misappropriation of cash and/or noncash assets by nonemployees Answer: C Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Basic 9) When insiders conspire with or are recruited by outside organized crime groups, the fraud is typically related to: A) Financial gains resulting from system manipulation B) Financial gains resulting from data manipulation C) Bulk exfiltration of data to outsiders D) All of these Answer: D Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 10) Occupational fraud can be carried out by: A) Employees B) Managers C) Board members D) All of these Answer: D Page Ref: 120 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 11) The 2021 Global Fraud Study found that nearly half of all schemes originated in which department? A) Accounting B) Executive/upper management C) Sales D) Operations Answer: D Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Intermediate

12) According to CERT the most common precipitating event that led to an insider attack was: A) Termination or resignation of the employee B) Becoming disgruntled after being promoted C) An excessive amount of privileges D) None of these Answer: A Page Ref: 122 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 13) The United Nations Comprehensive Study on Cyber Crime noted which of the following? A) The majority of emerging criminal organizations in developing countries are composed of older men who engage in a wide-range of in-person financial frauds. B) Less than 25 percent of Internet users in developing countries are below the age of 25. C) Sixty percent of all Internet users are in developing countries. D) All of these Answer: C Page Ref: 124 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 14) A recent study by the United Nations estimated that over ________ percent of all cyber crime worldwide was perpetrated by organized crime associations. A) 50 B) 60 C) 70 D) 80 Answer: D Page Ref: 125 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 15) Which of the following is NOT a country associated with Balkan criminal enterprises? A) Albania B) Croatia C) Bulgaria D) Russia Answer: D Page Ref: 129 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate

16) Over the past 200 years, which of the following has become one of the most notorious and widespread of all criminal societies? A) La Cosa Nostra B) Japanese Yakuza C) Chinese triads D) Los Zetas Answer: A Page Ref: 131 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 17) Which organized crime enterprises have traditional clan structures? A) Eurasian criminal enterprises B) Asian criminal enterprises C) Balkan criminal enterprises D) African criminal enterprises Answer: C Page Ref: 129 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 18) The ________ is an underground website named after a great East-to-West trade route. A) Silk Road B) Chiffon Road C) Gold Road D) Money Road Answer: A Page Ref: 136 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Basic 19) Although it was invented in 2002, the popularity of the dark web did not really take hold until which year? A) 2006 B) 2009 C) 2012 D) 2015 Answer: A Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Intermediate

20) Which of the following best describes the Tor Network? A) A secretive online world where mainly legal activities flourish B) A secretive online world that law enforcement routinely accesses C) A secretive online world where real-time illegal transactions take place D) A secretive online world that does not encrypt communication Answer: C Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Intermediate 5.2 True/False Questions 1) The first cyber-related attack on the United States was on the electronic phone system. Answer: TRUE Page Ref: 116 Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Intermediate 2) Cyber crime is an evolved state of traditional crime. Answer: TRUE Page Ref: 116 Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Basic 3) The Computer Fraud and Abuse Act of 1986 is the first federal act to define and enforce penalties for trade secret theft. Answer: FALSE Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 4) Espionage as a Service is not like traditional corporate espionage where one company targets a competitor. Answer: TRUE Page Ref: 119 Objective: Define and describe the various types of espionage. Level: Intermediate 5) Espionage as a Service actors are usually better trained and better financed than state actors and typically do not leave forensic traces of their activities. Answer: FALSE Page Ref: 119 Objective: Define and describe the various types of espionage. Level: Intermediate 6 Copyright © 2024 Pearson Education, Inc.

6) According to the Association of Certified Fraud Examiners (ACFE), it is estimated that 5 percent of all company revenue is lost to fraud each year. Answer: TRUE Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 7) According to the 2021 Global Fraud Study, in fraud crime involving management-level employees, they often recruit lower-level employees into the crime. Answer: TRUE Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 8) Fraudsters primarily use company data to commit identity theft, insurance fraud, and embezzlement when working alone or with other internal co-conspirators. Answer: TRUE Page Ref: 121 Objective: Define and describe the various types of insider fraud. Level: Basic 9) Asset misappropriation involves the employee intentionally including or excluding incorrect values on the financial statements of a company. Answer: FALSE Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Basic 10) The Russian Business Network focuses on criminal cyber activities full time. Answer: TRUE Page Ref: 124 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Basic 11) Organized cartels use social media sites to collect intelligence about their targets. Answer: TRUE Page Ref: 125 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Basic

12) The impact of Nigerian fraud schemes alone costs the United States billions of dollars each year. Answer: TRUE Page Ref: 126 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Basic 13) Most U.S.-based Middle Eastern criminal enterprises are found in Illinois, Ohio, New Jersey, and New York. Answer: TRUE Page Ref: 131 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Basic 14) Organized criminal organizations are not prospering as much as they were before the advent of the dark web. Answer: FALSE Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Basic 15) Another synonym for "dark web" is "Tor Net" or "Tor Network." Answer: TRUE Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Basic 5.3 Fill in the Blank Questions 1) The elements of cyber crime are nearly identical to the activities of cyber terrorism, statesponsored information warfare, and espionage. The distinction between these activities is most often defined from the perspective of the ________. Answer: victim Page Ref: 117 Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Intermediate 2) ________ property is defined as a legal concept referring to creations of the mind. Answer: Intellectual Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Basic

3) A ________ or service mark may be infringed by offering goods, services, labels, or other packaging containing a counterfeit mark. Answer: trademark Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 4) ________ generally commit fraud when a permissive environment or misplaced trust exists. Answer: Employees Page Ref: 120 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 5) Individuals involved in the ________ attack exhibited concerning behaviors such as being disgruntled, going to work for a competitor in the same industry, and embarking on suspicious foreign travel. Answer: Insider Page Ref: 122 Objective: Define and describe the various types of occupational fraud. Level: Basic 6) A common technique for the Mexican drug cartels is the use of ________ words to communicate with each other via social media. Answer: code Page Ref: 126 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 7) The ________ Asian criminal enterprises include groups, like the Chinese tongs, based in the United States. Answer: nontraditional Page Ref: 128 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 8) ________ Organized Crime describes groups composed of criminals born in or with family from the former Soviet Union or Central Europe. Answer: Eurasian Page Ref: 129 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate

9) Russia is commonly referred to as the "________" due to the number of hackers living in the country and claiming to be the best at cyber crime. Answer: hackzone Page Ref: 130 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 10) The ________ web is a vast, uncharted part of the Internet that is not accessible through regular Internet browsing or search engines. Answer: dark Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Intermediate

5.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) The use of one's occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets B) The misappropriation of trade secrets, with the knowledge or intent that the offense will benefit a foreign government, foreign instrumentality, or foreign agent C) A phrase that has become synonymous with the Italian and Sicilian Mafia D) Includes the potential for an individual who has or had authorized access to an organization's critical assets to use their access, either maliciously or unintentionally, to act in a way that could negatively affect the organization E) The code that governs activities within Balkan clan territories; values loyalty and "besa," or secrecy F) A form of advanced fee fraud that is probably one of the most well-known scams in the United States G) A vast, uncharted part of the Internet that is not accessible through regular Internet browsers or search engines H) When a group of sophisticated criminals collects as much information as possible on as many high-value targets as possible and then sells that information to as many competitors and interested parties as possible I) The misappropriation of trade secrets related to or included in a product that is produced for or placed in interstate or foreign commerce to the economic benefit of anyone other than the owner with the knowledge or intent that the offense will injure the owner of that trade secret J) Shaving pennies from little-used accounts 1) Salami slicing Page Ref: 117 Objective: Describe the evolution of cyber crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Intermediate 2) Industrial espionage Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 3) Economic espionage Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 4) espionage as a service Page Ref: 119 Objective: Define and describe the various types of espionage. Level: Intermediate 11 Copyright © 2024 Pearson Education, Inc.

5) occupational fraud Page Ref: 121 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 6) insider threat Page Ref: 122 Objective: Define and describe the various types of occupational fraud. Level: Intermediate 7) organized crime Page Ref: 124 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 8) Nigerian 419 scam Page Ref: 127 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 9) kanun Page Ref: 129 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Intermediate 10) dark web Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Intermediate Answers: 1) J 2) I 3) B 4) H 5) A 6) D 7) C 8) F 9) E 10) G

5.5 Essay Questions 1) Define and describe the "dark web" or Tor Net. Answer: (should include points such as): Anonymity Difficult to access Encryption Secretive world Illegal activities Black market Untraceable Page Ref: 133 Objective: Discuss the underground marketplace referred to as the "dark web" or Tor Net. Level: Intermediate 2) What are the different types of espionage? Answer: Industrial espionage is the misappropriation of trade secrets related to or included in a product that is produced for or placed in interstate or foreign commerce to the economic benefit of anyone other than the owner, with the knowledge or intent that the offense will injure the owner of that trade secret. Economic espionage is the misappropriation of trade secrets with the knowledge or intent that the offense will benefit a foreign government, foreign instrumentality, or foreign agent. Misappropriation in these instances includes stealing, copying, transmitting, buying, and/or destroying someone else's trade secrets. Page Ref: 118 Objective: Define and describe the various types of espionage. Level: Intermediate 3) Discuss some of the key components of occupational fraud. Answer: (should include points such as): Employee theft costs U.S. businesses almost a billion dollars per week, over 40 billion dollars per year. These losses are primarily due to the misappropriation of cash and/or noncash assets by employees through various forms of fraud. Employees generally commit fraud when a permissive environment or misplaced trust exists. When inadequate internal controls exist, or if controls exist but are not enforced, employees are tempted and criminals will take action. In addition to the rogue employee acting alone, there are insiders who conspire with other insiders to form their own criminal enterprise, insiders who are recruited by outside organized crime, and outside organized criminal elements that obtain employment for the purpose of gaining the access of an insider and perpetrating their fraud. In fraud crimes involving management-level employees, average losses were higher than in lower-level employee crimes. Page Ref: 120-122 Objective: Define and describe the various types of occupational fraud. Level: Intermediate

5.6 Critical Thinking Questions 1) How has cyber crime evolved from rogue individuals to sophisticated criminal organizations? Answer: (should include points such as): Consumer demand for better technology and greater convenience Advent of technology including computer, Internet, smart phones, and e-commerce Improvement in approach, operations Expanding reach Enhance capabilities Page Ref: 116-117 Objective: Describe the evolution of digital crime from rogue individuals to sophisticated criminal organizations engaged in illegal activity. Level: Difficult 2) Pick one of the criminal organizations throughout the world and complete some outside research. Write a summary of your findings that were not discussed in this chapter. Answer: Answers will vary. Page Ref: 124-132 Objective: Identify and discuss the various types of sophisticated criminal organizations or enterprises engaged in cyber crime. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 6 White-Collar Crimes 6.1 Multiple Choice Questions 1) "Neutralization techniques" may be defined as: A) Ways that embezzlers overcome lingering shame associated with the crime of embezzlement B) Techniques that money launderers use to "smurf" ill-gotten cash C) Ways that Internet fraud perpetrators overcome shame and guilt associated with fraud schemes D) Enforcement practices associated with stopping acts of corporate espionage Answer: A Page Ref: 142 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Basic 2) Which of the following is NOT a characteristic of the modern embezzler? A) The embezzler is usually engaged in a fiduciary relationship with the victim. B) The embezzler possesses specialized skills required to use computer systems. C) The embezzler is limited by the physical nature of the theft act. D) The embezzler is motivated by a desire for a more affluent lifestyle. Answer: C Page Ref: 142 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Basic 3) Which crime is essentially a theft in violation of trust? A) Corporate espionage B) Identity theft C) Embezzlement D) Money laundering Answer: C Page Ref: 141 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Basic

4) Corporate espionage schemes may target which of the following? A) Customer lists B) Product specifications C) Research and development data D) All of these Answer: D Page Ref: 144 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Basic 5) Domestic spies hired by corporate competitors that are intent on gaining a competitive advantage over American firms are what type of corporate spies? A) Insiders B) Outsiders C) Independent contractors D) None of these Answer: B Page Ref: 145 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Basic 6) Which of the following has increased the occurrence of corporate espionage in the last few decades? A) The constant use of e-mail as a means of intra-office communication B) Corporate community's increasing use of information and technology to conduct business C) Global commerce conducted over the Internet D) All of these Answer: D Page Ref: 146 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Basic 7) Which country has become the MOST active source of national and industrial espionage? A) United States B) China C) Russia D) Japan Answer: B Page Ref: 146 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Intermediate

8) ________ is the act of concealing the source of assets that have been illegally obtained. A) Money laundering B) Identity theft C) Embezzlement D) Confidence schemes Answer: A Page Ref: 148 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Basic 9) Traditional money laundering techniques include all of the following EXCEPT which one? A) Physical transport of cash from one location to another B) Electronic transfer of "e-cash" C) "Smurfing" D) Transformation of hard currency to real property or merchandise Answer: B Page Ref: 148 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Basic 10) During what decade did electronic funds transfers (EFTs) begin to expand money laundering opportunities? A) 1940s B) 1960s C) 1980s D) 2000s Answer: B Page Ref: 148 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Intermediate 11) Which of the following was NOT found in the study on major embezzlement cases in the United States involving employee theft of at least $100,000 for the year 2012? A) Eighty-four percent of the cases involved individual perpetrators. B) Total losses from major embezzlement cases were less than $25 million. C) The typical scheme lasted over four years. D) Close to 60 percent of the perpetrators were females. Answer: B Page Ref: 144 Objective: Describe how computer technologies have altered the ways in which embezzlement is committed. Level: Intermediate

12) The Bank Secrecy Act of 1970 requires banks and other financial institutions to file records concerning suspicious financial transactions over what amount? A) $100 B) $500 C) $10,000 D) $1,000,000 Answer: C Page Ref: 150-151 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Intermediate 13) ________ is/are the most widely reported type of Internet fraud. A) Online auction fraud B) Bait and switch con games C) Confidence schemes D) Chain letter hoaxes Answer: A Page Ref: 159 Objective: Define online auction fraud and the practice of shill billing. Level: Intermediate 14) Which of the following involves the use of computer commands that periodically operate to shift money from an organizational account into the embezzler's account? A) Trojan horses B) Skimming C) Logic bombs D) Trapdoor techniques Answer: C Page Ref: 143 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 15) Which of the following is NOT a form of secondary support FinCen provides to local law enforcement agencies? A) Training B) Office space C) Database research access D) The actual prosecution of money-laundering cases Answer: D Page Ref: 151 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Intermediate

16) Which of the following occurs when the embezzler sets up a system whereby a very small amount of money is taken off every transaction and gets processed and deposited into another account that the embezzler controls? A) Trapdoor techniques B) Logic bombs C) Skimming D) None of these Answer: A Page Ref: 143 Objective: Identify the various techniques of computer embezzlement including skimming, trapdoor techniques, logic bombs, and Trojan horses. Level: Basic 17) Which of the following is NOT a low-tech means identity thieves use to steal personal information? A) Dumpster diving B) Shoulder surfing C) Skimming devices D) Direct theft of mail Answer: C Page Ref: 154 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 18) Which act created a private civil cause of action for trade secret misappropriation? A) CHIPS Act B) Economic Espionage Act C) Defense Trade Secrets Act D) Bank Secrecy Act Answer: C Page Ref: 147 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Intermediate

19) One ________ method involves the use of trojan malware where the perpetrator claims that the trojan malware has been installed on the victim's device that records all video chats and social media content uploaded through a webcam to threaten the user and get them to pay a ransom. A) Sextortion B) Phishing C) Cryptocurrency fraud D) Shilling Answer: A Page Ref: 157 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Intermediate 20) Perpetrators of ________ attempt to lure or "hook" potential victims to fraudulent Web sites for the purpose of gathering sensitive personal information. A) Chain letter hoaxes B) Bait and switch schemes C) Confidence schemes D) Phishing schemes Answer: D Page Ref: 158 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Intermediate 6.2 True/False Questions 1) The advent of large-scale computerized databases in the financial services field has made embezzlement a more technically oriented crime requiring more sophisticated knowledge. Answer: TRUE Page Ref: 144 Objective: Describe how computer technologies have altered the ways in which embezzlement is committed. Level: Intermediate 2) Opportunities for identity crimes have increased primarily because consumers are increasingly asked to use their social security numbers as a personal identifier. Answer: TRUE Page Ref: 153 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Intermediate

3) The primary avenue of redress for corporations seeking to litigate charges of corporate espionage is the criminal courts. Answer: FALSE Page Ref: 147 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Intermediate 4) Research has shown that corporate insiders engage in most acts of corporate espionage. Answer: TRUE Page Ref: 145 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Intermediate 5) To date, no one has been sentenced under the Economic Espionage Act. Answer: FALSE Page Ref: 147 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Intermediate 6) Experts can easily calculate the amount of money laundering that occurs in the United States each year. Answer: FALSE Page Ref: 148 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Intermediate 7) Technology has made it easier for money launderers to move money in a series of transactions over a short period of time. Answer: TRUE Page Ref: 149 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Intermediate 8) The U.S. Treasury Department's Financial Crimes Enforcement Network's (FinCEN) main goal is to prosecute money launderers. Answer: FALSE Page Ref: 151 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Intermediate

9) Logic bombs are computer viruses that an embezzler purposefully introduces into the organizational database that is composed of hidden commands that result in the performance of unauthorized functions. Answer: FALSE Page Ref: 143 Objective: Identify the various techniques of computer embezzlement including skimming, trapdoor techniques, logic bombs, and Trojan horses. Level: Intermediate 10) Identity crimes are easy to prosecute once detected. Answer: FALSE Page Ref: 156 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 11) Many experts believe that the establishment of consumer awareness and monitoring programs may be the most viable avenue toward thwarting the growth of identity theft. Answer: TRUE Page Ref: 156 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 12) The most common form of online fraud scheme is non-payment/non-delivery fraud. Answer: TRUE Page Ref: 159 Objective: Define online auction fraud and the practice of shill billing. Level: Intermediate 13) Many fraud schemes committed over the Internet are simply new takes on old schemes. Answer: TRUE Page Ref: 157 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Intermediate 14) Many technically elite embezzlers are motivated by financial problems. Answer: FALSE Page Ref: 144 Objective: Describe how computer technologies have altered the ways in which embezzlement is committed. Level: Intermediate

15) Historically, embezzlers were persons of high social status. Answer: FALSE Page Ref: 141 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Intermediate 6.3 Fill in the Blank Questions 1) ________ is essentially a theft in violation of trust. Answer: Embezzlement Page Ref: 141 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Basic 2) Embezzlement can be classified as a computer-________ crime. Answer: assisted Page Ref: 143 Objective: Describe how computer technologies have altered the ways in which embezzlement is committed. Level: Basic 3) ________ occurs when the embezzler "skims" customer account information from an organization's database and uses the information to set up fake accounts from which to steal funds. Answer: Skimming Page Ref: 143 Objective: Identify the various techniques of computer embezzlement including skimming, trapdoor techniques, logic bombs, and Trojan horses. Level: Basic 4) Corporate spies are divided into two distinct groups: insiders and ________. Answer: outsiders Page Ref: 145 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Basic 5) The primary objective of ________ is to hide the source and ownership of illegally obtained funds through the creation of a seemingly legitimate history or paper trail. Answer: laundering Page Ref: 148 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Basic 9 Copyright © 2024 Pearson Education, Inc.

6) ________ involves the division of large amounts of cash into smaller denominations so as to conceal its common origin. Answer: Smurfing Page Ref: 148 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Intermediate 7) The introduction of telecommunications and computer technologies in the 1960s and 1970s served to increase the ease with which money could be ________. Answer: laundered Page Ref: 149 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Intermediate 8) ________ devices capture and store magnetic strip data from debit and credit cards to steal data from unsuspecting individuals. Answer: Skimming Page Ref: 155 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 9) The FBI Internet Crime ________ Center (IC3) provides data on complaints of Internet crime received directly from citizens. Answer: Complaint Page Ref: 157 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Basic 10) ________ bidding is the use of intentional fake bidding on the part of the seller in order to artificially inflate an item's auctioned price. Answer: Shill Page Ref: 159 Objective: Define online auction fraud and the practice of shill billing. Level: Intermediate

6.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) A "central clearinghouse" for intelligence and information sharing on money laundering B) Involves any theft of proprietary business information through spying or deception, particularly the theft of trade secrets C) The act of concealing the source of assets that have been illegally obtained D) Type of scheme where buyer in an online auction does not receive goods that have been paid for E) Crimes where the computer is used in a supporting capacity F) Capture and store the magnetic stripe data from debit and credit cards and steal data from unsuspecting individuals G) These involve the use of computer commands that periodically operate to shift money from an organizational account into the embezzler's account H) Essentially a violation of trust that has involved the physical theft if money or property by employees or others engaged in managing the assets of persons or organizations I) Rummaging through private or commercial trash receptacles in search of discarded bills or preapproved credit applications J) Occur when a perpetrator adopts a fake online identity to gain the romantic interest of the victim and then uses that interest to manipulate and steal from them 1) Embezzlement Page Ref: 141 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Intermediate 2) Logic bombs Page Ref: 143 Objective: Identify the various techniques of computer embezzlement including skimming, trapdoor techniques, logic bombs, and Trojan horses. Level: Intermediate 3) Computer-assisted crimes Page Ref: 143 Objective: Describe how computer technologies have altered the ways in which embezzlement is committed. Level: Intermediate 4) Corporate espionage Page Ref: 144 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Intermediate

5) Money laundering Page Ref: 148 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Intermediate 6) FinCEN Page Ref: 151 Objective: Describe how computer technologies have increased the opportunities to commit money laundering. Level: Intermediate 7) Dumpster diving Page Ref: 154 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 8) Skimming devices Page Ref: 155 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate 9) Confidence fraud/romance scams Page Ref: 157 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Intermediate 10) Non-payment/non-delivery fraud Page Ref: 159 Objective: Define online auction fraud and the practice of shill billing. Level: Intermediate Answers: 1) H 2) G 3) E 4) B 5) C 6) A 7) I 8) F 9) J 10) D

6.5 Essay Questions 1) Discuss some of the internet fraud schemes. Answer: (should include points such as): Financial institution fraud schemes Investment fraud Communications fraud Confidence schemes Page Ref: 157-159 Objective: Describe the most common forms of Internet fraud, including phishing, sextortion, and online auction fraud. Level: Intermediate 2) Discuss the difference between "insider corporate spies" and "outsider corporate spies." How does each group engage in corporate espionage? Answer: (should include points such as): Legitimate access for insiders The majority of espionage is carried out by insiders Rationales include blackmail and a lack of loyalty Illegitimate access for outsiders Competitors hire domestic spies Page Ref: 145-146 Objective: Describe how computer technologies have affected the crime of corporate espionage. Level: Intermediate 3) Identify and describe at least three methods that identity thieves use to steal personal information. Answer: (should include points such as): Dumpster diving Direct theft of mail Shoulder surfing Hacking into corporate databases Skimming devices Page Ref: 154-155 Objective: Describe how computer technologies and the increasing use of the Internet have affected identity and fraud crimes. Level: Intermediate

6.6 Critical Thinking Questions 1) How has money laundering changed through the use of technology? Specifically, what were the three primary means used to launder money? How is money laundered today? Answer: (should include points such as): Physical transportation of cash Transform hard currency into real property Engage in smurfing Cash transfer institutions Money transfer E-Cash Page Ref: 148-152 Objective: Describe the two means by which money is electronically transferred, including FedWire and CHIPS ng. Level: Difficult 2) Explain how the historical description of an embezzler no longer applies. How are modern embezzlers described? Answer: (should include points such as): Historically not a person of high social class Historically a low-level financial institution employee Donald Cressey's four-step process Modern embezzlers are technologically savvy Modern embezzlers are "technical elites" Motivated by a desire for a more affluent lifestyle Page Ref: 141-143 Objective: Understand Cressey's landmark study of embezzlers and explain the motivation for embezzlement under this theory. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 7 Viruses and Malicious Code 7.1 Multiple Choice Questions 1) Which of the following is NOT a way that viruses and other types of malicious code are primarily spread today? A) Web pages B) Floppy disks C) Peer-to-peer file transfers D) Digital pictures Answer: B Page Ref: 165 Objective: Identify and distinguish the various types of malware. Level: Basic 2) Which of the following is a trigger for a virus? A) Opening an e-mail attachment B) Downloading a peer-to-peer file C) Self-execution on a certain date D) All of these Answer: D Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Basic 3) A ________ has no constant section of code. A) Polymorphic virus B) Boot virus C) Macrovirus D) Network virus Answer: A Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Basic

4) Which of the following is characteristic of a computer worm? A) It may need to use another program to spread. B) It does not attach itself to, or modify, other files. C) It is a piece of software that copies itself elsewhere. D) All of these. Answer: D Page Ref: 174 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Intermediate 5) A virus can be categorized based on: A) The type of environment it operates in B) The operating system it targets C) The type of encryption and operating algorithms used D) All of these Answer: A Page Ref: 173 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Basic 6) Which of the following is NOT one of the four primary environments viruses operate in? A) Microviruses B) Macroviruses C) Network viruses D) Boot viruses Answer: A Page Ref: 173 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Basic 7) Macro viruses are most commonly associated with: A) Common business software B) E-mail programs C) Internet browser programs D) Floppy disks Answer: A Page Ref: 173 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Intermediate 2 Copyright © 2024 Pearson Education, Inc.

8) The unique feature of a worm is that it penetrates the memory of a computer and: A) Doesn't cause harm to the computer B) Is self-replicating C) Relies on user intervention D) Cannot spread without someone opening an attachment Answer: B Page Ref: 175 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Intermediate 9) Which of the following is NOT a type of Trojan horse discussed in the text? A) Remote access Trojans B) Software Detection Killers C) Spyware Trojans D) Destructive Trojans Answer: C Page Ref: 179-180 Objective: Understand the definition and operation of a Trojan horse and how it is different from a standard virus. Level: Intermediate 10) Which of the following type of Trojan horse turns a victim's computer into a zombie server available to the whole world or to the attacker only? A) Remote access Trojans B) Destructive Trojans C) DoS attack Trojans D) Proxy/Wingate Trojans Answer: D Page Ref: 179 Objective: Understand the definition and operation of a Trojan horse and how it is different from a standard virus. Level: Intermediate 11) An unauthorized program typically contained within a legitimate program is known as a: A) Worm B) Macro C) Trojan D) Sparta Answer: C Page Ref: 176 Objective: Understand the definition and operation of a Trojan horse and how it is different from a standard virus. Level: Intermediate

12) Malicious code attacks that combine the characteristics of viruses, worms, Trojan horses, and malicious code with server and Internet vulnerabilities to initiate, transmit, and spread an attack are known as: A) Blended threats B) Mixed model threats C) Holistic threats D) Comprehensive threat of infection (CTI) Answer: A Page Ref: 181 Objective: Describe and understand other types of malicious code and attacks, including ransomware (cryptoware), denial-of-service attacks and blended threats. Level: Basic 13) Which of the following is true? A) Virus hoaxes are annoying, but cost little in terms of time or resources. B) Virus hoaxes waste your time and cause fear. C) Virus hoaxes can cause no real damage. D) Virus hoaxes are not as prevalent today as they were in the last decade. Answer: B Page Ref: 184 Objective: Describe and understand the true threat posed by viruses, the extent of the virus and malicious code problem, and virus hoaxes and their effect on computers and productivity. Level: Intermediate 14) ________ manifest(s) in several ways, including changes to the browser, redirecting startup pages on Internet browsers, replacing the search function within the browser, and generating pop-up ads and frames that can be difficult to delete or shut down. A) Worms B) Viruses C) Adware D) Trojans Answer: C Page Ref: 180 Objective: Describe adware and spyware, and the controversy concerning whether or not these types of programs are in fact viruses. Level: Basic

15) Which of the following is NOT a characteristic of spyware? A) Spyware sends information via the Internet to publishers and programmers for marketing purposes. B) Internet users are rarely warned about spyware in EULAs. C) Spyware typically is installed in addition to some other functional software. D) Spyware can lead to annoying pop-up ads. Answer: B Page Ref: 180 Objective: Describe adware and spyware, and the controversy concerning whether or not these types of programs are in fact viruses. Level: Basic 16) ________ can reach very large sizes and may include thousands of machines. A) Botnets B) Spyware C) Trojans D) Worms Answer: A Page Ref: 182 Objective: Describe and understand other types of malicious code and attacks, including ransomware (cryptoware), denial-of-service attacks and blended threats. Level: Intermediate 17) A ________ uses multiple systems to attack one or more victim systems or websites with the intent of denying service to legitimate users wishing to log on or utilize the attacked server. A) Worm B) Virus C) Trojan D) Denial-of-service attack Answer: D Page Ref: 181 Objective: Describe and understand other types of malicious code and attacks, including ransomware (cryptoware), denial-of-service attacks and blended threats. Level: Intermediate 18) The greatest cost of a virus or malicious code attack is: A) Physical damage to computer hard drives B) Lost data C) Loss of work hours and time spent patching systems D) All of these Answer: C Page Ref: 183 Objective: Describe and understand the true threat posed by viruses, the extent of the problem, and virus hoaxes and their effect on computers and productivity. Level: Intermediate 5 Copyright © 2024 Pearson Education, Inc.

19) In a survey of virus writers, Sarah Gordon claimed that: A) The virus writer has always been characterized as someone good, and benevolent B) Public communications from virus writers often seem to indicate they are intent on doing as much damage as possible C) Virus writers do not use or have any justifications for their actions D) All of these Answer: B Page Ref: 185 Objective: Understand who the virus writers are and why they write viruses. Level: Intermediate 20) The largest group of attackers, comprising over 95% of the attacker population, is referred to as: A) Script kiddies B) Gray hat hackers C) Crackers D) None of these Answer: A Page Ref: 185 Objective: Understand who the virus writers are and why they write viruses. Level: Intermediate 7.2 True/False Questions 1) There is a central database that collects information on all of the damage that malware causes. Answer: FALSE Page Ref: 166 Objective: Identify and distinguish the various types of malware. Level: Intermediate 2) Viruses and malicious code are graded based on the potential damage they can cause and their overall impact on computer operations at the individual level and across the world. Answer: TRUE Page Ref: 169 Objective: Identify and distinguish the various types of malware. Level: Intermediate 3) Viruses are operating system and software system-specific. Answer: TRUE Page Ref: 172 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Intermediate

4) A worm cannot spread without active intervention by the user. Answer: FALSE Page Ref: 176 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Intermediate 5) Viruses operate in four primary environments: file viruses, boot viruses, microviruses, and network viruses. Answer: FALSE Page Ref: 173 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Difficult 6) The motives for many writers of malicious software have changed from profit to curiosity and revenge. Answer: FALSE Page Ref: 190 Objective: Understand who the virus writers are and why they write viruses. Level: Difficult 7) Reports have suggested that there were literally billions of cyberattacks against U.S. interests in 2021. Answer: TRUE Page Ref: 182-183 Objective: Describe and understand the true threat posed by viruses, the extent of the problem, and virus hoaxes and their effect on computers and productivity. Level: Intermediate 8) Attack tools are increasingly being distributed through "zombie" machines that are compromised on university campuses. Answer: TRUE Page Ref: 181 Objective: Describe and understand other types of malicious code and attacks, including ransomware (cryptoware), denial-of-service attacks and blended threats. Level: Intermediate 9) Adware typically takes advantage of the fact that many software users do not read the end user license agreement (EULA) or the fine print during installation. Answer: FALSE Page Ref: 180 Objective: Describe adware and spyware, and the controversy concerning whether or not these types of programs are in fact viruses. Level: Basic 7 Copyright © 2024 Pearson Education, Inc.

10) The Sub Seven Trojan allows a remote attacker to have virtual control over an infected machine. Answer: TRUE Page Ref: 178 Objective: Understand the definition and operation of a Trojan horse and how it is different from a standard virus. Level: Basic 11) The main operating principle of a macrovirus is its capability to transfer its code to a remote service or workstation on its own. Answer: FALSE Page Ref: 174 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Difficult 12) Viruses of today are easy to detect as compared to early viruses. Answer: FALSE Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Basic 13) Boot viruses do not change infected files, but instead close the target file so that when run they "force" the OS to execute their code. Answer: FALSE Page Ref: 173 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Intermediate 14) Apple computers are immune to viruses. Answer: FALSE Page Ref: 169 Objective: Identify and distinguish the various types of malware. Level: Basic 15) Viruses are always written for criminal purposes. Answer: FALSE Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. 8 Copyright © 2024 Pearson Education, Inc.

Level: Basic 7.3 Fill in the Blank Questions 1) Computer systems and software are graded in terms of their ________ to vulnerabilities. Answer: exposure Page Ref: 169 Objective: Identify and distinguish the various types of malware. Level: Basic 2) The most common term used to describe how a virus is operating and the effect it is having is listing the virus as "in the wild," and the ________ of a virus measures the extent to which the virus is spreading among computer users and systems. Answer: wildness Page Ref: 169 Objective: Identify and distinguish the various types of malware. Level: Intermediate 3) Some researchers use the term ________ as a reference to the programs and tools that facilitate fraud and computer attacks. Answer: crimeware Page Ref: 190 Objective: Understand who the virus writers are and why they write viruses. Level: Basic 4) A ________ program enables an attacker to compromise and infect multiple computers at once. Answer: bot Page Ref: 181 Objective: Describe and understand other types of malicious code and attacks, including ransomware (cryptoware), denial-of-service attacks and blended threats. Level: Intermediate 5) Spyware can be installed through ________, which are files that contain information about a program, a website, the user, or the user's computer. Answer: cookies Page Ref: 180 Objective: Describe adware and spyware, and the controversy concerning whether or not these types of programs are in fact viruses. Level: Basic 6) A ________ is a program that neither replicates nor copies itself, but causes damage or compromises the security of the computer. Answer: Trojan horse Page Ref: 177 Objective: Understand the definition and operation of a Trojan horse and how it is different from a standard virus. Level: Basic 9 Copyright © 2024 Pearson Education, Inc.

7) The first known Internet worm was the ________ worm. Answer: Morris Page Ref: 176 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Basic 8) ________ viruses operate based on algorithms for starting an operating system upon power on or reboot. Answer: Boot Page Ref: 173 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Intermediate 9) ________ is the part of the virus program that delivers the malicious intent or other device. Answer: Payload Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Basic 10) Each year, ________ publishes their Global Threat Report, which provides an update about Internet threat activity, including network-based attacks, attackers, a review of known vulnerabilities, and highlights of malicious code. Answer: CrowdStrike Page Ref: 182 Objective: Describe and understand the true threat posed by malware, the extent of the problem, and virus hoaxes and their effect on computers and productivity. Level: Basic

7.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Combine the characteristics of viruses, worms, and Trojan horses, and malicious code with server and Internet vulnerabilities to initiate, transmit, and spread an attack B) Has been characterized by some as a bad, evil, depraved, maniac; terrorist, technopathic, genius gone mad, or sociopathic C) The generic term for any email that is sent to a large group of people, typically as an advertisement or other solicitation D) A program that makes copies of itself from one disk drive to another, or by copying itself using email or another transport mechanism E) Perhaps the most popular and widely used of its type; upon successful installation, allows a remote attacker to have virtual control over an infected machine F) Measures the extent to which a virus is spreading among computer users and systems G) A virus that can change its pattern when it replicates, avoiding detection by simple virus-scanning techniques H) Essentially, it means that the virus is able to leave itself in system memory, intercept some events, and in the process run infecting routines on files and sectors of the disk I) Commonly, an unauthorized program contained within a legitimate program that performs functions unknown (and probably unwanted) by the user J) Applications that send information via the Internet to publishers or programmers for marketing purposes without obvious notification to users 1) "Wildness" of a virus Page Ref: 169 Objective: Identify and distinguish the various types of malware. Level: Intermediate 2) Polymorphic virus Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Intermediate 3) Terminate and stay resident (TSR) capability Page Ref: 170 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Intermediate

4) Worm Page Ref: 175 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Intermediate 5) Trojan horse Page Ref: 176 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Intermediate 6) Sub Seven Trojan Page Ref: 178 Objective: Understand the definition and operation of a Trojan horse and how it is different from a standard virus. Level: Intermediate 7) spyware Page Ref: 180 Objective: Describe adware and spyware, and the controversy concerning whether or not these types of programs are in fact viruses. Level: Intermediate 8) Blended threats Page Ref: 181 Objective: Describe and understand other types of malicious code and attacks, including ransomware (cryptoware), denial-of-service attacks and blended threats. Level: Intermediate 9) spam Page Ref: 184 Objective: Describe and understand the true threat posed by malware, the extent of the problem, and virus hoaxes and their effect on computers and productivity. Level: Intermediate 10) Virus writer Page Ref: 185 Objective: Understand who the virus writers are and why they write viruses. Level: Intermediate Answers: 1) F 2) G 3) H 4) D 5) I 6) E 7) J 8) A 9) C 10) B

7.5 Essay Questions 1) Explain what spyware is and what it does. Answer: (should include points such as): Send information via the Internet to the publisher without obviously notifying the users Information gatherer Companion software Lead to annoying pop-up ads Take advantage of EULA Cookie for faster browsing Page Ref: 180 Objective: Describe adware and spyware, and the controversy concerning whether or not these types of programs are in fact viruses. Level: Intermediate 2) Discuss the five general types of e-mail hoaxes. Answer: (should include points such as): Spam Chain mail Hoaxes Viral hoaxes Fraud Page Ref: 184-185 Objective: Describe and understand the true threat posed by viruses, the extent of the problem, and virus hoaxes and their effect on computers and productivity. Level: Intermediate 3) Discuss the four primary environments that viruses operate in. Answer: (should include points such as): File viruses Boot viruses Macroviruses Network viruses Page Ref: 173-174 Objective: Understand the differences between the differing types of viruses, including browser hijack viruses, direct action viruses, overwrite viruses, Web scripting viruses, polymorphic viruses, file viruses, boot viruses, macro viruses, and network viruses. Level: Difficult

7.6 Critical Thinking Questions 1) Describe the type of person who would write a virus. Answer: (should include points such as): Progression from students and schoolchildren, to young adults and college students, to professional virus writers Motivation change Variety of resources Media image of bad, evil, depraved, etc. Script kiddies Dark Avenger Page Ref: 185-190 Objective: Understand who the virus writers are and why they write viruses. Level: Difficult 2) Identify similarities and differences between viruses and worms. Answer: (should include points such as): Categorization Virus environments Self-replication Stand-alone code How each is spread User intervention/nonintervention Page Ref: 172-176 Objective: Understand the differences between a virus and a worm. Additionally, understand how a worm operates in comparison to a virus. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 8 Sex Crimes, Victimization, and Obscenity on the World Wide Web 8.1 Multiple Choice Questions 1) Which of the following is NOT a typical victim of online exploitation? A) Women B) Children C) Adolescents D) Middle class males Answer: D Page Ref: 197 Objective: Understand the nature of cyber crime victimization. Level: Basic 2) All of the following are typical characteristics of stalkers, except: A) White B) Male C) Between the ages of 18 and 35 D) Low income Answer: D Page Ref: 205 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 3) Which of the following is NOT one of the ways a person can be cyberstalked? A) E-mail harassment B) Chat room threats C) Virus attacks D) Hacking into a computer for personal information Answer: C Page Ref: 203 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Intermediate 4) Which of the following is NOT a primary category of stalker? A) Simple obsession B) Love obsession C) Vengeance D) Sexual sadist Answer: D Page Ref: 205-206 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate

5) Which of the following best describes the link between child sexual abuse materials (CSAM) and pedophilia? A) CSAM serves as a primary facilitator for pedophilia. B) Viewing CSAM causes pedophilia. C) Viewing CSAM is not linked to pedophilia. D) The use of CSAM is necessary before a person can offend. Answer: A Page Ref: 213 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Difficult 6) Traveling abroad to have sex with underage children is known as: A) Love boating B) Sex tourism C) Sex vacationing D) Industrial sex Answer: B Page Ref: 228 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Intermediate 7) Which of the following is a major obstacle for law enforcement in investigating Internet exploitation? A) The offenders rarely repeat their crimes. B) The Internet offers relative anonymity. C) It is tough to find child pornography on the Internet. D) There is little evidence once the person is identified. Answer: B Page Ref: 234 Objective: Understand and describe the difficulties faced by law enforcement in detecting, investigating, and prosecuting cases of cyberstalking and cyberexploitation. Level: Intermediate 8) Which of the following is NOT true regarding the type of youths targeted for sexual solicitations and approaches? A) Girls are targeted at almost twice the rate of boys. B) Most youths targeted met the aggressor online. C) Most youths targeted were 14 or older. D) Most report the incidents to local law enforcement. Answer: D Page Ref: 199 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Intermediate 2 Copyright © 2024 Pearson Education, Inc.

9) Which category of stalker is the type where no prior relationship exists between the perpetrator and the victim or they are casual acquaintances? A) Erotomaniacs B) Simple obsessional stalkers C) Love obsession stalkers D) Vengeance or terrorist stalker Answer: C Page Ref: 205 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 10) Which of the following is NOT an offense or definition of an offense created by the Protection of Children from Sexual Predators Act? A) Definition of sex tourism B) Use of interstate facilities to transmit information about a minor C) Transfer of obscene materials to minors D) Definition of sexual activity Answer: A Page Ref: 209 Objective: Understand the law and legislation in the areas of cyberstalking, cyberexploitation, and pornography. Level: Intermediate 11) The Supreme Court decided that two sections of the Child Pornography Prevention Act were unconstitutional in: A) In re John Doe B) Ashcroft v. NAMBLE C) Ashcroft v. Free Speech Coalition D) None of these Answer: C Page Ref: 210 Objective: Describe the Supreme Court cases that have been decided concerning federal efforts to target cyber criminals and protect children online. Level: Intermediate 12) Which of the following is NOT part of Finkelhor's four-part model that enunciates how a sex offense occurs between an offender and a child victim? A) A potential offender must have some motivation to sexually abuse a child. B) Any internal inhibitions against acting on the motivation to engage in sexual assault must be overcome. C) Any external impediments to acting on the impulse to abuse must be overcome. D) A potential offender must avoid detection from law enforcement. Answer: D Page Ref: 221-222 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 3 Copyright © 2024 Pearson Education, Inc.

13) Which subtype of child molester typically leads the most stable life? A) Regressed child molester B) Morally indiscriminate child molester C) Inadequate child molester D) Sexually indiscriminate child molester Answer: A Page Ref: 222 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 14) Which country is NOT traditionally connected with child sex tourism? A) Philippines B) Thailand C) Japan D) Sri Lanka Answer: C Page Ref: 231 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Intermediate 15) Which of the following is NOT a primary federal agency that combats Internet exploitation, cyber stalking, and obscenity? A) FBI B) ICE C) The Secret Service D) The Postal Inspective Service Answer: C Page Ref: 233 Objective: Understand and describe the difficulties faced by law enforcement in detecting, investigating, and prosecuting cases of cyberstalking and cyberexploitation. Level: Intermediate 16) What factors make some groups more vulnerable than others to online victimization? A) Regular use and access to a computer with Internet capability B) People who actively participate in chat rooms C) Troubled or rebellious teens seeking emancipation from parental authority D) All of these Answer: D Page Ref: 198 Objective: Understand the nature of cyber crime victimization. Level: Intermediate

17) Which act empowers the Justice Department to penalize U.S. citizens traveling across state or national borders to engage in sexual activity with children? A) Child Protection and Sexual Predator Act B) Child Abuse Act C) Child Sexual Abuse Prevention Act D) Protection of Children from Sexual Predators Act Answer: C Page Ref: 208-209 Objective: Understand the law and legislation in the areas of cyberstalking, cyberexploitation, and pornography. Level: Difficult 18) The category of stalkers that believe the victim is in love with him or her is called: A) Schizophrenics B) Love crazy C) Erotomaniacs D) None of these Answer: C Page Ref: 206 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 19) Child sexual abuse materials are used by a pedophile to: A) Feed and create sexual fantasies B) Lower the inhibitions of the child whom they are planning to molest C) Blackmail a child into remaining silent D) All of these Answer: D Page Ref: 213 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 20) Pedophiles use the Internet for all of the following purposes, EXCEPT: A) Identity theft B) Communicating with other pedophiles C) Trafficking child sexual abuse materials D) Engaging in inappropriate sexual communication with children Answer: A Page Ref: 215 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate

8.2 True/False Questions 1) Pedophiles use the Internet to troll for victims, to exchange pornography, and to network with other pedophiles. Answer: TRUE Page Ref: 215 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Basic 2) Older children are more at risk of being victimized online than younger children. Answer: TRUE Page Ref: 198 Objective: Understand the nature of cyber crime victimization. Level: Intermediate 3) Those living in higher-income households were more likely to be stalked than those in lowerincome brackets. Answer: FALSE Page Ref: 205 Objective: Describe the groups affected by cyber exploitation, bullying, stalking, and obscenity. Level: Intermediate 4) Most people using electronic forms of communication are much more brazen than they would be face to face. Answer: TRUE Page Ref: 203 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Basic 5) Most law enforcement agencies are trained to recognize the serious nature of stalking crimes. Answer: FALSE Page Ref: 207 Objective: Understand the law and legislation in the areas of cyberstalking, cyberexploitation, and pornography. Level: Basic 6) There is no federal law that imposes the death penalty if the death of a child results from a sexual offense. Answer: FALSE Page Ref: 210 Objective: Understand the law and legislation in the areas of cyberstalking, cyberexploitation, and pornography. Level: Intermediate

7) There is no accurate statistical source that reports the extent or number of arrests involving child sexual abuse materials. Answer: TRUE Page Ref: 212 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 8) In Reno v. American Civil Liberties Union, the Court examined the PROTECT Act and ruled it a violation of the free speech portion of the First Amendment. Answer: FALSE Page Ref: 210 Objective: Describe the Supreme Court cases that have been decided concerning federal efforts to target cyber criminals and protect children online. Level: Intermediate 9) Posting child sexual abuse materials via Web pages has been curtailed substantially over the past decade. Answer: TRUE Page Ref: 216 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 10) Most child molesters are caught before they have the chance to molest numerous children. Answer: FALSE Page Ref: 220 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Basic 11) The growth of sexual tourism is often attributed to a Western military presence that has increased the demand for sex workers. Answer: TRUE Page Ref: 229 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Intermediate 12) The Internet is the primary facilitator of the sex tourism industry. Answer: TRUE Page Ref: 230 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Intermediate

13) The cyber criminal of today is often likely to be operating in a jurisdiction outside the United States. Answer: TRUE Page Ref: 233 Objective: Understand and describe the difficulties faced by law enforcement in detecting, investigating, and prosecuting cases of cyberstalking and cyberexploitation. Level: Intermediate 14) It is relatively easy to identify and track crimes of child exploitation and abuse. Answer: FALSE Page Ref: 197 Objective: Understand the nature of cyber crime victimization. Level: Intermediate 15) Research has shown that males are the aggressors in the majority of sexual solicitations and approaches. Answer: TRUE Page Ref: 200 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Intermediate 8.3 Fill in the Blank Questions 1) ________, by their very nature, want a relationship with their victims. Answer: Stalkers Page Ref: 203 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Basic 2) Simple ________ stalkers comprise the largest group of estimated stalkers. Answer: obsessional Page Ref: 205 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 3) ________ was the first state to enact stalking legislation. Answer: California Page Ref: 207 Objective: Understand the law and legislation in the areas of cyberstalking, cyberexploitation, and pornography. Level: Intermediate

4) The ________ Act strengthens existing U.S. law by increasing prison penalties to 30 years for convicted sex tourists. Answer: PROTECT Page Ref: 210 Objective: Describe the Supreme Court cases that have been decided concerning federal efforts to target cyber criminals and protect children online. Level: Intermediate 5) Unlike other forms of obscenity or pornography, ________ sexual abuse materials laws are actively prosecuted. Answer: Child Page Ref: 216 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 6) Eventually, predators may introduce potential victims to photographs of ________ engaged in "normal" sex with adults, sending them gifts, and/or contact them by telephone. Answer: children Page Ref: 197 Objective: Understand the nature of cyber crime victimization. Level: Basic 7) Sexually abusing children is most commonly assumed to be a ________ behavior. Answer: learned Page Ref: 218 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 8) Child molesters have a ________% chance of being apprehended for their crimes. Answer: 3 Page Ref: 220 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 9) Clients of prostitutes are often called ________. Answer: Johns Page Ref: 224 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Basic

10) Mandated by Congress, the ________ allows individuals to report incidents of child luring, molestation, pornography, sex tourism, and prostitution. Answer: CyberTipline Page Ref: 233 Objective: Understand and describe the difficulties faced by law enforcement in detecting, investigating, and prosecuting cases of cyberstalking and cyberexploitation. Level: Intermediate 8.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Type of online fraud in which individuals or organized criminal groups engage Internet users in online communication under the pretense of initiating a dating relationship B) By definition are delusional and, consequently, virtually all suffer from mental disorders-most often schizophrenia C) A term that describes what is legally known as child pornography in the United States; can be defined simply as depictions of children involved in sexually explicit activities D) Typically involves a victim and a perpetrator who have a prior relationship E) The Supreme Court reviewed provisions of law aimed at CSAM, specifically virtual CSAM F) Attempt to elicit a particular response or a change of behavior from their victims rather than seeking a personal relationship with them G) Episodes where youth rated themselves as very or extremely upset or afraid as a result of the incident in the Youth Internet Safety Survey conducted in 2000 H) The primary targets of such crimes are almost exclusively children and women I) Specifically addresses the issues of online victimization of children; prohibits the transfer of obscene material to minors, and increases penalties for offenses against children and for repeat offenders J) Formed and run by ICE, which develops leads about and receives and coordinates undercover operations against international CSAM and child sexual exploitation rings 1) Exploitation of people for sexual purposes Page Ref: 197 Objective: Understand the nature of cyber crime victimization. Level: Intermediate 2) Distressing incidents Page Ref: 199 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Intermediate 3) Simple obsession stalker Page Ref: 205 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 10 Copyright © 2024 Pearson Education, Inc.

4) Erotomaniacs Page Ref: 206 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 5) Vengeance/terrorist stalkers Page Ref: 206 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 6) Child Protection and Sexual Predator Act of 1998 Page Ref: 208 Objective: Understand the law and legislation in the areas of cyberstalking, cyberexploitation, and pornography. Level: Intermediate 7) Ashcroft v. Free Speech Coalition Page Ref: 210 Objective: Describe the Supreme Court cases that have been decided concerning federal efforts to target cyber criminals and protect children online. Level: Intermediate 8) Child sexual abuse materials (CSAM) Page Ref: 211 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 9) Online dating cams Page Ref: 226 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Intermediate 10) Operation Predator Page Ref: 233 Objective: Understand and describe the difficulties faced by law enforcement in detecting, investigating, and prosecuting cases of cyberstalking and cyberexploitation. Level: Intermediate Answers: 1) H 2) G 3) D 4) B 5) F 6) I 7) E 8) C 9) A 10) J

8.5 Essay Questions 1) How has the Internet changed the way people can be exploited? Answer: (should include points such as): Most people victimized are women and children Victims are enticed online Internet can be used to produce, manufacture, and distribute pornography Exposure to pornography over the Internet may encourage victims to exchange pornography Promotes sexual tourism Utilize chat rooms to develop relationships Harassment Distressing incidents Page Ref: 197 Objective: Understand the nature of cyber crime victimization. Level: Intermediate 2) How are traditional stalkers and cyberstalkers similar? How are they different? Answer: (should include points such as): The similarities primarily involve the motivations for stalking and the demographic and relational characteristics of the offense. In essence, the stalker is motivated by a desire to get close to the victim, control the victim, or punish the victim in some way. The major difference is that while off-line stalking necessitates a closer proximity to the victim, cyberstalking can occur from across the nation or the world. Electronic communications technologies make it much easier for a cyberstalker to encourage third parties to harass and/or threaten a victim (e.g., impersonating the victim and posting inflammatory messages to bulletin boards and in chat rooms, causing viewers of that message to send threatening messages back to the victim "author"). Finally, cyberstalkers are much more likely to be brazen than off-line stalkers because of the anonymity of the Internet and the lack of close proximity. Page Ref: 206 Objective: Describe the perpetrators of cyberstalking and exploitation via the Internet. Level: Intermediate 3) How has stalking changed? Answer: (should include points such as): Laws have broadened the definition of stalking Repeated behavior that is harassing, communication, or nonconsensual communication General intent to allow for implied threats and threats that may not have been credible May take into account the receiver's reaction Allows for the inclusion of e-mail or other electronic communication Page Ref: 202 Objective: Describe the groups affected by cyber exploitation, revenge porn, stalking, and obscenity. Level: Intermediate

8.6 Critical Thinking Questions 1) Complete some outside research on a recent case of online child sexual abuse materials. Write a summary of the incident, how was the incident discovered, and what criminal outcome happened to the offender. Answer: Answers will vary. Page Ref: 211-223 Objective: Understand and describe the issues with online pornography, child sex abuse materials, and child exploitation facilitated by the Internet. Level: Intermediate 2) Visit a government website and design a 10-slide PowerPoint with new data concerning prostitution or sex tourism. Answer: Answers will vary. Presentations of the PowerPoints are recommended. Page Ref: 223-232 Objective: Understand the ways that the sex trade, including prostitution, human trafficking, and sex tourism has changed with the explosion of online content. Level: Intermediate

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 9 Anarchy and Hate on the World Wide Web 9.1 Multiple Choice Questions 1) The groups ALF and ELF can best be described as: A) Right-wing extremist groups B) Special interest or single-issue extremist groups C) Hate groups D) Militia groups Answer: B Page Ref: 251 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Basic 2) The original U.S. Patriot Act had effectively increased law enforcement power in which of the following areas? A) Wiretaps B) Court orders and subpoenas C) Trap and trace orders D) All of these Answer: D Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Intermediate 3) Heavy metal music, black cults, and links to other social youth movements are techniques used on the Internet by what types of groups? A) White supremacy and hate groups B) Groups from the left C) Special interest groups D) Organized crime and gang groups Answer: A Page Ref: 248 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Intermediate

4) The "Monkey Wrench Gang," a 1975 book written by Edward Abbey inspired the development of what group? A) World Church of the Creator B) Earth/Environmental Liberation Front C) Symbionese Liberation Army D) Weather Underground Answer: B Page Ref: 252 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Intermediate 5) ELF emerged from a group called: A) Live Earth! B) Earth Alive! C) Earth First! D) Living Earth! Answer: C Page Ref: 252 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Intermediate 6) Which of the following is a weakness in counterterrorism efforts that was identified after September 11, 2001? A) Failure to place an emphasis on traditional human intelligence gathering and analysis B) Failure to provide timely, accurate, and specific intelligence information to law enforcement agencies C) Outdated and obsolete computer systems D) All of these Answer: D Page Ref: 263 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Intermediate 7) A ________ is a court document signed by a judge that instructs the police to perform a specific task. A) Search warrant B) Court order C) Judicial mandate D) Search order Answer: B Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Intermediate 2 Copyright © 2024 Pearson Education, Inc.

8) Which of the following is NOT a characteristic of intelligence? A) Proactive B) Arrests are rarely made C) Sources are known and open D) Reports are closed Answer: C Page Ref: 262 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 9) Which of the following is NOT a characteristic of investigation? A) Proactive B) Reports are generally open C) Sources are known and open D) Arrests are made based on evidence and facts Answer: B Page Ref: 262 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 10) Historically, the missing dimension in quality intelligence has been: A) The proper equipment B) The lack of reliable sources C) Analysis D) The lack of proper training for officers Answer: C Page Ref: 261-262 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 11) Which of the following is NOT a lawful limitation on speech? A) Obscenity B) Incitement C) Libel/Slander D) Hate Answer: D Page Ref: 259 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Basic

12) The most famous instance of an organization placing specific, personal information on a website is the ________ Files case. A) Nuremberg B) Paris C) Budapest D) Vienna Answer: A Page Ref: 257 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Intermediate 13) ________, a form of racist propaganda, was found in the automobile of Timothy McVeigh when he was arrested after the bombing of the Murrah Federal Building in Oklahoma City, Oklahoma. A) Anarchist Cookbook B) Anarchist Diaries C) Turner Diaries D) Protocols of Zion Answer: C Page Ref: 254 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Intermediate 14) A liberal mainstream site, operated by PETA, that is youth oriented is called: A) PETA Kids B) PETA People C) PETA 2 D) None of these Answer: C Page Ref: 254 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Intermediate 15) Which of the following is MOST true? A) Hate crimes affect only the direct victim. B) All states define a "hate crime" in the same manner. C) Victims of hate crimes are hurt physically and emotionally. D) Police officers are adequately trained in investigating hate crimes. Answer: C Page Ref: 247 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Intermediate 4 Copyright © 2024 Pearson Education, Inc.

16) According to federal law, a criminal offense is a hate crime when such crime is motivated by: A) Race B) Sexual orientation C) Religion D) All of these Answer: D Page Ref: 247-248 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Intermediate 17) The FBI has estimated that over a five-year period, ALF and ELF have committed more than 600 criminal acts in the United States, which have resulted in damages that exceeded: A) $2 billion B) $43 million C) $54 million D) $75 million Answer: B Page Ref: 251 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Basic 18) ________ can be defined as information, which has been identified as relevant, collected, verified, and interpreted within the context of specific objectives. A) Intelligence B) Investigation C) Analysis D) Detection Answer: A Page Ref: 261 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Intermediate

19) Which government passed a law called "The new Personal Information International Disclosure Protection Act" to protect their citizens from having any information provided through PATRIOT Act investigations? A) Quebec B) Toronto C) Vancouver D) Nova Scotia Answer: D Page Ref: 265 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Intermediate 20) What provides law enforcement agencies the incoming numbers on a subject's phone? A) Pen register B) Trap and trace C) Wiretap D) None of these Answer: B Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Intermediate 9.2 True/False Questions 1) There have been several violent acts attributed to newly formed anarchist groups. Answer: FALSE Page Ref: 250 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Intermediate 2) The reauthorized PATRIOT Act provides for judicial review and approval and a more detailed application process to specify law enforcement targets and actions. Answer: TRUE Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Difficult 3) Anarchist International can be characterized as a conglomerate of right-wing extremist groups. Answer: FALSE Page Ref: 250 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Intermediate 6 Copyright © 2024 Pearson Education, Inc.

4) ALF was originally organized in Arizona during the 1980s. Answer: FALSE Page Ref: 251 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Basic 5) The Internet has made the recruitment of members easier than prior to the dawn of the information age. Answer: TRUE Page Ref: 252 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Basic 6) A pen/trap and trace order is a legal document signed by a judge directing police officers to search a specific area for a specific person or item of evidence/contraband. Answer: FALSE Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Basic 7) White power groups in the United States became more active in 2008 and 2009. Answer: TRUE Page Ref: 250 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Intermediate 8) Police officers have been adequately trained in how to handle hate crimes. Answer: FALSE Page Ref: 247 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Basic 9) No murders have been directly attributed to environmental activists. Answer: TRUE Page Ref: 251 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Intermediate

10) One of the most widely distributed cartoons on the right is called Border Patrol. Answer: FALSE Page Ref: 253 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Basic 11) The Internet allows individuals to self-publish cartoons and videos. Answer: TRUE Page Ref: 253 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Basic 12) For the most part, the CIA is relegated to working outside the United States. Answer: TRUE Page Ref: 261 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 13) Law enforcement's primary focus is to collect evidence after a crime is committed in order to support prosecution in a court trial. Answer: TRUE Page Ref: 261 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 14) The framework for U.S. intelligence was created to deal with the problem of terrorism. Answer: FALSE Page Ref: 260 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Intermediate 15) The FBI and other police agencies are restricted in sharing information with the CIA. Answer: TRUE Page Ref: 261 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Intermediate

9.3 Fill in the Blank Questions 1) ________ is the surreptitious eavesdropping on a third-party conversation by wire, oral, or electronic communication. Answer: Wiretap Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Basic 2) Under the USA PATRIOT Act, police can now force Internet Service Providers (ISPs) to "________" hand out information on customer profiles and Web-surfing habits without a warrant or court order. Answer: voluntarily Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Difficult 3) ________ occurs before an incident or event. Answer: Intelligence Page Ref: 262 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Intermediate 4) ________ is a youth-oriented publication featuring interviews with popular celebrities and their beliefs about how animals should be treated. Answer: Grrrr! Page Ref: 254 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Intermediate 5) The FBI defines ________ as the use or threatened use of violence of a criminal nature against innocent victims or property by an environmentally oriented national group for environmentalpolitical reasons, or aimed at an audience beyond the target, often of a symbolic nature. Answer: ecoterrorism Page Ref: 251 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Intermediate

6) ________ wrenching describes vandalism against active construction and lumbering locations. Answer: Monkey Page Ref: 252 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Intermediate 7) Those who identify as ________ generally hold views that oppose fascism and racism and favor anarchism, and sometimes, communism. Answer: Antifa Page Ref: 250 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Intermediate 8) ________ extremism represents a movement that promotes whites. Answer: Right-wing Page Ref: 247 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Intermediate 9) One of the more popular white supremacist websites is ________, which has over 100,000 members and thousands of posts every day. Answer: Stormfront.org Page Ref: 248 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Intermediate 10) The ________ collects and analyzes information regarding national security in order to warn our government before an act occurs. Answer: CIA Page Ref: 261 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic

9.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) A term used to describe vandalism against active construction and lumbering locations B) Represents a movement that promotes whites, especially Northern Europeans and their descendants, as intellectually and morally superior to other races C) Original case offered extensive personal information about abortion providers, such as pictures, work and home addresses, phone numbers, license plates, Social Security numbers, names, birth dates of spouses and children on the Internet D) A criminal offense committed against persons, property, or society that is motivated, in whole or in part, by an offender's bias against an individual's or a group's perceived race, religion, ethnic/national origin, gender, age, disability, or sexual orientation E) Individuals who identify, generally hold views that oppose fascism and racism and favor anarchism and, sometimes, communism F) Speech that is intended and likely to incite "imminent lawless action," or where the speech presents a "clear and present danger" to the security of the nation G) A loosely organized movement committed to ending the abuse and exploitation of animals H) Provides the law enforcement agency access to the numbers dialed from a subject's phone I) Information that has been identified as relevant, collected, verified, and interpreted within the context of specific objectives J) Occurs after the event or incident; reports are generally open; sources are generally known and open; and arrests are made based on evidence and facts 1) right-wing extremism Page Ref: 247 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Basic 2) hate crime Page Ref: 247-248 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Basic 3) Antifa Page Ref: 250 Objective: Explain the relationship between left-wing groups and "special interest or singleissue extremist" groups. Level: Basic 4) ALF Page Ref: 251 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Basic 11 Copyright © 2024 Pearson Education, Inc.

5) monkey wrenching Page Ref: 252 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Basic 6) Nuremberg Files case Page Ref: 257 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Basic 7) Incitement Page Ref: 259 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Basic 8) Intelligence Page Ref: 261 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 9) Investigation Page Ref: 262 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic 10) Pen register Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Basic Answers: 1) B 2) D 3) E 4) G 5) A 6) C 7) F 8) I 9) J 10) H

9.5 Essay Questions 1) Why are ALF and ELF considered a terrorist group? Answer: (should include points such as): They use intimidation tactics They see others who don't support their beliefs as enemies They have caused millions of dollars in damage They have committed more than 600 criminal acts Page Ref: 251-252, 256-257 Objective: Describe ALF and ELF, and provide examples of each group's recent terrorist activities in the United States. Level: Intermediate 2) Discuss the use of Internet cartoons and memes as propaganda. Answer: (should include points such as): Hate groups and domestic terror groups have mastered the art of harnessing social media, music, and even video games to spread propaganda, appealing to those who do not necessarily share their particular beliefs. Once a person is exposed to these ideas for long enough, they do not seem as fringe. The Internet allows individuals to self-publish their memes, cartoons, and videos. This provides an outlet for individuals who are not skilled artists but are still interested in pushing their message out to the public. Web sites like YouTube allow individuals to make animated cartoons using simple programs, though the sites carefully monitor content to reduce offensive material. However, some users repeatedly create new user profiles or channels to repost their material once it is removed from the site. Page Ref: 253-254 Objective: Describe some of the techniques that right-wing hate groups use to spread their propaganda. Level: Intermediate 3) What does the USA PATRIOT Act stand for and what is its primary purpose? Answer: (should include points such as): Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism More easily and more surreptitiously monitor the Web surfing and communication of individuals using the Internet Conduct nationwide roving wiretaps on cell and line telephones, and build profiles on the reading habits of people visiting public libraries The ability to conduct surveillance against what are defined as "lone wolf terrorists" was increased Allows the government to seek court-ordered production of "any tangible thing," including business records, in intelligence investigations. The provision both expanded the scope of materials that may be sought and lowered the standard for a court to issue an order Page Ref: 264 Objective: Discuss the primary issues associated with the USA PATRIOT Act, and list the four traditional tools of surveillance that have been expanded within the Act. Level: Intermediate 13 Copyright © 2024 Pearson Education, Inc.

9.6 Critical Thinking Questions 1) Find a recent example of a hate crime on the Internet. Write a summary, and be sure to include why it was a hate crime, the characteristics that made it a hate crime and how the police and court responded to the hate crime. Answer: Answers will vary. Page Ref: 247-250 Objective: Legally define a hate crime, and describe how white supremacist groups use the Internet to spread their message of hate. Level: Difficult 2) Compare the characteristics of intelligence and investigation and describe how the information from each is used. Answer: (should include points such as): Proactive/Reactive Reports opened/closed Sources opened/closed Arrests made based on facts and evidence Arrests rarely made Page Ref: 262 Objective: Explain the conflicting roles and activities observed within law enforcement pertaining to investigation versus intelligence gathering. Level: Basic

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 10 Digital Laws and Legislation 10.1 Multiple Choice Questions 1) In order to obtain a search warrant, a law enforcement officer must show probable cause by reasonably establishing three issues. Which of the following is NOT one of them? A) A crime has been committed. B) The item to be seized is contraband. C) Evidence of the crime exists. D) The evidence currently exists in the place to be searched. Answer: B Page Ref: 273 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Basic 2) Our current body of search law is the ongoing product of the interaction of: A) Legislation, case law, and constitutional law B) Case law and administrative codes C) Legislation, constitutional law, and administrative codes D) Case law and constitutional law Answer: A Page Ref: 272 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 3) According to the Fourth Amendment, people have the right to be secure in their: A) Persons and houses B) Persons, houses, and cars C) Persons, houses, papers, and effects D) Houses and cell phone conversations Answer: C Page Ref: 273 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate

4) Which statement is MOST true? A) The point of the Fourth Amendment is to protect criminals. B) Society must be willing to recognize a person's expectation of privacy as reasonable. C) A desire to hide something always creates a reasonable expectation of privacy. D) A person's home always offers sanctuary against the police. Answer: B Page Ref: 273 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 5) The remedy for a flawed search is most frequently: A) The admission of the evidence regardless of the flawed search B) A new warrant to recollect the evidence C) The suppression of the evidence D) None of these Answer: C Page Ref: 274 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 6) Which of the following is one of the exceptions to the general rule that searches must be conducted pursuant to a warrant? A) Border searches B) Exigent circumstances C) Search incident to arrest D) All of these Answer: D Page Ref: 266-267 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Basic 7) In order to seize an item in plain view, an officer must: A) See the item B) Immediately recognize that the item is subject to seizure C) Be legally present in the area from which the item is viewed D) All of these Answer: D Page Ref: 276 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate

8) A search warrant allows an investigator to search a hard drive for evidence of fraud. During the analysis, the investigator discovers child pornography on the hard drive. The child pornography may be seized under which doctrine? A) Exigent circumstances B) Searches by private citizens C) Plain view D) Search incident to arrest Answer: C Page Ref: 276-277 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 9) The burden of proving exigent circumstances falls on which of the following? A) Prosecutors B) Law enforcement C) The defendant D) All of these Answer: B Page Ref: 276 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 10) Which of the following is an exception contained in Title III? A) The extension of an office computer exception B) The unattended computer exception C) The computer trespasser exception D) All of these Answer: C Page Ref: 279 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 11) The Electronic Communications Privacy Act creates two categories of computer service. The two categories are: A) Electronic Communication Service and Remote Computing Service B) Wireless Service and Remote Service C) Remote Service and Internet Service D) In Transit Service and Transmission Service Answer: A Page Ref: 280 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 3 Copyright © 2024 Pearson Education, Inc.

12) Which is the primary federal statute targeting unauthorized computer use? A) USA Patriot Act B) Copyright Act C) Computer Fraud and Abuse Act D) Title III Answer: C Page Ref: 282 Objective: Describe the federal statutes that prohibit cyber crime. Level: Intermediate 13) Which of the following is NOT a category in which information to be obtained under ECPA must be specified as? A) Contents of communication B) Passwords to user accounts C) Basic subscriber information D) Records or logs pertaining to a subscriber Answer: B Page Ref: 280 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 14) When admitting digital evidence at trial, the issue of ________ comes up when the evidence involves computer-generated records. A) Authenticity B) Impeachment C) Hearsay D) Due process Answer: A Page Ref: 285 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 15) The ________ rule states that to prove the content of a writing, recording, or photograph, the "original" writing, recording, or photograph is ordinarily required. A) Business exception B) Best evidence C) Hearsay D) Authenticity Answer: B Page Ref: 286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate

16) Which is NOT a form of challenging the authenticity of computer records? A) Questioning whether the records were altered, manipulated, or damaged after they were created B) Challenging the reliability of the computer program that generated the records C) Questioning the identity of the author of computer-generated records D) Questioning the identity of computer-stored records Answer: C Page Ref: 285-286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 17) In ________, the U.S. Supreme Court ruled that the Fourth Amendment protects persons evidencing an expectation of privacy. However, society must be willing to recognize that expectation as reasonable. A) Florida v. Riley B) Zurcher v. Stanford Daily C) Katz v. United States D) The Steve Jackson Games case Answer: C Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 18) In ________, the court allowed the use of aerial surveillance of arguably "private" spaces. A) Florida v. Riley B) Zurcher v. Stanford Daily C) Katz v. United States D) The Steve Jackson Games case Answer: A Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 19) In ________, the court ruled that (1) a search is not unreasonable if items sought are not in the possession of the suspected criminal, and (2) the search should not interfere with the execution of actions privileged by the First Amendment. A) Florida v. Riley B) Zurcher v. Stanford Daily C) Katz v. United States D) Jones v. Smith Answer: B Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 5 Copyright © 2024 Pearson Education, Inc.

20) In ________, the court ruled that the search of a city employee's city paid pager's text messages was reasonable under the Fourth Amendment. A) Florida v. Riley B) Zurcher v. Stanford Daily C) Ontario v. Quon D) Jones v. Smith Answer: C Page Ref: 288 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 10.2 True/False Questions 1) When police intrude into a person's reasonable expectation of privacy, the intrusion is always unlawful. Answer: FALSE Page Ref: 273 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 2) The sole purpose of the exclusionary rule is to curb police abuse of civil rights and to deter misconduct. Answer: TRUE Page Ref: 274 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 3) A local court always has the grounds to exercise personal jurisdiction when a criminal actor provides information from a website. Answer: FALSE Page Ref: 274 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 4) Most searches conducted by the police do not involve a warrant. Answer: TRUE Page Ref: 274 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Basic

5) Officers are allowed to search persons arrested for any weapons or for any evidence on the arrestee's person in order to prevent its concealment or destruction. Answer: TRUE Page Ref: 276 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Basic 6) The pen/trace statute regulates the collection of communication content. Answer: FALSE Page Ref: 278 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 7) Title III regulates the collection of addressing information from wire communications. Answer: FALSE Page Ref: 278 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 8) The primary purpose of the Economic Espionage Act is to impose criminal penalties on the theft of trade secrets. Answer: TRUE Page Ref: 283 Objective: Describe the federal statutes that prohibit cyber crime. Level: Intermediate 9) The most comprehensive piece of federal legislation focused on cyber crime is the Consumer Fraud and Abuse Act (CFAA). Answer: TRUE Page Ref: 281-282 Objective: Describe the federal statutes that prohibit cyber crime. Level: Intermediate 10) An accurate printout of computer data satisfies the best evidence rule. Answer: TRUE Page Ref: 287 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 11) The mere possibility of tampering affects the authenticity of a computer record. Answer: FALSE Page Ref: 286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 7 Copyright © 2024 Pearson Education, Inc.

12) The business records exception is the most common hearsay exception applied to computer records. Answer: TRUE Page Ref: 286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 13) The reasonable expectation of privacy is static. Answer: FALSE Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 14) According to Zurcher, a search is unreasonable if the items sought are not in the possession of the suspected criminal. Answer: FALSE Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 15) The Supreme Court has held that the functional equivalent of an impermissible intrusion is an impermissible intrusion regardless of the actual route employed by technology. Answer: TRUE Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 10.3 Fill in the Blank Questions 1) A ________ item deprives the owner of its use. Answer: seized Page Ref: 273 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Basic 2) ________ is the power of the court to decide a matter in controversy and presupposes the existence of a duly constituted court with control over the subject matter and the parties. Answer: Jurisdiction Page Ref: 274 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Basic 8 Copyright © 2024 Pearson Education, Inc.

3) The ________ platter doctrine allows evidence collected by members of the public and presented to law enforcement to be admitted as evidence. Answer: silver Page Ref: 277 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Basic 4) Courts have recognized the need to allow for ________ searchers that are more intrusive than would be allowed in other locations. Answer: border Page Ref: 277 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 5) ________ devices are used more frequently by law enforcement than are wiretaps. Answer: Pen/trap Page Ref: 279 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 6) The Family Entertainment and Copyright Act of 2005 was signed into law to increase penalties attached to acts of ________. Answer: piracy Page Ref: 284 Objective: Describe the federal statutes that prohibit cyber crime. Level: Intermediate 7) The ________ rule exists to prevent unreliable out-of-court statements by people from influencing the outcomes of trials. Answer: hearsay Page Ref: 286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 8) Parties may challenge the authenticity of computer-stored records by questioning the identity of their ________. Answer: author Page Ref: 286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate

9) Constitutional protections apply to persons and expectations, not to physical ________ or actual techniques. Answer: locations Page Ref: 287 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate 10) When attempting to collect digital evidence without a warrant, ________ searches are the most commonly used searches conducted by law enforcement. Answer: consent Page Ref: 275 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate

10.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Officers are allowed to search the person arrested for any weapons or for any evidence on the arrestee's person to prevent its concealment or destruction B) Occurs when there is some meaningful interference with an individual's possessory interests in that property C) Governs the collection of actual content of wire and electronic communications D) The U.S. Supreme Court ruled that the police generally may not, without a warrant, search digital information on a cell phone seized from an individual who has been arrested E) Primary purpose is to impose criminal penalties on the theft of trade secrets F) Was originally designed to allow businesses to monitor by way of an extension telephone the performance of their employees who spoke on the phone to customers G) Allows law enforcement officers to search and/or seize evidence without a warrant if they have probable cause and there is some pressing need to preserve evidence that is in danger of being destroyed or corrupted H) Limited to a pat down of the outer clothing of the individual and can occur based on reasonable suspicion I) The power of a court to decide a matter in controversy and presupposes the existence of a duly constituted court with control over the subject matter and the parties J) Exists to prevent unreliable out-of-court statements by people from influencing the outcome of trials 1) Seizure of property Page Ref: 273 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 2) Jurisdiction Page Ref: 274 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate 3) Frisk Page Ref: 275 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 4) Exigent circumstances doctrine Page Ref: 276 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 11 Copyright © 2024 Pearson Education, Inc.

5) Search incident to arrest Page Ref: 276 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 6) Title III Page Ref: 278 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 7) Extension telephone exception Page Ref: 279 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 8) Economic Espionage Act Page Ref: 283 Objective: Describe the federal statutes that prohibit cyber crime. Level: Intermediate 9) Hearsay rule Page Ref: 286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Intermediate 10) Riley v. California Page Ref: 289 Objective: Identify and discuss the significant U.S. Supreme Court cases focusing on cyber crime and evidence. Level: Intermediate Answers: 1) B 2) I 3) H 4) G 5) A 6) C 7) F 8) E 9) J 10) D

10.5 Essay Questions 1) Explain exigent circumstances with regard to digital evidence. Answer: (should include points such as): Allows law enforcement officers to search and/or seize evidence without a warrant If they have probable cause and there is some pressing need to preserve evidence that is in danger of being destroyed or corrupted Digital evidence makes it subject to quick disposal and easy corruption The burden of proving exigent circumstances falls on law enforcement. Unless the computer, device, or network cannot be secured, it is unlikely that exigency will allow analysis; it will just allow for the seizure of the items. Page Ref: 276 Objective: Identify situations where search and seizure are possible without a warrant and describe warrantless search and seizure limits. Level: Intermediate 2) What does Title III govern? Answer: (should include points such as): The practice of electronic surveillance in criminal investigations The collection of actual content of wire and electronic communications It applies to the Internet and e-mail, the pen/trap statute allows the government to obtain the addressing information of Internet communications much as it would allow the government to obtain phone numbers for traditional phone calls However, reading an Internet or e-mail communication requires compliance with Title III Page Ref: 278-280 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate 3) Discuss how a law enforcement officer obtains a search warrant. Answer: (should include points such as): Probable cause Evidence of crime exists Evidence currently exists in the place to be searched Particularly describe place Specific evidence/General evidence Jurisdiction Neutral magistrate Page Ref: 273-274 Objective: Explain the intent and fundamental concepts of search and seizure law as it applies to cyber crime. Level: Intermediate

10.6 Critical Thinking Questions 1) How might someone challenge the authenticity of computer records? Answer: (should include points such as): Questioning whether records were altered, manipulated, or damaged after creation Challenge reliability of computer program that generated the records Question the identity of the author of computer-stored records Page Ref: 285-286 Objective: Discuss the issues presented regarding the admission of digital evidence at trial. Level: Difficult 2) Define the five types of instruments that may be required to obtain information under the ECPA. Answer: (should include points such as): Subpoena Subpoena with prior notice to service user Section 2703(d) order Section 2703(d) order with prior notice to service user Search warrant Page Ref: 280-281 Objective: Describe the federal statutes that govern electronic surveillance in communications networks. Level: Intermediate

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 11 Law Enforcement Roles and Responses 11.1 Multiple Choice Questions 1) Which federal agency houses CCIPS? A) FBI B) DOJ C) Secret Service D) DOE Answer: B Page Ref: 293 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 2) Which federal agency bills itself as the nation's preeminent "cryptological organization"? A) NSA B) DOJ C) Secret Service D) DOE Answer: A Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 3) Which of the following is NOT a role of the FBI in fighting computer crime? A) Capture criminals behind serious computer intrusions and the spread of malicious code B) Stop online sexual predators who produce or share child pornography C) Prosecute crimes related to encryption, e-commerce, and intellectual property crimes D) Dismantle national and transnational organized crime groups engaging in Internet fraud Answer: C Page Ref: 294 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate

4) The FBI was established in? A) 1808 B) 1898 C) 1968 D) 1908 Answer: D Page Ref: 294 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 5) ________ is the largest and primary investigative arm of the U.S. DHS. A) FBI B) ICE C) CES D) DOJ Answer: B Page Ref: 301 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 6) Which federal agency is primarily responsible for protecting consumers markets against computer-generated fraud? A) DOJ B) FTC C) FBI D) DOE Answer: B Page Ref: 298 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 7) Which federal agency partners with the National White-Collar Crime Center to operate the Internet Crime Complaint Center (IC3)? A) FBI B) DOE C) The Secret Service D) U.S. Postal Inspectors Answer: A Page Ref: 295 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate

8) The ________ provides victims of Internet fraud of mechanism to report suspicious activities online. A) InfraGard B) Consumer Sentinel C) ICCC or IC3 D) CCIPS Answer: C Page Ref: 295 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 9) The Cyber Division of the FBI works in tandem with the Criminal Investigative Division in the investigation of domestic threats generated by computer-related crimes and their caseload typically includes which of the following? A) Online predators B) Ransomware C) Computer and network intrusions D) All of these Answer: D Page Ref: 294 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 10) What factors have limited the ability of local law enforcement agencies to respond to the growing threat of computer crime? A) Lack of training B) Lack of diagnostic equipment C) Lack of resources for tapping federal expertise and equipment D) All of these Answer: D Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Intermediate

11) Which of the following is the MOST true? A) The USA Freedom Act changes nearly all of the procedural burdens previously placed on investigators when seeking information. B) The USA Freedom Act does not change any of the procedural burdens previously placed on investigators when seeking information. C) The USA Freedom Act does not apply to law enforcement. D) The USA Freedom Act only applies to local and state law enforcement. Answer: B Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 12) Which is the lead agency responsible for monitoring and protecting all of the federal government's computer networks from acts of cyber terrorism? A) FBI B) Secret Service C) DHS D) NSA Answer: D Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 13) Which of the following is NOT a division of the Bureau of Consumer Protection within the FTC? A) Advertising practices B) Enforcement C) Fraud D) Financial practices Answer: C Page Ref: 298 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Difficult 14) As the U.S. Postal Service's primary concerns in the area of computer crime are: A) Electronic crimes B) Child exploitation and pornography C) Identity theft D) All of these Answer: D Page Ref: 299 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 4 Copyright © 2024 Pearson Education, Inc.

15) CCIP works in close collaboration with ________ in the prosecution of computer crimes. A) ICE B) U.S. Attorney's Office C) DHS D) ATF Answer: B Page Ref: 293 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 16) The Cyber Crimes Unit investigates and enforces laws regarding the sale and distribution of counterfeit pharmaceuticals and controlled substances over the Internet through: A) Operation medicine B) Operation pharmacy C) Operation doctor D) Operation apothecary Answer: D Page Ref: 302 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 17) Which agency has primary jurisdiction in cases involving access device fraud? A) FBI B) DHS C) Secret Service D) NSA Answer: C Page Ref: 303 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 18) The most pressing computer crimes enforced by local law enforcement agencies appear to be those related to: A) Identity theft B) Harmful computer content C) Fraud D) None of these Answer: B Page Ref: 304 Objective: Describe local law enforcement responses to computer crime. Level: Intermediate

19) The most important critical need among local law enforcement agencies is: A) Training B) Money C) Federal agents D) Civil employees Answer: A Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Intermediate 20) The disparity in equipment between federal and local cyber cops can most clearly be seen in the inability of most local agencies to: A) Identify fraudulent activity B) Retrieve digital evidence C) Properly download and store computer evidence D) All of these Answer: B Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Intermediate 11.2 True/False Questions 1) The chief law enforcement officer of the federal government is the director of Homeland Security. Answer: FALSE Page Ref: 293 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 2) The DHS subsumed the Federal Emergency Management Agency. Answer: TRUE Page Ref: 300 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 3) Since the creation of DHS, the Postal Service is no longer in the business of fighting computer-generated crimes such as child pornography. Answer: FALSE Page Ref: 299 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 6 Copyright © 2024 Pearson Education, Inc.

4) There is no comprehensive source of information containing a list of federal contact persons who could aid local investigators. Answer: TRUE Page Ref: 306 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Intermediate 5) Local officers may not have the capacity or understanding of computer crimes necessary to properly investigate these offenses. Answer: TRUE Page Ref: 304 Objective: Describe local law enforcement responses to computer crime. Level: Intermediate 6) The U.S. Postal Service rarely conducts joint investigations with other federal agencies. Answer: FALSE Page Ref: 299 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 7) The disparity in equipment between federal and local cyber cops can most clearly be seen in the inability of most local agencies to retrieve digital evidence. Answer: TRUE Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Basic 8) Most local agencies provide training in computer crime to patrol personnel. Answer: FALSE Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Basic 9) State laws have kept up with the pace of technology relatively well. Answer: FALSE Page Ref: 306 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Intermediate

10) One of the main responsibilities of the U.S. Department of Energy is the promotion of renewable energy resources. Answer: TRUE Page Ref: 299 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 11) E-commerce generates hundreds of billions of dollars in revenue annually, making the Internet economy comparable in size to the energy, automobile, and telecommunications industry. Answer: TRUE Page Ref: 298 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 12) The FBI does not have any public sector partners. Answer: FALSE Page Ref: 295 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 13) The NSA has been providing the nation with "code-breaking" capabilities since the Civil War. Answer: FALSE Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 14) Cyber-based attacks and high-tech crimes are of low priority for the FBI. Answer: FALSE Page Ref: 294 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 15) CCIPS attorneys conduct hundreds of training seminars every year for other federal attorneys. Answer: TRUE Page Ref: 294 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 8 Copyright © 2024 Pearson Education, Inc.

11.3 Fill in the Blank Questions 1) ________ is the program designed to facilitate the exchange of information among academic institutions, the business community, and the FBI, and serves as a prime example of the FBI's agenda for partnerships and interagency collaboration in the fight against cyber crime. Answer: InfraGard Page Ref: 295 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 2) National ________ Agency is the lead agency responsible for monitoring and protecting all of the federal government's computer networks from acts of cyber terrorism. Answer: Security Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 3) The ________ (agency acronym) unit within the DOJ focuses on prosecuting computer hacking, fraud, and intellectual property cases. Answer: CCIPS Page Ref: 293 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 4) The ________ Service has primary jurisdiction in the investigation of general computer fraud relating to computers and computer systems of "federal interest." Answer: Secret Page Ref: 303 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 5) The Consumer ________ is a centralized database of identity theft complaints used to compile statistics regarding the incidence of identity theft. Answer: Sentinel Page Ref: 298 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic

6) Operation ________ is an ongoing multiagency international investigation of child exploitation and crimes against children. Answer: Predator Page Ref: 301-302 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 7) The number of local, state, county, and regional computer crime task forces continues to ________. Answer: increase Page Ref: 304 Objective: Describe local law enforcement responses to computer crime. Level: Basic 8) The need for ________ appears to be paramount at the local level. Answer: training Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Basic 9) The National Cyber Alert System offers free subscription service to security alerts and tips to better protect systems and ________. Answer: infrastructure Page Ref: 301 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Intermediate 10) The Mail Theft Reporting System aims to identify patterns in mail theft across geographic regions as well as compile ________ relating to mail theft victims and monetary losses. Answer: statistics Page Ref: 299 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic

11.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Developed and supported by the FBI; is a partnership between the bureau and state, local, and federal law enforcement agencies within a geographical area to provide computer forensic lab support and training programs in support of criminal investigations and the prevention of terror incidents B) Has been providing the nation with "code-breaking" capabilities since these operations began against the Japanese in the Pacific theater of World War II C) Charged with protecting cyber infrastructure; mission is to reduce the likelihood and severity of incidents that may significantly compromise the security and resilience of the nation's critical information technology and communications networks D) Established in 1870 and headed by the chief law enforcement officer of the federal government-the attorney general E) Coordinates a nationwide prosecutor network, which is comprised of specialized computer and IP crime prosecutors assigned to every U.S. Attorney's Office F) Are four-fold: training, equipment, updated criminal codes designed to complement current enforcement efforts, and resources for tapping federal expertise and equipment related to computer crime enforcement G) Part of the Secret Service; is the agency's primary tool in the fight against computer crime H) The most pressing computer crimes enforced by these agencies appear to be those related to harmful computer content I) Created in 1914 primarily as a way for the government to "trust bust" or apply regulations ensuring a free marketplace for U.S. consumers and business enterprises J) Main responsibilities include the administration of domestic energy production, the promotion of renewable energy resources, and the promotion of energy conservation and efficiency 1) U.S. Department of Justice (DOJ) Page Ref: 293 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 2) Computer Crime and Intellectual Property Section (CCIPS) Page Ref: 293 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 3) Regional Computer Forensics Laboratory (RCFL) program Page Ref: 295 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic

4) National Security Agency (NSA) Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 5) Federal Trade Commission (FTC) Page Ref: 298 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 6) U.S. Department of Energy (DOE) Page Ref: 299 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 7) National Cybersecurity and Communications Integration Center (NCCIC) Page Ref: 300-301 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 8) Financial Crimes Division Page Ref: 303 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Basic 9) State and local law enforcement agencies Page Ref: 304 Objective: Describe local law enforcement responses to computer crime. Level: Basic 10) Critical needs at state and local levels Page Ref: 305 Objective: Identify the factors that have limited local law enforcement efforts against cyber crime. Level: Basic Answers: 1) D 2) E 3) A 4) B 5) I 6) J 7) C 8) G 9) H 10) F

11.5 Essay Questions 1) Describe the responsibilities of the National Security Administration (NSA). Answer: (should include points such as): Cryptologic organization Designing and maintaining computerized coding system Protecting integrity of U.S. information systems Monitoring and protecting federal government computer networks Detecting and exploiting weaknesses Code-breaking INFOSEC Page Ref: 296 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Difficult 2) Identify the four critical needs at the state or local level of law enforcement in order to fight computer crime more effectively. Answer: (should include points such as): Training Equipment Updated criminal codes designed to complement current enforcement efforts Resources tapping federal expertise and equipment related to computer crime enforcement Page Ref: 305-306 Objective: Identity the factors that have limited local law enforcement efforts against cyber crime. Level: Intermediate 3) Discuss the increasing role of state and local law enforcement in investigating computer crimes and how they have fared in doing so. Answer: The number of local, state, county, and regional computer crime task forces continues to increase, largely because agencies have experienced more computer-related criminal activities within their jurisdictions, and citizens and private entities have become increasingly willing to report these activities to local law enforcement departments. At the same time, local officers may not have the capacity or understanding of computer crimes necessary to properly investigate these offenses. Higher-profile computer crimes, such as threats to critical national infrastructure systems, are rarely handled solely by local and state investigators because they often require federal expertise and resources. Despite the ever-increasing caseload of cyber crimes, there appears to be a lack of recognition and support from upper-level management within local police agencies in terms of providing the resources necessary to counter these threats. The majority of these cases receive a low priority at the local level. The fact that computer crime cases have not received the necessary recognition and support from local law enforcement administrators has created several areas in which local-level agencies must improve if computer crimes are to be effectively enforced. Page Ref: 304-305 Objective: Describe local law enforcement responses to computer crime. Level: Difficult 13 Copyright © 2024 Pearson Education, Inc.

11.6 Critical Thinking Questions 1) Discuss how and why the Department of Homeland Security (DHS) consolidated so many federal offices. Answer: (should include points such as): September 11, 2001 Piecemeal nature of law enforcement actions Failure to coordinate and cooperate Bush administration Increase interagency coordination in fight against domestic terror Improve information sharing among federal law enforcement offices Page Ref: 300-304 Objective: Provide an overview of the roles and responses of federal law enforcement agencies concerning cyber crimes and any interagency partnerships to deal with these offenses. Level: Difficult 2) Have students do some research regarding how their local law enforcement agency back home deals with computer crimes. Do they have specialized units to handle these types of cases? Have them present their findings to the class. Answer: Answers may vary. Page Ref: 304 Objective: Describe local law enforcement responses to computer crime. Level: Difficult

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 12 The Investigation of Computer-Related Crime 12.1 Multiple Choice Questions 1) Which crime scene is the most complex to investigate? A) Single scene B) Multiple scene C) Network crime scene D) All of these are equally complex Answer: C Page Ref: 313 Objective: Identify sources of assistance for multiple-scene and network operations. Level: Intermediate 2) If an investigator finds a computer that is turned off during a search with a warrant, the investigator should: A) Turn on the computer B) Leave the computer turned off C) Unplug the computer from the wall D) None of these Answer: B Page Ref: 319 Objective: Explain and understand the legal standards and best current practices for the documentation of a single-location electronic crime scene. Level: Intermediate 3) Which of the following should be recorded by investigators when storing computer evidence? A) Make B) Model C) Serial number D) All of these Answer: D Page Ref: 320 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate

4) The ________ is responsible for the storage of evidence until the time of trial. A) Investigator B) Captain C) Custodian D) Forensic analyst Answer: C Page Ref: 322 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 5) Which of the following electronic storage devices do not fit a narrow definition of "computer" and may be excluded as evidence if not properly defined in a search warrant? A) PlayStation game systems B) Digital cameras C) Smartwatches with storage capacity D) All of these Answer: D Page Ref: 317 Objective: Identify hardware and storage devices potentially containing evidence of a crime. Level: Intermediate 6) Which network architecture is most closely associated with network crime scenes? A) LAN B) WAN C) Internet D) All of these Answer: D Page Ref: 324 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate 7) Which of these is an IP address? A) AA-0A-10-AB-AF-00 B) 192.684.168.255 C) 192.168.0.5 D) None of these Answer: C Page Ref: 328 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate

8) Which of these is a MAC address? A) 00-AF-03-05-0E-B9 B) 192.684.168.255 C) 192.168.0.5 D) None of these Answer: A Page Ref: 327 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 9) The best source for technical information needed in a network investigation is: A) Any computer expert B) An experienced computer crime investigator C) The library D) The system administrator for the system in question Answer: D Page Ref: 313 Objective: Identify sources of assistance for multiple-scene and network operations. Level: Intermediate 10) Minimization: A) Ensures that we do not do more harm than good to the victim B) Ensures we do not scare future victims with heavy-handed seizures C) Means reducing the amount of intrusion into the target system D) All of these Answer: D Page Ref: 328 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate 11) Distinguishing between single-scene, multiple-scene, and network crime scenes is based on: A) Technical differences B) Functional differences C) Legal differences D) All of these Answer: B Page Ref: 324 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate

12) ________ location electronic crime scene search and seizure is the most fundamental skill set of an electronic crimes investigator. A) Single B) Multiple C) Network D) All of these Answer: A Page Ref: 313 Objective: Explain and understand the search warrant application process appropriate to electronic evidence at a single-location crime scene. Level: Intermediate 13) In spite of the use of "network" technology, any geographically compact crime scene under the administrative control of a single entity is considered as: A) Single-scene crime B) Multiple-scene crime C) Network crime D) Any of these Answer: B Page Ref: 324 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate 14) ________ are designed primarily to log network traffic and examine it for known patterns indicating attacks. A) Firewalls B) Antivirus programs C) Intrusion detection systems (IDs) D) Key logs Answer: C Page Ref: 326 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 15) The IP address is associated with which layer of the OSI model? A) Human B) Application services C) Network services D) None of these Answer: C Page Ref: 328 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate

16) Which of the following must a prosecutor establish at trial? A) The evidence was not altered to prejudice the trial by either act or omission B) When, where, and how the evidence was collected C) The collected evidence conforms to the warrant or guidelines for commonly accepted warrantless searches D) All of these Answer: D Page Ref: 329-330 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate 17) First and foremost, investigators must assess: A) Potential danger to themselves B) The location of the evidence C) How to secure evidence D) How to collect the evidence Answer: A Page Ref: 319 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Basic 18) If an investigator unavoidably alters evidence, he should: A) Ignore the alteration B) Document the alteration C) Try to hide the alteration D) None of these Answer: B Page Ref: 319 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 19) A(n) ________ is a WAN that uses a common addressing and transfer protocol suite called Transfer Control Protocol/Internet Protocol. A) Internet B) Network C) Intranet D) Website Answer: C Page Ref: 324 Objective: Communicate an understanding of network architectures and standards relevant to network investigations. Level: Intermediate

20) Which of the following is an application of the hearsay rule used for digital evidence-related testimony? A) Using notes on the witness stand B) Business records C) Presenting best evidence D) All of these Answer: D Page Ref: 330-332 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate 12.2 True/False Questions 1) Single-scene crimes do not involve networks. Answer: TRUE Page Ref: 314 Objective: Explain and understand the search warrant application process appropriate to electronic evidence at a single-location crime scene. Level: Basic 2) Most system administrators understand the legal requirements of collecting evidence. Answer: FALSE Page Ref: 318 Objective: Explain and understand the legal standards and best current practices for the documentation of a single-location electronic crime scene. Level: Intermediate 3) All evidence collection activities may be called into question by the defense. Answer: TRUE Page Ref: 320 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 4) Electronic devices should be kept away from magnetic sources. Answer: TRUE Page Ref: 321 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 5) Anything capable of storing digital information may contain digital evidence. Answer: TRUE Page Ref: 323 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Basic 6 Copyright © 2024 Pearson Education, Inc.

6) Investigators are charged with understanding the full complexities of network architectures. Answer: FALSE Page Ref: 324 Objective: Communicate an understanding of network architectures and standards relevant to network investigations. Level: Intermediate 7) The intranet is often administered by several authorities. Answer: FALSE Page Ref: 324 Objective: Communicate an understanding of network architectures and standards relevant to network investigations. Level: Intermediate 8) To further complicate search and seizure operations, current law enforcement practices, called "minimization procedures," demand minimal intrusion to the operation of the network. Answer: TRUE Page Ref: 323 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate 9) It is the best current practice to minimize the intrusion of network investigations. Answer: TRUE Page Ref: 328 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate 10) Network services are most often tracked by system administrators. Answer: TRUE Page Ref: 326 Objective: Communicate an understanding of network architectures and standards relevant to network investigations. Level: Intermediate 11) Even detailed investigations may be outdated by the time the warrant is served. Answer: TRUE Page Ref: 315 Objective: Identify hardware and storage devices potentially containing evidence of a crime. Level: Intermediate 12) A well-trained first responder would immediately attempt to complete an electronic search and seizure upon reaching the scene. Answer: FALSE Page Ref: 310 Objective: Identify sources of assistance for multiple-scene and network operations. Level: Difficult 7 Copyright © 2024 Pearson Education, Inc.

13) Routine business records are considered hearsay. Answer: FALSE Page Ref: 326 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 14) The MAC address is a unique hardware address associated with each network card or other network device. Answer: TRUE Page Ref: 327 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 15) Many logs purge after as little as 24 hours. Answer: TRUE Page Ref: 326-327 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 12.3 Fill in the Blank Questions 1) Corporate ________ investigators are usually hired by corporations to secure the data assets of the corporation. Answer: security Page Ref: 312 Objective: Identify sources of assistance for multiple-scene and network operations. Level: Intermediate 2) Criminal investigators must establish probable cause in an ________ in application for a search warrant. Answer: affidavit Page Ref: 314 Objective: Explain and understand the search warrant application process appropriate to electronic evidence at a single-location crime scene. Level: Basic 3) When ________ are the target of a search, the warrant should be written to allow seizure of electronic storage media found at the crime scenes. Answer: data Page Ref: 315 Objective: Identify hardware and storage devices potentially containing evidence of a crime. Level: Intermediate

4) Distinctions between single, multiple, and network crime scenes are based on ________ differences. Answer: functional Page Ref: 324 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate 5) The ________ is a network of networks owned and maintained by various private, corporate, and governmental interests. Answer: Internet Page Ref: 325 Objective: Communicate an understanding of network architectures and standards relevant to network investigations. Level: Intermediate 6) The magistrate issuing the warrant may place special ________ on the search; those should be integrated into the plan. Answer: conditions Page Ref: 317 Objective: Explain and understand the legal standards and best current practices for the documentation of a single-location electronic crime scene. Level: Intermediate 7) The ________ address is a unique address assigned to every computer on the Internet. Answer: IP Page Ref: 327 Objective: Identify categories of evidence and probable locations of that evidence. Level: Basic 8) After safety is ensured, and the scene is secure, the entire scene should be ________ before altering it. Answer: photographed Page Ref: 319 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 9) The ________ rule excludes statements made outside the ability of the accused to confront the persons making the statement before the jury. Answer: hearsay Page Ref: 330 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate

10) The chain of evidence is a legal document that records the history of who had the ________ and when. Answer: evidence Page Ref: 333 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate 12.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) A protocol that allows users to enter meaningful words, like Google.com, instead of IP addresses to identify a computer or Web site B) Involves more than one computer or electronic device, possibly at more than one location, with the possibility of an intervening network C) Resources hired by corporations to protect their personnel and property, including company data, that often cooperate with law enforcement; but have a fundamentally different mission D) A crime scene that involves only a single computer and is fairly straightforward E) Includes any statement made outside the present proceeding, which is offered as evidence of the truth of matters asserted therein F) Designed primarily to log network traffic and examine it for known patterns indicating attacks G) These include smartphones, tablets, and other data devices that are miniature computer systems designed to be highly mobile H) Above all, evidence must remain unaltered until it is analyzed, and the continuity of the chain of custody must be maintained to prove it I) First and foremost, investigators must assess the potential danger to themselves J) A network internal to an organization-a company network-that uses their own internal private IP addressing and computer-naming conventions 1) corporate security Page Ref: 312 Objective: Identify sources of assistance for multiple-scene and network operations. Level: Intermediate 2) single-location crime scenes Page Ref: 313 Objective: Explain and understand the search warrant application process appropriate to electronic evidence at a single-location crime scene. Level: Intermediate 3) handheld devices Page Ref: 316 Objective: Identify hardware and storage devices potentially containing evidence of a crime. Level: Intermediate

4) priority concerns when executing the search warrant Page Ref: 317 Objective: Explain and understand the legal standards and best current practices for the documentation of a single-location electronic crime scene. Level: Intermediate 5) storage of seized evidence Page Ref: 322 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 6) multiple-scene crime Page Ref: 324 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate 7) intranet Page Ref: 324 Objective: Communicate an understanding of network architectures and standards relevant to network investigations. Level: Intermediate 8) intrusion detection systems (IDS) Page Ref: 326 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 9) domain name system (DNS) Page Ref: 328 Objective: Identify categories of evidence and probable locations of that evidence. Level: Intermediate 10) hearsay Page Ref: 330 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate Answers: 1) C 2) D 3) G 4) I 5) H 6) B 7) J 8) F 9) A 10) E

12.5 Essay Questions 1) Explain the differences between the Internet and Intranet. Answer: (should include points such as): WAN and TCP/IP Intranet administered by one authority Network of networks Page Ref: 324-325 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate 2) What are the different roles and responsibilities in the collection and storage of digital evidence? Answer: (should include points such as): First responders Investigators Digital analysts Private police Corporate security Page Ref: 310-313 Objective: Identify sources of assistance for multiple-scene and network operations. Level: Intermediate 3) Identify the nine layers of investigation under the OSI model. Answer: (should include points such as): Physical Data link Network Transport Session Presentation Application User Policies Page Ref: 325-326 Objective: Distinguish among single-scene, multiple-scene, and network crimes. Level: Intermediate

12.6 Critical Thinking Questions 1) How might an investigator properly collect and preserve digital evidence? Answer: (should include points such as): Photograph and diagram Remove power source Check for outside data connections Do not remove CDs Place tape over drive slots Record make, model, and serial numbers Label everything Record or log evidence Page Ref: 320-321 Objective: Explain and describe the best current practices for the collection, preservation, transportation, and storage of electronic evidence. Level: Intermediate 2) What are some exceptions to the hearsay rule in regards to digital evidence? Answer: (should include points such as): Using notes on witness stand Business records Presenting best evidence Page Ref: 330-332 Objective: Broadly outline procedures for preserving and collecting network trace evidence. Level: Intermediate

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 13 Digital Forensics 13.1 Multiple Choice Questions 1) What principle should guide the preparation of forensic analysis of storage devices? A) A clean or verified software tool should be used. B) Steps of analysis must be documented and reproducible. C) Analyst must be able to understand and explain the process of analysis. D) All of these. Answer: D Page Ref: 338-339 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Basic 2) Why should the analyst wipe the analysis drive? A) To prove to the court that there could not have been contamination from another drive B) To eliminate any intellectual property violations from retaining the suspect's information C) To extend the life of the hard drive D) To speed the hard disk's retrieval of information Answer: A Page Ref: 343 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 3) What two forces have guided the recent development of hard drives? A) Density and speed B) Mass and acceleration C) Rock and hard place D) New operating systems and the international standards organization Answer: A Page Ref: 350 Objective: Identify common storage media. Level: Intermediate

4) To perform forensic analysis of the data, it must be loaded onto a clean target drive or folder and: A) It should be authenticated to verify that it is a true copy of the original B) Backed to another hard drive than just using it C) Prevent altering the drive if we perform analyses on it D) Sign it out on the chain of custody every time we use it Answer: A Page Ref: 339 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Difficult 5) One of the characteristics of the FAT systems is that deleted files: A) Are gone forever B) Are not wiped from the drive C) Are marked as empty and the files are removed from the hard drive D) Cannot be restored without a laboratory Answer: B Page Ref: 353 Objective: Describe, in broad detail, how information is stored on hard drives. Level: Intermediate 6) Which is true of hashing? A) It is a unique mathematical calculation of digital data. B) No other naturally occurring file can have the same hash value. C) It is considered a fingerprint of a digital data set. D) All of these. Answer: D Page Ref: 340-341 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 7) A bit stream copy reproduces every bit of information found on the evidence device, even: A) Active files B) Latent files C) Unused storage space D) All of these Answer: C Page Ref: 342 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate

8) Best evidence requires original evidence but the Federal Rule of Evidence allows: A) Testimony of digital evidence B) Direct access media. C) Altered digital evidence to be presented D) An unaltered digital evidence to be presented as a copy Answer: D Page Ref: 342 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 9) When recovering evidence from slack space, from a bootable USB, the analyst opens a freeware utility called "Strings," which: A) Recovers any deleted files from the past 30 days B) Increases the file size C) Searches for text words embedded in a program D) Examines intact files Answer: C Page Ref: 355 Objective: Identify and explain hidden sources of information on a hard drive. Level: Intermediate 10) Which of the following is true regarding removable storage media? A) Sometimes an analyst will sometimes be confronted with a storage device that is not standard. B) Most modern drives have cross-compatibility and backward compatibility. C) An analyst must be able to correctly identify the equipment needed to acquire evidence from a seized storage device. D) All of these. Answer: D Page Ref: 350-351 Objective: Outline a basic universal procedure for examining removable storage media. Level: Difficult 11) A centrally managed network using ________ (acronym) will usually make the domain administrator the key recovery agent. A) EFS B) WAN C) LAN D) BTK Answer: A Page Ref: 354 Objective: Explain the basic logical structures of the hard drive and related storage devices. Level: Basic

12) The third step of the analysis protocol is to: A) Verify the mathematical contents of the evidence drive B) Create an exact image of the evidence drive C) Verify that the image of the evidence drive is a true copy of the evidence drive D) Wipe the bench drive to be used when analyzing the archival image Answer: C Page Ref: 344 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Basic 13) According to the National Institute of Justice, what is NOT a common form of evidence for child abuse or exploitation? A) Video and still photo cameras and media B) Digital camera software C) Notes or records of chat sessions D) Lists or records of computer intrusion software Answer: D Page Ref: 346 Objective: Suggest probable locations for particular types of digital evidence needed for various types of investigations. Level: Difficult 14) The ________ is the benchmark for speed and the organizing factor in nonvolatile storage. A) Cache B) Processor C) RAM D) Hard drive Answer: B Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Intermediate 15) The bulk of a system's active data is held in the: A) Cache B) Processor C) RAM D) Hard drive Answer: C Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Intermediate

16) The most important task in forensic operations for the examiner is: A) Making copies of everything B) Maintaining the continuity of evidence from the source to the final analysis product C) Establishing credentials D) Writing final reports Answer: B Page Ref: 338 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 17) A ________ is a unique numerical value calculated from the data in a digital file. A) Hash B) VIN C) Cache D) None of these Answer: A Page Ref: 340 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 18) ________ is the standard used to sanitize a hard drive that contained data less than top secret. A) Deletion B) DoD wipe C) Erasure wipe D) Simple wipe Answer: B Page Ref: 343 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 19) Forensically, the ________ holds little interest, as it is inaccessible to the user. A) RAM B) Processor C) Cache D) Hard drive Answer: C Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Intermediate

20) Which of the following may be found in the contents of the RAM? A) Passwords B) Recently accessed files C) Network settings D) All of these Answer: D Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Intermediate 13.2 True/False Questions 1) The steps of an analysis must be documented in a consistent and reproducible manner. Answer: TRUE Page Ref: 338-339 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Basic 2) Field acquisition is the preferred method among forensic experts. Answer: FALSE Page Ref: 339 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 3) Naturally occurring files can share hash values. Answer: FALSE Page Ref: 340-341 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 4) The most common source of latent files is deletion. Answer: TRUE Page Ref: 342 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 5) Over analysis is more dangerous than under analysis. Answer: FALSE Page Ref: 345 Objective: Suggest probable locations for particular types of digital evidence needed for various types of investigations. Level: Intermediate 6 Copyright © 2024 Pearson Education, Inc.

6) Experts can identify where information is physically found on the evidence drive. Answer: FALSE Page Ref: 348 Objective: Explain how the storage system works in the computer. Level: Difficult 7) The purpose of storage is to simply convey data to the processor. Answer: FALSE Page Ref: 349 Objective: Identify common storage media. Level: Intermediate 8) RAM is volatile storage. Answer: TRUE Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Basic 9) All cache systems are volatile. Answer: TRUE Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Intermediate 10) In direct access storage devices, the time required to access data is reduced, making retrieval faster. Answer: TRUE Page Ref: 350 Objective: Outline a basic universal procedure for examining removable storage media. Level: Intermediate 11) With FAT systems, deleted files are wiped from the drive. Answer: FALSE Page Ref: 353 Objective: Describe, in broad detail, how information is stored on hard drives. Level: Intermediate 12) NTFS has numerous advantages over the FAT system, especially in terms of security. Answer: TRUE Page Ref: 353 Objective: Describe, in broad detail, how information is stored on hard drives. Level: Intermediate

13) Training for mobile digital forensics is more refined than it is for stationary devices. Answer: FALSE Page Ref: 352 Objective: Identify common storage media. Level: Intermediate 14) Latent data are not available through the file system. Answer: TRUE Page Ref: 355 Objective: Identify and explain hidden sources of information on a hard drive. Level: Intermediate 15) When a disk is formatted for the first time, all of its clusters are open; there is no slack space between files. Answer: TRUE Page Ref: 354 Objective: Explain the basic logical structures of the hard drive and related storage devices. Level: Basic 13.3 Fill in the Blank Questions 1) The forensic analysis must have the ability to demonstrate the ________ between the seized drive and the final analysis. Answer: link Page Ref: 338 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Basic 2) Analysis creates leads and summaries, not ________. Answer: evidence Page Ref: 338 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 3) When planning a(n) ________, the investigator and forensic analyst may wish to look for everything that might be incriminating. Answer: analysis Page Ref: 345 Objective: Suggest probable locations for particular types of digital evidence needed for various types of investigations. Level: Intermediate

4) When a disk is ________, it is imprinted with the framework used to control how files are stored, structured, and associated. Answer: formatted Page Ref: 351 Objective: Describe, in broad detail, how information is stored on hard drives. Level: Intermediate 5) The ________ editor can be used to examine intact files or deleted and obscured data from the hard disk without interference from the file system. Answer: Hex Page Ref: 355 Objective: Identify and explain hidden sources of information on a hard drive. Level: Intermediate 6) Reformatted disks can contain ________ data, but it is not technically in slack space. Answer: latent Page Ref: 354 Objective: Explain the basic logical structures of the hard drive and related storage devices. Level: Basic 7) ________ storage is lost when a computer loses power. Answer: Volatile Page Ref: 348 Objective: Explain how the storage system works in the computer. Level: Intermediate 8) The ________ is the fastest part of the computer. Answer: Processor Page Ref: 349 Objective: Explain how the storage system works in the computer. Level: Intermediate 9) Most ________ drive still rely on physical motion. Answer: hard Page Ref: 350 Objective: Identify common storage media. Level: Intermediate 10) Direct access devices need a(n) ________ to locate information that may be scattered across the disk. Answer: index Page Ref: 350 Objective: Outline a basic universal procedure for examining removable storage media. Level: Intermediate

13.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Difficult to access without special software and impossible to access without altering the memory B) A unique numerical value calculated from the data in a digital file set C) Manage disk space without partitions and offer numerous advantages to administrators, but are not compatible with previous versions of NTFS or other operating systems (including DOS) D) The primary storage device of most computers and most still rely on physical motion E) They generate a report describing what evidence was identified, what elements of the crime it proposes to establish, how the evidence was identified, and how and why any summaries of the evidence were created F) Requires more time to fast-forward through unneeded data to find the data requested G) Can be used to examine intact files (active data) or deleted and obscured data (latent data) from the hard disk without interference from the file system H) Those files available to the user or created by the user I) The most important task of the examiner J) One of the primary advantages to its use is that it uses storage space more efficiently; this produces less wasted space between files 1) maintaining continuity of evidence Page Ref: 338 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 2) hash Page Ref: 340 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 3) active files Page Ref: 342 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Intermediate 4) forensic analyst Page Ref: 347 Objective: Suggest probable locations for particular types of digital evidence needed for various types of investigations. Level: Intermediate

5) volatile memory Page Ref: 348 Objective: Explain how the storage system works in the computer. Level: Intermediate 6) hard drive Page Ref: 350 Objective: Identify common storage media. Level: Intermediate 7) sequential access storage Page Ref: 350 Objective: Outline a basic universal procedure for examining removable storage media. Level: Intermediate 8) new technology file system (NTFS) Page Ref: 353 Objective: Describe, in broad detail, how information is stored on hard drives. Level: Intermediate 9) dynamic disks Page Ref: 354 Objective: Explain the basic logical structures of the hard drive and related storage devices. Level: Intermediate 10) hex editor Page Ref: 355 Objective: Identify and explain hidden sources of information on a hard drive. Level: Intermediate Answers: 1) I 2) B 3) H 4) E 5) A 6) D 7) F 8) J 9) C 10) G

13.5 Essay Questions 1) How is the process of digital evidence similar to the process of traditional crime scene evidence? Answer: (should include points such as): Both need to maintain the continuity of evidence Both need to demonstrate the link between the evidence and the crime Experts are often needed and used Best practices should be used, but there are exceptions Law enforcement, experts, and prosecutors all play roles in the investigation and conviction Page Ref: 338-347 Objective: Outline and explain the process used to preserve the verifiable integrity of digital evidence. Level: Difficult 2) Discuss the concepts of speed and density as it relates to storage in computers. Answer: (should include points such as): Storage density allows manufacturers to increase the storage capacity of hard drives. By packing more bits closer together, storage capacity has increased without the form factor (physical size) of the device increasing. More precision means less space must be wasted between tracks of data arranged in concentric rings on the disk. Speed is a constant goal of storage manufacturers. By increasing the speed of the hard drive, significant speed increases can be obtained for common tasks. The fastest part of the computer can only operate as quickly as the data and instructions can arrive. Computer architecture is designed to keep the most frequently used and most vital information in the fastest storage possible. Page Ref: 348 Objective: Explain how the storage system works in the computer. Level: Intermediate

3) What are some of the best sources of digital evidence for child abuse and exploitation, domestic violence, and gambling according to the National Institute of Justice? Answer: (should include points such as): Video and still photo cameras and media Digital camera software Internet activity records Notes or records of chat sessions Web cameras or microphones Mobile communication devices External data storage devices User names and accounts PDAs/Caller IDs Electronic money transfers Online banking software Betting statistics Page Ref: 346 Objective: Suggest probable locations for particular types of digital evidence needed for various types of investigations. Level: Intermediate 13.6 Critical Thinking Questions 1) Smartphones contain digital data and are often a key source of information for crimes. Find a criminal case in which a smartphone was a critical component in obtaining a conviction. Write a summary of the case and focus on how the digital forensics from the phone was utilized in the case. Answer: Answers will vary. Box 13.7 may provide some material for the answer. Page Ref: 352 Objective: Explain the basic logical structures of the hard drive and related storage devices. Level: Intermediate 2) Describe Brothers' steps for forensic analysis of mobile devices. Answer: (should include points such as): Manual extraction Logical extraction Physical analysis (hex dump) Physical analysis (chip-off) Physical analysis (micro read) Page Ref: 352 Objective: Identify common storage media. Level: Intermediate

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 14 Information Security and Infrastructure Protection 14.1 Multiple Choice Questions 1) Which of the following was NOT a limitation in risk analysis for early computing? A) Storage and processing speed B) Rudimentary networking C) Lack of operating memory D) All were limitations to risk analysis for early computing Answer: D Page Ref: 363 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate 2) Which of the following is NOT a characteristic of intruders during the first era of computer security? A) The intruders were usually insiders. B) Most intruders engaged in recreational intrusion. C) Only a few people had access and the appropriate skills to intrude into computer systems. D) Intruders sought knowledge and resources to continue their use of computers. Answer: B Page Ref: 363 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate 3) Unless a computer system holds a particular interest, the most likely threat comes from: A) Black hat hackers B) White hat hackers C) Script kiddies D) None of these Answer: C Page Ref: 364 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate

4) Which of the following basic steps in risk analysis should be performed first? A) Assessment and evaluation B) Identify threats C) Determine cost-effective strategy D) Implement firewalls Answer: A Page Ref: 365 Objective: Discuss the major principles of risk analysis. Level: Intermediate 5) Which of the following is based on the formalized internal analysis and calculation of the potential impact of threats multiplied by the likelihood that those threats will occur? A) Assessing backup potential B) Risk management C) Determining a cost-effective strategy D) Implementing firewalls Answer: B Page Ref: 366 Objective: Discuss the major principles of risk analysis. Level: Intermediate 6) Which of the following basic steps in risk analysis should be performed last? A) Assessment and evaluation B) Identify threats C) Determine cost-effective strategy D) Implement firewalls Answer: C Page Ref: 368 Objective: Discuss the major principles of risk analysis. Level: Intermediate 7) Which of the following would be considered part of a formal risk analysis? A) Terrorism threats B) Sabotage C) Natural disasters D) All of these Answer: D Page Ref: 367 Objective: Discuss the major principles of risk analysis. Level: Intermediate

8) Threats to ________ are threats that actually alter data. A) Authenticity B) Confidentiality C) Integrity D) Security Answer: C Page Ref: 367 Objective: Discuss the major principles of risk analysis. Level: Intermediate 9) What is NOT a category of threats to information systems? A) Authenticity B) Confidentiality C) Integrity D) Security Answer: D Page Ref: 367 Objective: Discuss the major principles of risk analysis. Level: Intermediate 10) ________ is/are the most important security measure a company or individual can take. A) Risk analysis B) Backups C) Passwords D) Encryption Answer: B Page Ref: 368 Objective: Identify and define the primary security technologies used to protect information. Level: Intermediate 11) Which of the following is NOT a method to security wireless networks? A) HTTPS B) MAC C) WPA D) None of these Answer: A Page Ref: 369 Objective: Identify and define the primary security technologies used to protect information. Level: Basic

12) This is a device or software that acts as a checkpoint between a network or standalone computer and the Internet. A) Backup B) Firewall C) Encryption D) Password Answer: B Page Ref: 369 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Basic 13) ________ allows a firewall to block traffic from a known bad location. A) Perimeter firewall B) Host-based firewall C) Packet filtering D) Stateful inspection Answer: C Page Ref: 371 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Intermediate 14) ________ is an evolution in IT technology sometimes referred to as the "next generation of firewall technology." A) Packet filtering B) Perimeter firewall C) Stateful inspection D) Deep packet inspection Answer: D Page Ref: 371 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Basic 15) What is a technique of securing data by scrambling the data into apparent nonsense but doing so in such a way that the message can be recovered by a person possessing a secret code called a key? A) Backups B) Firewalls C) Encryption D) Passwords Answer: C Page Ref: 372 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Basic

16) Which classic element of computer security is generally not required for an encryption scheme? A) Authenticity B) Integrity C) Confidentiality D) Availability Answer: D Page Ref: 372-373 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 17) This type of security technology can involve biometrics. A) Backups B) Firewalls C) Encryption D) Passwords Answer: D Page Ref: 375 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 18) The single greatest problem in computer security is: A) Hacking B) Password protection C) Antivirus updates D) Lack of firewalls Answer: B Page Ref: 375 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 19) The most popular password generator is: A) RSA SecurID B) Kerberos C) Symantec D) Cygnus Network Security Answer: A Page Ref: 376 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Difficult

20) Which of the following is a form of new technology of user identification? A) Digital fingerprint identification B) Retinal identification C) Voice recognition D) All of these Answer: D Page Ref: 377 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Intermediate 14.2 True/False Questions 1) Most security threats come from inside an organization. Answer: TRUE Page Ref: 366 Objective: Discuss the major principles of risk analysis. Level: Basic 2) During the first era of computer security, the primary problem was the technology itself. Answer: TRUE Page Ref: 363 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Basic 3) During the first era of computer security, more harm was caused from intrusion or malicious intent than from failure to properly maintain systems and backup schedules. Answer: FALSE Page Ref: 363 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate 4) Online banking and shopping sites have created more attractive targets for criminals to engage in identity theft, fraud, and espionage. Answer: TRUE Page Ref: 364 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Basic 5) Risk analysis reports are typically short, with few recommendations. Answer: FALSE Page Ref: 365 Objective: Discuss the major principles of risk analysis. Level: Basic 6 Copyright © 2024 Pearson Education, Inc.

6) Risk analysis plans are static. Once developed, they do not change. Answer: FALSE Page Ref: 366 Objective: Discuss the major principles of risk analysis. Level: Basic 7) Formal risk analysis only focuses on internal threats. Answer: FALSE Page Ref: 365 Objective: Discuss the major principles of risk analysis. Level: Intermediate 8) Threats to integrity are limited to malicious actions. Answer: FALSE Page Ref: 367 Objective: Discuss the major principles of risk analysis. Level: Intermediate 9) The primary purpose of risk analysis is to identify threats and then to provide recommendations on these threats. Answer: TRUE Page Ref: 368 Objective: Identify and define the primary security technologies used to protect information. Level: Basic 10) Wireless networks can allow individuals inside a network boundary if they are not secured. Answer: TRUE Page Ref: 369 Objective: Identify and define the primary security technologies used to protect information. Level: Intermediate 11) In the past, firewalls were not widely used. Answer: TRUE Page Ref: 369 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Basic 12) An air-gapped machine is only 95% immune to network attacks. Answer: FALSE Page Ref: 372 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Basic

13) The most essential feature of encryption is that scrambled data can be returned to a useful form by the data's intended user and cannot easily be returned to a useful form by others. Answer: TRUE Page Ref: 373 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 14) Biometrics provide absolute security. Answer: FALSE Page Ref: 377 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Intermediate 15) Many computers and individuals can be victimized despite the presence and use of antivirus and other protective programs. Answer: TRUE Page Ref: 379 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Basic 14.3 Fill in the Blank Questions 1) ________ analysis involves projecting the most probable outcome and allocating available resources to address that outcome. Answer: Risk Page Ref: 362 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Basic 2) During the first era of computer security, the net effect of limitations was the absence of ________. Answer: Security Page Ref: 363 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Basic 3) ________ is the justified ability to trust the integrity of data. Answer: Authenticity Page Ref: 367 Objective: Discuss the major principles of risk analysis. Level: Basic 8 Copyright © 2024 Pearson Education, Inc.

4) ________ acknowledges that some information is more valuable if it is not publicly available. Answer: Confidentiality Page Ref: 368 Objective: Discuss the major principles of risk analysis. Level: Basic 5) A ________ is a copy of data. Answer: backup Page Ref: 368 Objective: Identify and define the primary security technologies used to protect information. Level: Basic 6) One of the most basic functions of a ________ is to block certain traffic that may be harmful. Answer: firewall Page Ref: 371 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Intermediate 7) ________ servers are servers that require public access and are placed outside a firewall to minimize penetration from the outside. Answer: Bastion Page Ref: 370 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Intermediate 8) Bruce Schneier defines ________ as the "art and science of securing messages." Answer: cryptology Page Ref: 372 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Basic 9) ________ produces a unique signature of the original data-like a fingerprint. Answer: Hashing Page Ref: 373 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 10) ________ is a program developed at MIT by the Athena Project and is a leading network and data encryption system. Answer: Kerberos Page Ref: 377 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Basic 9 Copyright © 2024 Pearson Education, Inc.

14.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Its advent in 1975 marked the beginning of the democratization of computing and also marked the movement of hacking from the old-school era to the bedroom-hacker era B) Program developed at MIT by the Athena Project and is a leading network and data encryption system C) Involves anticipating the most probable threats, calculating the likely impact of those threats, and identifying appropriate mitigating controls and resources to reduce the likelihood and/or impact of those threats D) The first step of risk analysis E) Allows a firewall to block traffic from a known bad location F) Require public access and are placed outside the firewall to minimize internal network penetration from the outside; have their own security measures G) The ability to trust the integrity of data; in broad terms is the justified ability to trust H) A copy of data I) The ultimate in firewall network protection; the machine is not on the network J) The single greatest problem in computer security, both procedurally, and the user's diligence 1) risk analysis Page Ref: 362 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate 2) personal computer (PC) Page Ref: 363 Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate 3) assessment and evaluation Page Ref: 365 Objective: Discuss the major principles of risk analysis. Level: Intermediate 4) authenticity Page Ref: 367 Objective: Discuss the major principles of risk analysis. Level: Intermediate 5) backup Page Ref: 368 Objective: Identify and define the primary security technologies used to protect information. Level: Intermediate 10 Copyright © 2024 Pearson Education, Inc.

6) bastion servers Page Ref: 370 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Intermediate 7) packet filtering Page Ref: 371 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Intermediate 8) air gaps Page Ref: 372 Objective: Discuss the various functions of firewalls, and identify their limitations. Level: Intermediate 9) password discipline Page Ref: 375 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 10) Kerberos Page Ref: 377 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Intermediate Answers: 1) I 2) A 3) D 4) G 5) H 6) F 7) E 8) J 9) C 10) B

14.5 Essay Questions 1) What is the purpose of a risk analysis and what are the parameters of the report? Answer: (should include points such as): Project the most probable outcome Allocating available resources to address that outcome Can't interfere with the mission of the computer system Compromise, can't overwhelm the organization Can't address or foresee every vulnerability Prioritize so as not to create a 1,000 page document Provide remedies Page Ref: 362, 365-368 Objective: Discuss the major principles of risk analysis. Level: Intermediate 2) Explain how hashing and use of a key are involved with encryption. Answer: (should include points such as): Hashing produces a unique signature of the original data-like a fingerprint. At the other end of the transmission, a new hash is calculated by the recipient of the data and compared to the sender's hash. If they match, the data have not been altered. A public key/private key system allows a user to authenticate data by matching a key-the only way to decode the data-with a well-known and publicly available key. This form of security is only as good as the secrecy of the key, but it offers a way to authenticate without being physically present. Page Ref: 372-375 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate 3) Discuss some key techniques involved in making strong passwords. Answer: (should include points such as): Using software programs that create passwords Onetime password generators User authentication systems Changing passwords on a regular basis Automated random pronounceable passwords Prohibiting the use of information that relates to the password creator Incorporating numbers, letters, and symbols into their passwords Page Ref: 375 Objective: Define encryption, and discuss its use in terms of authenticity, integrity, and confidentiality. Level: Intermediate

14.6 Critical Thinking Questions 1) Choose either Symantec, Kerberos, and SecurID and complete some outside research. Write a brief summary of the findings. Answer: Answers will vary. Page Ref: 376-377 Objective: Identify and explain some of the security vendor technologies used today to secure information. Level: Difficult 2) There have been many large corporate cyberattacks that have made the news. Pick one of the examples and write a summary. What could have been different to prevent the attack or what action did the company take in response to the attack? Answer: Answers will vary. Page Ref: n/a Objective: Understand the concept of risk as applied to information security and infrastructure protection. Level: Intermediate

Cyber Crime and Cyber Terrorism, 5e (Taylor / Fritsch / Liederbach / Saylor / Tafoya) Chapter 15 Cyber Crime and Terrorism: A Forecast of Trends and Policy Implications 15.1 Multiple Choice Questions 1) Which of the following is true? A) The number of reported cyber crimes is decreasing. B) Cyber crime is not currently a large problem. C) The number of reported cyber crimes is likely to increase substantially. D) There is a centralized record-keeping source monitoring all of the trends in cyber crime. Answer: C Page Ref: 390 Objective: Describe the impact that cyber crimes and cyber terrorism are likely to have in the future. Level: Intermediate 2) The largest computer crime problem affecting local law enforcement with the largest number of victims is: A) Software piracy B) Internet fraud C) Theft of service via computer D) Corporate espionage Answer: B Page Ref: 395 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Basic 3) Virtual crimes against persons such as stalking and harassment are facilitated by: A) The willingness of offenders for direct, in-person confrontation B) The lack of attention being paid to these crimes by law enforcement C) The ability to wipe hard drives D) The anonymity and distance offered by the Internet Answer: D Page Ref: 398 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate

4) The facets of the hacker culture are likely to: A) Increase the odds that some groups will become organized criminal enterprises B) Decrease the odds that some groups will become organized criminal enterprises C) Have little effect on their ability to become organized criminal enterprises D) Increase the chances that they will be caught Answer: A Page Ref: 399 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 5) Which of the following statements is true regarding current organized crime groups? A) They do not, and probably will not use computers to facilitate their crimes. B) They will likely only be involved in stealing and reselling technology. C) The entrepreneurial groups will increasingly adopt technology as a criminal instrument. D) The current groups will use computers only to keep criminal records. Answer: C Page Ref: 400 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate 6) Terrorist groups will likely use computers and networks for all of the following except: A) Direct attacks on the information infrastructure B) Intricate record keeping C) Communication and coordination of subgroups and terrorist cells D) Attacks on financial institutions to create fear Answer: B Page Ref: 404 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Difficult 7) In the future, terrorists will likely use all of the following tactics, except: A) EMP B) HERF C) Malicious software and broad virus attacks D) Attacking personal computers to instill fear Answer: D Page Ref: 407-408 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Difficult

8) A U.S. Department of Defense study on emerging threats to national security observed that the field of battle is increasingly moving toward: A) Religious issues B) Economic issues C) Territorial issues D) All of these Answer: B Page Ref: 406 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Difficult 9) Which forecast states that the largest computer crime problem affecting local law enforcement and representing the largest number of victims and he largest monetary loss will be Internet fraud, including fraud via identity theft/fraud? A) Forecast 1 B) Forecast 2 C) Forecast 3 D) Forecast 5 Answer: B Page Ref: 395 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate 10) Another trend in the direction of Forecast 1 is the use of "________" analytics by local police agencies, which involves the collection and analysis of large data sets to identify information that would be otherwise impossible to discern. A) Economic data B) Big data C) Risk analysis D) Victimization Answer: B Page Ref: 393 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Basic

11) The growth in capacity, speed, and ease of computerization and networking will also contribute to the speed of ________ by offenders. A) Exploitation B) Firewalls C) Risk management D) Controls Answer: A Page Ref: 391 Objective: Identify emerging cyber threat or digital threat trends. Level: Intermediate 12) The greatest number of Internet users are in: A) South America, Asia, and Europe B) South America, Asia, and North America C) North America, Asia, and Europe D) Australia, North America, and Europe Answer: C Page Ref: 399 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 13) Which of the following is MOST true? A) The Middle East has not experienced significant growth in the number of Internet connections. B) Hackers are only as dangerous as the programs they create on their own. C) The globalization of hacking will become a significant threat to networks around the world. D) Hackers do not share techniques. Answer: C Page Ref: 399 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Difficult 14) Which of the following is LEAST true? A) Children are experiencing greater levels of online harassment. B) There is an increasing loss of privacy occurring through online sources. C) There is likely to be an increase in "virtual workplace violence." D) Virtual crimes against persons always result in physical harm. Answer: D Page Ref: 397 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Difficult

15) Which of the following is a characteristic of the black market? A) Market driven B) Distribution network C) Has a payroll D) All of these Answer: D Page Ref: 401 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 16) The most effective tool for dealing with Internet fraud is: A) Proper training B) Prevention C) Harsh punishments D) All of these Answer: B Page Ref: 396-397 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 17) Experts believe that computer hackers in developing countries will be increasingly motivated by: A) Money B) Religion C) Politics D) All of these Answer: D Page Ref: 399 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Basic 18) Which of the following is NOT a form of telecommunications fraud? A) Phone phreaking B) Theft of telephone credit card numbers C) Hacking into telecommunications "switches" D) Wireless phone theft and fraud Answer: A Page Ref: 403-404 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate

19) Which of the following is NOT a critical infrastructure component? A) Information and communications B) Public health services C) Transportation D) Food supply Answer: D Page Ref: 404 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Basic 20) The character of espionage is expected to broaden into the arena of: A) Information warfare B) Economic espionage C) Theft of intellectual property D) All of these Answer: D Page Ref: 406 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate 15.2 True/False Questions 1) The number of police agencies with high tech or computer crime units has increased significantly over the last few years. Answer: TRUE Page Ref: 392 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Basic 2) The growth in capacity, speed, and ease of computerization and networking will also lessen the speed and ability of offenders to engage in extortion. Answer: FALSE Page Ref: 391 Objective: Identify emerging cyber threat or digital threat trends. Level: Intermediate 3) Law enforcement is currently well trained in issues of cyber crime and investigation. Answer: FALSE Page Ref: 392 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Basic

4) Some hacker groups are predicted to evolve into organized, criminal enterprises. Answer: TRUE Page Ref: 399 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Basic 5) The most recent advances in technology and even artificial intelligence have not increased our collective degree of accuracy in predicting the future. Answer: TRUE Page Ref: 390 Objective: Describe the impact that cyber crimes and cyber terrorism are likely to have in the future. Level: Basic 6) The model used to investigate and forensically analyze evidence for physical crimes should also be used for virtual crimes. Answer: TRUE Page Ref: 394 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Basic 7) Credit card fraud is the most commonly attempted crime associated with identity theft. Answer: TRUE Page Ref: 395 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 8) Research has shown that children are not increasingly engaging in harassing behaviors online. Answer: FALSE Page Ref: 398 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 9) Virtual workplace violence is not expected to increase in the future. Answer: FALSE Page Ref: 398 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Basic

10) There is evidence of hacker groups in emerging nations forming and connecting with others in developed nations. Answer: TRUE Page Ref: 399 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Basic 11) There is evidence that hacker groups from Muslim majority nations are hacking to facilitate a religious or political agenda. Answer: TRUE Page Ref: 399 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Intermediate 12) Organized crime groups do not keep computerized records in a manner similar to businesses. Answer: FALSE Page Ref: 400 Objective: Describe the impact that cyber crimes and cyber terrorism are likely to have in the future. Level: Intermediate 13) Black markets operate much like any business. Answer: TRUE Page Ref: 401 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Basic 14) Intellectual property has merit because it is a valuable commodity. Answer: TRUE Page Ref: 403 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 15) The threat to national security is significantly increased as we move to digital economies. Answer: TRUE Page Ref: 406 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Basic

15.3 Fill in the Blank Questions 1) ________ (acronym) is a reporting system that collects data on criminal incidents from local law enforcement agencies, including whether a computer was used as an object of the crime. Answer: NIBRS Page Ref: 393 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Intermediate 2) Organized crime groups are ________ and exist to make a profit. Answer: entrepreneurial Page Ref: 400 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate 3) At one point the U.S. $________ bill was the most frequently counterfeited currency in the world. Answer: 100 Page Ref: 400 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Basic 4) The theft of telephone credit card numbers is a form of ________ fraud. Answer: telecommunications Page Ref: 403 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 5) The essence of ________ security is to maintain the homeostasis of a country's sovereign principles and socioeconomic health. Answer: national Page Ref: 406 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Intermediate 6) One technological trend that has increased cyber crime and cyber terrorism is the increased availability of wireless ________ and multifunction devices that have increased storage and networking capacity. Answer: micro-integrated Page Ref: 390 Objective: Identify emerging cyber threat or digital threat trends. Level: Intermediate 9 Copyright © 2024 Pearson Education, Inc.

7) The phenomenon known as ________ (acronym) was discovered in the 1940s during the testing of nuclear weapons. Answer: EMP Page Ref: 407 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Basic 8) The jobs of future leaders within the field of criminal justice will most certainly be increasingly dominated by the problems of cyber crime and ________. Answer: cyber terrorism Page Ref: 389 Objective: Describe the impact that cyber crimes and cyber terrorism are likely to have in the future. Level: Intermediate 9) Identity theft crimes cost Americans $________ billion in 2021, according to the National Council on Identity Theft Protection. Answer: 5.8 Page Ref: 395 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 10) ________ crimes against persons involve the use of networking and a manifestation of social-psychological dynamics. Answer: Virtual Page Ref: 397 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate

15.4 Matching Questions Match the term in Column 1 to the appropriate statement/definition in Column 2. A) Involves the collection and analysis of large data sets to identify information that would be otherwise impossible to discern, including hidden patterns and correlations to enable police agencies to more effectively respond to crimes B) Term is intentional in that it refers to events that the authors believe are most likely to occur C) Stolen bank and credit account numbers that can be obtained online through a mass compromise, data breach, or phishing attack; can also be acquired in the real world through the use of electronic devices that capture the data obtained on a credit card's magnetic strip D) The ongoing evolution on laws regulating cyber crime and cyber terrorism E) Collects data from local law enforcement agencies on each incident reported to police, including persons involved, property taken, weapons and tools used, and other information, which are then aggregated to provide general trend data F) Computer crime will significantly impact the police and courts. G) Do not involve malware, are not computer viruses or worms, and generally involve repeated contacts or events from the point of view of the victim H) Components include the continuity of government services; information and communications; banking and finance; electrical power, oil, and gas production/storage; water supply; public health services; emergency services; and transportation I) The heart of a digital telecommunications system and can include a company's internal phone system, its wireless network, voicemail, email, and internal data network J) One type of telecommunications fraud for the purpose of routing calls and changing billing numbers 1) source of uncertainty Page Ref: 390 Objective: Describe the impact that cyber crimes and cyber terrorism are likely to have in the future. Level: Intermediate 2) forecasts Page Ref: 391 Objective: Identify emerging cyber threat or digital threat trends. Level: Intermediate 3) Forecast 1 Page Ref: 391 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate

4) National Incident-Based Reporting System (NIBRS) Page Ref: 393 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Intermediate 5) "big data" analytics Page Ref: 393 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Intermediate 6) type II crimes Page Ref: 397 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 7) dumps Page Ref: 401 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 8) hacking into telecommunications "switches" Page Ref: 403 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 9) private automatic branch exchanges (PABX) Page Ref: 404 Objective: Discuss the areas of computer crime victimization that are growing in prevalence, magnitude, and frequency of occurrence. Level: Intermediate 10) critical infrastructure Page Ref: 404 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Intermediate Answers: 1) D 2) B 3) F 4) E 5) A 6) G 7) C 8) J 9) I 10) H

15.5 Essay Questions 1) What is compromising electronic emanations as it relates to cyber crime? Answer: (should include points such as): CEE permits the surreptitious capture of electromagnetic signals emanating from computers. By capturing these emanations, whatever was displayed on the target computer can also be read on the equipment of the CEE user. Beyond gathering confidential information—such as intellectual property—information could be the basis for corruption, and could be used to blackmail, to undermine investigations, and to identify confidential informants or undercover personnel. The CEE threat is not sufficiently severe to warrant widespread adoption of these defenses. Page Ref: 408-410 Objective: Describe the impact that cyber crimes and cyber terrorism are likely to have in the future. Level: Intermediate 2) How does Hadoop fit into "big data"? Answer: (should include points such as): Big data will become faster and more approachable. Hadoop is an analytic software. Analyzing the data is greatly needed. National security classification and intellectual property need to be clarified. Law enforcement needs to be ahead of the criminals and private sector in collecting and analyzing data. Page Ref: 393-394 Objective: Identify the future trends and issues the criminal justice system will have to contend with regarding cyber crime and cyber terrorism. Level: Intermediate 3) What are the reasons why cyber victimization is likely to increase in the future? Answer: (should include points such as): Growth of personal computing Significant expansion of networking Start of hybrid crimes Page Ref: 397-398 Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate

15.6 Critical Thinking Questions 1) Pick one of the eight general forecasts and complete some additional research on that topic. Write a summary of the findings. Answer: Answers will vary. Page Ref: n/a Objective: Identify and understand the eight general forecasts that experts believe are likely to occur in the area of computer crime. Level: Intermediate 2) How can local law enforcement agencies contribute to policy makers and administrators? Answer: (should include points such as): They can provide them with information. They can track and record data. They can use innovative technology. They can document how hardware and software enhancements are used by police agencies. Page Ref: 409 Objective: Understand what response the criminal justice system and other governmental agencies should adopt to deal with future issues in cyber crime and cyber terrorism. Level: Difficult