Which of the following computer crime is MORE often associated with INSIDERS?

A.
IP spoofing

B.
Password sniffing

C.
Data diddling

D.
Denial of service (DoS)

Explanation:
Data diddling refers to the alteration of existing data. Many times, this modification happens before the data is
entered into an application or as soon as it completes processing and is outputted from an application. For
instance, if a loan processor is entering information for a customer’s loan of $100,000, but instead enters
$150,000 and then moves the extra approved money somewhere else, this would be a case of data diddling.
Another example is if a cashier enters an amount of $40 into the cash register, but really charges the customer
$60 and keeps the extra $20.
This type of crime is extremely common and can be prevented by using appropriate access controls and proper
segregation of duties. It will more likely be perpetrated by insiders, who have access to data before it is
processed.
Incorrect Answers:
A: IP Spoofing attacks are more commonly performed by outsiders.
B: Password sniffing can be performed by insiders or outsiders. However, Data Diddling is MORE commonly
performed by insiders.
D: Most Denial of service attacks occur over the internet and are performed by outsiders.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 1059