CERTIFIED FORENSIC FRAUD EXAMINER (CFFE) MODULE ONE
FRAUD AND CORRUPTION SCHEMES
MONDAY: 22 April 2024. Afternoon Paper. Time Allowed: 3 hours.
Answer ALL questions indicating the letter (A, B, C or D) that represents the correct answer. This paper is made up of one hundred (100) Multiple Choice Questions. Each question is allocated one (1) mark.
1. Crescent Ltd has established a task force to develop a programme for safeguarding proprietary information (SPI). Which one of the following steps should the task force take first?
A. Encrypt all sensitive data
B. Shred sensitive documents
C. Determine what information should be protected
D. Develop an employee awareness programme (1 mark)
2. Which one of the following terms BEST describes the virus that loads itself onto the target system’s memory, infects other files and then unloads itself?
A. Network virus
B. Direct-action virus
C. Boot sector virus
D. Resident virus (1 mark)
3. The following are red flags of health care provider fraud, EXCEPT .
A. Unusually high revenue turnover compared to similar businesses
B. Unusually few number of claims for reimbursement
C. Pressure for processing of bills or claims
D. Altered medical and claims records (1 mark)
4. The statement of changes in owners’ equity acts as a link between which two financial statements?
A. Balance sheet and statement of retained earnings
B. Income statement and statement of cash flows
C. Statement of cash flows and balance sheet
D. Income statement and balance sheet (1 mark)
5. Which one of the following is an example of an off-book fraud?
A. Personal purchases billing scheme
B. Billing schemes
C. Ghost employee schemes
D. Cash theft (1 mark)
6. Which one of the following financial statement fraud schemes does not describe improper asset valuation scheme?
A. Writing off obsolete inventory
B. Recording fictitious assets
C. Overstated accounts receivable
D. Capitalising expenses (1 mark)
7. Which one of the following financial fraud schemes involves improper recognition of revenue such as recording revenue that has not been earned?
A. Overstated revenue
B. Fictitious revenue
C. Timing differences
D. Improper disclosures (1 mark)
8. Which one of the following strategies is NOT a method used to make corrupt payments?
A. Gifts, travel and entertainment
B. Payment toward credit card debt
C. Checks and other financial instruments
D. A loan plus interest payable the procuring entity employee (1 mark)
9. Which one of the following terminologies refers to the illegal means of acquiring information of another company for business purpose?
A. Corporate espionage
B. Competitive intelligence
C. Technical surveillance
D. Business espionage (1 mark)
10. Which one of the following statements is NOT an example of a corruption scheme?
A. Head of credit promises to approve a contractor’s loan application in exchange for expensive renovations in their home
B. A procurement manager refuses to award contracts to vendors unless they agree to do business with the company where the manager is a partner
C. An accountant approves fraudulent invoices and issues payments and later shares proceeds with the payees
D. A contractor pays for an expensive holiday for government purchasing agent as a gratitude for awarding the contractor an award (1 mark)
11. Melisa, an employee of ABC company falls down while at work. She is unharmed but pretends to suffer an injury from the fall. She files a claim against the company’s workers’ compensation insurance policy and collects payments from the insurance company. She also absconds duty for two months.
Which one of the following BEST describes Melisa’s scheme?
A. Claimant fraud
B. Organised fraud
C. Premium fraud
D. Insurance fraud (1 mark)
12. Which one of the following statements is NOT correct in regard to the methods typically used for paying kickbacks?
A. Payers often make kickback payments offering recipients loans on very favourable terms
B. Payers often make kickback payments paying off the recipient’s credit card debt
C. Payers often make kickback payments selling a prime property to recipients at market value
D. All of the above (1 mark)
13. Which one of the following types of procurement fraud schemes involves procurement employees convincing their employer to procure excessive or unnecessary products or services?
A. Asset misappropriation schemes
B. Bid rigging
C. Need recognition schemes
D. Bid specification schemes (1 mark)
14. Which one of the following statements is NOT an appropriate method of identity theft prevention for businesses?
A. Limiting employees from accessing personal information of customers
B. Restricting the use of laptops to those employees who need them to do their jobs
C. Conducting background checks on prospective employees
D. Performing information handling audits for compliance purposes only (1 mark)
15. ABC Company does a substantial amount of business with another entity whose operating policies can be controlled ABC Company’s management, but it does not disclose this situation on its financial statements.
Which one of the following phrases BEST describes the ABC Company financial statement fraud?
A. Related-party transaction
B. Significant event
C. Improper disclosure of important information
D. Change of accounting policies (1 mark)
16. Which one of the following terminologies BEST refers to a technical security control that involves application controls implemented to prevent data from being accessed, stolen, modified or deleted unauthorised users?
A. Multifactor authentication
B. Network security
C. Application security
D. Data classification (1 mark)
17. Which one of the following terminologies BEST refers to data classification policy?
A. Technical security control
B. Application security control
C. Administrative security control
D. Physical security control (1 mark)
18. Which one of the following options is NOT a type of an effective administrative security control?
A. Data classifications
B. Computer security risk assessment
C. Computer security investigations
D. Incident response plans (1 mark)
19. Which one of the following financial statement fraud schemes involves recording expenses in the wrong period?
A. Overstating expenses
B. Timing differences
C. Improper disclosures
D. Concealed expenses (1 mark)
20. A fraud scheme in which an accountant fails to write off obsolete inventory has which one of the following effects on the company’s current ratio?
A. The current ratio will be inflated
B. The current ratio will not be affected
C. The current ratio will be artificially deflated
D. All the above (1 mark)
21. Which one of the following statements is the purpose of draw requests in construction lending?
A. Documentation that all architectural and engineering designs and quotes have been completed
B. Documentation that the design is approved architects
C. Documentation of costs incurred to facilitate reimbursement
D. Documentation to seek additional funding from the bank (1 mark)
22. Which one of the following methods is NOT a common method for concealing liabilities and expenses on a company’s financial statements?
A. Capitalising expenses
B. Omitting liabilities/expenses
C. Recording fictitious expenses and liabilities
D. Failure to disclose warranty costs and product-return liabilities (1 mark)
23. Which one of the following statements is NOT a type of accounting changes that must be disclosed in an organisation’s financial statements?
A. Changes in accounting principles
B. Changes in reporting entities
C. Changes in estimates
D. Related party transactions (1 mark)
24. Which one of the following statements is NOT a recommended method for prevention of electronic payments fraud?
A. Applying ACH blocks and filters
B. Having separate bank accounts for paper checks and electronic payments
C. Positive pay for ACH transactions
D. Having one bank account for checks and electronic payments (1 mark)
25. Which one of the following items are presented as the first line item on the statement of profit or loss?
A. Net sales
B. Sales
C. Operating expenses
D. Cash at bank (1 mark)
26. Debora, a Certified Fraud Examiner (CFE), was hired to serve as an expert witness in an alleged financial statement fraud. As part of her expert testimony, Debora explained how, under International Financial Reporting Standards (IFRS), management must make every effort to ensure that the company’s financial statements are complete, neutral and free from error.
Which one of the following concepts did Debora explain?
A. Faithful representation
B. Going concern
C. Comparability
D. Consistency (1 mark)
27. Which one of the following options is NOT a method that dishonest contractors collude to beat the competitive bidding process?
A. Submit token bids
B. Rotate bids
C. Submit bids that are competitive in price
D. Suppress bids (1 mark)
28. Which one of the following is a means of measuring the relationship between any two different financial statement amounts?
A. Statement comparison
B. Relational comparison
C. Transaction detail analysis
D. Ratio analysis (1 mark)
29. If a fraudster uses the Chief Executive Officer’s corporate email to impersonate him and then asks an accountant to make a wire transfer, which one of the following terms BEST describes this method of social engineering scheme?
A. Pharming
B. Spear phishing
C. Business email compromise
D. All the above (1 mark)
30. Which one of the following statements is an indicator of a bid splitting scheme?
A. Sequential purchases under the competitive bidding limits that are followed change orders
B. Use of sole-source procurement contracts
C. Low employee turnover in an organisation’s procurement department
D. Two or more purchases from the same supplier in amounts just above competitive bidding limits (1 mark)
31. Which one of the following statements is NOT a method that dishonest contractors collude to evade the competitive bidding process?
A. Dividing the market among themselves
B. Alternate business among themselves on a rotational basis
C. Refrain from submitting bids
D. Competent bidders agree that each bidder to submit very competitive bids (1 mark)
32. The following are examples of fraud schemes perpetrated health care institutions and their employees,
EXCEPT .
A. Up-coding of services
B. Improper contractual relationships
C. Billing for experimental procedures
D. Unintentional misrepresentation of the diagnosis (1 mark)
33. Which one of the following actions is a common way a procuring employee might engage in a bid manipulation scheme?
A. Leaking of bids information
B. Extending bid opening dates with justification
C. Opening bids on the scheduled dates
D. Specification of narrow bids (1 mark)
34. Which one of the following statements is the MOST accurate description of logical access?
A. The process which users are allowed to access and use physical objects
B. The process which computer systems’ contents are encrypted
C. The process which users can bypass application security over the software and libraries
D. The process which users are allowed to use computer systems and networks (1 mark)
35. Which one of the following statements is NOT accurate in regard to steps of risk assessment related to computers and computer systems?
A. Identifying the risks and threats of each asset and calculating the probability of each risk materialising, is the third step of a risk assessment
B. Determining the value of each asset of a risk assessment related to computers and computer systems is the second step
C. Recommending the counter-measures and other remedial activities is the fifth step of a risk assessment related to computers and computer systems
D. Identifying the risks and threats of each asset and calculating the probability of each risk materialising is the first step of a risk assessment (1 mark)
36. Which one of the following statements is NOT accurate in relation to bank reconciliation statements?
A. Bank reconciliation statements can help to detect cash embezzlement
B. Bank reconciliation statements can help to detect skimming of cash
C. A manipulated bank reconciliation is a red flag of asset misappropriation
D. Bank reconciliation statements cannot help to detect fraudulent disbursements (1 mark)
37. Which one of the following statements would be affected capitalisation of expenditure?
A. Statement of profit and loss and statement of financial position
B. Statement of profit and loss
C. Statement of financial position
D. Statement of profit and loss and statement of cash flow (1 mark)
38. Which one of the following is NOT a method that a fraudster can use to conceal theft of inventory?
A. Writing off stolen inventory as scrap
B. Increasing the perpetual inventory balance
C. Adjusting the perpetual inventory records to decrease the balances
D. All the above (1 mark)
39. Which one of the following statements is NOT accurate in regard to the effect of fraudulent transactions on the current ratio?
A. Failure to write off bad debts will result to an inflated current ratio
B. Omission of expenses will result to an inflated current ratio
C. Failure write off obsolete inventory will result to a deflated current ratio
D. All the above (1 mark)
40. Which one of the following options is NOT a method that is used to manipulate and destroy data?
A. Availability of data
B. Disclosure of confidential information
C. Privilege escalation
D. Buffer overflow exploits (1 mark)
41. Which one of the following statements is ACCURATE in regard to cybercrime?
A. Entering an altered or falsified data in the computer an authorised employee, is a computer fraud offence
B. Modification of data an authorised employee is a type of cybercrime
C. Unauthorised disclosure of data to an external party using the computer using the internet is a cybercrime
D. Computer forgery an authorised person is cyber crime (1 mark)
42. Which one of the following statements is ACCURATE in regard to internet of things technology?
A. IOT technology tends to focus more on security than innovative design
B. IOT technology tends to focus more on innovative design than privacy
C. IOT devices commonly connect to networks using inadequate security
D. IOT devices commonly connect to networks using adequate security (1 mark)
43. Which one of the following phrases refer to the method used to gain unauthorised access through the use of a secret point into the program?
A. Malware software
B. Back door
C. Trap door
D. Salami techniques (1 mark)
44. Which one of the following is NOT a type of administrative security control?
A. Intrusion detection software
B. Security awareness and education
C. Security reviews and audit
D. Security risk assessments (1 mark)
45. Apple and Green companies are major players in the construction industry. The two companies agree that Green company refrain from bidding a contract tender issued a government entity. Which one of the following statements is a red flag of the scheme perpetrated the two companies?
A. Apple company sub-contracted Green company
B. There was a rotational biding pattern observed
C. The bid price submitted Apple company was competitive
D. Apple company did not sub-contract Green company (1 mark)
46. Which one of the following financial statement fraud schemes is NOT associated with financial position fraudulent reporting?
A. Overstated receivables
B. Overstated revenue
C. Understated liabilities
D. Overvaluation of non-current assets (1 mark)
47. Which one of the following terms BEST refers to the type of corruption related to a public official receiving money from a contractor?
A. Kickbacks
B. Commercial bribery
C. Official bribery
D. Conflict of interest (1 mark)
48. Which one of the following terms BEST refers to healthcare fraud scheme where the health provider bills for two procedures which are supposed to be one procedure?
A. Unbundling
B. Up-coding
C. Fictitious billing
D. Overutilisation (1 mark)
49. Which one of the following statements is NOT a red flag of rotational bid rigging scheme?
A. Competent bidders rotate token bids
B. Rotational binding has a winning pattern
C. The price of the lowest bid is very high in comparison to the market price
D. Bidders bid each time the lowest (1 mark)
50. Which of the following statements is NOT accurate in regard to misrepresentation of the financial statements?
A. Capitalisation of expenses will inflate the current ratio
B. Capitalising expenses would result to both inflated profit and overstated assets
C. Capitalising expenses would result to overstated assets
D. Capitalising expenses would result to understated expenses (1 mark)
51. Which one of the following loans is NOT a type of loan that frequently turns up in corruption cases?
A. A legitimate loan given at market rate
B. A legitimate loan made on favorable terms
C. A legitimate loan in which a third party makes the loan payments
D. All the above (1 mark)
52. Which one of the following schemes is a common real estate fraud scheme?
A. Draw requests
B. Fraudulent appraisals
C. Flopping schemes
D. Flipping schemes (1 mark)
53. Which one of the following strategies is a method of detecting off book schemes?
A. Confirming customers’ overdue account balances
B. Examining journal entries for receivable write-offs
C. Examining suspicious false inventory account credits
D. Examining all the accounts receivable balances (1 mark)
54. Karen, a fraud examiner is conducting fraud detection audits to look for possible fraudulent disbursements to ghost employees.
Which one of the following actions is NOT a red flag of payment of ghost employees?
A. Employees in the payroll but not in the human resource master file
B. The wage bill has suddenly increased
C. Employees in the human resource master file but not in the payroll
D. All the above (1 mark)
55. Which one of the following procurement fraud schemes BEST describes product substitution and inflated labor costs?
A. Substandard goods and labor mischarges respectively
B. Material and labor mischarges respectively
C. Accounting and labor mischarges respectively
D. Bid manipulation (1 mark)
56. Which one of the following terms BEST refers to consumer fraud that targets small groups and communities with close ties?
A. Affinity fraud
B. Pyramid schemes
C. Ponzi schemes
D. All the above (1 mark)
57. Which one of the following statements BEST describes technical surveillance?
A. A method of gaining unauthorised access to a computer system using the backdoor
B. A method for gaining unauthorised access to a computer system using trapdoor
C. A method for gaining unauthorised access to a computer system using computer piggybacking
D. A method for gaining unauthorised access to a computer system through wire tapping (1 mark)
58. Which one of the following statements is NOT a common red flag of a bid tailoring scheme?
A. Competitive bids are awarded to the same bidder
B. Only a few bidders respond to bid requests
C. A contract is rebid when fewer than minimum number of bids are received
D. There are unusually narrow specifications for the type of goods or services being procured (1 mark)
59. Which one of the following actions is NOT a method that a fraudster might use to conceal inventory shrinkage?
A. Increasing the inventory book balance
B. Writing off stolen inventory as scrap
C. Physical padding of inventory
D. Decreasing the inventory book balance (1 mark)
60. Data security policy can BEST be described as .
A. Physical security control
B. Technical security control
C. Administrative security control
D. Application security control (1 mark)
61. Which one of the following statements is a technique for detecting a nonconforming goods or services scheme?
A. Reviewing the contractor’s claims, invoices and supporting documents
B. Reviewing the number of qualified bidders who submitted proposals
C. Reviewing correspondence and contract files for indications of compliance regarding specifications
D. Identifying the source of the suspect goods or materials (1 mark)
62. Which one of the following statements is an appropriate technique of detecting product substitution?
A. Comparing the direct and indirect labor account totals from the prior year to the current year
B. Reviewing the standard and actual labor rates to determine if there are any significant differences
C. Testing suspicious goods or materials examining packaging, appearance and description
D. Examining the total hours expended on the contract and comparing them to hours billed (1 mark)
63. Which one of the following reasons is NOT common reason why people commit financial statement fraud?
A. To justify salary increments and bonuses
B. To attract investors
C. To avoid negative market perception
D. To comply with financing covenants (1 mark)
64. Which one of the following phrases refers to the type of network security systems that are designed to supplement firewalls and other forms of network security detecting malicious activity coming across the network or on a host?
A. Intrusion prevention systems
B. Intrusion admission systems
C. Intrusion detection systems
D. Network access controls (1 mark)
65. Which one of the following statements is the ACCURATE definition of Trojan horse?
A. Any software application that displays advertisements while it is operating
B. A program or command procedure that appears useful but contains hidden code that causes damage
C. A computer program that replicates itself and penetrates operating systems to spread malicious code to other computers
D. A type of software that collects and reports information about a computer user without the user’s knowledge or consent (1 mark)
66. Which one of the following actions is NOT a red flag of a bid rigging?
A. The winning bidder subcontracts work to losing bidders
B. Qualified contractors refrain from bidding
C. Prices change when a new contractor enters the market
D. There is a pattern of the last party to bid winning the contract (1 mark)
67. Which one of the following actions is an administrative security control that an organisation’s management can implement?
A. Backing up system files regularly
B. Installing a firewall for the network
C. Conducting security audit tests
D. Conducting security control investigations (1 mark)
68. Which one of the following components of an intellectual property security system allows organisations to assigning data value and sensitivity levels for viewing, editing and sharing of data?
A. Data minimisation policies
B. Data classification policies
C. Encryption
D. Intellectual property security risk assessments (1 mark)
69. Which one of the following actions is a common method used management to conceal liabilities and expenses to inflate the organisation’s profits and current ratio?
A. Improperly capitalisation of expenditure
B. Omission of expenses
C. Failing to disclose warranty costs and product-return liabilities
D. None of the above (1 mark)
70. If a fraudster wants to conceal the misappropriation of cash, which one of the following transactions will NOT
result in a balanced accounting equation?
A. Reducing revenue
B. Decreasing a liability
C. Adding an asset
D. Reducing an expense (1 mark)
71. In a financial statement fraud scheme, where capital expenditures are recorded as expenses rather than assets, what effect will these transactions have on the organisation’s financial statements?
A. Net income will be understated
B. Total assets will be overstated
C. Expenses will be understated
D. All of the above (1 mark)
72. Which one of the following is NOT an information security goal that an e-commerce system should endeavor to meet for its users and asset holders?
A. Repudiation
B. Availability
C. Integrity
D. All the above (1 mark)
73. There are two methods of percentage analysis of detecting fraud in the financial statements. Which one of the following phrases BEST describes this analysis?
A. Horizontal and vertical analysis
B. Average receivable ratio
C. Current ratio
D. Quick ratio (1 mark)
74. Which one of the following activities is NOT a recommended methodology for responding to cybersecurity incidents?
A. Detection and analysis
B. Containment and eradication
C. Preparation
D. Investigations and follow up (1 mark)
75. Which one of the following objectives is a common reason why management might commit financial statement fraud?
A. To increase performance bonuses
B. To meet set financial targets
C. To harm a competitor’s reputation
D. To conceal asset misappropriation (1 mark)
76. Which one of the following statements is NOT correct in regard to corrupt payments?
A. Most of the corrupt payments are off the book
B. Most of the corrupt payments are on the book
C. To detect corrupt payments, the investigator, need to focus at the point of receipt
D. All the above (1 mark)
77. Recording an expenditure as a capital expenditure rather than an expense, which one of the following statements is
CORRECT in regard to financial reporting?
A. The financial performance would be negatively affected
B. The financial position would be falsely overstated
C. Net profit would be falsely understated
D. The expenses would be falsely overstated (1 mark)
78. Which one of the following statements describes timing difference financial statement fraud scheme?
A. Recording revenue based on the percentage of the construction project that is completed
B. Recognising revenue competed work in Year 1, though the revenue is in receivables
C. Recognising the cash revenue of the uncompleted job, as a client deposit
D. Recognising revenue in year 1 when the payment received though the work would be performed in the subsequent financial year (1 mark)
79. Which one of the following phrases BEST describes recognition of revenue in long term contracts?
A. Received revenue percentage
B. Percentage of work completed method
C. Cost-to-completion method
D. Partial revenue method (1 mark)
80. Which one of the following statements is CORRECT in regard to fictitious revenue scheme?
A. All accounts receivables, that are over thirty days, are red flags of fictitious revenue
B. Bad and doubtful debts are red flags of fictitious revenue schemes
C. Fictitious revenues must be recorded in a fictitious client’s account
D. Fictitious sales are recorded as accounts payable (1 mark)
81. Which one of the following financial statement fraud schemes is a type of inadequate disclosure scheme?
A. Anticipated legal liability in the subsequent financial year
B. Disclosed related party’s transactions
C. Inflated inventory valuation
D. Disclosed change in reporting entities (1 mark)
82. Which one of the following statements BEST describes the difference between vertical and horizontal analysis?
A. Vertical analysis expresses the percentage of component items to a specific base item while horizontal analysis analyses the percentage change in individual line items on a financial statement in financial year 1 to and financial year 2
B. Vertical analysis compares items on one financial statement to items on a different financial statement while horizontal analysis compares items on the same financial statement
C. Vertical analysis compares the performance of a holding company to its subsidiary while horizontal analysis compares different companies of the same size and in the same industry
D. Vertical analysis measures the relationship between any two different financial statement amounts while horizontal analysis examines the relationship between specific financial statement (1 mark)
83. Which one of the following statements BEST describes the difference between a Ponzi scheme and a pyramid scheme?
A. In a pyramid scheme, old investors are paid with money from new investors
B. A Ponzi scheme operation involve recruiting new members
C. A pyramid scheme promotes itself as a pyramid whereas a Ponzi scheme promotes itself as an investment business
D. Pyramid schemes are legal and Ponzi schemes are illegal (1 mark)
84. Which one of the following choices is NOT a red flag of a Ponzi scheme?
A. A business with no separation of duties, basically controlled one individual
B. An investment that has a history of usual inconsistent returns influenced fluctuations in financial markets
C. Time is of essence technique
D. An investment with unusual high or short-term returns with low risk (1 mark)
85. Which one of the following statements is NOT a red flag of procurement fraud schemes involving collusion among contractors?
A. Major industry players submit consistently high prices for the bids
B. Major industry players submit bids each time lower than the other bidder
C. Bid prices go down when a new competitor enters the competition
D. Major industry players submit consistently high prices for the bidder (1 mark)
86. Which one of the procurement fraud schemes refers to high percentages of returns, missing compliance certificates and evidence of falsified inspection tests?
A. Bid manipulation
B. Material mischarges
C. Forgery of inspection tests
D. Product Substitution scheme (1 mark)
87. Brenda, a research officer, went on field work in another country. She used her company credit card to pay for a business dinner at which she was entertaining a client. She was aware her employer would pay the credit card bill. Brenda saved the receipt and later filed an expense return form seeking reimbursement for the cost of the meal.
Which one of the following phrases BEST describes the fraud scheme perpetrated Brenda?
A. Double payment scheme
B. Misappropriation of company’s funds
C. Fictitious expenses scheme
D. Multiple reimbursement scheme (1 mark)
88. Jack, a marketing manager, went on a business trip. He used the business credit card to pay dinner for his friends in an expensive hotel. He them submitted the receipt for the dinner with the legitimate business receipts from the trip and described the dinner as “client entertainment.”
Which one of the following statements BEST describes the fraud scheme?
A. An overstated expense scheme
B. Asset misappropriation
C. Mischaracterised expense scheme
D. A fraudulent expenses scheme (1 mark)
89. Which one of the following activities does NOT typically occur during the containment and eradication step of the recommended methodology for responding to cybersecurity incidents?
A. Identifying all breaches that occurred
B. Notifying the appropriate internal personnel
C. Restoring control of the affected systems
D. Limiting the damage caused the attack (1 mark)
90. Computer networks and communications are vulnerable to attack and disruption, therefore, management must put in place technical controls to protect systems against threats like unauthorised use, disclosure, modification, destruction or denial of service.
Which one of the following actions is NOT a type of technical security?
A. Logical access control
B. Operating system security
C. Security audit tests
D. Network security (1 mark)
91. Which one of the following statements is NOT a red flag that a computer or network might have been accessed or compromised an unauthorised person?
A. An authorised user is denied access to an area in the network that is part of their role
B. Users receive a notification to update their system passwords before expiry date
C. A user in the IT department detects geographical irregularities in network traffic
D. Users are prompted to install unusual software or patches onto their computers (1 mark)
92. Which one of the following control systems is NOT a type of physical access control?
A. Biometric systems
B. Locks and keys
C. Electronic access cards
D. Logical access control (1 mark)
93. Which one of the following practices is NOT the best practice for responding to a cybersecurity incident?
A. Detection and analysis
B. Containment and eradication
C. Conducting cybersecurity investigations
D. Preparation (1 mark)
94. Which one of the following statements is NOT correct in regard to workers’ compensation fraud schemes?
A. In an organised fraud scheme, a lawyer, a capper, a doctor and the claimant often collude to defraud the insurance company
B. In premium fraud, an employer might overstate the amount of the payroll for higher-risk employees
C. In an agent fraud scheme, agents sometimes issue certificates of coverage to the insured customer while pilfering the premium
D. All of the above (1 mark)
95. Which one of the following practices is the BEST for information security procedure to prevent loss of proprietary information?
A. Implementing data minimisation
B. Failure to implement data retention and destruction policies
C. Failure to protect documents maintained in manual file systems
D. Failure to implement data minimisation (1 mark)
96. Which one of the following terms refers to a scheme that involves payment of goods that have not been supplied?
A. Asset misappropriation
B. Corruption
C. Fraudulent disbursement
D. Fictitious disbursements (1 mark)
97. Which one of the following statements is NOT accurate in regard to fraudulent financial reporting, related to the financial performance of an organisation?
A. Failure to write off bad debts would inflate both the profits and the current ratio
B. Failure to accrue expenses would inflate both the profits and the current ratio
C. Failure to write off bad debts would inflate the profits and receivables
D. Failure to write off bad debts would not affect the current ratio (1 mark)
98. Which one of the following statements is an objective of a risk assessment process related to computers and computer systems?
A. Detect the risks that make an organisation vulnerable to fraud computers and computer systems
B. Quantify the impact if the risk materialised
C. Identify the risks that make an organisation vulnerable to computers and computer systems
D. Establish an economic balance between the impact if the risk materialised and the cost of the resources required (1 mark)
99. Which one of the following identity theft schemes BEST describes stealing of a credit card and using it to make personal payments from a victim’s account?
A. Credit card fraud
B. Identity theft
C. Account takeover
D. Impersonation (1 mark)
100. Which one of the following phrases BEST refers to the fraud scheme that is often associated with a nonperforming loan?
A. Fraudulent disbursement
B. Employees collusion with customers
C. Fraudulent appraisals
D. Air loan (1 mark)
………………………………………………..………………….………….……..