QuestionQuestion 1Why are computer fraud cases difficult for a fraud examiner to investigate?They require the use of one or more specialists to assist the fraud examiner.They require an understanding of the technology used to commit the crime.They lack a traditional paper audit trail.All of the above are reasons why computer fraud cases are difficult to investigate.Question 2If an organization offers wireless or remote access its server software should terminate any connection:after a certain number of unsuccessful attempts to enter an invalid password.from a foreign country.cash larceny.skimming.Question 3Which of the following is not one of the four phases of the procurement process?The presolicitation phaseThe solicitation phaseThe project review phaseThe performance phaseQuestion 4A caterer has been contracted by Austin Corp. to provide the food for a large banquet. The catering contract explicitly states that the caterer will serve a fish entre and a chicken entre and the fish entre will consist of red snapper. The caterer decides to use tilapia instead which costs about a third as much as red snapper but is also a white fish and looks quite similar. He figures that no one at the banquet will be able to tell the difference. Austin Corp. is charged the price of the red snapper. What type of scheme has the caterer perpetrated?Material deceptionContract falsificationProduct substitutionCost mischargingQuestion 5Max Reynolds is trying to obtain customer payment data from Stella Corporation. He wanders around Stellas offices pretending to be a confused intern looking for someone who can help him get on his computer. An unsuspecting employee gives him her login information not realizing the amount of data she has just given him access to. He downloads several spreadsheets of customer payment data and takes off. What type of scheme has Max committed against Stella Corporation?Social engineeringPassword crackingEmployee hijackingPhishingQuestion 6Which of the following statements is true with regard to external fraud threats?A member of an organizations board of directors committing fraud against that organization is an example of external fraud.Only companies that contract with vendors are at a risk of external fraud.Companies that house large amounts of customer payment data are especially vulnerable to external fraud threats.Unrelated third parties pose the greatest threat to an organization.Question 7________________ is the use of technology to gain unauthorized access to sensitive information on a computer system.Computer hackingComputer crimeSocial engineeringData manipulationQuestion 8What is a paperhanger?A person who counterfeits moneyA person who is an expert in credit card fraudA person who is an expert in check fraudA person who specializes in e-commerce check scamsQuestion 9Which of the following statements is true with regard to credit cards?The hologram is the easiest part of a credit card to duplicate.Less than half of the U.S. population has a credit card.Counterfeit credit cards are known as black plastic cards.The chances of being caught using an unauthorized card are small.Question 10Which of the following is commonly used to perpetrate data manipulation and destruction schemes?MalwareData dumpsNetwork infiltrationWire tappingQuestion 11All of the following are examples of malware except:virus.Trojan horse.botnet.blackware.Question 12Which of the following is a key finding from the 2010/2011 Computer Crime and Security Survey?Respondents believed that the activities of outsiders accounted for much of their losses from cybercrime.All companies surveyed had a technical expert on staff.Data manipulation is one of the most commonly seen attacks.Almost 80% of the survey respondents experienced at least one security incident.Question 13Password cracking social engineering and phishing are all:none of the above.data manipulation tactics.corporate espionage tactics.methods used to gain unauthorized access.Question 14Which of the following is not one of the three sources of external fraud discussed?VendorsCustomersUnrelated third partiesAuditorsSubsectionQuestion 15The objective of a fraud risk assessment is to help management recognize factors that make an organization most vulnerable to fraud so that management can address those factors to reduce the exposure.TrueFalseQuestion 16What is a recommended preventative measure a company should take to protect its physical property?Keep sensitive documents out of sight and in employees drawers.Ensure the cleaning staff only works after business hours.Send and receive all mail from company premises.Ensure outdoor waste receptacles are locked and guarded.Question 17Effective internal controls can eliminate the need for a fraud risk assessment.TrueFalseQuestion 1826.Fraudulent financial reporting risks include which of the following?Payment of bribes or gratuitiesMisappropriation of intangible assetsAiding and abetting of fraud by outside partiesInappropriately reflected balance sheet amountsQuestion 19Which of the following factors should be considered in assessing the likelihood of occurrence of each fraud risk?Criminal civil and regulatory liabilitiesFinancial statement and monetary significanceInternal control environment of the organizationFinancial condition of the organizationQuestion 20According to the textbook which of the following is not one of a corporate spys favorite departments to target?Research and developmentHuman resourcesLegalMarketingQuestion 21Which of the following factors should be considered when selecting a sponsor for the fraud risk assessment?IndependenceSeniorityAbility to elicit cooperationAll of the aboveQuestion 22In general management should avoid sharing the fraud risk assessment process and results with employees.TrueFalseQuestion 23Management is not likely to have sufficient knowledge of controls to override them.TrueFalseQuestion 24Factors that influence the level of fraud risk faced by an organization include which of the following?The ethics and values of the organization and the people in itThe effectiveness of the organizations internal controlThe nature of the businessAll of the aboveQuestion 25Assessing an area as having a high fraud risk means that fraud is occurring there.TrueFalseQuestion 26_________ controls are designed to stop an undesirable event from occurring whereas _________ controls are designed to identify an undesirable event that has already occurred.Internal; externalOperating; reviewPreventive; detectiveRisk; discoveryQuestion 27Which of the following does corporate espionage include?Acquisition of information through clandestine meansLegitimate intelligence collectionIntelligence analysis using legal meansAll of the aboveSubsectionQuestion 28Which of the following is not a potential corruption risk?Aiding and abetting of fraud by customers or vendorsReceipt of kickbacks bribes or gratuitiesInadequate disclosures pertaining to related-party transactionsPayment of bribes to public officials companies or private individualsQuestion 29Which of the following factors enhances a fraud risk assessment?Independence and objectivity of those leading and conducting the workCollaboration between management and auditorsInclusion of peoples perceptions at all levels of the organizationAll of the aboveQuestion 30Which of the following techniques can be used to evaluate the effectiveness and efficiency of internal controls?Interviews with management and employeesConsideration of the risk of managements override of controlsReview of the accounting policies and procedures in placeAll of the aboveQuestion 31When assessing the potential incentives pressures and opportunities to commit fraud the fraud risk assessment team should evaluate which of the following?Incentive programs and how they may affect employees behavior when conducting business or applying professional judgmentHighly complex business transactions and how they might be used to conceal fraudulent actsOpportunities for collusionAll of the aboveQuestion 32To maximize the effectiveness of the fraud risk assessment process the fraud risk assessment team should include both facts and opinions in its report.TrueFalseQuestion 33Which of the following information-gathering techniques enables the fraud risk assessor to observe the interactions of employees as they discuss a question or issue?Anonymous feedback mechanismsFocus groupsInterviewsSurveysQuestion 34Which of the following actions might management take in order to transfer a residual fraud risk?Eliminate the related asset.Implement countermeasures.Exit the related activity.Purchase fidelity insurance.Question 35Which of the following is not a true statement regarding the fraud risk assessment process?It should be influenced by the culture of an organization.To be most effective it should be an ongoing continuous process.It is aimed at proactively identifying an organizations vulnerabilities to fraud.It is more of a science than an art.Question 36Both management and auditors have a responsibility for fraud risk management.TrueFalseQuestion 37The vulnerability of an organization to those capable of overcoming the three elements of the fraud triangle is known as which of the following?Inherent riskFraud riskControl riskFraud risk assessmentQuestion 38Which of the following is not true regarding fraud risk?It encompasses reputation risk.It can be analyzed qualitatively.It results exclusively from sources internal to the organization.It can be analyzed quantitatively.Question 39Internal control is a process aimed at proactively identifying and addressing an organizations vulnerabilities to internal and external fraud.TrueFalseQuestion 40In assessing the significance to the organization of identified fraud risks the fraud risk assessment team should first consider them on an inherent basis.TrueFalse
