Data such as laundromat electricity usage and cycle time, beer purchase quantities, and travel dates are examples of:

Tend to be "corrupted" sources of data

Red flags that have little to no potential value in verifying or disproving fraud

Nonfinancial numerical performance data

Accounting anomalies

QUESTION 4

1. In most cases, asset misappropriation, corruption, and financial statement fraud last about ____________ from inception to conclusion.
2. 24 months
3. 2.4 months
4. 6 months
5. 16 months

QUESTION 5

1. __________________ is an attempt to identify the fraud as early as possible, in contrast to the optimal situation in which the fraud is prevented or deterred.
2. Implementing internal controls that prevent collusion
3. Conducting an annual fraud risk assessment
4. Separation of duties
5. Effective fraud detection

QUESTION 6

1. Who takes the lead in establishing, implementing, and maintaining a formal fraud risk management program?
2. Board and management
3. Regulatory agencies such as the PCAOB and SEC
4. Corporate shareholders
5. Internal auditors

QUESTION 7

1. The targeted fraud risk assessment approach assumes that there should be a direct relationship between the ________________ and the _________________________.
2. specific industry involved; risk levels typically associated with that industry
3. Level of risk associated with a material weakness in the company's controls; amount of attention devoted to that area during an audit
4. Organization's tolerance for risk; implementation of appropriate internal controls
5. Accounts receivable department; accounts payable department

QUESTION 8

1. Generally, three procedures are effective in identifying breakdowns in internal controls due to override and collusion: journal entries recording in the books and records, as well as other adjustments to financial information should be examined for proper back-up document; significant accounting estimates needs to be reviewed; and___________________________.
2. Unusual "one-time" transactions should be scrutinized to ensure they have an appropriate underlying business rationale
3. A properly functioning board-operated audit committee that has the ability to investigate anomalies independently should be established
4. A robust whistleblower mechanism should be implemented, and its existence widely published throughout the organization
5. Care should be taken by the board to ensure that the external auditor is indeed independent, in fact, and appearance

QUESTION 9

1. An overview of the fraud risk assessment process includes the following components:
2. Money, Ideology, Coercion, and/or Ego/Entitlement (MICE)
3. Act, concealment, and conversion
4. Propose the scope of the audit, execute the scope, report the findings to the board, and reply to management concerns
5. Evaluate the fraud risk factors, identify possible fraud schemes and scenarios, prioritize individual fraud risks, evaluate mitigating controls

QUESTION 10

1. Most red flags are
2. Not indicators of fraud but are a function of the dynamic environment in which organizations operate
3. Indicators of unskilled fraudsters who don't have sufficient knowledge to conceal their defalcations
4. Indicators of fraud if one knows how and where to look
5. Typically, indicative of fraud if a targeted risk assessment was not completed

QUESTION 11

1. The 2016 ACFE Report to the Nations found that ___________ of existing controls is the second most frequently observed internal control weakness that contributed to fraud; the lack of internal controls was the only weakness more frequently cited by the ACFE's survey respondents.
2. Override
3. A lack of clarity
4. Overly complex design
5. A lack of awareness

QUESTION 12

1. The most challenging issue regarding fraud detection in a digital environment is the potential for:
2. Hackers and other unauthorized users were gaining access to proprietary information
3. Historical transaction data to be lost over time due to the high costs of digital storage
4. An over-whelming number of fraud symptoms (i.e., red flags)
5. The inherent susceptibility of digitally stored data to be fraudulently altered without detection

QUESTION 13

1. ______________ is defined as an act where the computer hardware, software, or data is altered, destroyed, manipulated, or compromised due to acts that are not committed with the intent to execute financial fraud
2. Hacking
3. Distributed Denial of Service (DDoS)
4. Phishing
5. Computer crime

QUESTION 14

1. Damaged equipment, restoration of data or programs, lost sales, lost productivity, and harm to reputation or goodwill are examples cited by the text of economic losses associated with:
2. Computer fraud
3. Computer risks
4. Computer compromises
5. Computer crimes

QUESTION 15

1. Several attributes of the Internet make it an attractive operational location for criminal enterprises. First, individuals and businesses have come to realize that information is power. Criminals have determined they can profit by stealing and selling information. Second, cyberspace gives the criminal a worldwide reach. Third, The World Wide Web is relatively anonymous. Fourth:
2. Cybercriminals frequently use blockchain technology (i.e., distributed ledgers) to conceal their cybercrime
3. The majority of cybercrime originates from offshore havens such as Nevis and St. Kitts where local laws allow criminals to flourish
4. The Dark Web makes it impossible to track, identify, capture, and prosecute cybercriminals
5. The Dark Web makes it impossible to track, identify, capture, and prosecute cybercriminals

QUESTION 16

1. You have just completed a fraud examination in which you concluded, based on security camera footage, that an outside intruder entered the company dressed as a computer repair person. The footage shows the intruder chatting amiably with several individuals in the bookkeeping department, followed by logging onto their computers as they stand watching over his shoulder, using credentials they shared when he showed them his vendor badge (which was counterfeit). This type of attack is executed using:
2. Shoulder surfing
3. a Trojan horse
4. Social engineering
5. Spear phishing

QUESTION 17

1. Adequate hacker detection programs contain three primary components: (1) log files should be printed and regularly reviewed by the data security officer, (2) the data security function should have sufficient resources and staff to administer passwords, maintain security software, review system activity reports and follow up on potential security violations, and (3):
2. Anti-social engineering training for all users with passwords
3. Buffer over-flow backup and redundancy streaming with auto EXE piggybacking
4. Use of distributed ledger technology
5. Periodic reviews of telecommunications security should be performed by internal or external auditors or other professionals

QUESTION 18

1. ______________ and _______________ are any defalcation, fraud, or financial crime accomplished by tampering with computer programs, data files, operations, equipment, or media, and resulting in losses sustained by the organization whose computer was compromised.
2. Computer crime; asset misappropriation schemes
3. Financial crimes; blockchain compromises
4. Computer-based fraud;financial crimes
5. Cybercrime; complex frauds

QUESTION 19

1. The most prevalent method of committing computer fraud is________________________________.
2. Network weaving
3. Digital device hacking
4. Alteration or falsification of input transactions (and/or documents)
5. Social engineering

QUESTION 20

1. The U.S. government agency charged with investigating counterfeiting, credit card fraud, and some computer crimes is the:
2. Internet Cybercrime Counterinsurgency Center (IC3)
3. Financial Crimes Enforcement Network (FINCEN)
4. Secret service
5. Financial Action Task Force (FATF)