MONDAY: 4 December 2023. Afternoon Paper. Time Allowed: 3 hours.
Answer ALL questions by indicating the letter (A, B, C or D) that represents the correct answer. This paper is made up of one hundred (100) Multiple Choice Questions. Each question is allocated one (1) mark.
1. Which of the following is NOT an objective of a risk assessment process related to computers and computer systems?
A. Investigate the risks that make an organisation vulnerable to fraud
B. Quantify the impact if the risk materialised
C. Establish an economic balance between the impact if the risk materialised and the cost of resources required
D. None of the above (1 mark)
2. Which of the following statement is ACCURATE in regard to fraudulent financial reporting?
A. Failure to write off bad debts would cause overstatement of receivables
B. Failure to write off bad debts would cause understatement of the current ratio
C. Failure to accrual expenses would cause understatement of liabilities (1 mark)
D. None of the above
3. Which of the following method of bribery payment BEST describes how large amounts of bribes are disbursed and are hard to detect?
A. Entertainment
B. Expensive vacations
C. Property sold below the market value
D. None of the above (1 mark)
4. Healthcare providers defraud insurance companies and government health programmes through intentional separation of one procedure into two procedures. Which of the following BEST describes the healthcare providers’ fraud scheme?
A. Up-coding scheme
B. Fictitious services
C. Fictitious procedures
D. None of the above (1 mark)
5. There are several financial statement fraud schemes that are perpetrated by management to inflate the organisation’s liquidity ratio. Which of the following BEST describes the fraud scheme?
A. Overstatement of current liabilities
B. Overstatement of revenue/ receivables
C. Overstatement of non-current assets
D. Understatement of non-current assets (1 mark)
6. Which of the following would result in an improper valuation of inventory?
A. Writing off obsolete inventory
B. Recording perpetual inventory balance which is higher than the physical balance
C. Recording physical inventory balance which is lower than the perpetual inventory
D. None of the above (1 mark)
7. Which of the following statements is NOT accurate in regard to steps of risk assessment related to computers and computer systems?
A. Identifying the risks and threats of each asset and calculating the probability of each risk materialising, is the third step of a risk assessment
B. Determining the value of each asset of a risk assessment related to computers and computer systems is the second step
C. Recommending the counter-measures and other remedial activities is the fifth step of a risk assessment related to computers and computer systems
D. None of the above (1 mark)
8. Which of the following is NOT a red flag of financial statement fraud?
A. Normal revenue growth
B. Unrealistic targets
C. Negative cash flow balances while reporting profits
D. None of the above (1 mark)
9. Conrad received a voice mail saying that somebody is trying to use his account fraudulently through Internet banking. Which of the following BEST describes this social engineering scheme?
A. Phishing
B. Smishing
C. Pharming
D. None of the above (1 mark)
10. Separation of duties is fundamental to data security. Which of the following is NOT a recommended practice in relation to separation of duties?
A. Application system users should only be granted access to those functions and data required for their job duties
B. System users should not have direct access to program source code
C. System users cannot have direct access to program source code
D. None of the above (1 mark)
11. Procurement fraud is perpetrated in the cause of a procurement process. Which of the following is NOT a procurement fraud scheme committed during the submission of bids?
A. Bid rotation
B. Splitting of bids
C. Complementary bids
D. Bid suppression (1 mark)
12. XYZ government agency planned and budgeted for one hundred vehicles. The procurement department developed the specifications for the vehicles and their accessories, but they were developed as separate specifications and therefore increasing the total cost of the motor vehicles. Which of the following BEST describes this type of procurement fraud scheme?
A. Bid specification scheme
B. Bid manipulation scheme
C. Bid splitting scheme
D. None of the above (1 mark)
13. Which of the following statements is NOT a red flag of bid splitting?
A. Similar or identical procurements from the same supplier in amounts just slightly over the competitive bidding limits
B. Consecutive related procurements from several contractors that are within the competitive-bidding or
upper-level review limits
C. Justifiable split purchases that fall under the competitive-bidding or upper-level review limits
D. None of the above (1 mark)
14. Which of the following statement is ACCURATE in regard to Business email compromise schemes identified by FBI?
A. BEC (Business email compromise) is a type of vishing phishing
B. BEC (Business email compromise) is a type of malware
C. BEC (Business email compromise) is a type of spear engineering
D. None of the above (1 mark)
15. Which of the following statement is ACCURATE in regard to red flags of bid tailoring scheme?
A. Explained changes in contract specifications from previous proposals or similar items
B. Good number of competitive bids or awards to several bidders
C. Specifications developed by or in consultation with a contractor who is permitted to compete in the
procurement
D. None of the above (1 mark)
16. Which of the following is NOT a red flag of bid rigging by contractors?
A. Competent bidders refrain from bidding
B. Vendors submit complementary bids
C. There is noticeable pattern of winning bids
D. None of the above (1 mark)
17. Which of the following is NOT a type of administrative security and controls?
A. Data classification
B. Incidence response plans
C. Computer security audits and tests
D. None of the above (1 mark)
18. Which of the following technique BEST describes an attempt to exploit the system security for purposes of identifying the systems’ vulnerabilities
A. Detection intrusion system
B. Network security system
C. Application Security
D. None of the above (1 mark)
19. ABC computer company and another four companies agreed to inflate the cost of a bid, by the other six companies submitting bids each time the lowest where ABC supposedly biding the lowest. In comparison with the market price, the cost of the lowest bid was very high. Which of the following BEST describes the type of procurement scheme ABC Computer company and the other six companies were involved in?
A. Bid suppression
B. Complementary scheme
C. Bid market division
D. None of the above (1 mark)
20. Which of the following statement is NOT accurate in regard to social engineering?
A. Phishing is a type of social engineering scheme that involves impersonating a trusted individual or entity and manipulating victims into providing sensitive
B. A vishing scheme is generally transmitted as an incoming recorded telephone message
C. Smishing is phishing using voice messages through social engineering
D. None of the above (1 mark)
21. Which of the following is NOT a red flag of a bid specification scheme?
A. Bid suppression schemes
B. Narrow specifications for the type of goods or services being procured
C. Splitting of bids
D. Broad specifications for the type of goods or services being procured (1 mark)
22. Which of the following is NOT a red flag of malware infection?
A. The system suddenly, and for no apparent reason, slows down its response time to commands
B. The computer stops responding or locks up frequently
C. The operating system or other programs and applications behave in a predictable manner
D. None of the above (1 mark)
23. Which of the following is NOT a prevention measure against infection from a malicious program?
A. Use malware software to scan all incoming email messages and files
B. Regularly update the computer with the latest security patches available for the operating system
C. Organisations should develop corporate prevention policies and an employee education program to inform employees of how malware is introduced and what to do when there is suspicion of malware
D. None of the above (1 mark)
24. Under the IFRS, recognising a long-term project revenue that has not been earned, can BEST be described as which of the following financial statement fraud schemes?
A. Fictitious revenue scheme
B. Improper revenue recognition
C. Understated receivables scheme
D. None of the above (1 mark)
25. Which of the following BEST describes the method of spying on another company’s activities by placing a person in that entity to gather information and pass to the party that has retained him?
A. Overt operations
B. Surveillance
C. Covert operations
D. Competitive intelligence (1 mark)
26. Which of the following statement is ACCURATE in regard to contract performance mischarges?
A. Material mischarges are more susceptible than labor mischarges
B. Accounting mischarges are more susceptible than labor mischarges
C. Labor and material mischarges are equally susceptible to mischarges
D. None of the above (1 mark)
27. Which of the following statement is NOT accurate in relation to bank reconciliation statements?
A. Bank reconciliation statement can help to detect cash embezzlement
B. Bank reconciliation statement cannot help to detect skimming cash
C. A manipulated bank reconciliation is both a red flag and a risk of asset misappropriation
D. None of the above (1 mark)
28. Which of the following statement is ACCURATE in regard to the effects of financial statements attributed to capitalisation of expenses?
A. Capitalising expenses will overstate expenses
B. Capitalising expenses will understate assets
C. Capitalising expenses will understate profits
D. None of the above (1 mark)
29. Which of the following BEST describes procurement fraud schemes that involves a procurement employee engaging in the early opening of bids and unjustifiable delay of opening the bids?
A. Bid suppression
B. Bid rotation
C. Bid manipulation
D. Bid solicitation scheme (1 mark)
30. An analysis of a company’s revenue and cost of revenue revealed that the cost of revenue had increased by 70% the previous year. Revenue only increased by 20 %. This scenario is a red flag of which of the following?
A. The number of purchases was lower than the previous year
B. Sales were low in the current year compared to the previous year
C. A poor marketing strategy
D. None of the above (1 mark)
31. Which of the following is a method that a fraudster might use to conceal inventory theft?
A. Writing off stolen inventory as scrap
B. Increasing the perpetual inventory balance
C. Altering the perpetual inventory records to increase the balances
D. None of the above (1 mark)
32. Which of the following statement is NOT ACCURATE in regard to the effect of fraudulent transactions on the current ratio?
A. Overstated receivables will result to an inflated current ratio
B. Overstated current liabilities will result to an inflated current ratio
C. Overvaluation of inventory will result to an inflated current ratio
D. None of the above (1 mark)
33. Which of the following is NOT a method that is used to manipulate and destroy data?
A. Modification of data
B. Disclosure of confidential information
C. Privilege escalation
D. None of the above (1 mark)
34. Which of the following is ACCURATE in regard to cybercrime?
A. Entering an altered or falsified data in the computer by an authorised employee, is a type of cybercrime
B. Modification of data by an authorised employee is a type of cybercrime
C. Unauthorised disclosure of data to an external party using the computer
D. None of the above (1 mark)
35. Which of the following is NOT a method used to destroy and manipulate data?
A. Launching a buffer overflow exploits
B. Limiting access privileges
C. Transmitting data to unauthorised destination
D. None of the above (1 mark)
36. Which of the following is ACCURATE in regard to internet of things technology?
A. IOT technology tends to focus on security
B. IOT technology tends to focus on privacy rather than innovative design
C. IOT devices commonly connect to networks using adequate security
D. None of the above (1 mark)
37. Which of the following describes the method used to gain unauthorised access through the use of a secret point into the program
A. Trojan horse code
B. Back door
C. Salami techniques
D. None of the above (1 mark)
38. Which of the following is NOT a type of administrative security controls?
A. Security policies and procedures
B. Security awareness and education
C. Security reviews and audit
D. None of the above (1 mark)
39. Both ABC and XYZ companies are major players in the construction industry. ABC company paid XYZ company an inducement to refrain from bidding for a contract tender issued by a government entity. Which of the following BEST describes the procurement scheme perpetrated by ABC and XYZ companies?
A. Both ABC and XYZ engaged in bid suppression
B. Both ABC and XYZ engaged in bid rigging
C. Both ABC XYZ engaged in market division
D. None of the above (1 mark)
40. Which of the following financial statement fraud scheme is NOT associated with financial position fraudulent reporting?
A. Overvaluation of non- current assets
B. Concealment of liabilities
C. Inadequate disclosure
D. Improper valuation of receivable (1 mark)
41. Which of the following BEST describes the form of corruption where a public official receives money and uses his position to influence a decision or an act?
A. Bribery
B. Commercial Bribery
C. Reward or advantage
D. Official bribery (1 mark)
42. Which of the following BEST describes a healthcare fraud scheme in which a provider bills for a higher level of service than they actually provided
A. Bribery
B. Overutilisation
C. Fictitious billing
D. None of the above (1 mark)
43. Which of the following statement BEST describes a bid rotation procurement scheme?
A. Competitive bidders fail to bid
B. Bidders issue complementary bids
C. Bidders issue shadow bids
D. None of the above (1 mark)
44. Which of the following is NOT a red flag of bid rotation scheme?
A. Bidders bid each time lower
B. Competent bidders refrain from bidding
C. Extremely high prices of bids even for the lowest bid
D. None of the above (1 mark)
45. Which of the following statement is ACCURATE in regard to fraudulent financial reporting?
A. Capitalising expenses would result to inflated current ratio
B. Capitalising expenses would result to both inflated profit and current ratio
C. Capitalising expenses would result to understated assets
D. None of the above (1 mark)
46. Research and development personnel often accidently divulge confidential information through various methods. Which of the following is NOT one of them?
A. Discussions at conferences
B. Hiring outside academic professionals
C. Industry journals
D. None of the above (1 mark)
47. Favorite targets for intelligence-gathering purposes include employees in all of the following departments, EXCEPT:
A. Marketing
B. Research and development
C. Stores and warehouse
D. Purchasing (1 mark)
48. Which of the following is the CORRECT calculation of the quick ratio?
A. (Cash + marketable securities) / accounts payable
B. Current assets / current liabilities
C. (Cash + receivables) / current liabilities
D. (Cash + marketable securities + receivables) / current liabilities (1 mark)
49. Tracy is a successful business lady, she has been informed of an unusually attractive investment opportunity by a friend and decides to invest in it. For several months no payment came in, Tracy got frustrated with the diminishing disbursements and attempts to withdraw her money. After several weeks of delay, she realised that the promoter seems to have vanished, along with her investment. Tracy is a victim of which of the following investment fraud scheme?
A. Pyramid scheme
B. A Ponzi scheme
C. A dog and pony scam
D. An illegal pyramid (1 mark)
50. Which of the following BEST describes how a baiting scheme works in the context of identity theft?
A. Fraudsters use imitation websites to deceive computer users into entering sensitive data
B. Fraudsters use telephone calls or voice messages to manipulate people into revealing personal or business information
C. Fraudsters impersonate the victim’s bank to persuade the victim into releasing information
D. Fraudsters deceive victims into inserting data storage devices that have been infected with malware into their computers (1 mark)
51. Workers’ compensation schemes are generally broken into four categories. Which of the following is NOT one of these categories?
A. Agent fraud
B. Premium fraud
C. Claimant fraud
D. None of the above (1 mark)
52. When should an employee NOT be made aware of the need to maintain the confidentiality of an organisation’s proprietary information, as well as which information is considered confidential?
A. During induction
B. During an exit interview
C. When signing a nondisclosure agreement
D. None of the above (1 mark)
53. Which of the following is NOT a type of loan that frequently turns up in corruption cases?
A. A legitimate loan made below market
B. A legitimate loan made on favorable terms
C. A legitimate loan in which a third party makes the loan payments
D. None of the above (1 mark)
54. Which of the following is NOT an example of a business email compromise (BEC) scheme?
A. Fraudsters use the compromised email account of an executive to request employees’ personally
identifiable information from the person who maintains such information
B. Fraudsters use the compromised email account of a high-level executive to pose as the executive and ask an employee to transfer funds to the fraudsters’ account
C. Fraudsters posing as a company’s foreign supplier send an email to the company and request that funds be transferred to an alternate account controlled by the fraudsters
D. Fraudsters use botnets to send massive amounts of emails for the purpose of enticing the recipients to click on a fraudulent URL (1 mark)
55. Which of the following is NOT a red flag of health care provider fraud?
A. Consistently low percentage of low coding
B. Details in supporting documents that are inconsistent with the claim
C. Lack of supporting documentation for claims under review
D. Patient medical records are not attached to the claim form (1 mark)
56. Which of the following scheme BEST describes unqualified borrowers who misrepresent personal creditworthiness, overstate their ability to pay, and misrepresent characteristics of the housing unit to qualify for a loan.
A. Reciprocal loan arrangements
B. Credit data blocking
C. Residential loan fraud
D. Double-pledging collateral (1 mark)
57. If a fraudster wants to conceal the removal of a liability from the books, which of the following actions will NOT balance the accounting equation?
A. Increasing revenue
B. Increasing owners’ equity
C. Increasing a different liability
D. Increasing an asset (1 mark)
58. Which of the following situations is often present in real estate fraud schemes?
A. The services of an arm’s-length legal representative
B. No expert assistance at closing
C. A false appraisal report
D. All of the above (1 mark)
59. Which of the following is NOT a method of detecting a skimming scheme?
A. Confirming customers’ overdue account balances
B. Examining journal entries for accounts receivable write-offs
C. Examining journal entries for false credits to inventory
D. None of the above (1 mark)
60. Which of the following describes the primary purpose of an automated clearing house (ACH) filter?
A. It enables account holders to provide their banks with a list of criteria to ensure that only designated
individuals are paid
B. It requires the bank to contact the account holder before any payments are made
C. It is a tool used by auditors to examine electronic payment activity on the bank records
D. It matches the details of incoming payments with those on a list of expected payments provided by the
account holder (1 mark)
61. Which of the following is NOT a method which an electronic funds transfer (EFT) fraud scheme can be perpetrated?
A. A person who has stolen information about another person’s bank account instructs a biller to obtain
payment from that account
B. An employee of a person-to-person (P2P) provider misappropriates a customer’s account and password information
C. A hacker obtains the account and password information of consumers to direct funds from their accounts
D. None of the above (1 mark)
62. Julia, a fraud examiner, is performing fraud audits to look for potential asset misappropriation schemes at her company. One of her routine tests is to compare the payroll records to the human resources (HR) files. What type of fraud scheme is she MOST looking for?
A. Payment scheme
B. Commissions scheme
C. A falsified hours and wages scheme
D. A ghost employee scheme (1 mark)
63. Which of the following lists the information security goals that an e-commerce system should achieve for its users and asset holders?
A. Penetrability, accuracy, exactness, materiality, and systems reliability
B. Exactness, invulnerability, accuracy, materiality, and data/systems response
C. Penetrability, accuracy, availability, authentication, and systems reliability
D. Confidentiality, integrity, availability, authentication, and non-repudiation (1 mark)
64. Which of the following is NOT an insurance agent/broker fraud?
A. Fictitious payees
B. Fictitious death claims
C. Premium theft
D. None of the above (1 mark)
65. A contractor who delivers materials of substandard quality than specified in the contract or uses a lower quality staff than specified in the contract might be involved in which of the following types of procurement fraud schemes?
A. Product fraud
B. Material and labor mischarges
C. Labor mischarging fraud
D. Material mischarging fraud (1 mark)
66. Which of the following does NOT describe target of an affinity fraud scheme?
A. Professional associations
B. Large organisation
C. Immigrant groups
D. Religious communities (1 mark)
67. There are two methods for recognising revenue on long-term construction contracts. Which of the following is one of those methods?
A. Contract-valuation method
B. Partial-contract method
C. Cost-to-completion method
D. None of the above (1 mark)
68. Remy receives a voice mail message telling him that his credit card might have been used fraudulently. He is asked to call a phone number. When he calls the number, he hears a menu and a list of choices that closely resembles those used by his credit card company. The phone number even appears to be similar to that of his card issuer. Which of the following types of schemes has Matthew become the target?
A. Smishing
B. Pharming
C. Vishing
D. Spear phishing (1 mark)
69. Which of the following BEST describes social engineering?
A. A method for gaining unauthorised access to a computer system in which an attacker hides near the target to obtain sensitive information that they can use to facilitate their intended scheme
B. A method for gaining unauthorised access to a computer system in which an attacker bypasses a system’s security using an undocumented operating system and network functions
C. A method for gaining unauthorised access to a computer system in which an attacker deceives victims into disclosing personal information or convinces them to commit acts that facilitate the attacker’s intended scheme
D. A method for gaining unauthorised access to a computer system in which an attacker searches through large quantities of available data to find sensitive information that they can use to facilitate their intended scheme (1 mark)
70. Which of the following types of accounts are increased by debits?
A. Expenses
B. Liability
C. Owners’ equity
D. Revenue (1 mark)
71. Connie finds a residential property with a nonresident owner. She then forges contractual property documents showing that the owner is transferring ownership of the property completely to her. The property owner is unaware that Connie has created and filed the documents. Later, Connie takes the falsified documents to a lender and borrows money against the property. Which of the following BEST describes Connie’s scheme?
A. Fraudulent Loan
B. Fraudulent sale
C. Fictitious loan
D. Property flipping (1 mark)
72. Which of the following is a recommended method that individuals should take to protect themselves from identity theft?
A. Limit personal information shared on social media
B. Create unique answers for security questions
C. Use passwords that have at least eight characters
D. All of the above (1 mark)
73. Which of the following is NOT a common red flag of a bid tailoring scheme?
A. Competitive awards vary among several suppliers
B. Only a few bidders respond to bid requests
C. A contract is not rebid even though fewer than the minimum number of bids are received
D. There are unusually broad specifications for the type of goods or services being procured
74. Which of the following scenarios is an example of a conflict of interest?
A. An employee has an undisclosed personal relationship with a company that does business with their
employer
B. An employee is related to someone who works for one of their company’s vendors and informs their
employer of the relationship
C. An employee for a pharmaceutical company has an economic interest in a company that does business with their employer and discloses it to their employer
D. An employee for a phone installation company works as a fishing guide on weekends but does not tell the phone company about the other job (1 mark)
75. Which of the following is NOT a method that a fraudster might use to conceal inventory shrinkage?
A. Falsely increasing the perpetual inventory figure
B. Writing off stolen inventory as scrap
C. Physical padding of inventory
D. Altering the perpetual inventory records to decrease the balance (1 mark)
76. A data classification policy can BEST be described as a(n):
A. Physical security control
B. Technical security control
C. Administrative security control
D. Application security control (1 mark)
77. Which of the following is NOT an appropriate technique for detecting a nonconforming goods or services scheme?
A. Reviewing the contractor’s statements, claims, invoices, and supporting documents
B. Reviewing the number of qualified bidders who submitted proposals
C. Reviewing correspondence and contract files for indications of noncompliance regarding specifications
D. Segregating and identifying the source of the suspect goods or materials (1 mark)
78. Which of the following is NOT an appropriate technique for detecting a cost mischarging scheme involving labor?
A. Comparing the direct and indirect labor account totals from the prior year to the current year
B. Reviewing the standard and actual labor rates to determine if there are any significant differences
C. Inspecting questioned goods or materials by examining packaging, appearance, and description
D. Examining the total hours expended on the contract and comparing them to hours billed (1 mark)
79. Which of the following is NOT a common reason why people commit financial statement fraud?
A. To demonstrate compliance with loan covenants
B. To encourage investment through the sale of stock
C. To cover inability to generate cash flow
D. None of the above (1 mark)
80. When looking at a set of financial statements, on which statement would you find notes payable, current assets, retained earnings, and accumulated depreciation?
A. Income statement
B. Balance sheet
C. Statement of changes in owners’ equity
D. Statement of cash flows (1 mark)
81. Which of the following refers to the type of network security systems that are designed to supplement firewalls and other forms of network security by detecting malicious activity coming across the network or on a host?
A. Network address prevention systems
B. Network access controls
C. Intrusion admission systems
D. Intrusion detection systems (1 mark)
82. Shredding sensitive documents using a cross-cut shredder, sending and receiving mail at a secure site such as a post office box, and employing a perimeter security system at the office are all measures aimed to do which of the following?
A. Prevent misappropriation of office supplies
B. Catch a fraudster in the act
C. Protect digital documentation
D. Guard manual file systems
83. Which of the following is the MOST ACCURATE definition of spyware?
A. Any software application that displays advertisements while it is operating
B. A program or command procedure that appears useful but contains hidden code that causes damage
C. A computer program that replicates itself and penetrates operating systems to spread malicious code to other computers
D. A type of software that collects and reports information about a computer user without the user’s
knowledge or consent (1 mark)
84. Which of the following is NOT a red flag of a procurement fraud scheme in which vendors are colluding to evade the competitive bidding process?
A. The winning bidder subcontracts work to losing bidders
B. Qualified contractors do not submit bids
C. There is a pattern indicating that the last party to bid wins the contract
D. None of the above (1 mark)
85. Which of the following is an administrative security control that an organisation’s management can implement?
A. Backing up system files regularly
B. Installing a firewall for the network
C. Issuing smart access cards to employees
D. Creating an incident response plan (1 mark)
86. Which of the following statements is TRUE regarding gross profit?
A. Gross profit is the top line of the income statement
B. Gross profit is equal to net sales less cost of goods sold
C. Gross profit is another term for net income
D. Gross profit is equal to revenues minus operating expenses (1 mark)
87. A confidence scheme designed to part victims from their money by falsely promising the future delivery of a product or service in exchange for an up-front payment is called a(n):
A. Scavenger scheme
B. Advance-fee scheme
C. Bait and switch scheme
D. Home-based business scheme (1 mark)
88. Sheila, an accounts payable supervisor for ABC Company, bought supplies for a company she owns on the side. Sheila entered vouchers in ABC’s accounts payable system for the cost of the supplies so that ABC would pay form the supplies. The supplies were then drop-shipped to a location where Sheila could collect them. What type of occupational fraud is this?
A. A personal purchase with company funds scheme
B. An expense reimbursement scheme
C. An invoice kickback scheme
D. A pay and return scheme (1 mark)
89. Which of the following steps is NOT taken during an account takeover scheme?
A. Placing orders using funds from the overtaken account
B. Changing customer contact information on the overtaken account
C. Stealing account log-in information by sending phishing emails
D. None of the above (1 mark)
90. Which of the following is the MOST ACCURATE definition of a Trojan horse?
A. A type of software that collects and reports information about a computer user without the user’s
knowledge or consent
B. A virus that changes its structure to avoid detection
C. A software program that contains various instructions that are executed every time a computer is turned on
D. A program or command procedure that appears useful but contains hidden code that causes damage
(1 mark)
91. Which of the following could NOT be used to balance the accounting equation if cash were stolen?
A. Increasing another asset
B. Reducing a liability
C. Reducing revenue
D. None of the above (1 mark)
92. Ron, a Certified Fraud Examiner (CFE), is an auditor for the government’s Office of Audit and Evaluation. While conducting a routine audit of ten construction contracts from the Public Works Department, Ron notices some unusual characteristics in the contracts’ bidding documents. The contracts were all awarded to the same contractor, and the specifications in all ten contracts had unreasonably narrow specifications for the types of goods being procured. Which of the following types of procurement fraud schemes is MOST LIKELY at issue here?
A. A procurement employee has intentionally included unallowable costs in the projects’ contracts and
budgets
B. A procurement employee divided a large project into several small projects that fall below the mandatory bidding level
C. A procurement employee has drafted bid specifications in a way that gives an unfair advantage to a certain contractor
D. A procurement employee convinced their employer that it needs excessive or unnecessary products or
services (1 mark)
93. Which of the following is NOT a common method that fraudsters use to conceal liabilities and expenses to make a company appear more profitable than it is?
A. Improperly capitalising costs
B. Omitting liabilities or expenses
C. Failing to disclose warranty costs and product-return liabilities
D. None of the above (1 mark)
94. Which financial ratio is calculated by dividing current assets by current liabilities?
A. Receivable turnover
B. Quick ratio
C. Current ratio
D. Profit margin (1 mark)
95. If a fraudster wants to conceal the misappropriation of cash, which of the following actions will NOT result in a balanced accounting equation?
A. Reducing owners’ equity
B. Decreasing a liability
C. Decreasing another asset
D. Creating an expense (1 mark)
96. Daniel, a plant manager for a utility company, also owns a commercial cleaning business. Daniel threatened to withhold business from any vendors of the utility company that did not hire her cleaning business for their office cleaning needs. Which of the following BEST describes the type of corruption scheme in which Daniel engaged?
A. Collusion scheme
B. Kickback scheme
C. Economic extortion scheme
D. Illegal gratuity scheme (1 mark)
97. Which of the following BEST describes the difference between a flipping scheme and a flopping scheme in the context of mortgage fraud?
A. In a flopping scheme, the value of the first transaction is deflated instead of inflating the second transaction
B. In a flopping scheme, the second transaction in the scheme usually occurs several years after the first
C. In a flopping scheme, the original seller always ends up as the final owner of the property
D. In a flopping scheme, the lender is not one of the potential victims of the scheme (1 mark)
98. In a financial statement fraud scheme in which capital expenditures are recorded as expenses rather than assets, the transactions will have which of the following effect on the organisation’s financial statements:
A. Net income will be overstated
B. Total assets will be understated
C. Sales revenue will be overstated
D. All of the above (1 mark)
99. Which of the following is an information security goal that an e-commerce system should endeavor to meet for its users and asset holders?
A. Non-repudiation
B. Access authority
C. Systems reliability
D. Exactness (1 mark)
100. There are two methods of percentage analysis of financial statements. They are:
A. Horizontal and vertical analysis
B. Horizontal and historical analysis
C. Vertical and historical analysis
D. Balance sheet and income statement analysis (1 mark)