Chapter 13
SafeBack
*An example of imaging software is:
Scanning
*Forensic digital investigative skills include all of the following except:
Internal auditing
*IT guidelines under the COSO framework include all of the following except:
A parser
*In order to efficiently review accounting transaction logs, it is necessary to use:
Assumes the files in a database have not been altered to hide information
*One difference between data mining and computer forensic investigations is that data mining:
A record of who has handled electronic evidence is maintained
*The "chain of custody" is a term that means:
COSO
*The Securities and Exchange Commission recommended the internal control framework used by which of the following organizations?
IDEA
*To investigate vast amounts of financial information in a business's accounts, the auditor is most likely to use:
Slack space
*What is residual data?
99
*Which of the following SASs require auditors to display an increased attitude of skepticism?
Hexadeciminal notation is based on __________ number system
16 base
Sarbanes-Oxley regulations have given the Securities and Exchange Commission new powers. These guidelines are in Section__________ of the Sarbanes-Oxley legislation
404
that the computer user requesting access to a website is a real human being
A CAPTCHA test is used to ensure
Used to attract terrorist financing
A Warez Site
swap
A ____________ file is a virtual extension of RAM and thus acts as if a computer has more active computer storage than is really necessary.
chain of custody.
A _________________ provides a record on who handles the data and how collected electronic data is handled during an investigation.
No. 31
AICPA Statement on Auditing Standards (SAS) No. ______________ states that an auditor should perform a test of system controls to show they are strong enough to mitigate the risks inherent in electronic audit evidence
once the employee begins to use the financial application, they do not have access to the entire system
Access controls within a financial application means
ACL
An example of data extraction software is:
The best example of an intangiable cyber property is
Avatar on SecondLife
a method used to find missing (gap) in the sequence numbers of issued purchase orders
Gap detection analysis in data mining is
There is leftover data in a cluster that has been re-used for storing new data by the operating system
How is slack space created?
There is no such thing
How is snack space created?
the successful transfer rate between two internal company databases
IT internal control risk is most likely related to:
Link analysis
If a pattern of purchase of two products are seen to be made together or closely follow one another, the best method to strategically analyze this purchase pattern would be with:
timestamp
It is relatively easy to change the _____________ information associated with a file on your computer
If a pattern of purchase of two products are seen to be made together or closely follow one another, the best method to strategically analyze this purchase pattern would be with
Link analysis
Information about an electronic file that is not immediately apparent to the user
Metadata
Dates found on an electronic file
Modified date
continually investigate the changing cycle of cyberattacks that are being launched and make sure their networks cannot be breached by these new attack methods.
One important step managers can take to deter cybercrime attacks against their organization is to
are mobile
One of the biggest changes in recent years regarding a company's digital assets is that they:
review of computer logs for anomalies
One of the most important network security measures to help prevent high technology fraud is
Magnetic force microscopy is used to
Reconstruct data on a disk
both b and c
Software programs, such as Encase, are used to investigate:
Transactions
Software programs, such as IDEA, are largely used to investigate:
When one of the parties to a legal proceeding is asked to preserve electronic evidence, and they cause it to be destroyed, it is called
Spoliation
E&Y
The "clueless auditor" in the textbook case was from which firm:
COBIT
The _____________ [initials] guidelines expand the general guidelines found in the COSO requirements (recommended by the SEC) and provide a specific framework for evaluating and reducing high technology fraud risks present in a networked environment.
PCAOB
The _________________ Board was created by Sarbanes-Oxley Act.
COSO or Committee of Sponsoring Organizations of the Treadyway Commission.
The _____________________ framework has been identified by the SEC as the best model for internal control practices.
Link
The underlying assumption in ____________________ analysis is there are some fundamental correlations or associations between items in a database.
The computer's internal clock begins to lag behind the correct time
Time Drift occurs when:
The investigator reviews the transactions entered into the ledger for anomalies
Transaction processing analysis for a fraud investigation means
RAM
Violate data is
clean the files
When data mining is used by an auditor, the first step should be to
IDEA
Which is not an imaging software tool that collects digital data without affecting data integrity?
Fraud detection
Which is not one of the general information technology eight guidelines under the COSO framework?
Internal auditors
Which of the following groups is more concerned about cybercrime attacks against a company?
MD6
Which of the following is not a hash algorithm?
time delays in records transferred between company databases
Which of the following problems is the best indication that unauthorized access on a company's internal network has occurred?
Due to a cyberattack, there may be a material misstatement in the financial reports.
Which of the following would be the best example to make an auditor become concerned about cybercrime or a cybersecurity risk:
Old computers
Which one of the following procedures puts the financial reporting system at the most risk of penetration?
Sequence
___________ analysis might uncover large purchases on a credit card shortly after a small purchase was made.
Sarbanes-Oxley.
________________ Act makes management directly responsible for the integrity of a company's financial statements.
Sequence analysis uses an approach that
analyzes the time series data between billing and receipt of payment
Comparing the hash code on two files shows
if the two files are identical