AIS Final

Fraud is gaining an unfair advantage over another person. Legally, for an act to be fraudulent there must be: A. An intent to deceive B. Unfairness C. An exchange of monetary consideration D. All of these are correct

A. An intent to deceive

Which of the following are among the five components of COSO Internal Controls? (Check all that apply.) A. Risk assessment B. Event identification C. Information and communication D. Objective setting E. Control activities

A. Risk assessment E. Control activities

The Trust Services Framework identifies five principles for systems reliability. Which one of those five principles is a necessary prerequisite to the other four? A. Security B. Confidentiality C. Processing integrity D. AvailabilityE.Privacy

A. Security

Which of the following statements about improving the security of wireless is true? (Check all that apply.) A. Wireless SSIDs should use meaningful names such as "finance department" or "payroll" rather than names like "XYZ345". B. Wireless access points should be placed in the DMZ. C. Wireless devices should be configured to operate only in infrastructure mode, not ad hoc mode. D. All wireless traffic should be encrypted.

B. Wireless access points should be placed in the DMZ. C. Wireless devices should be configured to operate only in infrastructure mode, not ad hoc mode. D. All wireless traffic should be encrypted.

People who discover, extract, safeguard, and document computer evidence such that its authenticity, accuracy, and integrity will not succumb to legal challenges are called: A. Chief operating officer B. Chief security officer C. Computer forensics specialist D. Computer compliance officer

C. Computer forensics specialist

Opportunity is the condition or situation that allows a perpetrator to: (Check all that apply.) A. Control those who may know of his or her actions B. Convince the perpetrator that he or she will not be caught C. Conceal the fraud D. Commit the fraud E. Convert the theft into a personal gain

C. Conceal the fraud D. Commit the fraud E. Convert the theft into a personal gain

Which of the following does not help safeguard assets, documents, and data? A. Periodically reconcile recorded asset quantities with a count of those assets. B. Restrict access to data and documents. C. Measure the throughput and utilization of data and physical assets. D. Store data and documents in fireproof storage areas or secure offsite locations. E. Create and enforce appropriate policies and procedures.

C. Measure the throughput and utilization of data and physical assets.

A potential adverse occurrence is called a threat. With respect to threats, which of these statements is false? A. The probability a threat will occur is called the likelihood or risk. B. The potential dollar loss from a threat is called the exposure or impact. C. The timing of when a threat will occur is called the timeframe or timeline. D. None of these statements about threats are false.

C. The timing of when a threat will occur is called the timeframe or timeline.

After a tornado destroys an organization's data center, the CIO turns to the __________ for instructions on how to recover. A. Incident Response Plan (IRP) B. Backup Plan (BP) C. Business Continuity Plan (BCP) D. Disaster Recovery Plan (DRP)

D. Disaster Recovery Plan (DRP)

Individuals who control an army of malware-infected zombie computers are called _______________. A. guarantors B. malware writers C. zombie commanders D. botnet owners

D. botnet owners

Unauthorized theft, use, access, modification, copying, or destruction of software, hardware, or data is called A. hacking. B. technology fraud. C. Asset misappropriation. D. computer fraud.

D. computer fraud.

Which control ensures that the master inventory file contains an inventory item identified by the number 251184? A. Validity check B. Field check C. Limit check D. Check digit verification

A. Validity check

Individuals who perpetrate fraud are often referred to as A. white-collar criminals. B. bad actors. C. blue-collar criminals. D. All of these

A. white-collar criminals.

A collection of structure, semi-structured, and unstructured data stored in a single location is called a ___________. A. data lake B. metadata C. database D. data warehouse

A. data lake

When accountants build bots to help them with the tasks of their job, what description best explains the type of bot they would build? A. None of these B. A computer program that is designed to perform a specific task C. A machine that performs a task more quickly than a human D. A robot that uses artificial intelligence to act like a human

B. A computer program that is designed to perform a specific task

Which of the following will improve the ability to detect fraud? (Check all that apply.) A. Restrict physical and remote access to system resources to authorized personnel B. Implement whistleblower rewards C. Implement project development and acquisition controls, as well as change management controls D. Implement a fraud hotline E. Provide employee support programs so they know where they can get help to deal with pressures that might tempt them to perpetrate fraud

B. Implement whistleblower rewards D. Implement a fraud hotline

In your haste to watch a video that you heard about, you type in yuube.com and are taken to a site with the familiar YouTube logo but find that the site sells a video ad blocker that allows you to watch YouTube without having to watch the ads. This is an example of _______________. A. skimming B. chipping C. vishing D. scavenging E. typosquatting

E. typosquatting

You are tasked with presenting a viz that compares sales for four different products. Which viz is likely most appropriate? A. Area chart B. Pie hart C. Histogram D. Bar chart

D. Bar chart

________ often make use of exploratory data analytic techniques, while _______ make use of machine learning techniques. A. Diagnostic analytics, prescriptive analytics B. Descriptive analytic, prescriptive analytics C. Diagnostic analytics, predictive analytics D. Descriptive analytics, predictive analytics

D. Descriptive analytics, predictive analytics

Making sure to use separate training datasets and test datasets is especially important for creating what type of analytic? A. Diagnostic analytic B. Prescriptive analytic C. Descriptive analytic D. Predictive analytic

D. Predictive analytic

Cindy, the controller at the organization, asks David, an accounts receivable clerk, "We want to be able to collect all cash from customers who make purchases. Which customers were more than 30 days late paying for their merchandise?" This question does the worst at accomplishing which of the following SMART objectives? A. Measurable B. Specific C. Relevant D. Timely

D. Timely

According to the text, which type of threat represents the greatest risk to information systems and causes the greatest dollar losses? A. Natural and political disasters B. Software errors and equipment failures C. Intentional acts D. Unintentional acts

D. Unintentional acts

The GDPR gives people the right to request that organizations delete personal information that they have collected. This is referred to as the "right to be forgotten." Which GAPP principle most clearly relates to that right? A. Use, retention, and disposal B. Access C. Quality D. Disclosure to third parties

A. Use, retention, and disposal

Supposing you are presenting a line chart with values ranking from .01 to 79.3 on the y-axis. How many decimal places should be shown in the labels of the tick marks on the y-axis? A. Zero B. 1 C. 2 D.3

A. Zero

To decrypt a digital signature, you need to use _______. A. the public key of the person who created the signature. B. your public key. C. the private key of the person who created the signature. D. your private key.

A. the public key of the person who created the signature.

Organizations can make fraud less likely to occur by requiring an annual employee ____________ A. to vacation. B. to participate in a training program. C. a promotion. D. to retreat.

A. to vacation.

Which of the following can be used to prevent unauthorized changes to completed business transactions? A. PKI B. Blockchain C. Tokenization D. Digital watermarks

B. Blockchain

Bernard prepares a data dashboard to send to the CFO. The CFO's objective for the dashboard is to see the "free cash" position of the company each morning in less than one minute. The dashboard fits on a single computer screen and contains 22 different charts. Which storytelling principles are supported by this dashboard? A. Communicate quickly B. None of these C. Communicate effectively D. Appropriate level of detail

B. None of these

Comparing means and medians is an example of __________________ analytics. A. diagnostic B. descriptive C. predictive D. prescriptive

B. descriptive

Using your private key to encrypt a hash of a document creates a __________. A. cookie. B. digital signature. C. digital certificate. D. digital watermark.

B. digital signature.

Unauthorized access, modification, or use of an electronic device or some element of a computer system is called A. denial-of-service attack. B. hacking. C. spamming. D. hijacking.

B. hacking.

Danny Ferrar, the owner of BuysUSA.com, was sentenced to six years in prison for selling $4.1 million of copyrighted software for much less than the suggested retail price. Ferrar was guilty of: A. Click fraud B. Software diddling C. Software piracy D. Internet auction fraud E. Phreaking

C. Software piracy

Which of the following techniques can be used to minimize system downtime? A. RAID B. Preventive maintenance C. UPS D. All of these

D. All of these

What is the name of the law Congress passed to prevent companies from bribing foreign officials? A. Sarbanes Oxley Act B. COSO ERM Act C. COSO Internal Control Act D. COBIT Act E. FCPA

E. FCPA

Amitola created a dashboard showing key metrics about the accounts payable process at her organization. The dashboard showed various metrics including: the total number of vendors, the amount saved by paying vendors on early, and the number of late payments to vendors. Which of the following best describes the type of analytics included in the dashboard? A. Predictive analytics B. Descriptive analytics C. Prescriptive analytics D. Diagnostic analytics

B. Descriptive analytics

Which of the following is not a principle to avoid in trying to create ethical data presentations? A. Present complete data given the context B. Show representations of numbers proportional to the reported number C. All of these are important principles to follow for creating ethical data presentations D. In vizs designed to depict trends, show time progressing from left to right on the x-axis

C. All of these are important principles to follow for creating ethical data presentations

The word zombie is related to which type of computer attack? A. Salami technique B. Data diddling C. Botnet D. Masquerading E. War dialing

C. Botnet

Which of the following will increase the difficulty of committing fraud? (Check all that apply.) A. Develop a comprehensive, disaster recovery plan B. When disposing of used computers, destroy the hard drive C. Develop and implement a strong system of internal controls D. Segregate the accounting functions of authorization, recording, and custody

C. Develop and implement a strong system of internal controls D. Segregate the accounting functions of authorization, recording, and custody

When confirmatory data analysis techniques are used, what type of analytic is likely being computed? A. Descriptive analytic B. Predictive analytic C. Diagnostic analytic D. Prescriptive analytic

C. Diagnostic analytic

Most computer attacks are designed to steal information or money. Which of the following attacks is designed to slow down or stop a website, often to prevent legitimate users from accessing the website? A. Man-in-the-middle attack B. Spoofing attack C. DoS attack D. Dictionary attack E. Cross-site scripting attack

C. DoS attack

Pie charts are the most over-used type of charts. This is because they are often used to show comparison. Select which chart type is best for making comparisons. A. Bar chart B. Line chart C. Histogram D. Scatterplot

A. Bar chart

Suppose your salespersons are given great latitude is setting product prices to their customers. You are tasked with showing how much each salesperson varies in prices for one particular product. Which viz is most appropriate? A. Boxplot B. Bar chart C. Heatmap D. Area chart

A. Boxplot

Check good visualization design principles among the four options given. A. Choose the right type of visualization B. Do not use data dashboards C. Use text and not data visualizations D. Simplify the presentation of data.

A. Choose the right type of visualization D. Simplify the presentation of data.

Check all techniques that can be used to simplify a visualization. A. Color B. Quantity C. Distance D. Orientation

A. Color B. Quantity C. Distance D. Orientation

A pharmaceutical company is trying to develop a drug that will help cure the most people with a serious disease. To choose the drug that can cure the most people, the data analyst should look at what? A. P-value (level of statistical significance) B. Type I error rate C. Type II error rate D. Effect size

D. Effect size

Chibuzo creates a chart to show the percentage of activities in the accounting function have been automated over time. She wants to stress the slow rate of change by the department to adopt automation. What is the purpose of Chibuzo's visualization and what type of chart would be best for this purpose? A. Comparison, bar chart B. Correlation, scatterplot C. Comparison, line chart D. Trend evaluation, line chart

D. Trend evaluation, line chart

Following the creation of an ETL process, the following action should be performed. A. Transform the data B. Remove commas C. Create structured data D. Update the data dictionary

D. Update the data dictionary

After a fraud has occurred, which one of the following is the best way to reduce the loss from that fraud? A. Develop and implement a strong system of internal controls B. Increase the penalty for committing fraud by prosecuting fraud perpetrators more vigorously C. Implement computer-based controls over data input, computer processing, data storage, data transmission, and information output D. Create an organizational culture that stresses integrity and commitment to ethical values and competence E. Collect on fraud insurance purchased before the fraud

E. Collect on fraud insurance purchased before the fraud

A cold site is an appropriate strategy for disaster recovery for organizations that are willing to tolerate operating for several ________ without their ERP system and who are also willing to reenter or even lose several __________ worth of transactions. A. minutes; hours B. hours; hours C. hours; days D. minutes; days E. days; days

E. days; days

Assume that the XYZ Company wants to create batch totals for a transaction file that contains all sales invoices. Which of the following fields could be used to create a hash total? (Check all that apply.) A. Quantity sold B. Total amount of sale C. Customer number D. Customer name E. Part number

A. Quantity sold C. Customer number E. Part number

Which of the following processing controls can be used to achieve the objective of processing integrity? (Check all that apply.) A. Recalculation of batch totals B. Parity bits C. Validity check D. Reconciliation procedures E. File labels

A. Recalculation of batch totals E. File labels

Which of the following is the correct sequence of steps in the incident response process? A. Recognize that a problem exists, stop the attack, repair the damage, learn from the attack B. Recognize that a problem exists, repair the damage, stop the attack, learn from the attack C. Stop the attack, recognize that a problem exists, repair the damage, learn from the attack D. Stop the attack, repair the damage, recognize that a problem exists, learn from the attack

A. Recognize that a problem exists, stop the attack, repair the damage, learn from the attack

Which of the following are important independent checks on performance? (Check all that apply.) A. Reconciliation of independently maintained records. B. Single-entry accounting C. Analytical reviews that examine relationships between different sets of data D. An independent review where a person double checks the work she performed

A. Reconciliation of independently maintained records. C. Analytical reviews that examine relationships between different sets of data

The process of translating complex data analyses into easier to understand terms is ______________________. A. data storytelling B. data visualization C. data dashboard D. statistical analysis

A. data storytelling

Change management and change control processes need to be applied to any modifications to: (Check all that apply.) A. hardware. B. None of these statements are true. C. operating procedures. D. software.

A. hardware. C. operating procedures. D. software.

To answer the question of "What should be done," one would apply ____________________. A. prescriptive analytics B. predictive analytics C. descriptive analytics D. diagnostic analytics

A. prescriptive analytics

If you want to e-mail a document to a friend and be assured that only your friend will be able to open the document, you should encrypt the document using: A. your friend's public key. B. your private key. C. your public key. D. your friend's private key.

A. your friend's public key.

If you want to e-mail a document to a friend so that your friend can be certain that the document came from you, you should encrypt the document using: A. your private key. B. your friend's private key. C. your public key D. your friend's public key.

A. your private key.

Which of the following classification of pressures motivate people to perpetrate employee fraud? (Check all that apply.) A. Management characteristics and pressures B. Financial pressures C. Emotional pressures D. Industry pressures and conditions E. Lifestyle pressures

B. Financial pressures C. Emotional pressures E. Lifestyle pressures

Understanding what big data means helps to know what types of questions can be fruitfully examined using data. Big data differs from regular data in four ways, often called the "four V's." Which of the following is not one of the four V's? A. Velocity B. Validity C. Veracity D. Variety

B. Validity

Hackers created malicious and self-replicating code to exploit a weakness in the Windows Server service. Two weeks after it was released, it had infected almost 9 million computers worldwide. In addition to looking for other computers to infect, the code downloaded additional malware on the hijacked computers. The code, named Downadup, is an example of what kind of computer fraud and abuse technique? A. Packet sniffer B. Worm C. Rootkit D. Keylogger E. Bluesnarfing

B. Worm

A turnaround document is an example of a(n) A. processing control. B. input control. C. output control. D. None of these are correct.

B. input control.

Which of the following are indicators that an organization's change management and change control process is effective? A. Testing of all changes takes place in a system separate from the one used for regular business operations B. A low number of emergency changes C. A reduction in the number of problems that need to be fixed D. All of these are correct

D. All of these are correct

Controls that prevent, detect, and correct transaction errors and fraud in application programs are called: A. Detective controls B. Preventive controls C. General controls D. Application controls

D. Application controls

When Jo, a sales associate, enters an account number, which of the following controls would allow the system to retrieve and display the account name so that Jo could verify that the correct account number had been entered? A. Sequence check B. Prompting C. Data matching D. Closed-loop verification

D. Closed-loop verification

Considering the potential of fraud belongs to which component of COSO's Internal Control Model? A. Control environment B. Control activities C. Information and communication D. Risk assessment

D. Risk assessment

On March 20, at 2 p.m. local time, the hard drives and master boot records of computers at three banks and two media companies in South Korea were wiped clean. The computers were then restarted, and the message "Boot device not found. Please install an operating system and then reboot the system" appeared on those computer screens. These companies were victims of what kind of computer fraud and abuse technique? A. Keylogger B. Scareware C. Trap door D. Time bomb E. Superzapping

D. Time bomb

A facility that is not only prewired for telephone and Internet access but also contains all the computing and office equipment the organization needs to perform its essential business activities is called A. a real-time mirroring site. B. a cold site. C. Virtualization. D. a hot site.

D. a hot site.

A(n) ________ helps managers to focus subordinates' attention on key strategic issues and to be more involved in their decisions. A. diagnostic control system B. boundary system C. belief system D. interactive control system

D. interactive control system

Incremental daily backups take ____ time to make than Differential daily backups, but the restoration process taken is _____. A. more, longer B. less, shorter C. more, shorter D. less, longer

D. less, longer

The process of translating complex data into easier to understand terms is called ________. A. data visualization B. data transformation C. data storytelling D. data dashboard

C. data storytelling

Software that protects confidentiality by screening outgoing documents to identify and block transmission of sensitive information is called: A. Data Loss Prevention (DLP) B. None of these are correct C. Digital Watermark D. Information Rights Management (IRM)

A. Data Loss Prevention (DLP)

Which of the following statements are true? (Check all that apply.) A. Employees can be an organization's weakest link in terms of security. B. Targeted e-mails are an example of a social engineering tactic that is called piggybacking. C. Employees should be taught how to follow security policies and why those policies exist. D. Senior management does not need security awareness training.

A. Employees can be an organization's weakest link in terms of security. C. Employees should be taught how to follow security policies and why those policies exist.

Which of the following statements is(are) true? (Check all that apply.) A. Encryption is reversible, but hashing is not. B. Encryption produces a file similar in size to the plaintext file, but hashing produces a short fixed-length file. C. Hashing produces a file similar in size to the plaintext file, but encryption produces a short fixed-length file. D. Hashing is reversible, but encryption is not.

A. Encryption is reversible, but hashing is not. B. Encryption produces a file similar in size to the plaintext file, but hashing produces a short fixed-length file.

The best place to store your private asymmetric encryption key is: A. None of these are correct B. Your digital signature C. Your browser D. Your digital certificate

A. None of these are correct

Which of the following is part of an internal environment? (Check all that apply.) A. Organizational structure B. Monitoring the achievement of management objectives C. Commitment to risk assessment and response D. Methods of assigning authority and responsibility E. Human resource standards that attract, develop, and retain competent individuals

A. Organizational structure D. Methods of assigning authority and responsibility E. Human resource standards that attract, develop, and retain competent individuals

Which type of encryption is faster? A. Symmetric B. Asymmetric

A. Symmetric

Chunhua has been building financial forecasting models for the company for several years. For each model, she saves all the data that could possibly be used in the model, even if she doesn't use all the data in her finished model. She does not document anything about the different items she has saved. When her intern, Minsuh pulls the data, she cannot understand what all the fields mean. How would Minsuh most accurately describe the data? A. The data has become a data swamp B. The data is now dark data C. The data contains metadata D. The data is not part of the data warehouse

A. The data has become a data swamp

Which of the following statements are true? (Check all that apply.) A. Virtualization significantly reduces RTO. B. All of the other three answers are true. C. Virtualization does not eliminate the need for backups. D. Virtualization cannot be used to support real-time mirroring.

A. Virtualization significantly reduces RTO. C. Virtualization does not eliminate the need for backups.

Techniques or psychological tricks are used to get people to comply with the perpetrator's wishes in order to gain physical or logical access to a building, computer, server, or network. It is usually to get the information needed to obtain confidential data is called _______________. A. social engineering B. web cramming C. Internet misinformation D. Lebanese looping

A. social engineering

Which of the following is not an example of multi-factor authentication? A. A password and a cellphone B. A passphrase and a security question C. A fingerprint and a USB device D. A 6-digit PIN and a smart card

B. A passphrase and a security question

Which of the following statements are true? (Check all that apply.) A. Customer relationship management (CRM) software includes budgets, schedules, and standard costs; reports comparing actual and planned performance; and procedures for investigating and correcting significant variances. B. Accounting systems generally consist of several subsystems, each designed to process a particular type of transaction. C. All system transactions and activities should be recorded in a log that indicates who accessed what data and when. D. Supervision is especially important in organizations without responsibility reporting or an adequate segregation of duties. E.Most mobile devices do not need to be tracked and monitored as their loss represents minimal exposure.

B. Accounting systems generally consist of several subsystems, each designed to process a particular type of transaction. C. All system transactions and activities should be recorded in a log that indicates who accessed what data and when. D. Supervision is especially important in organizations without responsibility reporting or an adequate segregation of duties.

Which of the following is an example of multi-factor authentication? A. USB device plus retina scan B. All of these are examples of multi-factor authentication C. Password plus smart card D. Voice recognition plus answer to security question

B. All of these are examples of multi-factor authentication

The organization that issues public and private keys is called a: A. VPN B. Certificate authority C. PKI

B. Certificate authority

Which activity are accountants most likely to participate in? A. Log analysis B. Continuous monitoring C. Installing and monitoring a honeypot D. Running an IDS

B. Continuous monitoring

Which component of the time-based model of security does log analysis affect? A. Protection B. Detection C. Response D. Reaction

B. Detection

Assume that the XYZ Company wants to create batch totals for a transaction file that contains payments to suppliers. Which of the following fields could be used to create a financial total? (Check all that apply.) A. Vendor number B. Discount for prompt payment C. Quantity purchased D. Check amount E. Gross amount due

B. Discount for prompt payment D. Check amount E. Gross amount due

Which statement is true? A. Encryption is sufficient to protect confidentiality and privacy. B. Encryption is necessary to protect confidentiality and privacy.

B. Encryption is necessary to protect confidentiality and privacy.

Which of the following statements is not true? A. Encryption protects the confidentiality of information while it is in storage. B. Encryption protects the confidentiality of information while it is in processing. C. Encryption protects the confidentiality of information while it is being sent over the Internet. D. Encryption does not protect information when it is displayed on a monitor or printed in a report.

B. Encryption protects the confidentiality of information while it is in processing.

Which of the following statements is(are) true? (Check all that apply.) A. An increase in the number of emergency changes is an indicator that the change management and change control process is functioning well. B. It is important to update system documentation after a change has been approved. C. Changes should be tested in a system separate from the one used for daily business processes. D. Emergency changes do not need to be documented.

B. It is important to update system documentation after a change has been approved. C. Changes should be tested in a system separate from the one used for daily business processes.

Which of the following statements are true? (Check all that apply.) A. Inherent risk is the risk that remains after management implements internal controls, or some other response, to risk. B. Management must identify and analyze risks to determine how they should be managed. C. Management must take an entity-wide view of risk. D. Residual risk is the susceptibility of a set of accounts or transactions to significantly control problems in the absence of internal control. E. Management must specify objectives clearly enough for risks to be identified and assessed.

B. Management must identify and analyze risks to determine how they should be managed. C. Management must take an entity-wide view of risk. E. Management must specify objectives clearly enough for risks to be identified and assessed.

According to internal control frameworks, which of the following principles apply to the information and communication process? (Check all that apply.) A. Make sure to compare actual inventory quantities with recorded amounts before transmitting them to external parties B. Obtain or generate relevant, high-quality information to support internal control C. Internally communicate the information necessary to support the other components of internal control D. Communicate relevant internal control matters to external parties

B. Obtain or generate relevant, high-quality information to support internal control C. Internally communicate the information necessary to support the other components of internal control D. Communicate relevant internal control matters to external parties

The FBI arrested Russian spies and accused them of encoding messages into pictures that were posted on publically accessible Web sites. To retrieve the messages, the recipients used special software to decode the messages hidden in the pixels of the pictures. The Russian spies were using which computer fraud and abuse technique? A. Man-in-the-middle B. Steganography C. Web cramming D. Masquerading E. Adware

B. Steganography

Which of the following statements are true? (Check all that apply.) A. The likelihood and impact of a risk must be considered separately. B. The objective of an internal control system is to provide reasonable assurance that events do not take place. C. The benefits of an internal control procedure are usually easier to measure than the costs. D. Some events pose a greater risk because they are more likely to occur. E. Detective controls are superior to preventive controls; neither is as good as a corrective control.

B. The objective of an internal control system is to provide reasonable assurance that events do not take place. D. Some events pose a greater risk because they are more likely to occur.

What is the objective of a penetration test? A. To correct identified weaknesses by applying updates that eliminate known vulnerabilities B. To identify where additional protections are most needed to increase the time and effort required to compromise the system C. To prevent employees from doing actions that are incompatible with their job functions D. To determine whether or not a system can be broken into

B. To identify where additional protections are most needed to increase the time and effort required to compromise the system

Which of the following statements is(are) true? A. Virtualization can either increase or decrease security, depending upon how it is implemented. B. The Internet of Things can either increase or decrease security, depending upon how it is implemented. C. All of these are correct D. Cloud computing can either increase or decrease security, depending upon how it is implemented.

C. All of these are correct

Which of the following is the final phase of the incident response process? A. Recovery from backups B. Recognition of an attack C. Analysis of the root cause of the incident

C. Analysis of the root cause of the incident

Which is the proper sequence of steps in the security life cycle? A. Develop and communicate policy, monitor performance, assess threats and select risk response, acquire and implement solutions B. Assess threats and select risk response, monitor performance, develop and communicate policy, acquire and implement solutions C. Assess threats and select risk response, develop and communicate policy, acquire and implement solutions, monitor performance D. Assess threats and select risk response, acquire and implement solutions, monitor performance, develop and communicate policy

C. Assess threats and select risk response, develop and communicate policy, acquire and implement solutions, monitor performance

_____ provides assurance that someone cannot enter into a digital transaction and then subsequently deny they had done so and refuse to fulfill their side of the contract. A. Public key infrastructure B. Certificate authority C. Digital signature D. Digital certificate

C. Digital signature

COSO's Internal Control Model has five components and 17 principles. Which of the following is(are) principle(s) of the control environment component? (Check all that apply.) A. Selecting, developing, and performing ongoing or separate evaluations of the components of internal control B. Considering the potential of fraud C. Holding individuals accountable for their internal control responsibilities in pursuit of objectives D. Commitment to integrity and ethics E. A commitment to attract, develop, and retain competent individuals in alignment with objectives

C. Holding individuals accountable for their internal control responsibilities in pursuit of objectives D. Commitment to integrity and ethics E. A commitment to attract, develop, and retain competent individuals in alignment with objectives

A "fake" or "decoy" system used to provide early warning that attackers are targeting an organization's systems is called a(n): A. IDS B. SIEM C. Honeypot D. DMZ

C. Honeypot

How do you verify a digital signature? A. If the signature you create by hashing your copy of the document or file and then encrypting that with the sender's public key matches the digital signature the sender sent to you. B. If the digital signature matches the sender's digital certificate. C. If the hash you obtain by decrypting the digital signature matches the hash you obtain by hashing your copy of that document or file.

C. If the hash you obtain by decrypting the digital signature matches the hash you obtain by hashing your copy of that document or file.

Which of the following is not a true statement about malware? A. Malware is any software that is used to do harm. B. Most malware is the result of installation or injection by a remote attacker. C. Malware is restricted to computers. D. Malware is a constant and growing concern.

C. Malware is restricted to computers.

Which of the following statements is(are) true? A. Penetration tests seldom succeed. B. Vulnerability scanning is an alternative to penetration testing. C. Penetration tests are authorized attacks. D. Penetration tests show whether it is possible to break into a system.

C. Penetration tests are authorized attacks.

The ____ represents the amount of data that an organization is willing to lose, or reenter, in the event of a disaster; the ____ represents the number of hours or days that the organization is willing to operate without its data center. A. DRP, BCP B. BCP, DRP C. RPO, RTO D. RTO, RPO

C. RPO, RTO

Which type of file is retained indefinitely? A. UPS B. RAID C. Backup D. Archive

D. Archive

Which of the following is not a key method of monitoring internal control system performance? A. Employ a computer security officer. B. Perform internal control evaluations. C. Implement a fraud hotline. D. Hire private investigators to investigate employee behavior.

D. Hire private investigators to investigate employee behavior.

Which device blocks or admits individual packets by examining information in the TCP and IP headers? A. Intrusion detection systems (IDS) B. DMZ C. Firewalls D. Intrusion prevention system (IPS)

D. Intrusion prevention system (IPS)

Which statement is true? A. Privacy is concerned with protecting an organization's intellectual property. B. Confidentiality is concerned with protecting a customer's personal information. C. Both statements are true. D. Neither statement is true.

D. Neither statement is true.

Hiring qualified personnel, segregating employee duties, and controlling physical access to assets and information are examples of what kind of internal controls? A. General controls B. Corrective controls C. Detective controls D. Preventive controls

D. Preventive controls

Check all techniques that can be used to emphasize in a visualization. A. Color B. Weighting C. Orientation D. Highlighting

A. Color B. Weighting C. Orientation D. Highlighting

Which of the following statements is(are) true? (Check all that apply.) A. A nonce is a random number. B. Blockchain uses hashing. C. A blockchain is a distributed ledger. D. Blockchains eliminate the need for audits.

A. A nonce is a random number. B. Blockchain uses hashing. C. A blockchain is a distributed ledger.

Using Robotic Process Automation is best for tasks that are ________________. A. changing B. repetitive C. complex D. interesting

B. repetitive

When discussing the amount of attention an element attracts, you are discussing _______________. A. distance B. visual weight C. ordering D. highlighting

B. visual weight

Organizations can increase the difficulty of committing fraud by all of the following except: A. Implementing strong internal controls. B. Restricting access to company assets and data. C. Maintaining adequate insurance. D. Encrypting stored and transmitted data.

C. Maintaining adequate insurance.

The text mentions four different AIS threats. Which type of threat is sabotage? A. Unintentional acts B. Software errors and equipment failures C. Intentional acts D. Natural and political disasters

C. Intentional acts

On your dream vacation to Hawaii you decide to log into the hotel's Wi-Fi network and notice that there are two networks with very similar names. You select one and are immediately connected to the network without having to enter the access code given you at check in. Weeks later you find that your identity has been stolen. You were a victim of which computer fraud and abuse technique? A. Carding B. Chipping C. Tab napping D. Evil twin E. Typosquatting

D. Evil twin

Good questions should be "SMART." Which of the SMART objectives suggests that a question should relate to the objectives of the organization or the situation under consideration? A. Measurable B. Specific C. Achievable D. Relevant

D. Relevant

An analytic that answers the question, "why did this happen?" is best described as which of the following? A. Prescriptive analytic B. Descriptive analytic C. Diagnostic analytic D. Predictive analytic

B. Descriptive analytic

Which of the following are important systems development controls? (Check all that apply.) A. A post-implementation review to determine whether anticipated benefits were achieved B. A data processing schedule that shows when each task should be performed C. A steering committee that oversees systems development D. Performance measurements used to evaluate all company employees E. A project development plan that shows the prioritization of all projects that must be completed

A. A post-implementation review to determine whether anticipated benefits were achieved B. A data processing schedule that shows when each task should be performed C. A steering committee that oversees systems development

At a local supermarket, a data analyst used video data of the parking lots to identify the times when customer carts are most often left out in the parking lot. The analyst then designed the scheduling program to schedule more employee baggers to work during the time when shopping carts are left outside. The data analyst used what type of analytics in this scenario? A. Prescriptive analytics B. Predictive analytics C. Diagnostic analytics D. Descriptive analytics

A. Prescriptive analytics

Which of the following statements is true? (Check all that apply.) A. Cost-effective controls should be implemented to reduce risk. B. In evaluating internal controls, management must consider factors other than those in the expected cost/benefit calculation. C. Risk should never be accepted, even if it is within the company's risk tolerance range. D. The benefits of implementing controls are generally easier to quantify accurately than are the costs of implementing controls.

A. Cost-effective controls should be implemented to reduce risk. B. In evaluating internal controls, management must consider factors other than those in the expected cost/benefit calculation.

The COBIT framework describes best practices for the effective governance and management of IT. It is based on five key principles of IT governance and management. Which of the following are among the five key principles? (Check all that apply.) A. Covering the enterprise end-to-end B. Coordinating multiple different frameworks C. Enabling a holistic approach D. Integrating governance and management E. Meeting stakeholders' needs

A. Covering the enterprise end-to-end C. Enabling a holistic approach E. Meeting stakeholders' needs

Which of the following actions can reduce the risk of becoming a victim of identity theft? (Check all that apply.) A. Do not place outgoing e-mail containing checks or personal information in your mailbox for pickup B. Respond to e-mails from the IRS that ask you for your social security number C. Carry your social security with you at all times D. Immediately cancel any lost or stolen credit cards

A. Do not place outgoing e-mail containing checks or personal information in your mailbox for pickup D. Immediately cancel any lost or stolen credit cards

Which of the following statements are true? (Check all that apply.) A. Employees who process transactions should verify the presence of appropriate authorizations. B. Controls are more effective when placed in a system after it is up and running. C. Systems analysts have the ultimate responsibility for selecting and implementing appropriate controls over technology. D. Throughput and response time are useful system performance measurements. E. Control activities are policies and procedures that provide reasonable assurance that risk responses are carried out.

A. Employees who process transactions should verify the presence of appropriate authorizations. D. Throughput and response time are useful system performance measurements. E. Control activities are policies and procedures that provide reasonable assurance that risk responses are carried out.

Which of the following input controls can be used to ensure the objective of processing integrity? (Check all that apply.) A. Forms design B. Turnaround documents C. Completeness check D. Cross-footing and zero-balance tests E. File labels

A. Forms design B. Turnaround documents C. Completeness check

Which of the following government regulations mandates that almost every company in the U.S. must take specific actions to protect privacy or face fines for failure to comply? (Check all that apply.) A. GDPR B. CCPA C. COSO D.GAPP

A. GDPR B. CCPA

Which of the following statements are true? (Check all that apply.) A. Ideally, the CISO should report to a member of senior management, such as the COO or CEO, rather than to the CIO. B. Organizations that have a CISO are more likely to have a well-trained CIRT. C. The CIO has responsibility that vulnerability risk assessments and security audits are periodically conducted. D. The CIO needs to work closely with the person in charge of physical security because unauthorized physical access enables an attacker to bypass logical access controls.

A. Ideally, the CISO should report to a member of senior management, such as the COO or CEO, rather than to the CIO. B. Organizations that have a CISO are more likely to have a well-trained CIRT.

Which of the following is in the correct sequence for assessing and responding to risk? A. Identify threats, estimate likelihood of risk, identify controls, estimate cost and benefits of controls B. Identify the impact of a threat, estimate cost and benefits of controls, estimate likelihood of risk, identify controls C. Estimate cost and benefits of controls, estimate likelihood of risk, identify threats, identify controls D. Identify controls, estimate cost and benefits of controls, identify threats, estimate likelihood of risk

A. Identify threats, estimate likelihood of risk, identify controls, estimate cost and benefits of controls

According to the time-based model of security, one way to increase the effectiveness is to A. Increase P B. Increase R C. Increase D D. All of these are correct

A. Increase P

Each night during the week an organization backs up just that day's transactions. This is referred to as making what kind of backup? A. Incremental B. Archival C. Differential D. Full

A. Incremental

Using spyware to record what a person types into the computer is called: A. Keylogging B. Salami technique C. Spamming D. Splogging

A. Keylogging

According to the text, which of the following are key methods of monitoring internal control system performance? (Check all that apply.) A. Track purchased software and mobile devices B. Observe employees implementing the controls C. Implement effective supervision D. Schedule periodic government inspections E. Use responsibility accounting systems

A. Track purchased software and mobile devices C. Implement effective supervision E. Use responsibility accounting systems

Check each item listed below that is part of the process for transforming data. A. Validate data quality and verify data meets data requirements B. Standardize, structure, and clean the data C. Document the transformation process D. Understand the data and the desired outcome

A. Validate data quality and verify data meets data requirements B. Standardize, structure, and clean the data C. Document the transformation process D. Understand the data and the desired outcome

Jake Malone is running an online business that specialized in buying and reselling stolen credit card information. Jake is engaging in _______________. A. carding B. typosquatting C. pharming D. phishing

A. carding

The unauthorized use of someone's personal information is referred to as A. identity theft. B. opt-in. C. opt-out. D. data masking.

A. identity theft.

If the time an attacker takes to break through the organization's preventive controls is shorter than the sum of the time required for the organization to detect the attack and the time required to respond to the attack, then organization's security is considered A. ineffective. B. efficient. C. effective. D. inefficient.

A. ineffective.

A website has a checkbox that states, "Click here if you do NOT want the AJAX company to share your information with third parties and send you offers that you might be interested in" is following the choice and consent practice known as A. opt-out. B. right to be forgotten. C. opt-in.

A. opt-out.

The Trust Services Reliability Principle that states, "access to the system and its data is controlled and restricted to legitimate users," is known as A. security. B. privacy. C. confidentiality. D. processing integrity.

A. security.

Which of the following statements is(are) true? (Check all that apply.) A. Asymmetric encryption is faster than symmetric encryption. B. Asymmetric encryption systems use two keys (public and private) C. Symmetric encryption systems use two keys (public and private). D. Symmetric encryption is faster than asymmetric encryption.

B. Asymmetric encryption systems use two keys (public and private) D. Symmetric encryption is faster than asymmetric encryption.

To achieve proper segregation of systems duties, which of the following system functions should be separated from the other system functions? (Check all that apply.) A. Internal auditing B. Authorization C. Users D. Data entry E. Management

B. Authorization C. Users D. Data entry E. Management

Internal controls are the processes implemented to provide reasonable assurance that the following control objectives are achieved. (Check all that apply.) A. Prevent fraud and errors regardless of its impact on operational efficiency B. Comply with applicable laws and regulations C. Provide accurate and reliable information D. Safeguard assets E. Ensure that all employees are happy so that fraud and errors are minimized

B. Comply with applicable laws and regulations C. Provide accurate and reliable information D. Safeguard assets

Most websites provide information about what data is being collected, how it will be used, and why it is being collected. Websites provide this information in order to satisfy which GAPP principle? A. Collection B. Notice C. Use, retention, and disposal D. Choice and consent

B. Notice

Communications that request recipients to disclose confidential information by responding to an e-mail or visiting a website is called: A. Dictionary attacking B. Phishing C. Hijacking D. Cross-site scripting

B. Phishing

Which option is appropriate for an organization, like an airline, that cannot tolerate any downtime or any loss of data? A. Any of the three choices is appropriate. B. Real-time mirroring C. Cold site D. Hot site

B. Real-time mirroring

One way to improve the efficiency and effectiveness of log analysis is to use a(n): A. Intrusion Detection System (IDS) B. SIEM C. DMZ D. None of these are correct

B. SIEM

Which of the following are basic principles upon which the ERM is built? (Check all that apply.) A. Each employee must decide for himself how much uncertainty he will accept as he creates value. B. Uncertainty results in the possibility that something can positively affect the company's ability to create value. C. The ERM framework can manage uncertainty, but not the ability to create value. D. Uncertainty results in the possibility that something can negatively affect the company's ability to create value. E. Companies are formed to create value for management and the government.

B. Uncertainty results in the possibility that something can positively affect the company's ability to create value. D. Uncertainty results in the possibility that something can negatively affect the company's ability to create value.

The examination of the relationships between different sets of data is called A. comparison of actual quantities with recorded amounts. B. analytical reviews. C. top-level reviews. D. reconciliation of independently maintained records.

B. analytical reviews.

A good relationship between the information security and internal audit functions is important because it A. increases security-related material internal control weaknesses. B. improves the ability to detect serious issues involving employee noncompliance with security policies. C. eliminates security incidents. D. increases top management support for information security.

B. improves the ability to detect serious issues involving employee noncompliance with security policies.

Asking the right questions involves questions that are ____________. A. motivated B. measurable C. mindful D. macro (big picture) oriented

B. measurable

A 17-year-old broke into the Bell Laboratories network, destroyed files, copied 52 proprietary software programs, and published confidential information on underground bulletin boards. Which computer fraud and abuse technique is this? A. Botnet attack B. Hacking attack C. Spamming attack D. Dictionary attack E. Denial of service attack

B.Hacking attack

Which of the following are ways that companies endorse integrity? (Check all that apply.) A. Implementing aggressive sales practices and handsomely rewarding those who achieve them and not giving bonuses to those who underachieve B. Actively making employees aware that favorable outcomes and reports are more important than almost anything else C. Making a commitment to competence, and hiring employees with the necessary knowledge, experience, training, and skills D. Consistently rewarding achievements and giving verbal labels to both high and low producers E. Developing a written code of conduct that explicitly describes honest and dishonest behaviors

C. Making a commitment to competence, and hiring employees with the necessary knowledge, experience, training, and skills E. Developing a written code of conduct that explicitly describes honest and dishonest behaviors

Which of following action(s) must an organization take to preserve the confidentiality of sensitive information? A. Create a digital signature of that information B. Implement a blockchain C. Train employees to properly handle information D. All of these are correct.

C. Train employees to properly handle information

Running multiple systems (e.g., Windows, Unix, and Mac) on a single physical machine is referred to as: A. Internet of Things B. Cloud Computing C. Virtualization D. None of these are correct

C. Virtualization

An analysis of the current profitability of a product line such as Cost-Volume-Profit (CVP) analysis is an example of ____________ analytics. A. predictive B. prescriptive C. descriptive D. diagnostic

C. descriptive

Testing a hypothesis is an example of ___________ analytics. A. prescriptive B. descriptive C. diagnostic D. predictive

C. diagnostic

The lever of control that describes how a company creates value and helps employees understand management's vision is called a A. interactive control system. B. boundary system. C. diagnostic control system. D. belief system.

D. belief system.

Sending an unsolicited message to many people at the same time is called _______________. A. posing B. podslurping C. spamming D. tabnapping

C. spamming

Which of the following is an example of output fraud? A. An employee at the Veteran's Memorial Coliseum sold customers full-price tickets, entered them as half-price tickets, and pocketed the difference. B. The office manager of a Wall Street law firm sold information to friends and relatives about prospective mergers and acquisitions found in Word files. They made several million dollars trading the securities. C. An insurance company installed software to detect abnormal system activity and found that employees were using company computers to run an illegal gambling website. D. A fraud perpetrator scanned a company paycheck, used desktop publishing software to erase the payee and amount, and printed fictitious paychecks.

D. A fraud perpetrator scanned a company paycheck, used desktop publishing software to erase the payee and amount, and printed fictitious paychecks.

Which of the following factor(s) should be considered when determining the strength of any encryption system? A. Encryption algorithm B. Policies for managing the cryptographic keys C. Key length D. All of these are correct

D. All of these are correct

A hacker was able to break into the system that transmitted the daily transactions of a retail store to the company's central office. Every night for several weeks he copied the transaction data that included customer names, credit card numbers, and other confidential data. Hundreds of thousands of customers were affected. This is an example of what type of fraud? A. Computer instruction fraud B. Processor fraud C. Input fraud D. Data fraud E. Output fraud

D. Data fraud

Software that is embedded in documents or files that contain confidential information to indicate who owns that information is called A. None of these are correct B. Data Loss Prevention (DLP) C. Information Rights Management (IRM) D. Digital Watermark

D. Digital Watermark

According to EY, which of the following techniques should be developed to an "Awareness" level? A. Forecasting, aggregation B. Cluster analysis, inferential statistics C. Querying, regression D. Neural networks, artificial intelligence

D. Neural networks, artificial intelligence

Which of the following Generally Accepted Privacy Principles addresses the "right to be forgotten"? A. Access B. Choice and consent C. Collection D. Use, retention, and disposal

D. Use, retention, and disposal

Replacing sensitive personal information with fake data is called A. information rights management. B. encryption. C. nonrepudiation. D. data masking.

D. data masking.

A hijacker placing himself between a client and a host to intercept network traffic is called _______________. A. phreaking B. torpedo software C. SQL injection D. man-in-the-middle

D. man-in-the-middle

A batch total that is computed by adding up the invoice numbers in a set of sales invoices is called a A. financial total. B. record count. C. checksum. D. hash total.

D. hash total.

An attack between the time a new software vulnerability is discovered and the time a software developer releases a patch that fixes the problem is called A. SQL injection attack. B. hijacking. C. buffer overflow attack. D. zero-day attack.

D. zero-day attack.

Spoofing is making an electronic communication look like it came from someone other than the actual sender. Which of the following is not one of the types of spoofing mentioned in the text? A. IP address spoofing B. Web page spoofing C. E-mail spoofing D. Caller ID spoofing E. Identity theft spoofing

E. Identity theft spoofing

Which of the following is an effective data entry control to ensure that overtime hours should be zero for someone who has not worked the maximum number of regular hours in a pay period? A. A reasonableness check B. A limit check C. A validity check D. A range check

A. A reasonableness check

Which of the following statements about virtualization and cloud computing is(are) true? A. All of these are correct B. Strong user access controls are important C. Perimeter protection techniques (e.g., firewalls, IDS, and IPS) are important D. The time-based model of security applies

A. All of these are correct

Combining a password with which of the following is an example of multi-modal authentication? A. All of these are examples of multi-modal authentication B. Your e-mail address C. Correctly identifying a picture you had selected when you set up the account D. Name of your first-grade teacher

A. All of these are examples of multi-modal authentication

A rationalization allows a person to convince him or herself that his or her actions are not illegal or dishonest. There are several different types of rationalizations: (Check all that apply.) A. An attitude, such as "the rules do not apply to me" B. A justification, such as "I am underpaid, so they owe it to me" C. A lack of personal integrity that makes what a person wants more important than acting honestly D. A mental defect that makes a person think that they own the item that they took

A. An attitude, such as "the rules do not apply to me" B. A justification, such as "I am underpaid, so they owe it to me" C. A lack of personal integrity that makes what a person wants more important than acting honestly

For most first-time fraud perpetrators, three conditions are present when fraud occurs. These include: (Check all that apply.) A. An opportunity B. A criminal mindset C. A rationalization that allows a perpetrator to justify the illegal behavior D. The inability to distinguish between right and wrong E. A pressure, incentive, or motivation

A. An opportunity C. A rationalization that allows a perpetrator to justify the illegal behavior E. A pressure, incentive, or motivation

Which of the following is not a SOX requirement? A. Auditors must maintain an audit trail that documents all client-auditor communications. B. Audit committee members must be on the company's board of directors and be independent of the company. C. The CEO must certify that financial statements were reviewed by management and are not misleading. D. Auditors must report specific information to the company's audit committee.

A. Auditors must maintain an audit trail that documents all client-auditor communications.

Terrorist attacks are considered which type of threat? A. Natural and political disasters B. Intentional acts C. Software errors and equipment failures D. Unintentional acts

A. Natural and political disasters

If analytics are performed well, it is certain that ____________________________. A. None of these are necessarily certain. B. high-quality judgments will follow. C. efficiency will be gained. D. fraud will be reduced.

A. None of these are necessarily certain.

COBIT consolidates control standards from many different sources into a single framework that allows which of the following? (Check all that apply.) A. Auditors to substantiate their internal control opinions and to advise on IT security and control matters B. Users to be assured that adequate IT security and controls exist C. Management to benchmark security and control practices of IT environments D. Governmental agencies to be assured that all information produced by the IT system is free from any errors or fraud

A. Auditors to substantiate their internal control opinions and to advise on IT security and control matters B. Users to be assured that adequate IT security and controls exist C. Management to benchmark security and control practices of IT environments

Effective segregation of accounting duties is achieved when which of the following functions are separated? (Check all that apply.) A. Authorization of transactions and decisions B. Custody of cash and other assets C. Managing information systems D. Recording transactions and preparing documents and reports E. Supervision of accounting duties and processes

A. Authorization of transactions and decisions B. Custody of cash and other assets D. Recording transactions and preparing documents and reports

Which of the following are part of an internal environment? (Check all that apply.) A. Commitment to integrity, ethical values, and competence B. Management's philosophy, operating style, and risk appetite C. Principles of value creation D. Internal control oversight by the board of directors E. Effective management to auditor communication

A. Commitment to integrity, ethical values, and competence B. Management's philosophy, operating style, and risk appetite D. Internal control oversight by the board of directors

Which of the following statements are true? (Check all that apply.) A. Finding changes in log records is an indication that a system has been compromised. B. The goal of log analysis is to determine the reasons for events such as a failed login attempt. C. Log analysis should be done once a year. D. Log analysis can be automated by installing a SIEM.

A. Finding changes in log records is an indication that a system has been compromised. B. The goal of log analysis is to determine the reasons for events such as a failed login attempt.

Which of the following statements is true with respect to a company's control environment? (Check all that apply.) A. Management should assign authority and responsibility for goals and objectives to departments and individuals and hold them accountable for achieving them. B. An involved board of directors represents shareholders and provides an independent review of management that acts as a check and balance on their actions. C. One of the greatest control strengths is the dishonesty of employees; one of the greatest control weaknesses is the honesty of employees. D. An overly complex or unclear organizational structure is not an indication of possible serious problems in an organization.

A. Management should assign authority and responsibility for goals and objectives to departments and individuals and hold them accountable for achieving them. B. An involved board of directors represents shareholders and provides an independent review of management that acts as a check and balance on their actions.

Which of the following are Human Resources standards that attract, develop, and retain competent employees? (Check all that apply.) A. Rotate employee duties periodically, and require all employees to take an annual vacation B. Train new employees on their responsibilities, expected levels of performance and behavior, and the company's policies and procedures C. Evaluate, compensate, and promote employees based more on subjective criteria than performance D. Hire employees based on educational background, experience, achievements, integrity, and meeting written job requirements E. Give dismissed employees weeks to find a new job before they have to leave

A. Rotate employee duties periodically, and require all employees to take an annual vacation B. Train new employees on their responsibilities, expected levels of performance and behavior, and the company's policies and procedures D. Hire employees based on educational background, experience, achievements, integrity, and meeting written job requirements

What is the name of the law that Congress passed to prevent financial statement fraud, make financial reports more transparent, protect investors, strengthen internal controls, and punish executives who perpetrate fraud? A. Sarbanes Oxley Act B. COSO Internal Control Act C. COSO ERM Act D. COBIT Act E. Foreign Corrupt Practices Act

A. Sarbanes Oxley Act

Which of the following are characteristics of a well-designed and effectively functioning change management and change control process? (Check all that apply.) A. Senior management review and approval of major changes. B. Development of "backout" plans in the event a change creates unexpected problems. C. Conversion controls to ensure that data is completely and accurately transferred to the new system. D. Monitoring of how changes affect segregation of duties.

A. Senior management review and approval of major changes. B. Development of "backout" plans in the event a change creates unexpected problems. C. Conversion controls to ensure that data is completely and accurately transferred to the new system. D. Monitoring of how changes affect segregation of duties.

According to the text, management can respond to risk in which of the following ways? (Check all that apply.) A. Share it or transfer it to someone else B. Avoid it by not engaging in the activity that produces the risk C. Accept its likelihood and impact D. Reduce its likelihood and impact E. Examine its likelihood and impact

A. Share it or transfer it to someone else B. Avoid it by not engaging in the activity that produces the risk C. Accept its likelihood and impact D. Reduce its likelihood and impact

A company's organizational structure provides a framework for planning, executing, controlling, and monitoring operations. Which of the following are important aspects of the organizational structure? (Check all that apply.) A. Size and nature of company activities. B. Organization by industry, product line, location, or marketing network. C. Centralization or decentralization of authority. D. The technology needed to meet information requirements

A. Size and nature of company activities. B. Organization by industry, product line, location, or marketing network. C. Centralization or decentralization of authority.

After visiting a large number of Web sites to complete your research for a lengthy research paper, your computer begins to act up. Your CPU is running much slower, your software frequently crashes, and you have difficulty connecting to the Internet. You have most likely become a victim of what type of malware? A. Spyware B. Scareware C. Ransomware D. Steganography E. Logic bomb

A. Spyware

Which of the following statements are true? (Check all that apply.) A. The CIRT should include technical specialists. B. None of these are correct C. The CIRT should include members of senior management. D. Members of the CIRT must have multiple methods of communicating with one another (e.g., e-mail, landlines, cellphones, etc.).

A. The CIRT should include technical specialists. C. The CIRT should include members of senior management. D. Members of the CIRT must have multiple methods of communicating with one another (e.g., e-mail, landlines, cellphones, etc.).

Which of the following statements are true? A. The IoT provides the opportunity to enhance physical access controls by providing real-time monitoring of employee and visitor movements throughout the office building. B. Virtualization reduces the need for timely patch management. C. The cloud, virtualization, and the IoT eliminate the need for a CIRT. D. Moving systems to the cloud eliminates the need for antimalware software.

A. The IoT provides the opportunity to enhance physical access controls by providing real-time monitoring of employee and visitor movements throughout the office building.

Which of the following statements is true? (Check all that apply.) A. The authorization process controls what actions (e.g, print, create, delete, etc.) an employee can perform, whereas the authentication process determines whether to grant an employee access to the system. B. Length (number of characters) is more important than complexity (number of different types of characters) in determining the strength of a password or passphrase. C. Complexity (number of different types of characters) is more important than length (number of characters) in determining the strength of a password or passphrase. D. The authentication process controls what actions (e.g, print, create, delete, etc.) an employee can perform, whereas the authorization process determines whether to grant an employee access to the system.

A. The authorization process controls what actions (e.g, print, create, delete, etc.) an employee can perform, whereas the authentication process determines whether to grant an employee access to the system. B. Length (number of characters) is more important than complexity (number of different types of characters) in determining the strength of a password or passphrase.

Which of the following statements is(are) true? (Check all that apply.) A. Virtualization increases the risk associated with unsupervised physical access. B. The Internet of Things reduces the number of points of attack against an organization's information system. C. A Type 2 SOC 2 report provides information about the effectiveness of a cloud provider's information security controls. D. Cloud file-sharing services can distribute malware.

A. Virtualization increases the risk associated with unsupervised physical access. C. A Type 2 SOC 2 report provides information about the effectiveness of a cloud provider's information security controls. D. Cloud file-sharing services can distribute malware.

Which of the following statements is true? A. Routers should be configured to perform deep packet inspection. B. A DMZ is a separate network located outside the organization's internal information system. C. Firewalls protect a network by looking for patterns in incoming traffic to identify and automatically block attacks. D. A firewall that inspects the data portion of a TCP packet is performing a process referred to as packet-filtering.

B. A DMZ is a separate network located outside the organization's internal information system.

Legally, for an act to be fraudulent there must be: (Check all that apply.) A. An injury or loss suffered by the perpetrator B. A false statement, representation, or disclosure C. A material fact that induces a person to act D. An intent to do bodily harm to the victim E. A justifiable reliance, where a person relies on a misrepresentation to take an action

B. A false statement, representation, or disclosure C. A material fact that induces a person to act E. A justifiable reliance, where a person relies on a misrepresentation to take an action

Which of the following can be used to create a digital signature? A. Blockchain B. Asymmetric encryption system C. Symmetric encryption system D. Virtual private network

B. Asymmetric encryption system

Jane needs to create a data dashboard for each employee showing their performance during the last quarter. To build this dashboard, she must download data from a system, reformat it, upload it to a new system, and then build a visualization. To do this, Jane uses a program to automatically do all of these steps. What Jane built is an example of which of the following? A. Data storytelling B. Automation C. Descriptive Analytic D. Diagnostic Analytic

B. Automation

A programmer at a large bank inserted code into the company's computer system that told the computer to not only ignore any overdrafts on his accounts, but to not charge his accounts any late or service fees. This is an example of what type of fraud? A. Input fraud B. Computer instruction fraud C. Data fraud D. Output fraud E. Processor fraud

B. Computer instruction fraud

Which of the following statements is(are) true? (Check all that apply.) A. A CIRT can improve the time-based model of security by increasing the value of R. B. Creating the position of CISO is one way to satisfy the time-based model of security by reducing the value of R. C. Creating the position of CISO is one way to satisfy the time-based model of security by increasing the value of R. D. A CIRT can improve the time-based model of security by reducing the value of R.

B. Creating the position of CISO is one way to satisfy the time-based model of security by reducing the value of R. D. A CIRT can improve the time-based model of security by reducing the value of R.

Which of the following are true statements? (Check all that apply.) A. People witnessing fraudulent behavior are eager and willing to report fraud perpetrators. B. Fraudsters follow distinct patterns and leave clues behind that can be discovered by fraud detection software. C. Virtually all calls to fraud hotlines are worthy of investigation. D. Some whistle-blowers have been ostracized, persecuted, or suffered damage to their careers. E. Neural networks and other programs with learning capabilities are still not able to accurately identify fraud.

B. Fraudsters follow distinct patterns and leave clues behind that can be discovered by fraud detection software. D. Some whistle-blowers have been ostracized, persecuted, or suffered damage to their careers.

Which of the following statements is(are) true? (Check all that apply.) A. Good change management and change control eliminates the need for penetration tests. B. Good change management and change control results in better operating performance by reducing the number of problems that need to be fixed. C. Good change management and change control reduces the costs incurred when a security incident happens. D. Good change management and change control increases the number of "emergency" changes needed.

B. Good change management and change control results in better operating performance by reducing the number of problems that need to be fixed. C. Good change management and change control reduces the costs incurred when a security incident happens.

The time-based model of security posits that security is effective when the following equation is satisfied: A. P < D + R B. P > D + R C. P = D + R D. None of these are correct.

B. P > D + R

Which of the following is an example of multi-modal authentication? A. Smart card plus fingerprint scan B. Passphrase plus answer to a security question C. PIN plus ATM card D. All of these are examples of multi-modal authentication

B. Passphrase plus answer to a security question

Before becoming the CEO, Kurt designed a new toy for the company. Although the sales of the new toy are the same as other toys in the company, the CEO gives employees in the new toy division a reward and bonus. The CEO is likely showing what? A. A data analysis error B. Correlation can be causation C. A confirmation bias D. A data sharing error

C. A confirmation bias

What is the definition of a question that is measurable? A. A question that should be able to be answered and the answer should cause a decision maker to act. B. A question that is direct and focused to produce a meaningful answer. C. A question that is amenable to data analysis: the inputs are measurable with data. D. A question that has a defined time horizon for answering.

C. A question that is amenable to data analysis: the inputs are measurable with data.

The day after you downloaded a new game on your laptop from a free software site, pop-up ads begin to appear on your computer, even though your browser says that pop-up ads are being blocked. You also occasionally find your web browser jumping to Web sites you did not ask it to display. You have most likely become a victim of what type of malware? A. Packet sniffer B. Bluebugging C. Adware D. Trap door E. Superzapping

C. Adware

Which of the following is true? A. Network access controls (e.g., firewalls, IPS, and IDS) should be employed both in the cloud and in virtualized systems. B. The Cloud and virtualization increase the risk associated with unsupervised physical access. C. All of these are correct D. Multifactor authentication is necessary for controlling access to virtualized systems.

C. All of these are correct

Which of the following is an example of how a fraud perpetrator would rationalize his actions? A. Sense of dissatisfaction against the company. B. The need to have additional funds to pay for a gambling addiction. C. Belief that no one is going to be harmed. D. There is a lack of internal control in the organization.

C. Belief that no one is going to be harmed.

Which step should happen first as part of the incident response process? A. Containment of the problem by the incident response team B. Analysis of the root cause of the incident C. Recognition of an attack D. Recovery from backups

C. Recognition of an attack

Which of the following is designed to prevent an attacker from executing a buffer overflow attack by submitting lengthy attack code into the address field on a website form? A. Field check B. Limit check C. Size check D. Reasonableness test

C. Size check

The amount of risk a company is willing to accept in order to achieve its goals and objectives is called A. risk management. B. risk tolerance. C. risk appetite. D. risk acceptance.

C. risk appetite.

Which of the following helps protect you from identity theft? A. Shred all paper documents that contain personal information before disposal B. Encrypt all e-mail that contains personal information C. Monitor your credit reports regularly D. All of the actions listed here help protect you from identity theft

D. All of the actions listed here help protect you from identity theft

Which of the following will make fraud and errors less likely to occur? (Check all that apply.) A. Develop anti-fraud policies that clearly set forth the expectation for honest and ethical behavior B. Create an organizational culture that stresses integrity and commitment to ethical values and competence C. Effectively supervise employees and monitor their performance D. Develop a comprehensive business continuity plan

A. Develop anti-fraud policies that clearly set forth the expectation for honest and ethical behavior B. Create an organizational culture that stresses integrity and commitment to ethical values and competence C. Effectively supervise employees and monitor their performance

Which of the following statements about data analytics is true? (Check all that apply.) A. Fraud is often detected by identifying trends, patterns, anomalies, and exceptions within data. B. Detecting and preventing fraud is an easy task. C. New technologies provide perpetrators with new ways to perpetrate fraud. D. To use data analytics effectively, investigators must understand the analytics tool used, the organization's business, and the data.

A. Fraud is often detected by identifying trends, patterns, anomalies, and exceptions within data. C. New technologies provide perpetrators with new ways to perpetrate fraud. D. To use data analytics effectively, investigators must understand the analytics tool used, the organization's business, and the data.

A woman sent her company fictitious medical bills from doctors who did not exist. The bills were processed in the normal way by her employer, and payments went to her husband's office address. She bilked her company out of millions of dollars. This is an example of what type of fraud? A. Input fraud B. Computer instruction fraud C. Data fraud D. Output fraud E. Processor fraud

A. Input fraud

Which of the following statements are true? (Check all that apply.) A. Misappropriation of assets is the theft of company assets by employees. B. Investment fraud is dishonest conduct, such as bribery and bid rigging, by those in power that often involves illegitimate or immoral actions. C. Fraudulent financial reporting is intentional or reckless conduct that results in materially misleading financial statements. D. Corruption is misrepresenting or leaving out facts in order to promote an investment that promises fantastic profits with little or no risk.

A. Misappropriation of assets is the theft of company assets by employees. C. Fraudulent financial reporting is intentional or reckless conduct that results in materially misleading financial statements.

According to the EY Foundation, over which data analytic techniques should accountants gain mastery? A. Querying, trends, forecasting B. Cluster analysis, inferential statistics C. Correlation, regression D. Data mining, artificial intelligence

A. Querying, trends, forecasting

Check the likely benefits of using robotic process automation among the four options below. A. RPA will make fewer mistakes for rules based tasks than a human. B. RPA is better adapting to changing environments than a human. C. RPA performs tasks faster than a human. D. RPA can do more cognitively challenging tasks than a human.

A. RPA will make fewer mistakes for rules based tasks than a human. C. RPA performs tasks faster than a human.

Check each option below that demonstrates when data analytics may not be the correct tool for making a decision. A. When making an ethical decision B. When decisions must be accurate C. When something is very difficult to measure, such as emotions D. When there is a long history of reliable data

A. When making an ethical decision C. When something is very difficult to measure, such as emotions

Computer software that can be programmed to automatically perform tasks across applications just as human workers do is called _______. A. robotic process automation (RPA) software B. big data software C. ETL software D. analytics software

A. robotic process automation (RPA) software

In a hurry to catch a train, a man in Grand Central Station made a quick ATM stop to withdraw $40. Before he went to bed, he checked his bank account and found his $40 withdrawal, as well as five additional withdrawals, for a total of $700, all made within a minute of his. This man was most likely a victim of _______________. A. shoulder surfing B. carding C. eavesdropping D. chipping E. scavenging

A. shoulder surfing

Computer systems are particularly vulnerable to fraud for the following reasons: (Check all that apply.) A. Few companies design controls into their computer systems B. It is difficult to control physical access to each electronic device that accesses a network C. Most employees and suppliers with access to a computer system will eventually perpetrate a computer fraud, irrespective of the strength of the Internal controls D. Perpetrators who break into corporate databases can steal or destroy massive amounts of data in very little time, often leaving little evidence E. Computer programs need to be illegally modified only once, in order for them to operate improperly for as long as they are in use

B. It is difficult to control physical access to each electronic device that accesses a network D. Perpetrators who break into corporate databases can steal or destroy massive amounts of data in very little time, often leaving little evidence E. Computer programs need to be illegally modified only once, in order for them to operate improperly for as long as they are in use

A company has collected performance data (machine movements, units produced, quality measures) from a production machine for several months. Each day the company has increased speed by 0.05 percent. The company plans on building a model to estimate the machine's quality measures assuming an additional 2% increase in machine speed. Which type of analytic will be performed? A. Diagnostic B. Predictive C. Descriptive D. Prescriptive

B. Predictive

You overhear the CFO and the treasurer talking about a cash flow training dataset. You are confident that they are talking about performing which type of analytic? A. Descriptive B. Predictive C. Diagnostic D. Prescriptive

B. Predictive

Indicate which option orders the type of analytic from the one that provides the most value added to an organization to the least value added to the organization. A. Predictive, prescriptive, descriptive, diagnostic B. Prescriptive, predictive, diagnostic, descriptive C. Prescriptive, predictive, descriptive, diagnostic D. Predictive, prescriptive, diagnostic, descriptive

B. Prescriptive, predictive, diagnostic, descriptive

Which of the following statements are true with respect to asset misappropriation? (Check all that apply.) A. Rarely do fraud perpetrators adopt a more lavish lifestyle that requires even greater amounts of money. B. Since few perpetrators voluntarily stop their frauds, there are no small frauds—only large ones that are detected early. C. The sheer magnitude of some frauds leads to their detection. D. A significant contributor to most misappropriations is the absence of internal controls and/or the failure to enforce existing internal controls. E. Few misappropriation frauds are self-perpetuating; that is, they do not require the perpetrator to continue the fraud scheme to avoid detection.

B. Since few perpetrators voluntarily stop their frauds, there are no small frauds—only large ones that are detected early. C. The sheer magnitude of some frauds leads to their detection. D. A significant contributor to most misappropriations is the absence of internal controls and/or the failure to enforce existing internal controls.

Which of the following is not an example of asset misappropriation? A. The president of the company utilizes the organization's cash to pay for her overseas vacation. B. The controller of the company falsely adds $50 million to accounts receivable. C. A warehouse employee takes home five boxes of iPhones without authorization. D. The treasurer of the company makes an unauthorized wire transfer from the organization's bank to a personal account.

B. The controller of the company falsely adds $50 million to accounts receivable.

____________ is a process of changing data into a format that another program can use. A. Delimiting B. Transforming C. Visualizing D. Cleaning

B. Transforming

You are tasked with representing how much of total product sales is represented by each of four product lines. Which viz is most appropriate? A. Area chart B. Treemap C. Bullet chart D. Bar chart

B. Treemap

Logic errors is an example of what type of AIS threat? A. Natural and political disasters B. Unintentional acts C. Intentional acts D. Software errors and equipment malfunctions

B. Unintentional acts

Fraudsters take advantage of which of the following human traits to entice a person to reveal information or take a specific action? (Check all that apply.) A. Fear B. Urgency C. Trust D. Vanity E. Compassion

B. Urgency C. Trust D. Vanity E. Compassion

A delimiter is _________. A. a data element that allows large text sizes B. a data element that separates field values C. a data element used in the data dictionary D. a data element that identifies numeric values

B. a data element that separates field values

Which of the following is the best example of correlation not being the same as causation? A. After a poorly performing quarter, a company sends out coupons in the mail and sees an increase in sales. The company concludes that sending coupons causes sales to increase. B. A company pays sales employees more for each sale and each employee starts selling more goods. The company concludes that paying employees more for a sale causes employees to sell more items. C. During an economic downturn, a company changes its computer policy to only allow purchases of windows-based laptops and see profits go down. The company concludes that windows-based laptops cause profits to go down. D. A company redesigns a production process and afterwards it takes less time to produce products. The company concludes that redesigning processes causes production efficiency gains.

C. During an economic downturn, a company changes its computer policy to only allow purchases of windows-based laptops and see profits go down. The company concludes that windows-based laptops cause profits to go down.

What do the letters in the acronym ETL stand for? A. Enrich, Transform, and Load B. Extract, Transcribe, and Launch C. Extract, Transform, and Load D. Enrich, Transcribe, and Launch

C. Extract, Transform, and Load

A data owner sends you an e-mail with a file to prepare for analysis. The file contains data from multiple database tables all merged into a single file. There are multiple fields in the file each separated by a "~" symbol. For fields that contain large amounts of text, the file contains a "+" at the beginning and end of the text field. Indicate which of the following best describes (1) the type of file the data owner sent, (2), what the "+" is called, and (3) what the "~" is called. A. Flat file, delimiter, text qualifier B. Relational database file, text qualifier, delimiter C. Flat file, text qualifier, delimiter D. Relational database file, delimiter, text qualifier

C. Flat file, text qualifier, delimiter

Misappropriation of assets is an example of what type of accounting information threat? A. Unintentional acts B. Software errors and equipment malfunctions C. Intentional acts D. Natural and political disasters

C. Intentional acts

Which of the following statements are true with respect to fraudulent financial reporting? (Check all that apply.) A. Auditors and management are just as concerned with misappropriations as they are with fraudulent financial reporting. B. The ACFE found that fraudulent financial reporting is as much as 17 times more likely than asset misappropriation. C. Management falsifies financial statements in order to deceive investors and creditors, increase a company's stock price, meet cash flow needs, or hide company losses and problems. D. Frequent "cook the books" schemes involve fictitiously inflating revenues, recognizing revenues before they are earned, delaying expenses to a later period, overstating inventories, and concealing liabilities.

C. Management falsifies financial statements in order to deceive investors and creditors, increase a company's stock price, meet cash flow needs, or hide company losses and problems. D. Frequent "cook the books" schemes involve fictitiously inflating revenues, recognizing revenues before they are earned, delaying expenses to a later period, overstating inventories, and concealing liabilities.

Check each example of structured data in the list below. A. HTML website data saved on the company's website B. Photographs of all employees saved in the human resource database C. Phone numbers of employees saved in a database D. Customer addresses saved in a customer relation database

C. Phone numbers of employees saved in a database D. Customer addresses saved in a customer relation database

An analytic that answers the question, "what might happen in the future?" is best described as which of the following? A. Descriptive analytic B. Diagnostic analytic C. Predictive analytic D. Prescriptive analytic

C. Predictive analytic

In the movie "Identity Thief," Melissa McCarthy used an invented scenario to get the name and other identifying information of Jason Bateman, enabling her to steal his identity. Which computer fraud and abuse technique did she use? A. Phishing B. Piggybacking C. Pretexting D. Posing E. Pharming

C. Pretexting

Employees at a large brokerage house used their employer's computer system to run a large and lucrative side business that their employer knew nothing about. This is an example of what type of fraud? A. Input fraud B. Data fraud C. Processor fraud D. Output fraud E. Computer instruction fraud

C. Processor fraud

Which of the following statements are true about fraud perpetrators? (Check all that apply.) A. Most first-time, unprosecuted fraud perpetrators never commit another fraud. B. Most white-collar criminals have a previous criminal record; and they were honest and respected members of their community. C. Researchers found few psychological and demographic differences between white-collar criminals and the public. D. Researchers found significant psychological and demographic differences between violent and white-collar criminals.

C. Researchers found few psychological and demographic differences between white-collar criminals and the public. D. Researchers found significant psychological and demographic differences between violent and white-collar criminals.

Power outages and fluctuations can result in which type of threat? A. Intentional acts B. Natural and political disasters C. Software errors and equipment failures D. Unintentional acts

C. Software errors and equipment failures

Which of the following statements are true? (Check all that apply.) A. Small businesses are less vulnerable to fraud than large companies because small companies typically have more effective internal controls than larger companies. B. Fraud perpetrators are often referred to as blue-collar criminals. C. The controls used to protect corporate assets make it more difficult for an outsider to steal from a company. D. A typical organization loses 5% of its annual revenue to fraud, indicating yearly global fraud losses of over $3.7 trillion. E. Most fraud perpetrators are knowledgeable insiders with the requisite access, skills, and resources.

C. The controls used to protect corporate assets make it more difficult for an outsider to steal from a company. D. A typical organization loses 5% of its annual revenue to fraud, indicating yearly global fraud losses of over $3.7 trillion. E. Most fraud perpetrators are knowledgeable insiders with the requisite access, skills, and resources.

Threats that arise from human carelessness, failure to follow established procedures, and poorly supervised personnel are which type of threat? A. Natural and political disasters B. Software errors and equipment failures C. Unintentional acts D. Intentional acts

C. Unintentional acts

Asking the right questions is the first step of an analytics mindset. Which of the following is not part of the analytics mindset as defined by the accounting firm EY? A. Interpret and share the results with stakeholders B. Apply appropriate data analytic techniques C. Exercise professional skepticism when using data D. Extract, transform, and load relevant data

C.,Exercise professional skepticism when using data