ADV Sample Question - split 2 PDF
Document Details
Uploaded by BrighterPolarBear774
Tags
Summary
This document contains a set of sample questions, likely from a practice exam or past paper. The questions cover topics including forensic accounting, Excel features, formula calculation, chart types, and fraud prevention techniques.
Full Transcript
b. Bottom Records Extraction c. Export Databases d. All of the Above Answer: D Q. Question - Suggested Answer No. 1 Forensic Accounting is essentially …………………… a) Accounting in a way to detect fraud b) Auditing in a way to gather eviden...
b. Bottom Records Extraction c. Export Databases d. All of the Above Answer: D Q. Question - Suggested Answer No. 1 Forensic Accounting is essentially …………………… a) Accounting in a way to detect fraud b) Auditing in a way to gather evidence c) Investigating in a way to get different evidence d) Combination of accounting, auditing, and investigative skills to gather evidence usable in a court of law 2 What is the AutoComplete feature of Excel? a) It automatically completes abbreviated words b) It completes text entries that match an existing entry in the same column c) It completes text and numeric entries that match an existing entry in the same column d) It completes text entries that match an existing entry in the same worksheet 3 A circular reference is …………………. a) Geometric modeling tool b) A cell that points to a drawing object c) A formula that either directly or indirectly depends on itself d) Always erroneous 4 Which of the following is a correct order of precedence in formula calculation? a) Multiplication and division exponentiation positive and negative values b) Multiplication and division, positive and negative values, addition and subtraction c) Addition and subtraction, positive and negative values, exponentiation d) All of above 5 You want to track the progress of the stock market on a daily basis. Which type of chart should you use? a) Pie Chart b) Bar Chart c) Line Chart d) Column Chart 6 Except for the ……………………. function, a formula with a logical function shows the word “TRUE” or “FALSE” as a result. a) IF b) AND c) OR d) NOT 7 Which function will calculate the number of workdays between 6/9/2017 and 8/12/2018? a) Workday b) Date c) Networkdays d) All of the above 8 _____________ is an interactive data summarisation tool in Excel. a) CONSOLIDATE b) PIVOTTABLE c) SUBTOTAL d) POWER QUERY 9 _____________ is done to identify the missing items in a sequence or series. a) Gap Testing b) Relative Size factor Analysis c) Fuzzy Logic Matching d) Sort 10 Which of the following errors will not be traced by Error Checking? a) Inconsistent manner of defining formulas b) Errors like #N/A, #REF! etc. c) Numbers stored as text d) Error in the logic of defining the formula 11 Which of the following functions is totally irrelevant for performing aging analysis? a) IF Function b) AND Function c) TODAY Function d) LEFT Function 12 In order to prevent identity thieves from finding personally identifiable information by looking through your trash, you should: a) Put your sensitive documents in your neighbors trash bin. b) Shred, or otherwise destroy all account statements, account applications, cancelled checks or other documents or information that contain personally identifiable information. c) Never throw out any sensitive information. Keep it in a safe place within your home. d) Take your sensitive information directly to the dump. 13 You're exposing yourself to potential credit card fraud if you: a) Sign your cards as soon as they arrive. b) Leave cards or receipts lying around. c) Void incorrect receipts. d) Carry your cards separately from your wallet, in a zippered compartment, a business card holder, or another small pouch. 14 Which of the following are not recommended security practices when setting up a wireless network in your home? a) Place your router in a secure location in your home. b) Change the name of your router from the default. c) Change your router's pre-set password. d) Turn on the encryption feature of your wireless routers. 15 Which of the following is not considered to be "personally identifiable information"? a) Credit card numbers b) Vehicle registration plate number c) Name of the school you attend or your workplace d) Date of birth 16 Which of the following is a characteristic that asset hiders generally look for in the financial vehicles they use to conceal assets? a) Transparency b) Inaccessibility c) Liquidity d) None of the above 17 Which of the following is a step in the general process for tracing illicit transactions? a) Selecting a response team b) Building a financial profile c) Implementing litigation hold procedures d) Establishing reporting protocols 18 When determining a subject's net worth for asset-tracing purposes, all assets should be valued at current market value to eliminate any question about estimates. a) True b) False 19 Sachin is currently being prosecuted for financial statement fraud for allegedly intentionally over- reporting earnings. Although Sachin did over-report income, he did not do so on purpose. Under these facts, which of the following defenses, if any, would likely benefit Sachin as a defense? a) Mistake b) Ignorance c) Duress d) All of the above 20 Akbar works as a cashier in an antiques store. Since the merchandise lacks barcodes, he has to enter the prices manually. One customer purchased a piece of furniture that cost Rs. 2500 and paid in cash. Akbar recorded the sale at Rs. 2000 and pocketed the Rs. 500 bill. What type of fraud did Akbar commit? a) A cash larceny scheme b) Lapping of receivables c) An unrecorded sales (skimming) scheme d) An understated sales (skimming) scheme 21 Amar, a fraud examiner, is conducting textual analytics on emails sent to and from specific employees that his client has identified as fraud suspects. He is using the Fraud Triangle to come up with a list of fraud keywords to use in his search. Which of the following words found in email text might indicate a fraudster is rationalizing his actions? a) Write off b) Deserve c) Override d) Quota 22 If an information thief has long range interest in monitoring of a company, he might place a spy in that target company as a permanent employee. This employee is known as …………………. a) Sleeper b) Mole c) Detective d) Insider Spies 23 The existence of the following might indicate presence of Ghost Employees: a) Employees with no withholding b) No employees with same address c) No employye with same PAN d) No employee with same account number 24 In Health Care Fraud, ………………………….. reimbursement occurs when providers receive payment for each service rendered. a) Capitation b) Fee for Service c) Episode of Care d) None of the above 25 Which of the following are the best for a comprehensive investigation ………………… a) Data vouching, trend analysis b) Trend analysis and tests of logic and absurdities c) Data vouching and tests of impossibilities d) All of the above to the extent possible in every case 26 Luhn’s algorithm is …………………. a) A tool to find out valid credit card numbers b) A tool to find out invalid debit card numbers c) A tool to find valid or invalid debit cards/credit cards d) None of the above 27 Which of the following is not an indication of Money laundering? a) Use of third party cheque for making purchases b) Lump sum payment made by wire transfer c) Willingness to provide normal information d) Request to borrow maximum cash value of a single premium policy soon after paying for the policy. 28 An employee has duty to cooperate during internal investigation irrespective of nature of investigation. a) True b) False 29 Which situation will not give rise to sanctions for failing to preservce evidence include intentionally or accidentally? a) Erasing computer file relevant to unanticiapated litigation b) Destroying physical evidence relevant to existing litigation c) Losing documents relevant to anticipated litigation d) Failing to suspend routine destruction of electronic data relevant to existing litigation 30 …………………. refers to defamatory statements in writing. a) Slander b) Human Rights c) Libel d) Breach of Privacy 31 To establish libility for public disclosure of private facts, the plaintiff must prove following elements: (i) The defendant made public statements about another party's private life. (ii) The statements were not of public concern. (iii) The statements would be highly offensive to a reasonable person. a) (i) only b) (i) and (ii) only c) All of the above d) None of the above 32 ……………………… software gives investigators the ability to image a drive and preserve it in a forensic manner. a) Stego Suite b) Forensic Toolkit (FTK) c) Recovery Toolkit d) Encase Forensic 33 Which is not a process for tracing illicit transactions? a) Collect Information b) Profile the subject c) Interview the subject d) Review information for leads 34 Fraud Assessment questioning is a non-accusatory interview technique used as a part of normal audit. a) True b) False 35 Following employee can be exempted from Fraud Awareness Training program - a) Top Level staff b) Middle Level Staff c) Lower Level Staff d) None of the above 36 ………………………. is the impression a writing instrument leaves on sheets of paper below the sheet that contains the original writing. a) Indented Writing b) Freehand Forgeries c) Autoforgeries d) Imitator style 37 To avoid smudging and contamination, fraud examiners should use …………………… when handling latent finger print evidence. a) Protective Gloves b) Acid free paper envelopes c) Dusting powder d) None of the above 38 While interviewing, Amar, forensic auditor, locks the door of interview room. This can be claimed as ……………………………. by the interviewee. a) Human Right Violation b) Actual Imprisonment c) False Imprisonment d) True Imprisonment 39 While doing interview, Amar, forensic auditor, was doing covert recording of interview process. It helps Amar to deny the recording when asked without taking ownership of recording. a) True b) False 40 ……………………… is a defence mechanism that protects an individual from items that would cause anxiety by prevneting the items from becoming concious. a) Etiquette Ego Threat c) Depression d) Repression 41 Amar, a Certified Fraud Examiner, has obtained an oral confession from Vijay, a fraud suspect. Amar wants to probe Vijay for additional details. Which of the following is the most appropriate question Amar should ask Vijay to find out if there are any remaining proceeds that can be used to reduce losses? a) "Did you spend everything?" b) "What do you have left?" c) "Is there anything left?" d) "It’s all gone, isn’t it?" 42 Amar, a Certified Fraud Examiner, is conducting an admission-seeking interview of Vijay, a fraud suspect. Amar has a great deal of documentary evidence that he plans on using to diffuse Vijay's alibis. The proper technique for using the evidence is for Amar to display it all at once so that Vijay will be demoralized by the overwhelming amount of evidence. a) True b) False 43 In interview situations, it is sometimes recommended that the interviewer shake hands with the respondent. What is the purpose of this? a) Social courtesy b) Professional courtesy c) To establish the interview purpose d) To break down psychological barriers 44 Forensic analysis can be performed directly on suspect devices because doing will not alter or damage digital evidence. a) True b) False 45 Which is not a Red Falg associated with Fictitious Revenue? a) An unusually large amount of long overdue accounts receivable b) Rapid growth or unusual profitability c) Significant sales to entities whose substance not known d) Inventory totals appear forced 46 Vijay, a manager at a major company, is suspected of financial statement fraud. During an admission-seeking interview with Vijay, the investigator states: "A lot of employees count on the company doing well. I know you only did this to help the company succeed. Isn’t that right?” This technique is known as: a) Genuine need b) Extrinsic rewards c) Altruism d) Depersonalizing the victim 47 Vijay, a fraud suspect, has confessed to Amar, a Fraud Examiner, that he has embezzled funds. Amar is unsure whether Vijay had an accomplice. Which of the following is the most appropriate question concerning accomplices? a) "Who else knew about this besides you?" b) "Was anyone else involved?" c) "Did someone else know?" d) "We have evidence someone else is involved. Who is it?" 48 Which of the following is a good practice for taking notes during an interview? a) Slow down the interview process if necessary to take accurate notes. b) Avoid making notes regarding opinions or impressions about a witness c) Write down verbatim all responses given by the subject during the interview. d) Make any necessary additions to interview notes within several weeks of the interview 49 During the introductory phase of the interview, the interviewer should avoid terms such as: a) Investigation b) Review c) Inquiry d) All of the above 50 Whenever possible, make a list of questions to be asked during the interview. It helps in maintaing the flow of interview. a) True b) False 51 if the interviewer has reason to believe that the respondent is being deceptive, he should begin asking ……………………….. a) Direct Questions b) Closing Questions c) Admission seeking Questions d) Assessment Questions 52 Which of the following is not the objective of Introductory questions ? a) Establish Rapport b) Establish Interview Theme c) Observe reactions d) Reconfirm Facts 53 What is your digital footprint? a) A scanned image of your foot b) All the information online about a person that is stored online. c) A photograph of your shoe d) Having a blog, facebook or twitter page 54 We use Cryptography term to transforming messages to make them secure and immune to …………………….. a) Change b) Idle c) Attacks d) Defend 55 Confidentiality with asymmetric-key cryptosystem has its own ……………………. a) Entities b) Data c) Problems d) Translator 56 In a ____________ scheme, the fraudster leave malware infected USB flash drive in places where people will find them easily. a) Baiting b) Pharming c) Malware d) Malicious Insider 57 Why would a hacker use a proxy server? a) To create a stronger connection with the target. b) To create a ghost server on the network. c) To obtain a remote access connection. d) To hide malicious activity on the network. 58 What type of attack uses a fraudulent server with a relay address? a) NTLM (NT LAN Manager) b) MITM (Man-in-the-middle) c) NetBIOS (Network Basic Input/Output System) d) SMB (Server Message Block) 59 Which phase of hacking performs actual attack on a network or system? a) Reconnaissance b) Maintaining Access c) Scanning d) Gaining Access 60 Social engineering is one of the most successful attack methods of cybercriminals. What is regarded as a form of social engineering? a) Cryptoware b) Denial of Service (DOS) attack c) Phishing d) Spam 61 Biometrics become ever more important as a means to verify the identity of users. Which feature of biometrics represents a major consideration for organizations that want to implement it? a) The so-called crossover error rate, which is the rate at which both acceptance and rejection errors are equal. b) The way users swipe their tablet or smartphone can be used as a behavioral mechanism for biometrics. c) The so-called crossover error rate, which is the rate at which both acceptance and rejection errors are within acceptable levels. d) Face recognition cannot be used as a biometric mechanism, because it is very inaccurate. 62 Digital certificates represent an important component in any Public Key Infrastructure (PKI). What should never be included in a digital certificate? a) The digital signature of the certificate authority (CA) that has issued the digital certificate. b) The private key of the party to whom the digital certificate is tied. c) The identity of the party that owns the digital certificate. d) The start and end date of the period, in which the digital certificate is valid. 63 What is the purpose of a Denial of Service attack? a) Exploit a weakness in the TCP/IP stack b) To execute a Trojan on a system c) To overload a system so it is no longer operational d) To shutdown services by turning them off 64 How is IP address spoofing detected? a) Installing and configuring a IDS that can read the IP header b) Comparing the TTL values of the actual and spoofed addresses c) Implementing a firewall to the network d) Identify all TCP sessions that are initiated but does not complete successfully 65 Phishing is a form of ………………………. a) Spamming b) Identify Theft c) Impersonation d) Scanning 66 Keyloggers are a form of …………………….... a) Spyware b) Shoulder surfing c) Trojan d) Social engineering 67 Having individuals provide personal information to obtain a free offer provided through the Internet is considered what type of social engineering? a) User-based b) Computer-based c) Human-based d) Web-based 68 SQL injection is an attack in which …………………… code is inserted into strings that are later passed to an instance of SQL Server. a) Non malicious b) Clean c) Redundant d) Malicious 69 Which of the following is a proper acquisition technique? a) Disk to Image b) Disk to Disk c) Sparse Acquisition d) All of the above 70 Which duplication method produces an exact replica of the original drive? a) Bit-Stream Copy b) Image Copy c) Mirror Copy d) Drive Image 71 What should you do if the computer is turned on? a) Shut it down b) Unplug it c) Start typing d) Log the user off 72 What happens when first securing the area? a) Start looking for evidence b) Make sure that the crime scene is safe c) Gather evidence d) Make sure computer is on 73 The risk of contamination of evidence is controlled and/or minimised by ……………………... a) Minimising the number of people handling the evidence. b) Storing packages in a dedicated secure area. c) Opening each package in an area other than where it was originally sealed. d) Using chain of custody labels. 74 Corroborative evidence is ……………………... a) Evidence that links an individual with a particular location. b) Evidence that associates an individual with another individual. c) Evidence that refutes other evidence. d) Eidence that supports other evidence. 75 What is the most significant legal issue in computer forensics? a) Preserving Evidence b) Seizing Evidence c) Admissibility of Evidence d) Discovery of Evidence 76 As a good forensic practice, why would it be a good idea to wipe a forensic drive before using it? a) No need to wipe b) Chain of Custody c) Different file and operating systems d) Cross-contamination 77 SQL Injection is ……………………… a) Physical Threat b) Application Threat c) Malicious Code d) Mobile Code 78 Cyber Forensic Investigation Process consists of ………………………. a) Imaging - Copy - Analysis - Communication. b) Imaging - Cloning - Documenting - Communication. c) Identification - Preservation - Collection - Analysis - Communication. d) Searching - Extracting - Imaging - Cloning - Analysis. 79 Signature forgery can best be spotted by ……………………. a) Juxtaposition and Comparison of signatures on two documents b) Juxtaposition and Comparison of a signature on a document with specimen signature c) Juxtaposition and comparison of signatures on several documents d) Any of the above 80 When a hash function is used to provide message authentication, the hash function value is referred to as ……………………… a) Message Field b) Message Digest c) Message Score d) Message Leap 81 The main difference in MACs and digital signatures is that, in digital signatures, the hash value of the message is encrypted with a user’s public key. a) True b) False 82 In which the database can be restored up to the last consistent state after the system failure? a) Backup b) Recovery c) Both d) None 83 Most backup and recovery commands in ………………….. are executed by server sessions. a) Backup Manager b) Recovery Manager c) Backup and Recovery Manager d) Database Manager 84 Which of the following is not a recovery technique? a) Deferred update b) Immediate update c) Two-phase commit d) Recovery management 85 Failure recovery and media recovery fall under...................... a) Transaction recovery b) Database recovery c) System recovery d) Value recovery 86 ………………………. means repeated acts of harassment or threatening behavior of the cyber criminal towards the victim by using internet services. a) Cyber Stalking b) Pornography c) Web Hijacking d) Hacking 87 …………………….. register domain name identical to popular service provider’s name. So as to attract their users and get benefit from them. a) Cyber squatters b) Phishing Attack c) Identity Theft d) Cyber Defamation 88 …………………… involves changing data prior or during input into a computer. a) Forgery b) Cyber Defamation c) Email spoofing d) Data diddling 89 As per ………………….., the auditor’s report should state whether the company has adequate Internal Financial Control system in place and the operating effectiveness of such controls. a) Section 134 b) Section 137 c) Section 143 d) Section 177 90 Fraud reporting should be done to Central Govt. in ………………… a) Form ADT-1 b) Form ADT-2 c) Form ADT-3 b) Form ADT-4 91 …………………. dealing with compensation for failure to protect data. a) Section 41 b) Section 43-A c) Section 65 d) Section 66 92 Section 66E deals with ……………………… a) Sending offensive messages b) Cheating by personation c) Privacy violation d) Cyber terrorism 93 ……………….deals with publishing or transmitting obscene material in electronic form. a) Section 43 b) Section 65 c) Section 66 d) Section 67 94 Section 75 of Indian Evidence Act, 1872 deals with ………………… a) Public Documents b) Private Documents c) Certified copies of Public Documents d) Proof of other official documents 95 A witness who is unable to speak is called ………………………. a) Deaf Witness b) Dumb Witness c) Hostile Witness d) Unreliable Witness 96 Entries in the books of accounts regularly kept in the course of business are admissible under section 34 of Evidence Act a) If they by themselves create a liability b) If they by themselves do not create a liability c) Irrespective of whether they themselves create a liability or not d) Either (a) or (b) 97 Amar, a Forensic Auditor, has obtained an oral confession from Vijay, a fraud suspect. Vijay confessed to committing fraud, and he admitted to smuggling drugs in an unrelated case. How should Amar handle these admissions in Gamma's written confession? a) Amar should omit the information concerning the drug smuggling b) Amar should take separate statements for each of the unrelated crimes c) Amar should include both crimes in the same statement d) None of the above 98 Amar, a Fraud Investigator, is investigating Vijay, who is active on an online social networking site in which he voluntarily shares information about himself. Amar wants to search and extract information from Vijay's social network profile. Which of the following is the most accurate statement about the privacy of information Vijay shared through his social network profile? a) To search for information that Vijay posted and made available to the public through his social network profile, Amar must provide Vijay notice before hand. b) To access any information posted on Vijay's social network profile, Amar must obtain some type of legal order from the jurisdiction in which Vijay resides. c) The Privacy of Social Networks Treaty is an international law that makes it illegal for Amar to seek the login credentials from Vijay's social networking account. d) Amar could be liable for violating Vijay's privacy rights if he hacks or breaks into areas of the social networking site Vijay has designated as private 99 What is Mutual Legal Assistance (MLA)? a) A process by which countries request and provide assistance in law enforcement matters b) A letter whereby a criminal defendant requests that the government release exculpatory information c) A formal request by the courts of one country seeking judicial assistance from the courts of another country d) A formal request by the government of a country seeking information from a defendant residing in another country 100 In most common law jurisdictions, for a document to be admitted into evidence, it must be properly __________ that is, the party offering the document must produce some evidence to show it is, in fact, what the party says it is. a) Validated b) Marked c) Certified d) Authenticated