CFE Certified Fraud Examiner Exam With
Complete Questions And Answers 2024
Falsified bHours b& bSalary bSchemes b- bcorrect banswer.The bmost bcommon bmethod bof
bmisappropriating bfunds bfrom bthe bpayroll bis bthe boverpayment bof bwages. bFor bhourly
bemployees, bthe bsize bof ba bpaycheck bis bbased bon btwo bfactors: bthe bnumber bof bhours
bworked band bthe brate bof bpay. bTherefore, bfor bhourly bemployees bto bfraudulently bincrease
bthe bsize bof btheir bpaycheck, bthey bmust beither bfalsify bthe bnumber bof bhours bthey bhave
bworked bor bchange btheir bwage brate.
Common bways bto bcommit ba bfalsified bhours band bsalary bscheme b- bcorrect banswer.1)
bInflating bthe bnumber bof bhours bworked
2) bInflating bthe brate bof bpay
3) bForging ba bsupervisor's bsignature
4) bCollusion bwith ba bsupervisor
5) bImplementing bpoor bcustody bprocedures
6) bAltering ba btimesheet bafter bit bhas bbeen bapproved
Fictitious bProvider bScheme b- bcorrect banswer.Corrupt bproviders bor bother bcriminals
bfraudulently bobtain band buse banother bprovider's bidentification binformation band bsteal bor
bpurchase blists bof bpatients' bidentifying binformation. bThereafter, bthe bperpetrator bsubmits
bbills busing bthe bfictitious bprovider's binformation bto bthe binsurance bprovider bor bgovernment
bhealth bcare bprogram bfor bmedical bservices, balthough bno bservices bare bperformed.
Address bSimilarity bReports b- bcorrect banswer.electronically bcompare bmultiple bpayments
bgoing bto bthe bsame baddress. bThese breports bare bextremely buseful bbecause bthey bmight
bshow ba bpayment bdefalcation bor bfunds bgoing bto banother binsurance bcompany, bbroker, bor
bfictitious bpayee.
Bad bDebt bExpense b- bcorrect banswer.Managers bcan boverstate btheir bcompany's
baccounts breceivable bbalance bby bfailing bto brecord bbad bdebt bexpense. bBad bdebt bexpense
bis brecorded bto baccount bfor bany buncollectible baccounts breceivable. bThe bdebit bside bof bthe
bentry bincreases bbad bdebt bexpense, band bthe bcredit bside bof bthe bentry bincreases bthe
ballowance b(or bprovision) bfor bdoubtful baccounts, bwhich bis ba bcontra baccount bthat bis
brecorded bagainst baccounts breceivable. bTherefore, bif bthe bcontroller bfails bto brecord bbad
bdebt bexpense, bthe ballowance b(or bprovision) bfor bdoubtful baccounts bwill bbe bunderstated.
Systems bfor bsafeguarding bsensitive band bproprietary binformation bshould binclude: b-
bcorrect banswer.* bTask bforce
,* bSecurity brisk bassessments
* bSecurity bpolicies band bprocedures
* bAwareness btraining
* bNondisclosure bagreements
* bNoncompetition bagreements
* bData bclassification
* bData bretention band bdestruction bpolicies
* bData bminimization
* bSecurity bcontrols
* bMeasures bto bguard bmanual bfile bsystems
* bMonitoring bof bvisitor baccess
* bQuiet broom
* bIncident bresponse bplan
The bfailure bto binclude bany bof bthese bmeasures bis ba bpoor binformation bsecurity bpractice
bthat bcan bcontribute bto bthe bloss bof bproprietary binformation.
To bprevent bthe bloss bor bmisuse bof bsensitive bdata bor bproprietary binformation,
borganizations bshould b. b. b. b- bcorrect banswer.develop band bimplement brisk-based
binformation-security bsystems bdesigned bto bdetect band bprevent bunauthorized baccess bto
bsensitive binformation. bAn binformation bsecurity bsystem brequires bcontrols bthat bare
bdesigned bto bensure bthat bdata bare bused bas bintended, band bsuch bcontrols bwill bdepend bon
bthe bcombination band bcoordination bof bpeople, bprocesses, btechnologies, band bother
bresources.
Off-book bfraud b- bcorrect banswer.A bfraud bthat boccurs boutside bthe bfinancial bsystem band
btherefore bhas bno bdirect baudit btrail. bThere bare bseveral bkinds bof boff-book bfrauds bthat bwill
bbe bdiscussed bin bthis bbook. bSkimming bis bthe bmost bcommon boff-book bfraud.
Skimming b- bcorrect banswer.The bremoval bof bcash bfrom ba bvictim bentity bprior bto bits bentry
bin ban baccounting bsystem. bEmployees bwho bskim bfrom btheir bcompanies bsteal bsales bor
breceivables bbefore bthey bare brecorded bin bthe bcompany bbooks. bBecause bof bthis baspect
bof btheir bnature, bskimming bschemes bare bknown bas boff-book bfrauds; bthey bleave bno bdirect
baudit btrail
DRG bcreep b- bcorrect banswer.occurs bwhen ba bhospital bor bother bmedical binstitution
bdeliberately band bsystematically bmanipulates bdiagnostic band bprocedural bcodes bto
bincrease breimbursement bamounts bor bother bforms bof bfunding. bIn bother bwords, bDRG
bcreep bis ban bintentional bpattern bof bupcoding bby ba bhospital bor bother bmedical binstitution.
smartcard b- bcorrect banswer.a bplastic bcard, bthe bsize bof ba bcredit bor bdebit bcard, bembedded
bwith ba bmicrochip. bA bkey badvantage bof bsmart bcards bis bthat, bunlike bregular bmagnetic
bstripe bcredit band bdebit bcards, bthey bcannot bbe beasily breplicated. bSimilarly, bsmart bcards
bcannot bbe beasily bcounterfeited, bwhich bgreatly breduces bthe bpotential bfor bfraud bwith bin-
person btransactions. bSmart bcards binclude ba bwide bvariety bof bhardware band bsoftware
bfeatures bcapable bof bdetecting band breacting bto btampering battempts band bcountering
,bpossible battacks. bIf bsomeone btries bto btamper bwith ba bchip bon ba bsmart bcard, bthe bcard
bdetects bthe bintrusion band bshuts bitself bdown, brendering bthe bcard buseless.
Steps bindividuals bcan btake bto bprotect btheir bpersonal binformation band bprevent bidentity
btheft b- bcorrect banswer.* bDo bnot bgive bout bgovernment bidentification bnumbers bunless
babsolutely bnecessary.
* bDo bnot bcarry bgovernment bidentification bcards b(or bnumbers) bin bpurses bor bwallets.
* bCreate bcomplex bpasswords bor bpassphrases bthat bare bat bleast beight bcharacters bin
blength band bcontain bupper- band blowercase bletters, bnumbers, band bsymbols.
* bDo bnot breuse bpasswords. bUse ba bdifferent bpassword bfor bevery bwebsite, baccount, bor
bdevice.
* bNever bsend bpersonal binformation, bsuch bas ba bpassword bor bgovernment bidentification
bnumber, bvia bemail. bReputable borganizations bwill bnot brequest bpersonal binformation bby
bemail.
* bWhen bavailable, buse bbiometric bauthentication b(e.g., bfingerprints, bvoice brecognition).
* bCreate bunique banswers bfor bsecurity bquestions. bDo bnot bchoose banswers bcontaining
bpersonal binformation bthat bis bpublicly bavailable b(e.g., bname bof bhigh bschool, bmother's
bmaiden bname).
* bProtect bcomputers bwith bstrong band bregularly bupdated bfirewall band bantivirus bsoftware,
band bpromptly binstall ball bsecurity bupdates band bpatches.
* bAvoid bsuspicious bwebsites.
* bDelete bmessages bfrom bunknown bsenders bwithout bopening bthem.
* bOnly bdownload bsoftware bfrom btrusted bwebsites.
* bAvoid busing bunsecured, bpublic bWi-Fi bnetworks.
* bLimit bthe bamount bof bpersonal binformation bshared bon bsocial bmedia.
* bUse bsoftware bto bpermanently berase ball bdata bfrom bhard bdrives bbefore bdisposing bof
bcomputers, bsmartphones, bcopiers, bprinters, band bother belectronic bdevices.
* bSecure bphysical bmailboxes bwith ba block, bcheck bphysical bmail bregularly, band binstruct
bthe bpost boffice bto bsuspend bmail bduring bvacations.
* bShred ball bsensitive bdocuments.
* bOpt bout bof bunsolicited boffers bfor bpre-approved bcredit bcards bor bother blines bof bcredit.
* bPay battention bto bbilling bcycles band breview ball bbills band bstatements.
* bCheck bcredit breports bregularly.
Indicators bof bCompromise b(IOCs) bor bIndicators bof bAttack b(IOAs) b- bcorrect banswer.Signs
bthat battackers baccessed bor bare bcurrently battempting bto baccess ba bsystem; bcan binclude
bunusual binbound bor boutbound bnetwork btraffic, banomalies bin buser baccess bto bnetwork
bfiles, bor bunusual bnetwork bor bcomputer bperformance.
Abnormal bTraffic b- bcorrect banswer.Either bhigher bor blower bthan busual, bcould bbe ban
bindication bthat ban battacker bhas bgained baccess bto ban borganization's bnetwork band bis
bmanipulating btraffic bby bsending bmalicious bsoftware bto bthe bnetwork bor bexfiltrating bdata
bfrom bit, bamong bother bthings. bA bcommon bsign bof bunusual bnetwork btraffic bincludes
bgeographical birregularities brelated bto bnetwork baccess band btraffic.
, Abnormal bAccess bPatterns b- bcorrect banswer.Most borganizations bemploy ba bsystem bthat
brestricts baccess bto bsensitive bfiles bor binformation bon btheir bnetwork bto bonly bthose bwho
brequire bthat baccess bas bpart bof btheir borganizational brole, band buser bpatterns btypically
breflect baccess bthat baligns bwith bthe bnormal bcourse bof bbusiness. bAny babnormalities bor
boutliers bto bthe busual baccess bpatterns bcould bindicate bthat bthe bnetwork bhas bbeen
bcompromised bby ban binsider bor bexternal bactor band bmight binclude bpasswords bthat bare
bnot bworking bor bbundles bof bdata bbeing bin bthe bincorrect bplace.
Unusual bPerformance bIssues b- bcorrect banswer.Many bdifferent btypes bof bcomputer band
bnetwork bintrusion bor bcompromise bcan bresult bin bperformance bissues bfor bthe bcomputers
bor bnetworks bthat bare bpresumed bto bbe baffected, bwhether bthe bissues brelate bto bmalware
binfection, bexternal bunauthorized baccess, bor binsider bactions. bSome bunusual
bperformance bissues bthat bcould bindicate bthat ba bcomputer bor bnetwork bis bcompromised
bmight binclude bunexpected bpatching bof bsystems bor bthe binstallation bof bunwanted bor
bunknown bsoftware.
Technical bSurveillance b- bcorrect banswer.the bpractice bof bcovertly bacquiring baudio, bvisual,
bor bother btypes bof bdata bfrom btargets bthrough bthe buse bof btechnical bdevices, bprocedures,
band btechniques. bWhen bcorporate bspies bresort bto bthis, bit bis busually bto bgather
bnondocumentary bevidence bor binformation bthat bcannot bbe bfound bthrough bopen bsources.
Information bSecurity bGoals b- bcorrect banswer.Confidentiality, bintegrity, bavailability,
bauthentication, band bnon-repudiation
Shell bCompanies b- bcorrect banswer.Fictitious bentities bcreated bfor bthe bsole bpurpose bof
bcommitting bfraud; busually binvolve ban bemployee bmaking bfraudulent bpayments bto bthe
bdummy bcompany. bMost bshell bcompany bschemes binvolve bthe bpurchase bof bservices
brather bthan bgoods. bThe bprimary breason bfor bthis bis bthat bservices bare bnot btangible. bIf ban
bemployee bsets bup ba bshell bcompany bto bmake bfictitious bsales bof bgoods bto btheir
bemployer, bthese bgoods bwill bobviously bnever barrive. bBy bcomparing bits bpurchases bto bits
binventory blevels, bthe bvictim borganization bmight bdetect bthe bfraud. bIt bis bmuch bmore
bdifficult bfor bthe bvictim borganization bto bverify bthat bthe bservices bwere bnever brendered. bFor
bthis breason, bmany bemployees binvolved bin bshell bcompany bschemes bbill btheir bemployers
bfor bthings blike b"consulting bservices."
New baccount bfraud b- bcorrect banswer.Fraud bthat boccurs bon ban baccount bwithin bthe bfirst
bninety bdays bthat bit bis bopen; boften, bperpetrators bopen bthese baccounts bwith bthe bsole
bintent bof bcommitting bfraud. bPrompt, bdecisive baction bis bnecessary bto bmanage band/or
bclose bapparent bproblem baccounts. bSome bof bthe bmore bcommon bred bflags bof bpotential
bnew baccount bschemes bare:
* bCustomer bresidence boutside bthe bbank's btrade barea
* bDress band/or bactions binconsistent bor binappropriate bfor bthe bcustomer's bstated bage,
boccupation, bor bincome blevel
* bNew baccount bholder brequesting bimmediate bcash bwithdrawal bupon bdeposit
* bRequest bfor blarge bquantity bof btemporary bchecks
* bServices bincluded bwith bthe baccount bthat bdo bnot bmatch bthe bcustomer's bpurpose