Prep Course 1

Financial Transactions
1. Which of the following types of accounts are decreased by debits?
A. Owners’ equity
B. Liabilities
C. Revenue
D. All of the above
Entries to the left side of an account are referred to as debits, and entries to the right side of an account
are referred to as credits. Debits increase asset and expense accounts, whereas credits decrease these
accounts. On the other side of the equation, credits increase liabilities, revenue, and owners’ equity
accounts. Conversely, debits decrease liabilities, revenues, and owners’ equity.
2. Julia runs a printing company and has an antique printing press that she uses in her business.
She purchased the press from a friend for $5,000. Similar presses are selling on the market today
for about $8,000. Julia has a colleague who recently paid $9,000 for an antique printing press.
According to the historical cost basis of asset measurement, how much should Julia initially
record the printing press for on her books?
A. $8,000
B. $3,000
C. $5,000
D. $9,00
3. Which accounting principle requires corresponding expenses and revenue to be recorded in the

same accounting period?
A. Going concern
B. Matching
This item's classification is Internal. It was created by and is in property of the Home Credit Group. Do not distribute outside of the organization.
C. Comparability
D. Faithful representation
4. The management at a publicly traded company may choose which set of financial reporting
practices it wants its company to follow.
A. True
B. False
Publicly traded companies must adhere to the specific financial reporting practices of their jurisdiction,
which differ among regions. While U.S. generally accepted accounting principles (GAAP) and
International Financial Reporting Standards (IFRS) are some of the most commonly used accounting
frameworks, other countries have their own form of GAAP that might contain different standards. IFRS is
considered more of a principle-based accounting framework, whereas U.S. GAAP is known to be more of
a rules-based accounting framework. Proponents of IFRS say that a principle-based accounting system
better captures an entity’s true economic situation.
5. Which of the following statements is TRUE regarding the balance sheet?
A. The balance sheet shows the financial performance of a company over a certain period of time, such as a quarter or a year.
B. Assets are generally presented on the balance sheet in order of liquidity.
C. Balance sheets are usually manipulated by understating assets or overstating liabilities.
D. The accounts that appear on the balance sheet include revenues and expenses.
The balance sheet, or statement of financial position, shows a snapshot of a company’s financial situation
at a specific point in time, generally the last day of the accounting period. The balance sheet is an
expansion of the accounting equation, Assets = Liabilities + Owners’ Equity. That is, it lists a company’s
assets on one side and its liabilities and owners’ equity on the other side.
Assets are the resources owned by a company. Generally, assets are presented on the balance sheet in
order of liquidity (i.e., how soon they are expected to be converted to cash).
Generally, in a financial statement fraud scheme, the balance sheet is manipulated to appear stronger by
overstating assets and/or understating liabilities.
6. Delta, a Certified Fraud Examiner (CFE), was hired to serve as an expert accounting witness in a
case of alleged financial statement fraud. As part of her expert testimony, Delta explained how,
under International Financial Reporting Standards (IFRS), management must make every effort
to ensure that the company’s financial statements are complete, neutral, and free from error.
Delta was explaining the concept of:
A. Going concern
B. Comparability
C. Faithful representation
D. None of the above
7. Generally speaking, _________________ is the proper basis for initially recording a piece of
equipment on a company's books.
A. Estimated replacement value
B. Appraised value
C. Current market value
D. Historical cost
Standard accounting principles require that property, plant, and equipment be initially recognized at
historical cost. According to the historical cost basis of asset measurement, assets are recorded at the
amount of cash or cash equivalents paid or the fair value of the consideration given to acquire them at the
time of their acquisition.
8. Which of the following is the correct accounting model?
A. Assets + Liabilities = Owners' Equity
B. Assets = Liabilities + Owners' Equity
C. Assets = Liabilities – Owners' Equity
9. If a fraudster wants to conceal the misappropriation of cash, which of the following actions will NOT result in a balanced accounting equa ti
A. Decreasing a liability
B. Creating an expense
C. Decreasing another asset
D. Reducing owners’ equity
he accounting equation, Assets = Liabilities + Owners' Equity, is the basis for all double-entry accounting.
If an asset (e.g., cash) is stolen, the equation can be balanced by increasing another asset, reducing a
liability, reducing an owners' equity account, reducing revenues (and thus retained earnings), or creating
an expense (and thus reducing retained earnings).
10. When looking at a set of financial statements, on which statement would you find notes payable,
current assets, retained earnings, and accumulated depreciation?
A. Statement of changes in owners’ equity
B. Balance sheet
C. Income statement
D. Statement of cash flows
Notes payable, current assets, retained earnings, and accumulated depreciation can all be found on the
balance sheet. The balance sheet is an expansion of the accounting equation, Assets = Liabilities +
Owners’ Equity. That is, it lists a company’s assets on one side and its liabilities and owners’ equity on the
other side. Assets are classified as either current or noncurrent. Current assets consist of cash or other
liquid assets that are expected to be converted to cash, sold, or used up, usually within a year or less.
Current assets listed on the balance sheet include cash, accounts receivable, inventory, supplies, and
prepaid expenses. Following the current assets are the long-term assets, or those assets that will likely
not be converted to cash within one year, such as fixed assets and intangible assets. A company’s fixed
assets are presented net of accumulated depreciation, an amount that represents the cumulative expense
taken for normal wear and tear on a company’s property.
Liabilities are presented in order of maturity. Like current assets, current liabilities are those obligations
that are expected to be paid within one year, such as accounts payable (the amount owed to vendors by
a company for purchases on credit), accrued expenses (e.g., taxes payable or salaries payable), and the
portion of long-term debts that will come due within the next year. Those liabilities that are not due for
more than a year are listed under the heading long-term liabilities. The most common liabilities in this
group are bonds, notes, and mortgages payable.
11. In accrual-basis accounting, revenues are generally recognized when goods are delivered or
services are rendered to a customer.
A. True
B. False
Accrual-basis accounting requires revenues to be recorded when they are earned (generally, when goods
are delivered or services are rendered to a customer), without regard to when cash exchanges hands.
Expenses are recorded in the same period as the revenues to which they relate. For example, employee
wages are expensed in the period during which the employees provided services, which might not
necessarily be the same period in which they are paid.
12. According to the going concern disclosure requirements, if there is substantial doubt about a
company’s ability to fulfill its financial obligations over a reasonable period of time, it must be
disclosed in the company’s financial statements.
A. True
B. False
A company’s management is required to provide disclosures when existing events or conditions indicate
that it is more likely than not that the entity might be unable to meet its obligations within a reasonable
period of time after the financial statements are issued. There is an underlying assumption that an entity
will continue as a going concern; that is, the life of the entity will be long enough to fulfill its financial and
legal obligations. Any evidence to the contrary must be reported in the entity’s financial statements.
13. The statement of cash flows includes the following categories: cash flows from strategic activities,
cash flows from operating activities, cash flows from investing activities, and cash flows from
financing activities.
A. True
B. False
The statement of cash flows reports a company’s sources and uses of cash during the accounting period.
This statement is often used by potential investors and other interested parties in tandem with the income
statement to determine a company's true financial performance during the period being reported.
The statement of cash flows is broken down into three sections:
 Cash flows from operating activities

 Cash flows from investing activities
 Cash flows from financing activities
14. Most companies present which of the following as the first line item on the income statement?
A. Net profit
B. Net sales
C. The cash balance
D. Operating expenses
Whereas the balance sheet shows a company’s financial position at a specific point in time, the income
statement, or statement of profit or loss and other comprehensive income, details how much profit (or
loss) a company earned during a period of time, such as a quarter or a year.
Two basic types of accounts are reported on the income statement—revenues and expenses. Revenues
represent amounts received from the sale of goods or services during the accounting period. Most
companies present net sales or net service revenues as the first line item on the income statement. The
term net means that the amount shown is the company’s total sales minus any sales refunds, returns,
discounts, or allowances.
15. Which of the following types of accounts are increased by credits?
A. Revenue
B. Liability
C. Owners’ equity
D. All of the above
Entries to the left side of an account are referred to as debits, and entries to the right side of an account
are referred to as credits. Debits increase asset and expense accounts, whereas credits decrease these
accounts. On the other side of the equation, credits increase liabilities, revenue, and owners’ equity
accounts. Conversely, debits decrease liabilities, revenues, and owners’ equity.
16. Revenue should not be recognized for work that is to be performed in subsequent accounting
periods, even though the work might currently be under contract.
A. True
B. False
In general, revenue is recognized to depict the transfer of promised goods or services to a customer in an
amount that reflects the consideration to which the entity expects to be entitled in exchange for those
goods or services. According to the revenue recognition principle, revenue should not be recognized for
work that is to be performed in subsequent accounting periods, even though the work might currently be
under contract. For a performance obligation satisfied over time, an entity should select an appropriate
measure of progress to determine how much revenue should be recognized as the performance
obligation is satisfied.
17. Which of the following statements is TRUE with regard to the statement of cash flows?
A. The statement of cash flows is not always necessary because most companies operate under cash-basis accounting rather than accrual-basis accounting.
B. The statement of cash flows is often used in tandem with the income statement to determine a company’s true financial performance.
C. The statement of cash flows shows a company’s financial position at a specific point in time.
D. There are four types of cash flows: cash flows from operating activities, from investing activities, from financing activities, and from revenue activities.
statement to determine a company’s true financial performance during the period being reported. The
statement of cash flows is broken down into three sections: cash flows from operating activities, cash
flows from investing activities, and cash flows from financing activities.
The nature of accrual-basis accounting allows (and often requires) the income statement to contain many
noncash items and subjective estimates that make it difficult to fully and clearly interpret a company’s
operating results. However, it is much harder to falsify the amount of cash that was received and paid
during the year, so the statement of cash flows enhances the financial statements’ transparency.
The balance sheet shows a company’s financial position at a specific point in time.
18. Chapman Inc. has always used the first-in, first-out (FIFO) inventory valuation method when
calculating its cost of goods sold. This is also the standard inventory valuation method for other
comparable entities in Chapman’s industry. Chapman’s controller wants to change to the
weighted-average cost method because it will make Chapman’s net income appear much larger
than the FIFO valuation will. After several years of poor performance, management wants to
boost the company’s appearance to potential investors. However, Chapman must continue to use
the FIFO inventory valuation method. This is reflected in which of the qualitative characteristics of
financial reporting?
A. Going concern
B. Comparability
C. Valuation
D. Relevance
19. Gross revenues refer to the total amount of sales made by a company during an accounting
period after deductions are made.
A. True
B. False
companies present net sales or net service revenues as the first line item on the income statement. The
term net means that the amount shown is the company’s total sales minus any sales refunds, returns,
discounts, or allowances. Conversely, gross revenues refer to the company’s total sales during the
accounting period before any deductions are made.
20. The ____________ details how much profit (or loss) a company earned over a particular period
of time.
A. Balance sheet
B. Statement of changes in owners' equity
C. Statement of cash flows
D. Income statement

Whereas the balance sheet shows a company’s financial position at a specific point in time, the income
statement, or statement of profit or loss and other comprehensive income, details how much profit (or
loss) a company earned during a period of time, such as a quarter or a year.
The statement of changes in owners' equity details the changes in the total owners’ equity amount listed
on the balance sheet. The statement of cash flows reports a company’s sources and uses of cash during
a particular period of time.
21. Which of the following statements is TRUE with regard to gross profit?
A. Gross profit is equal to revenues less operating expenses.
B. Gross profit is equal to net sales less cost of goods sold.
C. Gross profit is another term for net income.
D. Gross profit is the top line of the income statement.

companies present net sales as the first line item on the income statement. The term net means that the
amount shown is the company’s total sales minus any sales refunds, returns, discounts, or allowances.
From net sales, an expense titled cost of goods sold or cost of sales is deducted. Regardless of the
industry, this expense denotes the amount a company spent (in past, present, and/or future accounting
periods) to produce the goods or services that were sold during the current period. The difference
between net sales and cost of goods sold is called gross profit or gross margin, which represents the
amount left over from sales to pay the company’s operating expenses.
22. The accounting framework that an entity should use depends upon the rules of the jurisdiction(s)
in which the entity operates.
A. True
B. False
Historically, each country has promulgated its own generally accepted accounting principles (GAAP),
which has led to a worldwide divergence of accounting practices. It has also contributed to some
difficulties in comparing the financial performance of companies in different countries, as well as financial
reporting challenges for multinational entities. Consequently, accounting standard-setters have been
working toward a uniform set of accounting standards to enhance the transparency and comparability of
financial reporting, facilitate cross-border commerce, and encourage international investment. The
resulting International Financial Reporting Standards (IFRS) has been adopted as the source of GAAP for
reporting companies in many countries. However, some countries, such as the United States, have
retained their own set of accounting standards that form GAAP for reporting companies in those
jurisdictions. Currently, there is not a universally accepted accounting recording and reporting system in
existence. Publicly traded companies must adhere to the specific financial reporting practices of their
jurisdiction, which differ among regions.
23. Which of the following is an acceptable justification for a departure from generally accepted
accounting principles (GAAP)?
A. Departing from GAAP would make the company appear more profitable
B. The literal application of GAAP would render the financial statements misleading
C. Adhering to GAAP is significantly more expensive than using an alternative method

The question of when it is appropriate to stray from generally accepted accounting principles (GAAP) is a
matter of professional judgment; there is not a clear-cut set of circumstances that justifies such a
departure. However, the fact that complying with GAAP would be more expensive or would make the
financial statements look weaker is not a reason to use a non-GAAP method of accounting for a
transaction.
It can be assumed that adherence to GAAP almost always results in financial statements that are fairly
presented. However, the standard-setting bodies recognize that, upon occasion, there might be an
unusual circumstance when the literal application of GAAP would render the financial statements
misleading. In these cases, a departure from GAAP is the proper accounting treatment.
Departures from GAAP can be justified in the following circumstances:
 There is concern that assets or income would be overstated and expenses or liabilities would be
understated (the conservatism constraint requires that when there is any doubt, one should avoid
overstating assets and income or understating expenses and liabilities).
 It is common practice in the entity’s industry for a transaction to be reported in a particular way.
 The substance of the transaction is better reflected (and, therefore, the financial statements are
more fairly presented) by not strictly following GAAP.
 The results of departure appear reasonable under the circumstances, especially when strict
adherence to GAAP would produce misleading financial statements and the departure is properly
disclosed.
 If a transaction is considered immaterial (i.e., it would not affect a decision made by a prudent
reader of the financial statements), then it need not be reported.
 The expected costs of adherence to GAAP exceed the expected benefits of compliance.
24. It is considered acceptable practice to deviate from generally accepted accounting principles
(GAAP) in which of the following circumstances?
A. It is common practice in the industry to give particular transactions a specific accounting treatment
B. There is concern that assets or income would be overstated
C. Adherence to GAAP would produce misleading results
D. All of the above
departure. It can be assumed that adherence to GAAP almost always results in financial statements that
are fairly presented. However, the standard-setting bodies recognize that, upon occasion, there might be
an unusual circumstance when the literal application of GAAP would render the financial statements
misleading. In these cases, a departure from GAAP is the proper accounting treatment.
Departures from GAAP can be justified in the following circumstances:
 There is concern that assets or income would be overstated and expenses or liabilities would be
understated (the conservatism constraint requires that when there is any doubt, one should avoid
overstating assets and income or understating expenses and liabilities).
 It is common practice in the entity’s industry for a transaction to be reported in a particular way.
 The substance of the transaction is better reflected (and, therefore, the financial statements are
more fairly presented) by not strictly following GAAP.
 The results of departure appear reasonable under the circumstances, especially when strict
adherence to GAAP would produce misleading financial statements and the departure is properly
disclosed.
 If a transaction is considered immaterial (i.e., it would not affect a decision made by a prudent
reader of the financial statements), then it need not be reported.
 The expected costs of adherence to GAAP exceed the expected benefits of compliance.
25. If a fraudster wants to conceal the removal of a liability from the books, which of the following
actions will NOT balance the accounting equation?
A. Increasing revenue
B. Increasing owners’ equity
C. Increasing a different liability
D. Increasing an asset
The accounting equation, Assets = Liabilities + Owners' Equity, is the basis for all double-entry
accounting. Suppose that in order to make an organization appear that it has less debt, an accountant
fraudulently removes a liability. This would leave the accounting equation unbalanced since the assets
side would be greater than liabilities plus owners’ equity. In this particular case, the equation can be
balanced by decreasing an asset, increasing a different liability, increasing an owners' equity account,
increasing revenues (and thus retained earnings), or reducing an expense (and thus increasing retained
earnings). Increasing an asset would only make the equation further out of balance.
26. The qualitative financial reporting characteristic of comparability prohibits any change in an
accounting principle previously employed.
A. True
B. False
Comparability is the qualitative characteristic that enables users to identify and understand similarities in,
and differences among, items. Information about a company is more useful if it can be compared with
similar information about other entities and with similar information about the same entity for another
period or another date. Although a single economic occurrence can be faithfully represented in multiple
ways, permitting alternative accounting methods for the same economic occurrence diminishes
comparability.
Consistency, although related to comparability, is not the same. Consistency refers to the use of the same
methods for the same items, either from period to period within a reporting entity or in a single period
across entities. Comparability is the goal; consistency helps to achieve that goal.
However, both comparability and consistency do not prohibit a change in an accounting principle
previously employed. An entity’s management is permitted to change an accounting policy only if the
change is required by a standard or interpretation or results in the financial statements providing more
reliable and relevant information about the effects of transactions; other events; or conditions on the
entity's financial position, financial performance, or cash flows. The entity’s financial statements must
include full disclosure of any such changes. Examples of changes in accounting principles include a
change in the method of inventory pricing, a change in the depreciation method for previously recorded
assets, and a change in the method of accounting for long-term construction contracts. The disclosure for
a change in accounting principles should include the justification for the change and should explain why
the newly adopted principle is preferable.
27. As a sale is made, the appropriate charges for cost of goods sold, or other expenses directly
corresponding to the sale, should be recorded in the same accounting period.
A. True
B. False
Expenses are recognized in the income statement on the basis of a direct association between the costs
incurred and the earning of specific items of income. This process, commonly referred to as the matching
principle, involves the simultaneous or combined recognition of revenues and expenses that result directly
and jointly from the same transactions or other events; for example, the various components of expense
making up the cost of goods sold are recognized at the same time as the income derived from the sale of
the goods.
28. Calculating _____________ determines a company’s earnings for an accounting period by

deducting its operating expenses from gross profit.
A. Net profit
B. Gross revenues
C. Cost of goods sold
D. Net sales
A company’s net profit (also known as net income or net earnings) for the period is determined after
subtracting operating expenses from gross profit. If a company’s total expenses were greater than its total
revenues and the bottom line is negative, then it had a net loss for the period.
29. If compliance with generally accepted accounting principles (GAAP) would be significantly more
expensive than a different method that is not GAAP, use of an alternative method is permitted.
A. True
B. False
departure. However, the fact that complying with GAAP would be more expensive or would make the
financial statements look weaker is not a reason to use a non-GAAP method of accounting for a
transaction.
30. The statement of changes in owners’ equity acts as the connecting link between which two
financial statements?
A. Income statement and balance sheet
B. Statement of cash flows and balance sheet
C. Balance sheet and statement of retained earnings
D. Income statement and statement of cash flows
The statement of changes in owners’ equity details the changes in the total owners’ equity amount listed
on the balance sheet. Because it shows how the amounts on the income statement flow through to the
balance sheet, it acts as the connecting link between the two statements. The balance of the owners’
equity at the beginning of the year is the starting point for the statement. The transactions that affect
owners’ equity are listed next and are added together. The result is added to (or subtracted from, if
negative) the beginning-of-the-year balance, which provides the end-of-the-year balance for total owners’
equity.
31. Which of the following could be used to balance the accounting equation if cash were stolen?
A. Increasing another asset
B. Reducing revenue
C. Reducing a liability
D. All of the above

The accounting equation, Assets = Liabilities + Owners' Equity, is the basis for all double-entry
accounting. If an asset (e.g., cash) is stolen, the equation can be balanced by increasing another asset,
reducing a liability, reducing an owners' equity account, reducing revenues (and thus retained earnings),
or creating an expense (and thus reducing retained earnings).
32. Assets, liabilities, and owners’ equity are all items that appear on a company’s balance sheet.
A. True
B. False
The balance sheet, or statement of financial position, shows a snapshot of a company’s financial situation
at a specific point in time, generally the last day of the accounting period. The balance sheet is an
expansion of the accounting equation, Assets = Liabilities + Owners’ Equity. That is, it lists a company’s
assets on one side and its liabilities and owners’ equity on the other side.
33. Which of the following appears on the balance sheet?
A. Cost of goods sold
B. Expenses
C. Current assets
D. Revenues
The balance sheet, or statement of financial position, is an expansion of the accounting equation, Assets
= Liabilities + Owners’ Equity. That is, it lists a company’s assets on one side and its liabilities and
owners’ equity on the other side. Assets are classified as either current or noncurrent. Current
assets consist of cash or other liquid assets that are expected to be converted to cash, sold, or used up,
usually within a year or less. Current assets listed on the balance sheet include cash, accounts
receivable, inventory, supplies, and prepaid expenses.
Revenues, expenses, and cost of goods sold are all items that appear on a company’s income statement.
34. Which of the following statements is NOT true regarding the statement of cash flows?
A. There are three types of cash flows: cash flows from operating activities, from investing activities, and from financing activities.
B. The statement of cash flows is often used in tandem with the income statement to determine a company’s true financial performance.
C. The statement of cash flows reports a company’s sources and uses of cash during the accounting period.
D. The statement of cash flows shows a company’s financial position at a specific point in time.
statement to determine a company’s true financial performance during the period being reported. The
statement of cash flows is broken down into three sections: cash flows from operating activities, cash
flows from investing activities, and cash flows from financing activities.
The balance sheet shows a company’s financial position at a specific point in time.
35. Both U.S. generally accepted accounting principles (GAAP) and International Financial Reporting
Standards (IFRS) are considered rules-based accounting frameworks.
A. True
B. False
Publicly traded companies must adhere to the specific financial reporting practices of their jurisdiction,
which differ among regions. While U.S. generally accepted accounting principles (GAAP) and
International Financial Reporting Standards (IFRS) are some of the most commonly used accounting
frameworks, other countries have their own form of GAAP that might contain different standards. IFRS is
considered more of a principle-based accounting framework, whereas U.S. GAAP is known to be more of
a rules-based accounting framework. Proponents of IFRS say that a principle-based accounting system
better captures an entity’s true economic situation.
36. The assumption that a business will continue indefinitely is reflected in the accounting concept of:
A. Objective evidence
B. Relevance
C. Comparability
D. Going concern
A company's management is required to provide disclosures when existing events or conditions indicate
that it is more likely than not that the entity might be unable to meet its obligations within a reasonable
period of time after the financial statements are issued. There is an underlying assumption that an entity
will continue as a going concern; that is, the life of the entity will be long enough to fulfill its financial and
legal obligations. Any evidence to the contrary must be reported in the entity’s financial statements.
37. Which of the following is FALSE regarding cash-basis accounting?
A. Cash-basis accounting focuses on tracking a company’s future cash flow.
B. Revenues are recorded in the accounting system when a company receives cash.
C. Expenses are recorded in the accounting system as soon as they are paid.
D. Cash-basis accounting is simpler to use than accrual-basis accounting.
There are two primary methods of accounting: cash basis and accrual basis. The main difference
between the two methods is the timing in which revenue and expenses are recognized.
Cash-basis accounting involves recording revenues and expenses based on when a company receives or
pays out cash. For example, sales are recorded when a company receives cash payment for goods,
regardless of when the goods are delivered. If a customer purchases goods on credit, the company does
not record the sale until the cash is received for the sale. Likewise, if a customer prepays for a sale, the
company records the sales revenue immediately, rather than when the goods are given to the customer.
The process is the same with expenses: The expenses are recorded when paid, without consideration to
the accounting period in which they were incurred. The key advantage of cash-basis accounting is its
simplicity—the only thing its accounting system must track is cash being received or paid. Using this
method makes it easier for companies to track their cash flow.
Accrual-basis accounting requires revenues to be recorded when they are earned (generally, when goods
are delivered or services are rendered to a customer), without regard to when cash exchanges hands.
Expenses are recorded in the same period as the revenues to which they relate. For example, employee
wages are expensed in the period during which the employees provided services, which might not
necessarily be the same period in which they are paid.
Accrual-basis accounting records accounts receivable for money that has yet to be received from
customers and records accounts payable for purchases made on credit. This accounting method provides
immediate feedback to companies on their expected cash inflows and outflows, which makes it easier for
them to manage their current resources and efficiently plan for the future. When companies recognize
economic events by matching their revenues with the expenses that directly relate to those revenues, it
provides a more accurate representation of their financial situation.
38. David runs a local catering company. He keeps his books on a calendar year and uses the
accrual basis of accounting. In December of Year 1, a customer placed an order with him to cater
the food for a party that would take place in February of Year 2. The contract was signed and the
balance was paid in full when the order was placed in December. When should David report the
revenue from this party and the associated expenses of catering it?
A. Both the revenue and expenses should be recorded in December.
B. The revenue should be recorded in December when David received the cash, and the expenses should be recorded in February after the party takes place.
C. It does not matter because it is up to David to decide whether he reports the revenue and expenses in December or February.
D. Both the revenue and expenses should be recorded in February.
39. Entries to the left side of an account are referred to as credits, while entries to the right side of an account
are debits.
A. True
B. False
Theft of Data and Intellectual Property

1. Research and development (R&D) personnel often inadvertently divulge confidential
information through which of the following?
A. Discussions with colleagues at conferences
B. Articles written for industry journals
C. Hiring outside academic professionals
D. All of the above
Often, intelligence professionals target research and development (R&D) employees because their
positions generally involve the communication of information. For example, many R&D employees attend
or participate in trade shows, conferences, or other industry functions where it is common to network with
other professionals in their field and exchange ideas. Such events provide intelligence spies with the
opportunity to learn key product- or project-related details simply by listening to a presentation or asking
the right questions.
R&D employees’ publications are also a good source of information for intelligence professionals.
Researchers sometimes inadvertently include sensitive project details when writing articles about their
findings for industry journals or other mediums. This is particularly true in the case of academic
professionals who might be hired by a company to perform research or conduct a study. If a company
hires an academician to conduct research, management must ensure that the academician understands
the need to keep the results confidential. In addition, management must make sure that the
academician’s use of teaching assistants or graduate students is kept to a minimum and that those
individuals understand the confidentiality requirements.
2. The primary reason for a company’s management to construct an electronically and

acoustically shielded quiet room is to protect data hosted on the company’s computer
servers and other sensitive electronic devices.
A. True
B. False
Management can prevent corporate spies from listening in on meetings through the use of a quiet room.
A quiet room is an area that is acoustically and radio-frequency shielded so that conversations that occur
within the room cannot be monitored or heard from outside the room.
3. Calendars and schedules displayed at an employee’s workstation can inadvertently

provide a company’s competitors with valuable proprietary information.
A. True
B. False
Organizations must take reasonable measures to protect manual file systems, which are composed of all human-readable
items like contact lists, schedules, and calendars located at employees’ workstations. To attack a manual file system, an in
as a cleaning crew member, or commit theft or burglary.
4. Which of the following terms describes the use of illegal, clandestine means to acquire information for commercial purposes?
A. Technical surveillance
B. Corporate espionage
C. Competitive intelligence
D. Traditional espionage
Espionage is the term used to describe the use of illegal, clandestine means to acquire information;
therefore, it does not cover legitimate intelligence collection and analysis using legal means. Espionage
can be further subdivided into two categories: traditional and corporate. Traditional espionage refers to
government-sponsored or sanctioned espionage conducted to collect protected information from a foreign
government. Corporate espionage (also known as industrial espionage) is the term used to describe the
use of illegal, clandestine means to acquire information for commercial purposes.
Competitive intelligence can be defined as the process by which competitor data are assembled into
relevant, accurate, and usable knowledge about competitors’ positions, performance, capabilities, and
intentions. Competitive intelligence is a legitimate business function that aligns with marketing and
research and development (R&D), as well as general business strategy and the newer discipline of
knowledge management. It helps businesses to anticipate competitors’ R&D strategies and to determine
their operating costs, pricing policies, financial strength, and capacity.
Technical surveillance is the practice of covertly acquiring audio, visual, or other types of data from
targets through the use of technical devices, procedures, and techniques
5. In the process of data maximization, organizations protect against theft of proprietary

information by collecting and storing only the amount of information necessary for
employees to perform a given task.
A. True
B. False
Organizations should practice data minimization. Data minimization refers to collecting and storing the
minimal amount of information necessary to perform a given task. Data minimization is important to data
security because thieves cannot steal what an entity does not have.
6. When developing a program for safeguarding proprietary information (SPI), an

organization should form a company task force to develop the program, and the task
force should include representatives from relevant departments across the company,
such as research and development (R&D), corporate security, and records management.
A. True
B. False
To coordinate a company-wide program for safeguarding proprietary information (SPI), management

should establish a task force and charge it with developing the program. The task force should include
managers and staff from departments that deal with proprietary information, such as research and
development (R&D) and production. The task force should also include representatives from the following
departments: corporate security, human resources (HR), records management, data processing, and
legal.
Once the task force is assembled, it must identify the information that is to be protected. To make this
determination, the task force should identify those areas that give the company its competitive edge (e.g.,
quality of the product, service, price, manufacturing technology, marketing, and distribution). When doing
so, the task force should ask, “What information would a competitor like to know?”
7. Favorite targets for intelligence-gathering purposes include employees in all of the

following departments EXCEPT:
A. Marketing
B. Research and development
C. Shipping and receiving
D. Purchasing
Some of the favorite targets of intelligence gatherers include employees in the following departments:
research and development (R&D), marketing, manufacturing and production, human resources (HR),
sales, and purchasing.
8. Which of the following is a common method used by fraudsters to physically infiltrate and
spy on organizations?
A. Fabricate or steal an employee badge
B. Pose as a contractor
C. Secure a position as an employee
D. All of the above
Corporate spies might use physical infiltration techniques to obtain sensitive information. Physical
infiltration is the process whereby an individual enters a target organization to spy on the organization’s
employees. One common infiltration technique is to secure a position, or pose, as an employee or
contract laborer of the target organization. For example, a spy might obtain work as a security officer or a
member of the janitorial crew for the target organization.
Another common physical infiltration technique is to steal or fabricate employee badges belonging to the
target organization.
9. Which of the following is a common avenue through which proprietary company

information is compromised?
A. Publications
B. Company website
C. Speeches by executives
D. All of the above
Publications such as newsletters or reports to shareholders and speeches or papers that are presented at
conferences can inadvertently provide valuable information to competitors.
A company’s website might also contain accidental leaks. Corporate spies frequently visit their targets’
websites to gather information that these companies have unknowingly made public. Employee telephone
and email directories, financial information, key employees’ biographical data, product features and
release dates, details on research and development (R&D), and job postings can all be found on many
corporate websites.
10. When should an employee be made aware of the need to maintain the confidentiality of
an organization’s proprietary information, as well as which information is considered
confidential?
A. During an exit interview
B. When signing a nondisclosure agreement
C. Upon being hired
D. All of the above
11. One method that competitive intelligence professionals commonly use to gather data about a
competitor involves posing as a job applicant and interviewing with key employees at the
competing company. This practice is best described as conducting surveillance.
A. True
B. False
Intelligence professionals might gather data through human intelligence (i.e., through direct contact with
people). Generally, human intelligence is gathered from subject-matter experts and informed individuals.
Such efforts typically target individuals who can provide the most valuable information.
For example, an intelligence professional might gather intelligence by posing as a customer of the target
entity. This approach exploits two weaknesses of corporate culture: (1) all salespeople want to make a
sale and (2) many salespeople will do almost anything to make a sale. Other approaches include:
 Employment interviews (real and fake)

 False licensing negotiations
 False acquisition or merger negotiations
 Hiring an employee away from a target entity
 Planting an agent in a target organization
 Social engineering
12. Which of the following is a poor information security procedure that contributes to loss of
proprietary information?
A. Failure to implement data retention and destruction policies
B. Failure to guard documents maintained in manual file systems
C. Failure to practice data minimization
D. All of the above
To prevent the loss or misuse of sensitive data or proprietary information, organizations should develop
and implement risk-based information-security systems designed to detect and prevent unauthorized
access to sensitive information. An information security system requires controls that are designed to
ensure that data are used as intended, and such controls will depend on the combination and
coordination of people, processes, technologies, and other resources.
To be effective, a system for safeguarding sensitive and proprietary information should include the
following:
 Task force
 Security risk assessments
 Security policies and procedures
 Awareness training
 Nondisclosure agreements
 Noncompetition agreements
 Data classification
 Data retention and destruction policies
 Data minimization
 Security controls
 Measures to guard manual file systems
 Monitoring of visitor access
 Quiet room
 Incident response plan
The failure to include any of these measures is a poor information security practice that can contribute to
the loss of proprietary information.
13. Shareholders' reports and company newsletters might give a competitor valuable
information about a company's product secrets.
A. True
B. False
Publications such as newsletters or reports to shareholders and speeches or papers that are presented at
conferences can inadvertently provide valuable information to competitors.
A company’s website might also contain accidental leaks. Corporate spies frequently visit their targets’
websites to gather information that these companies have unknowingly made public. Employee telephone
and email directories, financial information, key employees’ biographical data, product features and
release dates, details on research and development (R&D), and job postings can all be found on many
corporate websites.
14. Cooper is an intelligence professional for Whetstone Intelligence, a competitive

intelligence firm. He is tasked with gathering intelligence about Cryptic Global, the major
competitor of Whetstone’s biggest client. To gather the intelligence, Cooper infiltrates
Cryptic Global’s office by posing as a member of its cleaning crew and collects
information left around employees’ computers and desks. Cooper’s approach is an
example of:
A. Scavenging
B. Spoofing
C. Dumpster diving
D. Shoulder surfing
15. Employees are often willing to abide by nondisclosure agreements, but they sometimes
do not understand that the information they are communicating might be confidential.
A. True
B. False
Often, employees are willing to abide by nondisclosure agreements, but they do not understand that the
information they are communicating might be confidential. To more effectively implement nondisclosure
agreements, employees must be clearly informed as to what information is considered confidential upon
hiring, upon signing a nondisclosure agreement, and during exit interviews.
16. Publicly available information that anyone can lawfully obtain by request, purchase, or
observation is known as which of the following?
A. Confidential-source information
B. Open-source information
C. Wide-source information
D. Free-source information
Open-source information is information in the public domain; it can be defined as publicly available data
"that anyone can lawfully obtain by request, purchase, or observation."
17. Both corporate espionage and competitive intelligence are legitimate forms of information
gathering that businesses engage in to anticipate competitors’ research and development
(R&D) strategies.
A. True
B. False
Espionage, which is subdivided into both traditional espionage and corporate or industrial
espionage categories, is the term used to describe the use of illegal, clandestine means to acquire
information; therefore, it does not cover legitimate intelligence collection and analysis using legal means.
18. Shredding sensitive documents with a cross-cut shredder, sending and receiving mail at
a secure site, and employing a perimeter security system at the office are all measures
aimed to do which of the following?
A. Catch a fraudster in the act.
B. Protect digital documentation.
C. Prevent misappropriation of office supplies.
D. Guard manual file systems.
19. To help safeguard an organization’s proprietary information, management should require

all employees throughout the organization to sign noncompetition agreements.
A. True
B. False
A noncompetition agreement is an agreement whereby employees agree not to work for competing
companies within a certain period of time after leaving their current employer. While noncompetition
agreements can be useful in some circumstances, there are a number of legal issues that limit their
effectiveness. Because of these potential legal issues and challenges, and due to differences in
employees’ geographic locations, job responsibilities, access to proprietary information, and other factors,
such agreements should generally be used on an as-needed basis, rather than as a broad requirement
for all employees. If management does determine that such an agreement is appropriate for certain
employees, it should consult with legal counsel to ensure that the agreement is valid and enforceable
under the applicable laws.
20. When a fraudster calls someone at the target company and cajoles or tricks the person
into providing valuable information, that corporate espionage technique is referred to as
which of the following?
A. Social engineering
B. Spamming
C. Replicating
21. Which of the following is NOT a recommended method for safeguarding an organization’s
proprietary information?
A. Creating an incident response plan after a data breach occurs
B. Changing locks and reprogramming door access codes regularly
C. Constructing a quiet room to prevent eavesdropping
D. Classifying data into categories according to value and sensitivity levels
All organizations should have an incident response plan that describes the actions the organization will
take when a data breach occurs. To be effective, an incident response plan must be in place and
communicated to all relevant employees before a breach occurs.
According to the CERT (Computer Emergency Response Team) Insider Threat Center, organizations
should implement a data classification policy that establishes what protections must be afforded to data of
different value and sensitivity levels. Data classification allows organizations to follow a structured
approach for establishing appropriate controls for different data categories. Moreover, establishing a data
classification policy will help employee awareness. In short, classifying an organization’s data involves (1)
organizing the entity’s data into different security levels based on the data’s value and sensitivity and (2)
assigning each level of classification different rules for viewing, editing, and sharing the data.
Management should monitor and limit visitor access. Visitors should be required to sign in and out of an
organization logbook. It is considered a best practice to issue visitors a badge that identifies them as a
nonemployee. Also, visitors should be escorted by a host at all times, and visitors should not be allowed
into areas containing sensitive information. Additionally, locks on doors leading to secure areas should be
changed or reprogrammed regularly, especially if an employee has recently quit or been terminated.
Management can prevent corporate spies from listening in on meetings through the use of a quiet room.
A quiet room is an area that is acoustically and radio-frequency shielded so that conversations that occur
within the room cannot be monitored or heard from outside the room.
22. Which of the following best illustrates the concept of human intelligence?
A. A corporate spy poses as a customer of a competing company to elicit information from the competitor’s salespeople.
B. A corporate spy creates a deceptive website that tricks employees from a competing company into divulging confidential information.
C. A corporate spy installs software on the computer of an employee from a competing company to monitor that employee’s communications.
D. A corporate spy breaks into a competing company’s office and steals sensitive information while employees are attending an off-site event.
Intelligence professionals might gather data through human intelligence (i.e., through direct contact with
people). Generally, human intelligence is gathered from subject-matter experts and informed individuals.
Such efforts typically target individuals who can provide the most valuable information.
For example, an intelligence professional might gather intelligence by posing as a customer of the target
entity. This approach exploits two weaknesses of corporate culture: (1) all salespeople want to make a
sale and (2) many salespeople will do almost anything to make a sale. Other approaches include:
 Employment interviews (real and fake)

 False licensing negotiations
 False acquisition or merger negotiations
 Hiring an employee away from a target entity
 Planting an agent in a target organization
 Social engineering
23. Competitive intelligence is a legitimate business function that involves assembling

competitor data into relevant, accurate, and usable knowledge about competitors’
positions, performance, capabilities, and intentions.
A. True
B. False
24. For corporate espionage purposes, technical surveillance generally consists of gathering
documentary evidence or information that can be found via open sources.
A. True
B. False
targets through the use of technical devices, procedures, and techniques. When corporate spies resort to
the use of technical surveillance, it is usually to gather nondocumentary evidence or information that
cannot be found through open sources.
25. Management at Blue Oak, Inc., has established a task force and charged it with
developing a program for safeguarding proprietary information (SPI). Which of the
following should be the first step that the task force takes?
A. Institute an encryption policy.
B. Shred sensitive documents.
C. Determine what information should be protected.
D. Develop an employee awareness program.
26. Visitors to a company’s facilities should be allowed unrestricted access as long as they
have signed in as a visitor in the company’s logbook and have been issued a visitor’s
badge.
A. True
B. False
Management should monitor and limit visitor access. Visitors should be required to sign in and out of an
organization logbook. It is considered a best practice to issue visitors a badge that identifies them as a
non-employee. Also, visitors should be escorted by a host at all times, and visitors should not be allowed
into areas containing sensitive information. Additionally, locks on doors leading to secure areas should be
changed or reprogrammed regularly, especially if an employee has recently quit or been terminated.
27. Which of the following best illustrates the use of technical surveillance for purposes of corporate
espionage?
A. A spy impersonates a help desk representative to obtain an employee's network password.
B. A spy creates a deceptive website to trick employees into entering confidential information.
C. A spy uses a phony employee badge to enter an office and take a sensitive document.
D. A spy hacks into a target computer and monitors an employee’s communications.
targets through the use of technical devices, procedures, and techniques. When corporate spies resort to
the use of technical surveillance, it is usually to gather nondocumentary evidence or information that
cannot be found through open sources.
Corporate spies might employ various forms of technological surveillance, such as aerial photography,
bugging and wiretapping, video surveillance, photographic cameras, mobile phones, monitoring computer
emanations, and computer system penetrations.
28. Which of the following scenarios illustrates a fraudster’s use of social engineering?
A. A fraudster calls a company employee and requests sensitive information while claiming to be a coworker whose systems are down
B. A fraudster without an employee badge gains access to a secure facility by following legitimate employees who are oblivious to the fraudster's presence
C. A fraudster has lunch at a restaurant where a target company’s employees are known to eat with the intention of overhearing sensitive conversations
Financial Institution Fraud
1. A property flipping scheme occurs when someone purchases a piece of real estate and
sells it shortly thereafter at an unjustly inflated value.
A. True
B. False
Property flipping is the process by which an investor purchases a home and then resells it at a higher
price shortly thereafter. For example, an investor buys a house in need of work for $250,000 in July,
renovates the kitchen and bathrooms, and landscapes the yard at a cost of $50,000. The investor then
resells the house two months later (the time it takes to make the renovations) for a price that is reflective
of the market for a house in that condition. This is a legitimate business transaction, and many individuals
and groups make an honest living flipping properties.
Property flipping is not intrinsically illegal or fraudulent, but it becomes so when a property is purchased
and resold within a short period of time at an artificially or unjustly inflated value, often as the result of a
fraudulent appraisal. In a flipping scheme, the property is sold twice in rapid succession at a significant
increase in value (also known as an ABC transaction, where the property moves from party A to party B
to party C very quickly).
2. Which of the following is NOT a problem situation regarding a construction loan that
might be concealed using change orders?
A. Collusive bidding is occurring.
B. The original project is not feasible.
C. Shortcuts are uncovering other problems.
D. Design changes were requested.
Change orders are often submitted along with draw requests. Although many times the change orders
represent legitimate construction changes (for design, cost, or other things), they can also be indicators of
fraud schemes. For example, an increasing trend in the number of change orders or amounts on change
orders might be an indication that construction changes have taken place that would alter the originally
planned project to such an extent as to render the underwriting inappropriate. Change orders might have
the same impact on a project as altering the original documents. As with anything that is contracted for on
a bid basis, change orders could also be an indication of collusive bidding. Furthermore, change orders
might be an indication that the original project was not feasible and that shortcuts are uncovering other
problem areas. Change orders should be approved by the architect and engineer on the project in
addition to the lender's inspector.
3. A double-pledging collateral scheme is a type of loan fraud in which a borrower uses the
same property as collateral with different lenders before liens are recorded and without
telling the lenders.
A. True
B. False
In double-pledging collateral schemes, borrowers pledge the same collateral (i.e., an item of value used
to secure or guarantee a loan) with different lenders before liens are recorded and without telling the
lenders.
4. A draw request on a construction loan should be accompanied by all of the following EXCEPT:
A. Inspection reports
B. Lien releases from subcontractors
C. Change orders, if applicable
D. Expenses from similar contracts
A draw request is the documentation substantiating that a developer has incurred the appropriate
construction expenses and is now seeking reimbursement or direct payment. Generally, draw requests on
construction loans are made on a periodic schedule (e.g., once a month) and are verified by a quantity
surveyor (QS) or other authorized entity as agreed to by the financial institution. The request should be
accompanied by the following documents:
 Paid invoices for raw materials

 Lien releases from each subcontractor
 Inspection reports
 Canceled checks from previous draw requests
 Bank reconciliation for construction draw account for previous month
 Loan balancing form demonstrating that the loan remains in balance
 Change orders, if applicable
 Wiring instructions, if applicable
 Proof of developer contribution, if applicable
5. ABC Bank recently acquired a new portfolio of consumer loans. Because this particular
loan portfolio is experiencing a higher than normal default rate, management has asked
Bradley, a Certified Fraud Examiner (CFE), to evaluate the portfolio. Bradley notices that
the loan package was sold without recourse to the broker, the brokerage fee was high
relative to other purchases, and the broker is no longer in business. Which of the
following types of schemes has Bradley MOST LIKELY uncovered?
A. Daisy chain fraud
B. Brokered loan fraud
C. Money transfer fraud
D. Letter of credit fraud
6. In a ____________ scheme, unqualified borrowers misrepresent personal creditworthiness,
overstate their ability to pay, and misrepresent characteristics of the housing unit to qualify for a
loan.
A. Double-pledging collateral
B. Credit data blocking
C. Single-family housing loan fraud
D. Reciprocal loan arrangements
7. A higher-than-normal level of employee turnover associated with a real estate developer

is often a red flag of loan fraud.
A. True
B. False
One red flag of loan fraud to look for, particularly in construction lending, is whether the real estate
developer is experiencing a higher-than-normal employee turnover. Typically, when a developer
experiences a high degree of turnover, something is wrong with the internal operation. This is often a
preamble for other problems to come.
8. Which of the following BEST describes a linked financing loan fraud scheme?
A. Large deposits (usually brokered deposits) are offered to a bank on the condition that loans are made to particular individuals affiliated with the deposit broker.
B. Insiders in different banks cause their banks to lend funds or sell loans to other banks with agreements to buy their loans.
C. Borrowers pledge the same collateral with different lenders before liens are recorded and without telling the lenders.
D. Unqualified borrowers misrepresent personal creditworthiness, overstate their ability to pay, and misrepresent characteristics of the housing unit.
In a linked financing scheme, large deposits (usually brokered deposits) are offered to a bank on the
condition that loans are made to particular individuals affiliated with the deposit broker.
In a single-family housing loan fraud scheme, unqualified borrowers misrepresent personal
creditworthiness, overstate their ability to pay, and misrepresent characteristics of the housing unit.
In double-pledging collateral schemes, borrowers pledge the same collateral (i.e., an item of value used
to secure or guarantee a loan) with different lenders before liens are recorded and without telling the
lenders.
In a reciprocal loan arrangements scheme, insiders in different banks cause their banks to lend funds or
sell loans to other banks with agreements to buy their loans—all for the purpose of concealing loans and
sales.
9. Which of the following is a red flag for new bank account fraud?
A. A customer lists a mail drop as the account’s mailing address
B. A customer requests a large cash withdrawal immediately after opening the account
C. A customer leaves out requested information on the account application
D. All of the above
Fraud is much more likely to occur in new accounts than in established accounts. New account fraud is
generally defined as fraud that occurs on an account within the first ninety days that it is open; often,
perpetrators open these accounts with the sole intent of committing fraud. Prompt, decisive action is
necessary to manage and/or close apparent problem accounts. Some of the more common red flags of
potential new account schemes are:
 Customer residence outside the bank's trade area

 Dress and/or actions inconsistent or inappropriate for the customer's stated age, occupation, or
income level
 New account holder requesting immediate cash withdrawal upon deposit
 Request for large quantity of temporary checks
 Services included with the account that do not match the customer’s purpose
 Missing or inaccurate customer application information
 Invalid phone numbers or addresses in customer account information
 Use of a mail drop address (a service where a non-affiliated party collects and distributes mail for
individuals or entities)
 Large check or automated teller machine (ATM) deposits followed by rapid withdrawal or transfer
of funds (a pass-through account)
 Business accounts without standard business transactions, such as payroll or transactions that
would be expected in that business
 Transactions without a clear purpose in jurisdictions known for high levels of corruption
 Opening deposit that is a nominal cash amount
 Rare customer ID type
 Applicants over the age of 25 with no credit history
 Customers who cannot remember basic application information (i.e., phone number, address)
10. Which of the following situations would be MOST indicative of a customer committing
new account fraud at a bank?
A. A customer opens a new personal account and immediately requests two ATM cards.
B. A customer opens a business account and soon after has payroll transactions on the account.
C. An invalid address or phone number is listed in the customer’s account information.
D. A customer deposits a substantial amount of funds in a new personal account and does not spend or withdraw them for several months.
Fraud is much more likely to occur in new accounts than in established accounts. New account fraud is
generally defined as fraud that occurs on an account within the first ninety days that it is open; often,
perpetrators open these accounts with the sole intent of committing fraud. Prompt, decisive action is
necessary to manage and/or close apparent problem accounts. Some of the more common red flags of
potential new account schemes are:
 Customer residence outside the bank's trade area

 Dress and/or actions inconsistent or inappropriate for the customer's stated age, occupation, or
income level
 New account holder requesting immediate cash withdrawal upon deposit
 Request for large quantity of temporary checks
 Services included with the account that do not match the customer’s purpose
 Missing or inaccurate customer application information
 Invalid phone numbers or addresses in customer account information
 Use of a mail drop address (a service where a non-affiliated party collects and distributes mail for
individuals or entities)
 Large check or automated teller machine (ATM) deposits followed by rapid withdrawal or transfer
of funds (a pass-through account)
 Business accounts without standard business transactions, such as payroll or transactions that
would be expected in that business
 Transactions without a clear purpose in jurisdictions known for high levels of corruption
 Opening deposit that is a nominal cash amount
 Rare customer ID type
 Applicants over the age of 25 with no credit history
 Customers who cannot remember basic application information (i.e., phone number, address)
11. Zane obtained a loan from Bank A, agreeing to give the bank a security interest in his
commercial property. Before Bank A’s lien was filed, Zane managed to get another loan
from Bank B using the same commercial property as collateral (unbeknownst to Bank B).
In which of the following schemes did Zane engage?
A. Linked financing
B. Sham loan
C. Daisy chain
D. Double-pledging collateral
12. Which of the following BEST describes the difference between a flipping scheme and a flopping scheme in the context of mortgage fraud?
A. In a flopping scheme, the lender is not one of the potential victims of the scheme.
B. In a flopping scheme, the value of the first transaction is deflated instead of inflating the second transaction.
C. In a flopping scheme, the original seller always ends up as the final owner of the property.
D. In a flopping scheme, the second transaction in the scheme usually occurs several years after the first.
Property flipping is the process by which an investor purchases a home and then resells it at a higher
price shortly thereafter. For example, an investor buys a house in need of work for $250,000 in July,
renovates the kitchen and bathrooms, and landscapes the yard at a cost of $50,000. The investor then
resells the house two months later (the time it takes to make the renovations) for a price that is reflective
of the market for a house in that condition. This is a legitimate business transaction, and many individuals
and groups make an honest living flipping properties.
Property flipping is not intrinsically illegal or fraudulent, but it becomes so when a property is purchased
and resold within a short period of time at an artificially or unjustly inflated value, often as the result of a
fraudulent appraisal. In a flipping scheme, the property is sold twice in rapid succession at a significant
increase in value (also known as an ABC transaction, where the property moves from party A to party B
to party C very quickly).
Property flopping is a variation on property flipping, but it generally involves a property subject to a short
sale (meaning the owner sells the property at a lower value than the unpaid mortgage amount on the
property). This variation is typically conducted by industry insiders or unscrupulous entrepreneurs rather
than the homeowner. Property flopping involves a rapid transfer of property with an unjustified, significant
change in value (like the ABC transaction in flipping schemes), but instead of inflating the value on the
second transaction, the value on the first transaction is deflated.
To prevent problematic short sale flopping, some lenders are starting to require all interested parties to
sign an affidavit requiring disclosure of an immediate subsequent sale.
13. Which of the following statements regarding new account fraud schemes is LEAST
ACCURATE?
A. Mobile deposits are at high risk for new account fraud because face-to-face, in-person transactions are not required.
B. New account fraud sometimes involves withdrawing funds after opening a new business account using checks stolen from another business.
C. Automated teller machines (ATMs) are rarely targets of new account fraud because most have cameras installed.
D. New account criminals often use false identification to open new bank accounts and steal money before funds are collected by the financial institution.
New account fraud is generally defined as fraud that occurs on an account within the first ninety days that
it is open; often, perpetrators open these accounts with the sole intent of committing fraud.
New account criminals often use false identification to open new accounts and steal money before funds
are collected by the bank. False identification is easily purchased.
Some bank customers defraud business institutions by opening a new business account using checks
stolen from another business. The fraudsters then withdraw the funds and close the account.
Financial institutions are increasingly allowing mobile deposits, which typically involve a person sending a
digital image of a check or similar payment order to the depository institution so that the paper document
never has to be received or processed. There is a relatively high risk of new account fraud with mobile
deposits for two main reasons. First, there is no face-to-face transaction required, which fraudsters prefer
in order to maintain anonymity. Second, the digital image is often taken by a camera or a scanner, so it is
easier to make forged or counterfeit deposits.
Financial institutions should also consider the increased risk of new account fraud when offering
automated teller machines (ATMs) that accept deposits. Like with mobile deposits, the fact that ATM
deposits do not require in-person transactions with a teller is ideal for fraudsters. Many ATMs have
cameras to help identify users, but ATMs are often enticing targets.
14. Jeff works as a teller at a bank. One of Jeff’s friends came in as a customer and
presented a cashier's check. Jeff could tell that the check was counterfeit, but the friend
convinced him to cash it for a share of the proceeds. Which of the following BEST
describes the scheme in which Jeff engaged?
A. Unauthorized disbursement of funds to outsiders
B. Theft of physical property
C. False accounting entry
D. Unauthorized use of collateral
15. Latoya, a loan officer, and other real estate insiders colluded to steal a homeowner’s
identity, take out a second mortgage on the individual’s property, and split the proceeds.
Latoya and her co-conspirators’ actions would BEST be described as a fraudulent
second lien scheme.
A. True
B. False
Fraudulent second liens are a variation of the fraudulent sale scheme. In a second lien scheme, a person
assumes a homeowner’s identity and takes out an additional loan or a second mortgage in the
homeowner’s name. If there is not enough equity in the home to warrant a second loan, an inflated
appraisal is obtained. This scheme often involves a high level of collusion between a loan officer, an
appraiser, and a title agent (or other real estate document service provider).
16. When a construction developer submits a draw request to a lender, all of the following
would be red flags for loan fraud EXCEPT:
A. Failure to include lien releases from each subcontractor
B. Missing inspection reports
C. Omission of developer’s personal account statements
D. Invoice documentation that appears altered
Construction loan advances are generally supported by draw requests. A draw request is the
documentation substantiating that a developer has incurred the appropriate construction expenses and is
now seeking reimbursement or direct payment. Generally, a draw request is made once a month and is
verified by a quantity surveyor (QS) or other authorized entity as agreed to by the financial institution. The
request should be accompanied by the following documents:
 Paid invoices for raw materials

 Lien releases from each subcontractor
 Inspection reports
 Canceled checks from previous draw requests
 Bank reconciliation for construction draw account for previous month
 Loan balancing form demonstrating that the loan remains in balance
 Change orders, if applicable
 Wiring instructions, if applicable
 Proof of developer contribution, if applicable
Any missing or altered documentation is a red flag that something is amiss with the draw request. All
advances on the loan should be adequately documented.
The developer’s personal account statements would never be included with a draw request.
17. Karl finds a residential property with a non-resident owner. He then forges contractual
property documents showing that the owner is transferring ownership of the property
completely to Karl, such as would normally happen during a property sale. The property
owner is unaware that Karl has created and filed the documents. Later, Karl takes the
falsified documents to a lender and borrows money against the property. Which of the
following BEST describes Karl’s scheme?
A. Property flipping
B. Air loan
C. Fraudulent sale
D. Unauthorized draw on home equity line of credit
18. The purpose of draw requests in construction lending is to provide:
A. Documentation that costs have been incurred and reimbursement is sought
B. Documentation that the design is approved by the International Union of Architects
C. Documentation that all architectural and engineering designs and quotes have been completed
D. Documentation that the construction project cannot continue without additional funding
Construction loan advances are generally supported by draw requests. A draw request is the
documentation substantiating that a developer/borrower has incurred the appropriate construction
expenses and is now seeking reimbursement or direct payment. A typical fraud scheme involves
requesting advances on the loan for inappropriate costs, such as personal expenses and/or construction
costs for an unrelated project. Draw requests might provide the greatest opportunity for a developer to
commit fraud because the lender relies upon the developer's documentation.
19. In most construction contracts, a certain amount will be withheld from each draw request
by the contractor. This amount is not paid until the contract has been finished and
approved by the owner. The withheld amount is referred to as which of the following?
A. Retainage
B. Good faith deposit
C. Withholding
20. Which of the following real estate loan schemes would be BEST described as an air
loan?
A. A builder, in collusion with an appraiser and other real estate insiders, fraudulently applies for a loan to construct
a building on a nonexistent property and keeps the proceeds.
B. A fraudster files fraudulent property transfer documents with the property owner’s forged signature and then
takes out a loan using the property as collateral.
C. A loan applicant falsifies their income sources to qualify for a mortgage.
D. A property developer applying for a loan submits instances of previous development experience that are fictitious or that they had no part in.
21. Which of the following situations is often present in real estate fraud schemes?
A. The services of an arm's-length legal representative
B. A false appraisal report
C. No expert assistance at closing
D. All of the above
Real estate transactions assume a willing buyer and a willing seller. Fraud can occur when the
transaction breaks down or the expert assistance is not at arm's length (i.e., is not immediately
attainable). Many real estate fraud schemes have a false appraisal report as a condition precedent.
22. Which of the following is MOST indicative that the winning bid on an original construction
project was not feasible and thus a sign of potential loan fraud?
A. Presence of draw requests
B. Missing documentation
C. Increasing trend in the number of change orders
D. High turnover in developer’s personnel
An increasing trend in the number of change orders or amounts on change orders might be an indication
that construction changes have taken place that would alter the originally planned project to such an
extent as to render the underwriting inappropriate.
Alternatively, some projects—especially large projects—tend to have many change orders. It might be more
abnormal in situations like these to have few change orders or none at all than to have many. For instance, a lack of
change orders for a large project might suggest that progress is not actually being made. Ultimately, the key
characteristic that the fraud examiner should look for in change orders is abnormality, which can come in many forms.
Fraud examiners should discover what the normal trend for change orders is in terms of both quantity and content
with the particular type of industry and project, and then they can look for deviations from those trends.
23. In a construction loan, developer overhead is a ripe area for abuse. The purpose of
developer overhead is to provide:
A. Budget shortfall
B. Operating capital
C. Profit margin
D. Labor reimbursements
It is not uncommon in construction financing to have a budget line item for developer overhead. This is a
ripe area for abuse. The purpose of developer overhead is to supply the developer with operating capital
while the project is under construction. This overhead allocation should not include a profit percentage, as
the developer realizes profit upon completion
24. Which of the following statements regarding new account fraud is LEAST ACCURATE?
A. Fraud is more likely to occur in accounts that have been newly opened than in established accounts.
B. New account fraud can be defined as any fraud that occurs on an account within the
first ninety days that it is open.
C. Automated teller machines (ATMs) are often enticing targets for new account fraud because
they do not require in-person transactions with bank tellers.
D. Mobile deposits are at low risk for new account fraud because they involve sending digital images
of payment orders to financial institutions rather than providing physical copies.
25. An unauthorized withdrawal is a type of embezzlement scheme in which financial
institution employees debit the general ledger to credit their own accounts or to cover up
a theft from a customer account.
A. True
B. False
There are various embezzlement schemes that have been used over time against financial institutions.
In false accounting entry schemes, employees debit the general ledger to credit their own accounts or
cover up a theft from a customer account. In other words, employees adjust the general ledger to cover
the stolen amount.
In an unauthorized withdrawal scheme, employees simply make unauthorized withdrawals from customer
accounts; they do not attempt to cover up the theft by adjusting the financial institution’s general ledger.
26. Which of the following is a common area for construction loan fraud schemes?
A. Estimates of costs to complete
B. Retainage
C. Developer overhead
D. All of the above
Construction lending has different vulnerabilities than other permanent or interim lending. More risks are
associated with construction projects than with already-built projects. Construction loan fraud schemes
are numerous; the more common ones are related to estimates of costs to complete, developer overhead,
draw requests, and retainage/holdback schemes.
27. Because it is a common occurrence, the fact that documents are missing from a loan file
is generally not a red flag for loan fraud.
A. True
B. False
Missing or altered documentation is a red flag for any type of fraud scheme, and it is a particular concern for loan fraud.
While it is true that many loan files have missing documents, it is important to determine if the documents have
been misplaced or were never received. A waiver of certain documents is one common way for lenders to conceal
fraud schemes.
Corruption
1. Daniela, a plant manager for a utility company, has her own commercial cleaning
business on the side. Daniela threatened to withhold business from any vendors of the
utility company that did not hire her cleaning business for their office cleaning needs.
Which of the following best describes the type of corruption scheme in which Daniela
engaged?
A. Kickback scheme
B. Economic extortion scheme
C. Illegal gratuity scheme
D. Collusion scheme
2. Which of the following is a basic method used to prove corrupt payments in corruption
schemes?
A. Identifying and tracing payments through audit steps
B. Secretly infiltrating ongoing transactions
C. Turning an inside witness
D. All of the above
There are three basic ways to prove corrupt payments:
 Turn an inside witness.

 Secretly infiltrate or record ongoing transactions.
 Identify and trace the corrupt payments through audit steps.
3. Which of the following is a typical method used to make corrupt payments in corruption
schemes?
A. Payment toward credit card debt
B. Checks and other financial instruments
C. Gifts, travel, and entertainment
D. All of the above
Often, corruption schemes involve corrupt payments—items of value paid to procure a benefit contrary to
the rights of others. There are various ways to make corrupt payments, and many do not involve money.
Any tangible benefit given or received with the intent to corruptly influence the recipient can be an illegal
payment, and traditional methods of making corrupt payments include:
 Gifts, travel, and entertainment

 Cash payments
 Checks and other financial instruments
 Hidden interests
 Loans
 Credit cards
 Transfers not at fair market value
 Promises of favorable treatment
4. Payers can make corrupt payments by giving recipients hidden interests in profit-making
enterprises.
A. True
B. False
A payer might make a corrupt payment by giving the recipient a hidden interest in a joint venture or other
profit-making enterprise.
5. Which of the following scenarios is an example of a conflict of interest?
A. An employee is related to someone who works for one of their company’s vendors and informs their
employer of the relationship.
B. An employee has an undisclosed personal relationship with a company that does business with their employer.
C. An employee for a pharmaceutical company has an economic interest in a company that does
business with their employer and discloses it to their employer.
D. An employee for a phone installation company works as a fishing guide on weekends
but does not tell the phone company about the other job.
A conflict of interest occurs when an employee or agent—someone who is authorized to act on behalf of a principal—
has an undisclosed personal or economic interest in a matter that could influence their professional role.
Thus, an employee with an undisclosed personal relationship with a company that does business with their
employer is engaged in a conflict of interest. An employee who has an undisclosed side job would not be engaged in
a conflict of interest provided that the job is in a different industry, does not create a time conflict, and does not create
any personal or economic interest that could influence their ability to act in their primary employer's best interest.
Most conflicts of interest occur because the fraudster has an undisclosed economic interest in a transaction, but a
conflict can exist when the fraudster’s hidden interest is not economic. In some scenarios, an employee acts in a
manner detrimental to their company to provide a benefit to a friend or relative, even though the fraudster receives
no financial benefit.
Conflicts of interest do not necessarily constitute legal violations, as long as they are properly disclosed. Thus, to be
classified as a conflict of interest scheme, the employee’s interest in the transaction must be undisclosed. The crux
of a conflict case is that the fraudster takes advantage of their employer; the victim organization is unaware that its
employee has divided loyalties. If an employer knows of the employee’s interest in a business deal or negotiation,
there can be no conflict of interest, no matter how favorable the arrangement is for the employee.
6. Which of the following scenarios is an example of a kickback scheme?
A. A politician threatens to shut down a business if it does not pay a bribe
B. An employee receives a payment for directing excess business to a vendor
C. A government official demands money in exchange for making a business decision
D. A vendor inflates the amount of an invoice submitted to the company for payment
Kickbacks are improper, undisclosed payments made to obtain favorable treatment. Thus, an employee who receives
a payment for directing excess business to a vendor is an example of a kickback scheme. In such cases, there might
not be any overbilling involved; the vendor simply pays the kickbacks to ensure a steady stream of business from the
purchasing company.
Extortion is defined as the obtaining of property from another, with the other party’s consent induced by wrongful use of
actual or threatened force or fear. Economic extortion is present when an employee or official, through the wrongful use
of actual or threatened force or fear, demands money or some other consideration to make a particular business decision
Thus, an example of an economic extortion scheme is if a government official demands money in exchange for making a
business decision. Similarly, another example of an economic extortion scheme would be if a politician threatens to shut
down a business if it does not pay a bribe.
7. When an employee or official uses force or fear to demand money in exchange for making a particular
business decision, that individual is engaging in:
A. An illegal gratuity scheme
B. Economic extortion
C. A kickback scheme
D. Bribery
Extortion is defined as the obtaining of property from another, with the other party’s consent induced by wrongful use of
actual or threatened force or fear. Economic extortion is present when an employee or official, through the wrongful use
of actual or threatened force or fear, demands money or some other consideration to make a particular business decision
. Thus, an example of an economic extortion scheme is if an employee or government official demands money in
exchange for making a business decision. Similarly, another example of an economic extortion scheme would be if
a politician threatens to shut down a business if it does not pay a bribe.
8. Which of the following is NOT an example of a corruption scheme?
A. A bank manager promises to approve a contractor’s loan application in exchange for discounted home
improvement work.
B. A procurement manager refuses to award contracts to vendors unless they agree to do business with
the company where the manager’s spouse works.
C. A vendor gives expensive airplane tickets to a government purchasing agent as a thank-you gift after the
agent awards a large contract to the vendor.
D. A law firm’s bookkeeper approves a fake invoice and issues a payment to a shell company that the
bookkeeper controls.
The three major types of occupational fraud are corruption, asset misappropriation, and financial statement fraud.
The bookkeeper’s payment to the shell company is an example of an asset misappropriation scheme, not a corruption
scheme.
Corruption involves the wrongful use of influence to procure a benefit for the actor or another person, contrary to the duty
or the rights of others. Corruption schemes include bribery, kickbacks, illegal gratuities, economic extortion, and collusion.
The bank manager’s promise to approve the contractor’s loan application in exchange for discounted home improvement
work is an example of a bribe. Bribery is defined as the offering, giving, receiving, or soliciting of corrupt payments (i.e.,
items of value paid to procure a benefit contrary to the rights of others) to influence an official act or business decision.
Bribes do not necessarily involve direct payments of cash or goods. Promises of favorable treatment can constitute
corrupt payments.
The vendor’s gift of expensive airplane tickets is an example of an illegal gratuity. Illegal gratuities are items of value
given to reward a decision, often after the recipient has made the decision. Illegal gratuities are similar to bribery
schemes except that, unlike bribery schemes, illegal gratuity schemes do not necessarily involve an intent to influence
a particular decision before the fact.
The procurement manager’s refusal to award contracts to vendors unless they agree to do business with the company
where the manager’s spouse works is an example of economic extortion. Economic extortion is present when an
employee or official, through the wrongful use of actual or threatened force or fear, demands money or some other
consideration to make a particular business decision.
9. Bruce is a purchaser for Acme Widgets. Bruce’s brother-in-law is a salesperson for Olson Electronics,
one of Acme’s largest suppliers. Bruce told his supervisor about the relationship, and she approved his
ordering of supplies from his brother-in-law as long as the purchases were reviewed by a senior manager
. Bruce did not receive any favors or money from his brother-in-law in return for the sales. A year after
Bruce discussed the situation with his supervisor, Acme’s management discovers that another supplier
offers the same parts as Olson Electronics but at a cheaper price. Acme Widgets is considering suing
Bruce for conflict of interest. Which of the following is the MOST ACCURATE statement about Acme’s
10. chances of success?
A. Acme’s chances are good because it is clear that Bruce had a conflict of interest in dealing with his brother-in-law.
B. Acme’s chances are poor because the company was aware of the situation and allowed Bruce to do
business with his brother-in-law’s company despite the relationship.
C. Acme’s chances are poor because Bruce did not actually receive any money from his brother-in-law for
sending him business.
D. Acme’s chances are good because it could have gotten the supplies at a lower price.
11. Elena Smith, a city commissioner, negotiated a land development deal with a group of private
investors. After the deal was approved, the investors rewarded Elena with an all-expenses-paid
trip, even though giving such rewards to government officials is prohibited by law. Which of the
following is the most appropriate term to describe what has taken place?
A. Economic extortion
B. Illegal gratuity
C. Need recognition
D. Collusion
12. James is a purchaser for a large government entity. ABC Inc. tells James that if he
awards ABC at least $5 million in contracts over the next two years, then ABC will hire
James at the end of the two years at twice his current salary. Because no actual money
changes hands, this could not be considered a bribery or corruption scheme.
A. True
B. False
Bribes do not necessarily involve direct payments of cash or goods. Bribery may be defined as the
offering, giving, receiving, or soliciting of corrupt payments—items of value paid to procure a benefit
contrary to the rights of others—to influence an official act or business decision. Promises of favorable
treatment can constitute corrupt payments. Such promises commonly take the following forms:
 A payer might promise a government official lucrative employment when the recipient leaves
government service.
 An executive leaving a private company for a related government position might be given
favorable or inflated retirement and separation benefits.
 The spouse or other relative of the intended recipient might also be employed by the payer
company at an inflated salary or with minimal actual responsibility.
13. Which of the following statements about the methods used to make corrupt payments in
corruption schemes is INCORRECT?
A. Payers often make corrupt payments by buying assets from recipients and allowing the recipients to retain title or us
B. Payers often make corrupt payments by using their credit cards to pay recipients’ transportation, vacation, and ente
C. Payers often make corrupt payments by selling property to recipients at prices higher than the property’s market val
D. Payers often make corrupt payments by making outright payments falsely described as innocent loans.
Corrupt payments often take the form of loans. Three types of loans often turn up in fraud cases:
 An outright payment that is falsely described as an innocent loan

 A legitimate loan in which a third party—the corrupt payer—makes or guarantees payments to
satisfy the loan
 A legitimate loan made on favorable terms (e.g., an interest-free loan)
A corrupt payment can be in the form of credit card use or payments toward a party’s credit card debt.
The payer might use a credit card to pay a recipient’s transportation, vacation, or entertainment
expenses, or the payer might pay off a recipient’s credit card debt. In some instances, the recipient might
carry and use the corrupt payer’s credit card.
Corrupt payments also might come in the form of promises of favorable treatment. In addition, corrupt
payments might occur in the form of transfers for a value other than fair market. In such transfers, the
corrupt payer might sell or lease property to the recipient at a price that is less than its market value, or
the payer might agree to buy or rent property from the recipient at an inflated price. The recipient might
also “sell” an asset to the payer but retain the title or use of the property.
14. Kickbacks are improper, undisclosed payments made to obtain favorable treatment.
A. True
B. False
Kickbacks are improper, undisclosed payments made to obtain favorable treatment. For example, in a
kickback scheme, an employee might receive compensation in exchange for directing excess business to
a vendor. Such compensation could involve monetary payments, entertainment, travel, or other favorable
perks.
15. Which of the following is TRUE regarding the methods typically used for making corrupt
payments in corruption schemes?
A. Payers often make corrupt payments by selling property to recipients at prices lower than the property’s
market value
B. Payers often make corrupt payments by paying off the recipient’s credit card debt
C. Payers often make corrupt payments by offering recipients loans on extremely favorable terms
D. All of the above

satisfy the loan
A corrupt payment can be in the form of credit card use or payments toward a party’s credit card debt.
The payer might use a credit card to pay a recipient’s transportation, vacation, or entertainment
expenses, or the payer might pay off a recipient’s credit card debt. In some instances, the recipient might
carry and use the corrupt payer’s credit card.
Corrupt payments also might come in the form of promises of favorable treatment. In addition, corrupt
payments might occur in the form of transfers for a value other than fair market. In such transfers, the
corrupt payer might sell or lease property to the recipient at a price that is less than its market value, or
the payer might agree to buy or rent property from the recipient at an inflated price. The recipient might
also “sell” an asset to the payer but retain the title or use of the property.
16. Corruption involves the wrongful use of influence to procure a benefit for the actor or
another person, contrary to the duty or the rights of others.
A. True
B. False
The three major types of occupational fraud are corruption, asset misappropriation, and financial
statement fraud. Corruption involves the wrongful use of influence to procure a benefit for the actor or
another person, contrary to the duty or the rights of others. Corruption schemes include bribery,
kickbacks, illegal gratuities, economic extortion, and collusion.
17. Which of the following is NOT a type of loan that frequently turns up in corruption cases?
A. A legitimate loan made on favorable terms
B. An outright payment falsely described as an innocent loan
C. A legitimate loan made at market rates
D. A legitimate loan in which a third party makes the loan payments
satisfy the loan
A legitimate loan made at market rates would not typically turn up in a corruption case because the loan
recipient would not be receiving anything unusual or special.
Cyberfraud
1. After paying the ransom demanded by the fraudster, a ransomware victim is always
granted access to all locked files on the compromised computer.
A. True
B. False
Ransomware, as its name implies, is a form of malware that locks a user’s operating system and restricts
access to data files until a ransom is paid. While some ransomware simply prevents access to files, other
forms actually encrypt users’ files. This is of particular concern to businesses due to the potentially
disastrous threat of encrypted network drives. These schemes typically promise that, after payment is
received, the user will be provided with a key to release the system and unencrypt files; however, even
after money is transferred, many victims find that the malware remains installed on their machine and a
key is never provided.
Less sophisticated forms of ransomware have also appeared that claim to have encrypted victims’ files
when the malware has simply deleted the files, thus tricking victims into paying to regain access to files
that no longer exist. Some forms of this imitation ransomware go a step farther by deleting the restore
points and registry keys needed to reboot a system in safe mode or overwriting deleted files to make
them nearly impossible to recover.
2. Which of the following is an example of an effective administrative security control?
A. Separation of duties
B. Security audits and tests
C. Security policies and awareness training
D. All of the above
Administrative security (or personnel security) consists of management constraints, operational

procedures, accountability procedures, and supplemental administrative controls established to provide
an acceptable level of protection for computing resources. In addition, administrative controls include
procedures established to ensure that all personnel who have access to computing resources have the
required authorizations and appropriate security clearances. Examples of effective administrative controls
for cybersecurity include:
 Security policies and awareness training

 Separation of duties
 Computer security risk assessments
 Security audits and tests
 Incident response plans
3. Vishing is a type of phishing scheme that uses text messages or other short message
systems to dupe an individual or business into providing sensitive data by falsely
claiming to be from an actual business, bank, internet service provider (ISP), or other
entity.
A. True
B. False
SMiShing is a hybrid of phishing and short message service (SMS), also known as text messaging. These
schemes use text messages or other short message systems to conduct phishing activities. That is, in
SMiShing schemes, the attacker uses text messages or other SMSs to dupe an individual or business
into providing sensitive data by falsely claiming to be from an actual business, bank, internet service
provider (ISP), or other entity with which the target does business.
In vishing schemes, the attacker leverages Voice over Internet Protocol (VoIP) in the telephone system to
falsely claim to be a legitimate enterprise in an attempt to scam users into disclosing personal information
or executing an act that furthers a scheme.
4. Which of the following is an accurate definition of SMiShing?
A. Stealing data from payroll accounts through the use of computers
B. Stealing private financial data through the use of voice mail
C. Obtaining sensitive data by impersonating a government official
D. Obtaining sensitive data through the use of text message
SMiShing is a hybrid of phishing and short message service (SMS), also known as text messaging. These
schemes use text messages or other short message systems to conduct phishing activities. That is, in
SMiShing schemes, the attacker uses text messages or other SMSs to dupe an individual or business
into providing sensitive data by falsely claiming to be from an actual business, bank, internet service
provider (ISP), or other entity with which the target does business.
5. Which of the following is the most accurate definition of a firewall?
A. A system that blocks unauthorized or unverified access to network assets by surveying incoming and
outgoing transmissions
B. A system that authenticates users by monitoring their statistical characteristics, such as typing speed and
keystroke touch
C. A device that takes information and scrambles it so that it is unreadable by anyone who does not have a
specific code
6. Which of the following lists the information security goals that an e-commerce system
should achieve for its users and asset holders?
A. Confidentiality, integrity, availability, authentication, and non-repudiation
B. Penetrability, accuracy, exactness, materiality, and systems reliability
C. Penetrability, accuracy, availability, authentication, and systems reliability
D. Exactness, invulnerability, accuracy, materiality, and data/systems response
All branches of an information system, including the e-commerce branch, strive to provide security to their
users and asset holders. The following is a list of common information security goals that should be
achieved to ensure the security of information systems for users and account holders:
 Confidentiality of data
 Integrity of data
 Availability of data
 Authentication
 Non-repudiation
7. Which of the following is NOT one of the recommended steps for responding to a cybersecurity
incident?
A. Authorization
B. Preparation
C. Containment and eradication
D. Detection and analysis
Every organization should be ready to respond to a wide range of cybersecurity incidents, including
cyberattacks and data breaches. The recommended methodology for responding to cybersecurity
incidents can be summarized in the following steps:
1. Preparation
2. Detection and analysis
3. Containment and eradication
4. Breach notification
5. Recovery and follow-up

Authorization is a step required when allowing a user to gain logical access to computer systems and
networks. It is not a step in the recommended methodology for responding to cybersecurity incidents.
8. Logical access controls, encryption, and application security are all technical security
controls used to safeguard computer systems and communication networks.
A. True
B. False
Technical security involves the use of safeguards incorporated into computer hardware or systems,
operations or applications software, communications hardware and software, and related devices.
Computer networks and communications are inherently insecure and vulnerable to attack and disruption.
Consequently, management must use technical controls to protect systems against threats like
unauthorized use, disclosure, modification, destruction, or denial of service.
Common technical controls used to secure computer systems and communication networks include:
 Logical access controls

 Network security
 Operating system security
 Encryption
 Application security
9. Which of the following is the MOST ACCURATE definition of spyware?
A. A self-replicating computer program that penetrates operating systems to spread malicious code to other systems
B. A type of software that collects and reports information about a computer user without the user’s knowledge or
consent
C. Any software application in which advertising banners are displayed while a program is running
D. A program or command procedure that gives the appearance that it is useful but actually contains hidden
malicious code that causes damage
Spyware is a type of software that collects and reports information about a computer user without the
user’s knowledge or consent.
10. Which of the following is an information security goal that an e-commerce system should
endeavor to meet for its users and asset holders?
A. Systems reliability
B. Access authority
C. Non-repudiation
D. Exactness
Non-repudiation is an information security goal that an e-commerce system should strive to provide its
users and asset holders. It refers to a method used to guarantee that the parties involved in an e-
commerce transaction cannot repudiate (deny) participation in that transaction. Non-repudiation is
obtained through the use of digital signatures, confirmation services, and timestamps.
Additional information security goals that should be achieved to ensure the security of information
systems for users and account holders include:
 Confidentiality of data
 Integrity of data
 Availability of data
 Authentication
11. Which of the following is the MOST ACCURATE definition of a computer worm?
B. A program or command procedure that gives the appearance that it is useful but actually contains hidden
C. A type of software that, while not definitely malicious, has a suspicious or potentially unwanted aspect to it
D. Any software application in which advertising banners are displayed while a program is running
A computer worm is a malicious self-replicating computer program that penetrates operating systems to
spread malicious code to other computers.
12. Which of the following refers to the type of network security systems that are designed to
supplement firewalls and other forms of network security by detecting malicious activity
coming across the network or on a host?
A. Network access controls
B. Network address prevention systems
C. Intrusion detection systems
D. Intrusion admission systems
13. ___________ is the technical security control involving deliberate scrambling of a

message so that it is unreadable except to those who hold the key for unscrambling the
message.
A. Alteration of input
B. Customer validation
C. Encryption
D. Firewall security
Encryption is one of the most effective methods of protecting networks and communications against
attacks through technical security controls. Encryption is the deliberate scrambling of a message so that it
is unreadable except to those who hold the key for unscrambling the message. Any confidential
information or credit card numbers should be encrypted in their entirety.
14. Which of the following is a type of physical access control device that can be used to
control access to physical objects?
A. Biometric systems
B. Locks and keys
C. Electronic access cards
D. All of the above
There are various types of physical access control devices that can be used to control access to physical
objects. Some common types include:
 Locks and keys

 Electronic access cards
 Biometric systems
15. Matthew receives a voice mail message telling him that his credit card might have been
used fraudulently. He is asked to call a phone number. When he calls the number, he
hears a menu and a list of choices that closely resembles those used by his credit card
company. The phone number even appears to be similar to that of his card issuer. Of
which of the following types of schemes has Matthew become the target?
A. Vishing
B. Spear phishing
C. Pharming
D. SMiShing
16. Which of the following best describes social engineering?
A. A method for gaining unauthorized access to a computer system in which an attacker hides near the target to obtain
can use to facilitate their intended scheme
B. A method for gaining unauthorized access to a computer system in which an attacker deceives victims into disclosin
convinces them to commit acts that facilitate the attacker’s intended scheme
C. A method for gaining unauthorized access to a computer system in which an attacker searches through large quant
sensitive information that they can use to facilitate their intended scheme
D. A method for gaining unauthorized access to a computer system in which an attacker bypasses a system’s security
undocumented operating system and network functions
17. Which of the following are considered red flags of insider cyberfraud?
I. Access privileges limited to those required to perform assigned tasks.

II. Access logs are not reviewed.
III. Production programs are run during normal business hours.
IV. Exception reports are not reviewed and resolved.
A. III and IV only
B. I and III only
C. II and IV only
D. I, II, III, and IV
18. Which of the following are information security goals that an e-commerce system should
endeavor to meet for its users and asset holders?
I. Penetrability of data
II. Materiality of data
III. Integrity of data
IV. Availability of data
A. I, II, III, and IV
B. II and III only
C. III and IV only
D. I, II, and III only
19. Which of the following is the MOST ACCURATE definition of a Trojan horse?
A. A type of software that collects and reports information about a computer user without the user’s knowledge or
consent
B. A virus that changes its structure to avoid detection
C. A software program that contains various instructions that are carried out every time a computer is turned on
A Trojan horse is a program or command procedure that gives the appearance that it is useful but
actually contains hidden malicious code that causes damage. When the hidden code in a Trojan horse is
activated, it performs some unwanted or harmful function. Often, viruses and worms attach themselves to
other legitimate programs, becoming Trojan horses and spreading to other systems
20. Which of the following types of malware can be used to generate illicit income in the form
of cryptocurrency, while slowing down an infected computer and causing victims to incur
costs related to power usage or cloud storage?
A. Keyloggers
B. Spyware
C. Overwrite viruses
D. Coin miners
21. A virus that loads itself onto the target system's memory, infects other files, and then unloads itself
is called a:
A. Network virus
B. Boot sector virus
C. Direct-action virus
Direct-action viruses load themselves onto the target system's memory, infect other files, and then unload
themselves.
22. Which of the following is an administrative security control that an organization’s
management can implement?
A. Creating an incident response plan
B. Installing a firewall for the network
C. Issuing smart access cards to employees
D. Backing up system files regularly


23. A fraudster uses the email account of a company’s president to impersonate the
president and ask an employee to make a wire transfer. This can best be described
as which of the following types of fraud schemes?
A. Reverse social engineering
B. Shoulder surfing
C. Pharming
D. Business email compromise
24. Which of the following is the MOST ACCURATE definition of a software keylogger?
B. A type of program that monitors and logs the keys pressed on a system’s keyboard
C. A type of software that, while not definitely malicious, has a suspicious or potentially unwanted aspect to it
Keyloggers monitor and log (or track) the keys pressed on a system’s keyboard, and they can be either
software or hardware based. Accordingly, some keyloggers are malware, but others are not.
25. To ensure separation of duties within the information systems department and between
IT and business unit personnel, computer operators should be responsible for performing
computer programming.
A. True
B. False
Separation of duties is a key element in a well-designed internal control system, and it is fundamental to
data security. There are various options for achieving separation of duties in information security, and the
options vary depending on department responsibilities. For example, some of the best practices for
ensuring separation of duties within the information systems department and between IT and business
unit personnel include:
 Programmers should not have unsupervised access to production programs or have access to
production data sets (data files).
 IT personnel’s access to production data should be limited.
 Application system users should only be granted access to those functions and data required for
their job duties.
 Program developers should be separated from program testers.
 System users should not have direct access to program source code.
 Computer operators should not perform computer programming.
 Development staff should not have access to production data.
 Development staff should not access system-level technology or database management systems.
 End users should not have access to production data outside the scope of their normal job duties.
 End users or system operators should not have direct access to program source code.
 Programmers should not be server administrators or database administrators.
 IT departments should be separated from information user departments.
 Functions involving the creation, installation, and administration of software programs should be
assigned to different individuals.
 Managers at all levels should review existing and planned processes and systems to ensure
proper separation of duties.
 Employees’ access to documents should be limited to those that correspond with their related job
tasks.
26. Pharming is a type of attack in which users are fooled into entering sensitive data into a
malicious website that imitates a legitimate website.
A. True
B. False
Pharming is a type of attack in which users are fooled into entering sensitive data (such as a password or
credit card number) into a malicious website that imitates a legitimate website. It is different from phishing
in that in pharming schemes, the attacker does not have to rely on having users click on a link in an email
or other message to direct them to the imitation website.
27. Which of the following best describes phishing?
A. A method for acquiring sensitive information needed to facilitate a specific scheme by searching through
large quantities of available data
B. A method for acquiring sensitive information by bypassing a computer system’s security through the use of an
undocumented operating system and network functions
C. A method for acquiring sensitive information by falsely claiming through electronic communication to be from
an entity with which the target does business
D. A method for acquiring sensitive information in which an attacker hides near the target to gain unauthorized
access to a computer system
28. All of the following are best practices for ensuring separation of duties within the
information systems department and between IT and business unit personnel EXCEPT:
A. Program developers should not be responsible for testing programs.
B. End users should not have access to production data outside the scope of their normal job duties.
C. IT departments should not overlap with information user departments.
D. Only programmers should be server administrators.
29. The primary purpose of physical access controls is to prevent unauthorized access to
computer software.
A. True
B. False
Physical access controls refer to the process by which users are allowed access to physical objects (e.g.,
buildings). In contrast, logical access controls are tools used to control access to computer information
systems and their components.
30. Which of the following is a technical security control that involves application-level
controls implemented to prevent data from being accessed, stolen, modified, or deleted
by unauthorized users?
A. Application security
B. Network security
C. Data classification
D. Multifactor authentication
31. All of the following can help prevent a computer from being infected by malicious
software EXCEPT:
A. Using anti-malware software
B. Updating with the latest security patches
C. Updating the operating system regularly
D. Installing shareware into a system's root directory
The following measures can help avoid infection from a malicious program:
 Use anti-malware software to scan all incoming email messages and files.
 Regularly update virus definitions in anti-malware programs.
 Use precaution when opening emails from acquaintances.
 Do not open email attachments unless they are from trusted sources.
 Only download files from reputable sources.
 Regularly update the operating system.
 Regularly update the computer with the latest security patches available for the operating system,
software, browser, and email programs.
 Ensure that there is a clean boot disk to facilitate testing with antivirus software.
 Use a firewall and keep it turned on.
 Consider testing all computer software on an isolated system before loading it.
 In a network environment, do not place untested programs on the server.
 Secure the computer against unauthorized access from external threats such as hackers.
 Keep backup copies of production data files and computer software in a secure location.
 Scan pre-formatted storage devices before using them.
 Consider preventing the system from booting with a removable storage device (such as a USB
flash drive); this might prevent accidental infection.
 Establish corporate policies and an employee education program to inform employees of how
malware is introduced and what to do if malware is suspected.
 Encourage employees to protect their home systems as well. Many malware infections result
from employees bringing infected storage devices or files from home.
32. Which of the following activities does NOT typically occur during the containment and
eradication step of the recommended methodology for responding to cybersecurity
incidents?
A. Notifying the appropriate internal personnel
B. Identifying all incidents of breach that occurred
C. Limiting the damage caused by the attack
D. Restoring control of the affected systems
33. Which of the following is a measure that management can take to prevent an
organization’s computers from being infected by malicious software?
A. Regularly update the organization’s operating systems.
B. Prevent employees from opening any emails with attachments.
C. Only allow systems to boot with removable storage devices.
D. Require that users reuse passwords for important accounts.

The following measures can help avoid infection from a malicious program:
 Use anti-malware software to scan all incoming email messages and files.
 Regularly update virus definitions in anti-malware programs.
 Use precaution when opening emails from acquaintances.
 Do not open email attachments unless they are from trusted sources.
 Only download files from reputable sources.
 Regularly update the operating system.
 Regularly update the computer with the latest security patches available for the operating system,
software, browser, and email programs.
 Ensure that there is a clean boot disk to facilitate testing with antivirus software.
 Use a firewall and keep it turned on.
 Consider testing all computer software on an isolated system before loading it.
 In a network environment, do not place untested programs on the server.
 Secure the computer against unauthorized access from external threats such as hackers.
 Keep backup copies of production data files and computer software in a secure location.
 Scan pre-formatted storage devices before using them.
 Consider preventing the system from booting with a removable storage device (such as a USB
flash drive); this might prevent accidental infection.
 Establish corporate policies and an employee education program to inform employees of how
malware is introduced and what to do if malware is suspected.
 Encourage employees to protect their home systems as well. Many malware infections result
from employees bringing infected storage devices or files from home.
34. Pharming differs from phishing in that in a pharming scheme:
A. The attacker does not have to rely on having users click on a link in an email or other message to direct them to
the malicious website that is imitating a legitimate website.
B. The attacker has to rely on having users click on a link in an email or other message to direct them to the
malicious website that is imitating a legitimate website.
C. The attacker delivers the solicitation message via telephones using Voice over Internet Protocol (VoIP) instead of
email.
D. The attacker delivers the solicitation message via short message service (also known as SMS or text messaging)
instead of email.
35. Which of the following is NOT an indicator that a computer or network might have been
accessed or compromised by an unauthorized user or entity?
A. An authorized user is denied access to an area in the network that is part of their role.
B. Users receive a notification to update their system passwords before they expire.
C. A user in the IT department detects geographical irregularities in network traffic.
D. Users are prompted to install unusual software or patches onto their computers.
Recognizing that a computer or network has been accessed by an unauthorized user or entity is one of
the most important elements of cybersecurity. Signs that attackers accessed or are currently attempting to
access a system might be referred to as indicators of compromise (IOCs) or indicators of attack (IOAs)
depending on the context. Regardless of the technical labels a cybersecurity professional might use to
describe an indication of intrusion, it is important for fraud examiners and other computer system users to
recognize signs that intruders have accessed or affected the system, which can include unusual inbound
or outbound network traffic, anomalies in user access to network files, or unusual network or computer
performance.
Every day, organizations’ networks experience inbound and outbound traffic as part of the normal course
of business. Among the typical types of traffic are emails sent to and from employees, as well as data
transmitted to or from the internet. Abnormal traffic, either higher or lower than usual, could be an
indication that an attacker has gained access to an organization’s network and is manipulating traffic by
sending malicious software to the network or exfiltrating data from it, among other things. A common sign
of unusual network traffic includes geographical irregularities related to network access and traffic.
Most organizations employ a system that restricts access to sensitive files or information on their network
to only those who require that access as part of their organizational role, and user patterns typically reflect
access that aligns with the normal course of business. Any abnormalities or outliers to the usual access
patterns could indicate that the network has been compromised by an insider or external actor and might
include passwords that are not working or bundles of data being in the incorrect place.
Many different types of computer and network intrusion or compromise can result in performance issues
for the computers or networks that are presumed to be affected, whether the issues relate to malware
infection, external unauthorized access, or insider actions. Some unusual performance issues that could
indicate that a computer or network is compromised might include unexpected patching of systems or the
installation of unwanted or unknown software.
36. An incident response plan should be created and implemented during the breach
notification step of the recommended methodology for responding to cybersecurity
incidents.
A. True
B. False
Every organization should be ready to respond to a wide range of cybersecurity incidents, including
cyberattacks and data breaches. The recommended methodology for responding to cybersecurity
incidents can be summarized in the following steps:
1. Preparation
2. Detection and analysis
3. Containment and eradication
4. Breach notification
5. Recovery and follow-up

It is critical that organizations have an incident response plan for dealing with intrusions before they occur.
An incident response plan describes the actions the organization will take when a data breach occurs.
The incident response plan should be created and implemented during the preparation step.
37. Which of the following is NOT a common carrier of malware?
A. Dual in-line memory modules
B. Freeware and shareware files
C. Email attachments
D. Files downloaded from the internet
Malware can infect computer systems from many sources. Some of the more common carriers of
malware include:
 Unknown or unchecked application software

 Infected websites
 Banner ads
 Software or media that employees bring to work
 Files downloaded from the internet
 Infected software from vendors and suppliers
 Uncontrolled and shared program applications
 Files uploaded from storage devices, such as USB flash drives
 Demonstration software
 Freeware and shareware files
 Email attachments
38. Which of the following is NOT an example of a business email compromise (BEC)
scheme?
A. Fraudsters use botnets to send massive amounts of emails for the purpose of enticing the recipients to click on
a fraudulent URL.
B. Fraudsters use the compromised email account of an executive to request employees’ personally identifiable
information from the person who maintains such information.
C. Fraudsters posing as a company’s foreign supplier send an email to the company and request that funds be
transferred to an alternate account controlled by the fraudsters.
D. Fraudsters use the compromised email account of a high-level executive to pose as the executive and ask an
employee to transfer funds to the fraudsters’ account.
39. Which of the following is an example of an indicator of intrusion that an employee might
encounter when working on their company’s network?
A. The user’s computer is sending an abnormal amount of data to other countries
B. The user’s contacts are receiving strange email messages from the user’s account
C. The user’s web searches are automatically redirected to other websites
D. All of the above
Regardless of the technical labels a cybersecurity professional might use to describe an indication of
intrusion, it is important for fraud examiners and other computer system users to recognize signs that
intruders have accessed or affected the system, which can include unusual inbound or outbound network
traffic, anomalies in user access to network files, or unusual network or computer performance.
Every day, organizations’ networks experience inbound and outbound traffic as part of the normal course
of business. Among the typical types of traffic are emails sent to and from employees, as well as data
transmitted to or from the internet. Abnormal traffic, either higher or lower than usual, could be an
indication that an attacker has gained access to an organization’s network and is manipulating traffic by
sending malicious software to the network or exfiltrating data from it, among other things. Common signs
of unusual network traffic might include:
 Geographical irregularities related to network access and traffic

 Mismatched port-application traffic
 Unusual domain name system (DNS) requests
 Web traffic with unhuman behavior
 Contacts receiving strange messages from email accounts
 Redirected web searches
40. Which of the following statements about ransomware is TRUE?
A. Ransomware is a classification of malware designed to simplify or automate online criminal activities.
B. Ransomware is a program or command procedure that gives the appearance of being useful but actually
contains hidden malicious code that causes damage.
C. Ransomware is a type of software that collects and reports information about a computer user without the
D. Ransomware is a form of malware that locks a user’s operating system and restricts access to data files
until a payment is made
Ransomware, as its name implies, is a form of malware that locks a user’s operating system and restricts
access to data files until a ransom is paid. To intimidate internet users into compliance, ransomware often
employs a convincing professional interface, commonly emblazoned with police insignia or an official
government logo. Messages sometimes consist of threatening accusations that the user has been caught
viewing illegal videos, downloading pirated media, or otherwise accessing forbidden internet content, with
the only remedy being to pay a fine. Other forms are far more direct and make no effort to conceal their
obvious attempts at extortion.
Spyware is a type of software that collects and reports information about a computer user without the
A Trojan horse is a program or command procedure that gives the appearance of being useful but
actually contains hidden malicious code that causes damage. When the hidden code in a Trojan horse is
activated, it performs some unwanted or harmful function. Often, viruses and worms attach themselves to
other legitimate programs, becoming Trojan horses and spreading to other systems.
Crimeware is not a type of malware but rather a classification of malware denoted by its intent to facilitate
criminal behavior. Crimeware can be described as malware designed to simplify or automate online
criminal activities, such as programs to fraudulently obtain financial gain from the affected user or other
third parties.
41. Which of the following objectives MOST ACCURATELY describes administrative security
controls?
A. Ensuring that all personnel who have access to computing resources have the required authorizations and
appropriate security clearances
B. Keeping unauthorized personnel from entering physical facilities and warning personnel when physical
security measures are being violated
C. Providing connectivity with acceptable response times, user-friendly access, and a secure mode at an
acceptable cost to the organization
D. Securing all organizational systems and data to the fullest possible extent, without considering budget
implications


42. A data classification policy can best be described as a(n):
A. Physical security control
B. Technical security control
C. Application security control
D. Administrative security control


43. Which of the following is the most accurate description of logical access?
A. The process by which users are allowed to use computer systems and networks
B. The process by which computer systems’ contents are encrypted
C. The process by which users are allowed to access and use physical objects
D. The process by which users can bypass application security over the software and libraries
Logical access refers to the process by which users are allowed to use computer systems and networks,
and logical access control refers to a process by which users are identified and granted certain privileges
to information, systems, or resources. These controls are designed to protect the confidentiality, integrity,
and availability of informational resources.
Logical access controls can be used to verify a person’s identity and privileges before granting the person
logical access to information or other online resources.

Prep Course 1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Prep Course 1

Uploaded by

Copyright:

Available Formats

Financial Transactions

1. Which of the following types of accounts are decreased by debits?

A. Owners’ equity

D. All of the above

3. Which accounting principle requires corresponding expenses and revenue to be recorded in the

A. Going concern

D. Faithful representation

5. Which of the following statements is TRUE regarding the balance sheet?

A. Going concern

C. Faithful representation

D. None of the above

A. Estimated replacement value

B. Appraised value

C. Current market value

D. Historical cost

8. Which of the following is the correct accounting model?

B. Assets = Liabilities + Owners' Equity

C. Assets = Liabilities – Owners' Equity

D. None of the above

A. Decreasing a liability

B. Creating an expense

C. Decreasing another asset

D. Reducing owners’ equity

A. Statement of changes in owners’ equity

B. Balance sheet

C. Income statement

D. Statement of cash flows

 Cash flows from operating activities

A. Net profit

B. Net sales

C. The cash balance

D. Operating expenses

15. Which of the following types of accounts are increased by credits?

C. Owners’ equity

D. All of the above

A. Going concern

A. Balance sheet

B. Statement of changes in owners' equity

C. Statement of cash flows

D. Income statement

A. Gross profit is equal to revenues less operating expenses.

C. Gross profit is another term for net income.

D. Gross profit is the top line of the income statement.

D. None of the above

B. There is concern that assets or income would be overstated

C. Adherence to GAAP would produce misleading results

D. All of the above

A. Increasing revenue

B. Increasing owners’ equity

C. Increasing a different liability

D. Increasing an asset

28. Calculating _____________ determines a company’s earnings for an accounting period by

A. Net profit

C. Cost of goods sold

D. Net sales

A. Income statement and balance sheet

B. Statement of cash flows and balance sheet

C. Balance sheet and statement of retained earnings

D. Income statement and statement of cash flows

A. Increasing another asset

B. Reducing revenue

D. All of the above

33. Which of the following appears on the balance sheet?

A. Cost of goods sold