Free ACFCS CFCS Exam Questions

Question 1

Recently your database of customer records was compromised and hundreds of thousands of customer's personal data was stolen Based on the feedback from your customers you have surmised that the following occurred. • Using the stolen customer information a personalized email was sent to all of the customers Irom the criminals with a significant amount of personal information in them to appear legitimate directing them to a fake website mimicking yours • That fake website captured logins and passwords from customers for later use • The criminals then used the logins and passwords to wire funds from those accounts to offshore accounts that they controlled Which type of attack is this?

A : Spear phishing

B : Key logging

C : Man-in-the-middle

D : Login capture

Answer: A

Question 2

A bank holds accounts for several different gatekeeper clients such as attorneys accountants and company formation agents II is conducting a periodic review of these accounts and updating their risk ratings. Which two accounts should the bank consider to be at highest risk? Choose 2 answers

A : A company formation agent that establishes private investment companies primarily for clients in Africa and Asia

B : An attorney whose practice specializes in cases involving maritime law in the international shipping industry

C : An accountant at a private accounting firm whose clients are large multinational agricultural corporations

D : A notary in Latin America who specializes in assisting clients from other countries with high-end real estate transactions

Answer: A,D

Question 3

Recently your database of customer records was compromised and hundreds of thousands of customer's personal data was stolen Based on the feedback from your customers you have surmised that the following occurred. • Using the stolen customer information a personalized email was sent to all of the customers Irom the criminals with a significant amount of personal information in them to appear legitimate directing them to a fake website mimicking yours • That fake website captured logins and passwords from customers for later use • The criminals then used the logins and passwords to wire funds from those accounts to offshore accounts that they controlled Which type of attack is this?

A : Spear phishing

B : Key logging

C : Man-in-the-middle

D : Login capture

Answer: A

Question 4

A bank holds accounts for several different gatekeeper clients such as attorneys accountants and company formation agents II is conducting a periodic review of these accounts and updating their risk ratings. Which two accounts should the bank consider to be at highest risk? Choose 2 answers

A : A company formation agent that establishes private investment companies primarily for clients in Africa and Asia

B : An attorney whose practice specializes in cases involving maritime law in the international shipping industry

C : An accountant at a private accounting firm whose clients are large multinational agricultural corporations

D : A notary in Latin America who specializes in assisting clients from other countries with high-end real estate transactions

Answer: A,D

Question 5

In the context of Compliance Programs and Controls, which of the following statements best describes the purpose of an organizational overview of financial crime controls?

A : To ensure strict adherence to internal audit procedures.

B : To identify potential vulnerabilities and risks within the organization's operations.

C : To facilitate efficient communication between different departments.

D : To solely focus on regulatory compliance without considering business objectives.

Answer: B