Question 1. Almost all computer criminals can be described as:
- professional criminals.
- technical hackers possessing strong computer skills.
- white collar professional criminals.
- amateurs who describe themselves as relatively honest.
Question 2. Logical access to the computer system would be best controlled by:
- intrusion alarm systems.
- complex operating systems.
- restrictions on physical access to online terminals.
- password codes.
Question 3. Hacking involves:
- stealing carbons of credit cards.
- destroying computer hardware.
- gaining illegal entry to computer files from remote locations.
- inserting a logic bomb in a computer program
Question 4. An ideal control is:
- a control procedure that reduces to practically zero the risk of an error or an irregularity taking place and not being detected.
- a control procedure that is anticipated to have the lowest possible cost in relation to its benefits.
- a control procedure that should always be implemented into a company's system due to the efficiency and effectiveness that will result from its implementation.
- a control procedure that is always cost effective.
Question 5. Which of the following statements is true?
- The COSO report failed to define internal control.
- The COSO report emphasized that an internal control system is a tool of management.
- SAS 78 rejected the definition of internal control provided in the COSO report.
- COBIT concluded that a company's management is not responsible for establishing and monitoring a company's internal control system.
Question 6. Regarding the internal audit function, which of the following statements is true?
- Since many internal auditors have accounting backgrounds, the internal audit function should ideally be included within a company's accounting subsystem.
- It is not proper for internal auditors to perform a fraud investigation within any part of their company's system.
- Because of the independence of external auditors, they should never accept previous work of evaluating controls performed by a company's internal auditors.
- Within a company's system, it is preferable to establish the internal audit function as a separate subsystem.
Question 7. An approach used by many companies to reduce the risk of loss caused by the theft of assets by employees is to:
- utilize polygraphs.
- acquire arbitrage loss protection.
- acquire fidelity bond coverage.
- institute punitive management.
Question 8. Which of the following is not a processing control?
- Record counts
- Control totals
- Hash totals
- Check digits
Question 9. Which of these is an acronym for computer crime legislation?
Question 10. At present, we think that computer crime is:
- falling.
- random.
- rising.
- flat.