Question No. 1

Which of the following is NOT true with regard to tracing the disposition of loan proceeds?

ATracing loan proceeds can reveal previous civil offenses committed by the subject

BTracing loan proceeds can determine if the proceeds were deposited into hidden accounts

CTracing loan proceeds can uncover previously unknown witnesses

DTracing loan proceeds can determine if hidden accounts were used for loan payments.

Show Answer

Correct Answer: A

Question No. 2

If you are seizing a computer for forensic analysis, why is it generally necessary to seize any copiers connected to it?

AMany copiers connect via parallel cables, which store and transmit copy job data.

BMost copiers store, process, and transmit data m a cloud environment

CMany copiers have internal hard drives that might contain information relevant to a fraud examination

DMost copiers today are nonimpact copiers, meaning that they store copied images indefinitely.

Show Answer

Correct Answer: C

Question No. 3

Which of the following can be obtained from a wire transfer record?

AThe name of the receiving institution's registered agent

BThe recipient's government identification number

CThe name of the sender or originator

DThe sending institution's accreditation type

Show Answer

Correct Answer: C

Question No. 4

When planning for the interview phase of an investigation, which of the following steps should NOT be taken by the fraud examiner?

AConsider what the interview is intended to accomplish and state an objective.

BReview the case file to ensure that important information has not been overlooked

CPrepare a detailed list of questions to ask the subject during the interview.

DEnsure that the interview is held in a venue where the subject will feel Uncomfortable

Show Answer

Correct Answer: D

Question No. 5

Jackson, a digital forensic examiner for a government agency, is conducting a criminal investigation into the alleged embezzlement of funds from the government's Welfare Department (WD). Ginny. a WD employee, is the prime suspect. Jackson obtains a court order authorizing him to seize Ginny's personal computer for forensic examination. Which of the following is the MOST ACCURATE statement?

AIf Ginny's computer is running. Jackson should perform a graceful shutdown by turning it off using the normal shutdown process

BIf Ginny's computer is off and Jackson needs evidence that exists only in the form of volatile data, he should turn the computer on and retrieve data directly via the computer's normal interface.

CIf Ginny's computer is off. Jackson should not turn it on unless he plans to use an encryption device that can guarantee that the system's hard drive will not be accessed during startup.

DIf Ginny's computer is running. Jackson may retrieve data from the computer directly via its normal interface if the evidence that he needs exists only in the form of volatile data

Show Answer

Correct Answer: D

Free ACFE CFE-Investigation Exam Actual Questions

The questions for CFE-Investigation were last updated On May 4, 2024