Free ACFCS CFCS Exam Dumps Questions & Answers

Many IT users require privileged user rights to perform their job tasks.
Which is the BEST action to help ensure data security with respect to privileged users?

• A.  Implement database activity monitoring to identify high risk or unusual database activity
• B.  Eliminate privileged access for anyone below manager level
• C.  Rotate both the public and private encryption keys
• D.  Review IP addresses of users access to identify offsite systems access

You are an examiner for a financial industry regulator One of your smaller firms has shown a dramatic increase in wire activity that you think may be indicative of them facilitating money laundering. You request their outgoing wire transactionsfor the past six months and they provide you a spreadsheet with nearly 10,000 wires.
Which two criteria would be the MOST effective way to narrow down your sample for investigation? Choose
2 answers

• A.  The client(s) with the highest number of foreign wires
• B.  The client(s) with multiple third-party wires to different foreign beneficiaries
• C.  The client(s) with multiple wires just below the reporting threshold
• D.  The client(s) with an address outside the country where your firm is domiciled

A credit card company has recently become aware that fraudsters are obtaining multiple cards using stolen or synthetic identities II is now reviewing its card application process to identify potential weaknesses.
Which two elements in the company's application process are potential weaknesses? Choose 2 answers

• A.  Applications from geographic areas where high instances of credit card fraud have been reported in the past are subjected to a more detailed review
• B.  The company treats credit card applications from all channels (online mail unsolicited etc) the same and subjects them to the same review process
• C.  The company verifies customer contact information using only the information from a customer's credit report
• D.  The company calls the applicant to verify contact information il area codes for home, cell, and office phone numbers do not match the address on the application

During an organizational overview of financial crime controls, Ms. Lee, the compliance analyst, discovers that certain high-risk customers have not undergone enhanced due diligence (EDD) as required by regulatory guidelines. What is the most appropriate action for Ms. Lee to take?

• A.  Conduct a retrospective review of the high-risk customers' transactions to assess potential risks.
• B.  Notify senior management and request immediate termination of the high-risk customer relationships.
• C.  Document the findings and recommend the implementation of robust procedures for EDD.
• D.  Ignore the issue as long as there have been no suspicious transactions involving the high-risk customers.

You work in cybersecurity lor a chain of retail stores. An employee in your security team has recently notified you of a potentially serious issue with the point of sale (POS) systems which run on the company s network Upon reviewing data being transmitted Irom the POS systems the employee has detected indicators that malware designed to scrape credit and debit card information is being run on the systems.
You immediately mobilize your cyber incident response team and begin investigating You discover thai the malware infection is widespread and that numerous stores are affected.
In the course of the investigation you discover the following information Which is the MOST likely vulnerability that led to this cybersecurity incident?

• A.  Employees at several stores were accessing unsecured Wi-Fi networks during work hours on their personal devices
• B.  The network running the POS system was also used for Ihe online portal that employees used to log their hours
• C.  The software applications supporting the POS system were configured to automatically install updates when available
• D.  Your company had not recently run password cracking tests against the portals used to log in to the POS systems