CIMAPRO19-P03-1 Exam Questions

Y Company wishes to recruit an employee who will have responsibility for the receipt and handling of cash

From the point of view of the internal auditor which THREE of the following would be most likely to provide useful information about the candidate"?

UIO sells mobile phones through a cham of 100 shops spread across the country Shop managers have considerable discretion over pncmg and the incentives offered to sales staff Shop managers are evaluated on the monthly contribution from completed sales. Those who exceed targets by more than 10% for three successive months are promoted Those who fail to achieve monthly targets in two successive months lose their jobs

Which of the following statements are true of the performance management of UIO's shop managers?

Select ALL that apply

C is an accounts clerKwho is supposed to sign each invoice as evidence that she has conducted checks against supporting documents Sometimes C signs invoices without making these checks

D is a member of the internal audit team He has been told to conduct compliance tests on whether C is checking the invoices property

Which of the following would grve D a false sense of assurance that C's checks have been in operation?

Select ALL that appry

KLO is a major quoted car rental company The company is considering publishing its first cyber risk management report

AH rental bookings are made online Customers receive a booking reference number that they use to collect their cars from a convenient branch Customers enter their credit card details both so that KLO can take payment for their rental and also so that the customers can be charged automatically for late returns or damage to cars

KLO's management believes that it has three key areas of cyber risk Cyber criminals may wish to make bookings using fictitious data in order to steal KLO's cars, they may wish to use customers details to identify addresses of people who are away from home so that they can burgle houses and they may wish to abuse customer credit card details

KLO's Board is concerned that admitting to the nsk of stealing cars might encourage cnminals to exploit that vulnerability AJso. it is concerned that customers will be reluctant to rent cars if that would mean that their homes could be at risk of burglary while they are away The vulnerability of credit card details seems obvious and so the Board is not reluctant to admit to that.

Which TWO of the following are correct?

A junior sales clerk at BCD, a wholesale jewellers, received an email which appeared to be from a well known parcel delivery company informing her that a delivery had been attempted outside office hours and had consequently failed She was asked to click on a link and complete some seemingly innocent but logical questions to effect the delivery on the next day She thought no more about it but was very surprised the next month to be awarded salesperson of the month as her sales had doubled

Unfortunately, on investigation it was found that this was as a result of several fraudulent orders for high-value items that had seemingly been placed by an existing customer but delivered to a new address, which turned out to be a temporary box number The existing customer's credit card had been fraudulently charged for these orders

Which of the following types of cyber-attack had the sales clerk been a victim of?