Question 1

Section B — Multi-Task Question (Syllabus Area C)

Scenario: "SecureBank" is a multinational bank. It recently implemented a distributed, immutable digital ledger to record all inter-bank transfers. The IT department also enforced a new policy requiring all staff to change their passwords every 30 days. Last month, the bank's compliance team detected a criminal attempting to move illicit funds through dozens of complex international wire transfers to obscure their origin. Yesterday, the bank's servers were overwhelmed by a massive flood of fake internet traffic, taking their website offline.

Evaluate the scenario and complete the following 4 tasks:
Task 1: Identify the technology used for the inter-bank transfers.
Task 2: Classify the password policy control (General IT vs Application).
Task 3: Identify the stage of money laundering detected by the compliance team.
Task 4: Identify the type of cyber-attack that took the website offline.

Which of the following combinations correctly answers Tasks 1 to 4?

Accepted Answer

Task 1: Distributed ledger = Blockchain. Task 2: System-wide password rules = General IT control. Task 3: Complex transfers to hide money = Layering. Task 4: Flooding traffic to crash a site = DDoS.

Question 2

What mistakes do candidates make on this ACCA question?

Accepted Answer

Confusing General IT controls with Application controls, or confusing Layering with Placement.

How to approach this question

Full Answer

Common mistakes

Practice the full ACCA BT — Business & Technology Practice Exam 3

More questions from this exam