ACFE Updated CFE-Investigation Exam Questions and Answers by fredrick

Signs of stress (e.g., shallow breathing, stuttering, shifting posture) do not automatically equal deception. The Fraud Examiners Manual states:

“Signs of stress do not always mean a subject is lying. An honest subject might feel stress simply by being questioned. Conclusions must be based on clusters of behavior and corroborating evidence, not a single indicator”.

Both the Manual and CFE Prep guides emphasize that deleted files are recoverable until overwritten. Once overwritten, the original data cannot be retrieved:

“Deleted files are recoverable until they are overwritten because data is not erased… until overwritten. So, deleted files that have been overwritten generally are not recoverable.”

Other file types (deleted shortcuts, hidden files, etc.) can often be recovered, but overwritten files are lost permanently.

Best practices when working with confidential informants include documenting payments and identities in ways that protect anonymity but avoid risks. The Fraud Examiners Manual and CFE Prep emphasize avoiding cash payments because they reduce transparency and create audit trail problems. Paying in cash is therefore NOT considered a best practice, whereas using initials, obtaining receipts, and documenting informant information in reports can be acceptable methods.

CFE interview guidance identifies verbal behaviors that often appear when an interviewee is being deceptive. A strong indicator is answering with a question rather than providing a direct denial. When asked directly about misconduct, truthful respondents commonly give a straightforward “no” and may add clarifying facts. Deceptive respondents sometimes deflect, buy time, or attempt to regain control by replying with a question such as, “Why would I do something like that?” This response avoids the substance of the allegation and shifts the burden back to the interviewer, potentially probing how much evidence the interviewer has. While Options A, B, and D are denials (and any denial could be untrue), the CFE materials specifically flag “answering with a question” as a frequent deceptive tactic because it functions as diversion and can indicate discomfort with issuing a clear denial. Therefore, among the choices presented, Option C is most consistent with a deceptive verbal response pattern described in CFE interview methodology.