APRP ACTUAL EXAM Q&A 2026 STUDY GUIDE GRADED A+
Exam
Preventive Control - correct answersA mitigating technique
designated to prevent an EVENT FROM OCCURRING.
Incident Response Plan - correct answersA plan that defines the
action steps, involved resources and communication strategy
upon identification of a threat or potential threat event, such as a
breach in security protocol, power or telecomunnications outage,
severe weather or workplace violence.
Control Self-Assessment - correct answersA technique used to
internally assess the effectiveness of risk management and
control processes.
Business Continuity Strategy - correct answersComprehensive
strategies to recover, resume and maintain all critical business
functions.
Technical Controls - correct answersControls to prevent and
detect unauthorized activity.
Procedures - correct answersDefines the manner in which an
organization will proceed, perform or affect something to
accomplish the objectives of a policy.
Title 31 of the Code of Federal Regulation (CFR) Part 370 -
correct answersGoverns the handling of payments for the Bureau
of Public Debt made through the ACH Network.
,Unfair, Deceptive or Abusive Acts or Practices (UDAAP) - correct
answersLaw to protect consumers purchasing financial products
and services requiring that consumers have access to information
that lets them choose the option they believe is best for their
situation.
Risk Evaluation - correct answersProcess of comparing risk
analysis results to determine if risk is at an acceptable level.
Business Impact Analysis (BIA) - correct answersProcess of
identifying the potential impact of uncontrolled, non-specific
events on an institution's business processes.
Enterprise Risk Management - correct answersProcess of
planning, organizing, leading and controlling the activities of an
organization to minimize the effects of risk on that organization.
Risk Measurement - correct answersProcess to determine the
likelihood of an adverse event or threat occurring and the
potential impact of such an event on the institution.
User Access Controls - correct answersSecurity technique used
to regulate who or what can view or use resources in a computing
environment.
Vulnerability Assessment - correct answersSystematic
examination of systems to identify, quantify and prioritize the
security deficiencies of the systems.
Function Drill/Parallel Test - correct answersTesting method
involves actual mobilization of personnel to other sites attempting
to establish communications and perform actual recovery
processing as outlined in the business continuity plan (BCP).
, Risk Management - correct answersTotal process required to
identify, control and minimize the impact of uncertain events.
Layered Security - correct answersUse of different controls at
different points in a transaction process.
Tabletop Exercise/Structured Walk-Through Test - correct
answersTesting method ensures critical personnel from all areas
are familiar with the business continuity plan (BCP) and may be
used as an effective training tool.
Walk-Through Drill/Simulation Test - correct answersTesting
method used to apply a specific event scenario to the business
continuity plan (BCP).
Payroll Card Account - correct answersA bank account
established directly or indirectly by an employer on behalf of an
employee to which an employee's wages are electronically
transferred to.
USA PATRIOT Act - correct answersAct broadened the scope of
the Bank Secrecy Act to focus on terrorist financing.
Bank Secrecy Act (BSA) - correct answersAct requires financial
institutions to assist U.S. government agencies to detect and
prevent money laundering.
Gramm-Leach Bliley Act (GLBA) - correct answersAct, also know
as the Financial Services Modernization Act of 1999, required
federal banking agencies to establish information security
standards for financial institutions.
Anomalous Activity - correct answersActivity that is inconsistent
with or deviating from what is usual, normal or expected.
Exam
Preventive Control - correct answersA mitigating technique
designated to prevent an EVENT FROM OCCURRING.
Incident Response Plan - correct answersA plan that defines the
action steps, involved resources and communication strategy
upon identification of a threat or potential threat event, such as a
breach in security protocol, power or telecomunnications outage,
severe weather or workplace violence.
Control Self-Assessment - correct answersA technique used to
internally assess the effectiveness of risk management and
control processes.
Business Continuity Strategy - correct answersComprehensive
strategies to recover, resume and maintain all critical business
functions.
Technical Controls - correct answersControls to prevent and
detect unauthorized activity.
Procedures - correct answersDefines the manner in which an
organization will proceed, perform or affect something to
accomplish the objectives of a policy.
Title 31 of the Code of Federal Regulation (CFR) Part 370 -
correct answersGoverns the handling of payments for the Bureau
of Public Debt made through the ACH Network.
,Unfair, Deceptive or Abusive Acts or Practices (UDAAP) - correct
answersLaw to protect consumers purchasing financial products
and services requiring that consumers have access to information
that lets them choose the option they believe is best for their
situation.
Risk Evaluation - correct answersProcess of comparing risk
analysis results to determine if risk is at an acceptable level.
Business Impact Analysis (BIA) - correct answersProcess of
identifying the potential impact of uncontrolled, non-specific
events on an institution's business processes.
Enterprise Risk Management - correct answersProcess of
planning, organizing, leading and controlling the activities of an
organization to minimize the effects of risk on that organization.
Risk Measurement - correct answersProcess to determine the
likelihood of an adverse event or threat occurring and the
potential impact of such an event on the institution.
User Access Controls - correct answersSecurity technique used
to regulate who or what can view or use resources in a computing
environment.
Vulnerability Assessment - correct answersSystematic
examination of systems to identify, quantify and prioritize the
security deficiencies of the systems.
Function Drill/Parallel Test - correct answersTesting method
involves actual mobilization of personnel to other sites attempting
to establish communications and perform actual recovery
processing as outlined in the business continuity plan (BCP).
, Risk Management - correct answersTotal process required to
identify, control and minimize the impact of uncertain events.
Layered Security - correct answersUse of different controls at
different points in a transaction process.
Tabletop Exercise/Structured Walk-Through Test - correct
answersTesting method ensures critical personnel from all areas
are familiar with the business continuity plan (BCP) and may be
used as an effective training tool.
Walk-Through Drill/Simulation Test - correct answersTesting
method used to apply a specific event scenario to the business
continuity plan (BCP).
Payroll Card Account - correct answersA bank account
established directly or indirectly by an employer on behalf of an
employee to which an employee's wages are electronically
transferred to.
USA PATRIOT Act - correct answersAct broadened the scope of
the Bank Secrecy Act to focus on terrorist financing.
Bank Secrecy Act (BSA) - correct answersAct requires financial
institutions to assist U.S. government agencies to detect and
prevent money laundering.
Gramm-Leach Bliley Act (GLBA) - correct answersAct, also know
as the Financial Services Modernization Act of 1999, required
federal banking agencies to establish information security
standards for financial institutions.
Anomalous Activity - correct answersActivity that is inconsistent
with or deviating from what is usual, normal or expected.
