MIS 2101 Lecture Notes - Lecture 3: Goback
Document Summary
After completing this activity you will be able to: state strategies for asking questions when gathering systems requirements. You have been asked to perform a security audit on a professor"s process of calculating, storing, and submitting final course grades. To complete this task it is suggested that you (cid:498)think like a hacker(cid:499) and try to figure out how, if at all possible, the integrity of the grading process could be breached. What kinds of information do you need to know in order to fraudulently change a grade: when the professor enters the grade, how technologically savvy your professor is, does the grading system have a backup system. Say if the professor wanted to see what the grades looked like on a certain date can he/she go back and find that information. Step 2: discuss as teams (2-3 students: discuss your strategies as a team. Identify the 2-3 most probable strategies to explore further: discuss your requirements gathering questions.