[Year 12 IT Apps] Glossary - example

Mark Kelly kel at mckinnonsc.vic.edu.au
Wed Aug 19 12:24:53 EST 2009 

A quicky to highlight the importance of the glossary.  The existing 
glossary defines "Validate" as "To check that data input to a computer 
system is of an appropriate type for processing and within acceptable 
boundaries."

This made it patently obvious that the "correct" answer of multichoice 
Q9 in the the 2007 ITA exam was absolutely incorrect:

Question 9
Validation is used to
A. check the accuracy of calculations.
B. detect software errors and alert the manager.
C. test functions and alert programmers to errors.
D. prevent inaccurate data from entering the system. << OFFICIAL ANSWER

Since validation is not defined in the proposed glossary, students could 
use any interpretation of 'validation' when answering a similar question 
in 2011 and claim full marks.

And even if every ITA textbook did manage to present a unified and 
coherent explanation of what validation was, they are not canon and 
don't count.  Only the study design (and its glossary) and the 
assessment handbook are canon.


On a different but related tack...


It's interesting to see that the proposed glossary defines
'Physical security measures/devices' and 'Software security 
measures/devices'.

I don't find the division at all comfortable or convincing.  For one 
thing biometric identification relies on hardware (e.g. camera) plus 
software (e.g. retinal mapping and matching algorithms). Each component 
is equally vital. It fits in both categories.

This is why I hated multichoice Q2 of the 2007 exam:

Question 2: A bank teller uses a swipe card and a login with password to 
access clients' bank accounts. This security is an example of
A. physical and biometric.
B. electronic and physical.
C. biometric and biometric.
D. electronic and electronic. <<offical answer

How can a CARD not be a physical object?  Without the card, you don't 
get access.

The examiner's comment was vapid: "Many students were distracted by 
electronic and physical (option B) and did not correctly identify the 
security measures used to prevent unauthorised access to data and 
information as electronic and electronic."

They offered no support or explanation of why D was "correct" and I 
still hate this question.

Anyway: I still maintain there should be a third security category: 
procedural security, which includes policies and behaviours to protect 
data (e.g. disabling a worker's network access before telling them 
they're sacked; training staff how to handle phishing attempts; 
enforcing a policy that members of the public are not allowed near staff 
workstations; prohibiting the placement of water-filled vases on computers.)


-- 
Mark Kelly
Manager - Information Systems
McKinnon Secondary College
McKinnon Rd McKinnon 3204, Victoria, Australia
Direct line / Voicemail: 8520 9085
School Phone +613 8520 9000
School Fax +613 9578 9253
kel at mckinnonsc.vic.edu.au

Webmaster - http://www.mckinnonsc.vic.edu.au
IT Lecture notes: http://vceit.com
Moderator: IT Applications Mailing List

RealMenDon'tNeedSpacebars.

More information about the itapps mailing list