9-12S.AP.21 (Computer Science)
Standard Identifier:
9-12S.AP.21
Content Area:
Computer Science
Grade Range:
9–12 Specialty
Concept:
Algorithms & Programming
Subconcept:
Program Development
Practice(s):
Testing and Refining Computational Artifacts (6.2)
Standard:
Identify and fix security issues that might compromise computer programs.
Descriptive Statement:
Some common forms of security issues arise from specific programming languages, platforms, or program implementation choices. Students read a given a piece of code that contains a common security vulnerability, explain the code's intended function or purpose, provide and explain examples of how a specific input could exploit that vulnerability (e.g., the program accessing data or performing in unintended ways), and implement a change in the code to mitigate this vulnerability. For example, students could review code that takes a date as input, recognize that the code doesn't check for appropriate last days of the month, and modify the code to do that. Alternatively, students could review code that supports entry of patient data (e.g., height and weight) and doesn't prompt users to double check unreasonable values (e.g., height at 6 feet and weight at 20 pounds).
Identify and fix security issues that might compromise computer programs.
Descriptive Statement:
Some common forms of security issues arise from specific programming languages, platforms, or program implementation choices. Students read a given a piece of code that contains a common security vulnerability, explain the code's intended function or purpose, provide and explain examples of how a specific input could exploit that vulnerability (e.g., the program accessing data or performing in unintended ways), and implement a change in the code to mitigate this vulnerability. For example, students could review code that takes a date as input, recognize that the code doesn't check for appropriate last days of the month, and modify the code to do that. Alternatively, students could review code that supports entry of patient data (e.g., height and weight) and doesn't prompt users to double check unreasonable values (e.g., height at 6 feet and weight at 20 pounds).
Questions: Curriculum Frameworks and Instructional Resources Division |
CFIRD@cde.ca.gov | 916-319-0881