Tuesday 19th May PM

SL Paper 1 (1h 30)
HL Paper 1 (2h 10)

Wednesday 20th May AM

SL Paper 2 (1h)
HL Paper 2 (1h 20)
HL Paper 3 (1h)

This is encrypted and password-protected in the usual way.

case study

The 12-mark question will be based on the challenges faced. Here are some of my thoughts on what you could be asked.

• to prepare a report on the different encryption protocols currently being used and how they might change in the future
  • What are the current encryption protocols?
  • Why should they need to change? What is driving this need for change?
  • How will changes to encryption protocols meet this need? What will the changes be?
• to design the user interface that will work with the STK for their developing world mobile project
  • What are the standard functions provided by the SIM toolkit?
  • How can these be leveraged by the TransEuropa Bank?
• to complete the research necessary for developing the Mobile Wallet project
  • What are the different methods of conducting this research?
  • What are the advantages and disadvantages of each?
• to review the authentication procedures in order to increase the security of banking operations.
  • What are current authentication procedures?
  • What is the threat and how is it carried out?
  • What are the countermeasures and why do they work?

Links:

Security

• http://en.wikipedia.org/wiki/Transaction_authentication_number
• http://en.wikipedia.org/wiki/Two_factor_authentication
• http://en.wikipedia.org/wiki/One-time_password
• http://en.wikipedia.org/wiki/Security_token

STK

• http://en.wikipedia.org/wiki/Mobile_banking
• http://en.wikipedia.org/wiki/SIM_Application_Toolkit
• http://www.mobitek.com.ph/SIMToolKit/STK.html
• http://www.gemalto.com/techno/stk

Mobile Wallet

• https://www.google.com/wallet/
• https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&es_th=1&ie=UTF-8#q=apple%20pay&es_th=1
• http://www.globe.com.ph/gcash
• http://en.wikipedia.org/wiki/M-Pesa

• Topic 1 – 20
• Topic 2 – 6
• Topic 3 – 9
• Topic 4 – 45
• Topic 5 – 23
• Topic 6 – 8
• Topic 7 – 14

Notes for Option D. Complete at last…

Option D

Update: Mr Relf has asked us to keep all mock exams to 2 hours maximum, so we will use some lesson time to do the Case Study part of the mock. I have made some changes below:

Your IB Computer Science mock exam will be one Tuesday 24 Mar 8am-10am in the Lofthouse.

In your final exam, your papers are:

SL

—Paper 1 (Topics 1-4)
—1h 30, 70 marks, 45% of total mark
—Section A: —30 minutes, 25 marks, compulsory short answer
—Section B: —60 minutes, 45 marks, compulsory long answer

—Paper 2 (Java option)
—1h, 45 marks, 25% of total mark

—[Internal Assessment is —30% of total mark]

HL

—Paper 1  (Topics 1-7)
—2h 10, 100 marks, 40% of total mark
—Section A: —30 minutes, 25 marks, compulsory short answer
—Section B: —100 minutes, 75 marks, compulsory long answer

—Paper 2 (Java option)
—1h 20, 65 marks, 20% of total mark

—Paper 3 (Case study)
—1h, 30 marks, 20% of total mark

[—Internal Assessment —is 20% of total mark]

Your mock is just one two-hour exam, with a separate lesson dedicated to examine the case study (HL only). If I give you a similar structure, with similar numbers of minutes per mark (the actual average minutes per mark for the final exam is about 1.3), then your mock will be:

SL

1h20 (60 marks) of Paper 1-type questions
40m (30 marks) of Paper 2-type questions

HL

1h15 (60 marks) of Paper 1-type questions
45m (30 marks) of Paper 2-type questions

[+60m (30 marks) of Paper 3-type questions to be done during lesson time on a date to be confirmed]

Basically

When you use the word “basically”, you are saying that there are details that you could go into, but which you are sparing from your audience to keep things simple for them. When students use it in exams, however, it more often than not means “I don’t know the facts” or “I don’t know how to express myself.” Don’t use it.

Efficient, efficiency

In general, efficiency is a measure of some sort of return on investment. Cost-efficiency is how much you get for your money. Fuel efficiency is how much you get per litre of petrol. Time efficiency is how much you get per hour. On its own, though, efficiency doesn’t mean anything much. Don’t use it without clarifying what type of efficiency you are talking about.

In terms of

This phrase is used when the author wants to associate two concepts but either hasn’t got the vocabulary to do it or just wants to sound wordy. It is lazy and if you use it incorrectly it can earmark you as a weak candidate. It’s almost always better to use “in relation to” or just to eliminate it altogether, as in the sentence “In terms of cost, leased lines are expensive.”

Putting things “in quotes”

It’s very unlikely that you will be quoting someone in a computer science exam so my advice would be don’t put anything quotes. You are either being too informal or you are highlighting your inability to express yourself appropriately. Find another way of saying it.

When you are doing your exam, try to guess what topic your question is coming from. It will help you decide what an appropriate answer is likely to refer to.

One of the commonest sources of lost marks in tests is that students fail to state the obvious. They rock back in their chair and then write down their stream of consciousness.

I recommend you keep this mnemonic in mind:

What When How Why Otherwise

Sample question:

Outline how encryption should be used in an online banking website? [4 marks]

Bad answer:

It is very important that encryption should be used in an online banking website for a large number of reasons. Firstly, it should used to keep customers’ information safe. When they type their password it has to be hidden so that attackers cannot get it. Also encryption should be used to check that customers are who they say they are. Finally, encryption can be used to prevent viruses.

Why is this bad?

It is very important that encryption should be used in an online banking website for a large number of reasons.
This is introductory waffle that CANNOT EVER SCORE MARKS. You have all done it. Stop it.

Firstly, it should used to keep customers’ information safe.
Great… and… what information? Don’t hint at the answer. State the obvious.

When they type their password it has to be hidden so that attackers cannot get it.
Sure, but how does this happen? And what would the consequences be if it didn’t?

Also encryption should be used to check that customers are who they say they are. Finally, encryption can be used to prevent viruses.
Both factually incorrect. This student has run out of ideas and has is now saying stuff that is just plain wrong.

Score: 1/4 for mentioning passwords

Good answer:

First we structure our answer using what when how why otherwise:

• What: Sensitive information like passwords or credit card details.
• When: Before it is sent out over a network.
• How: Using one of a variety of standard algorithms, e.g. RSA, which allows the user and the bank to be able to encrypt and decrypt information for each other.
• Why: So that if it is intercepted the information cannot be read.
• Otherwise: Malicious network users would be able to impersonate you online and may be able to steal money from your bank account.

And then we write a sentence for each:

Sensitive information like passwords or credit card details should always be encrypted before being sent out across a network. Encryption can be done in a variety of ways using standard algorithms such as RSA, which allows the user and the bank to encrypt and decrypt data that they are sending to each other. Encryption is important to prevent unauthorised people from being able to read information if they intercept it. Without encryption, malicious network users would be able to intercept and read customers’ information, including passwords, allowing them to impersonate the customers and steal their money.

Score: 4/4