Objective: The goal is to evaluate the process of joining a discussion forum group to analyze their “access controls.” Please note: Do not use your primary, personal email address to sign up for the forum you select for this exercise. It is a good idea to have a secondary email address that can be used for this type of testing. Finally, please make sure that your virus and malware protection is up to date before you start this Exercise.
Tools required to complete Exercise: Internet Browser and search engine of your choice.
Suggested browsers: Chrome, IE, & Firefox
Suggested search Engines: Yahoo, Bing, Google, & Duckduckgo
Directions: Please read all directions prior to starting this exercise.
- Using your favorite search engine, type in one of the following search requests:
- forum best video card
- forum parenting tips
- forum best hikes
(Alternatively, you can choose something in which you are very interested and on which you might want some additional insights.) Once you’ve located an acceptable forum, please go to the folder or “thread” where other users are discussing your selected topic. Make sure you are on a forum that asks you to “join” or “register” before you can create new posts or respond to posts created by other users. Pay close attention to the forum’s registration process. The steps below will help you chronicle your experience of gaining access to the forum. Note: You will be required to take screen shots for several of the steps below.
- Create a Word doc. In the document, briefly state the topic you selected for your search and why you selected that topic. Then, provide the EXACT web address of the forum where you registered to post.
- Briefly describe the forum as well as the types of discussions/questions being asked by the other users.
- Take screen shots of the verification process and paste the screen shots into your document. Did it have CAPTCHA? Did it require two-factor identification? Do not proceed if you are not comfortable with sharing the information the site is asking you to provide. If this occurs, please select another topic/forum.
- Locate the End User License Agreement (EULA) on your selected forum and paste it in the document. This is the legal document to which you are agreeing when you join. You can read it in all cases, and in some cases you can also download it. In either case, make sure you include it with your submission.
- Provide a brief description of all the steps your instructor or a fellow student would need to take to sign up for the same forum you selected in order to gain the same posting rights that you have.
- What feedback would you give to the forum’s administrator to improve their access control strategy? If their access control strategy is exceptional, please explain why you feel this way.
The specific course learning outcomes associated with this assignment are:
- Diagnose risk from unauthorized access to IT systems through proper testing and reporting.
- Examine methods that mitigate risk to an IT infrastructure with confidentiality, integrity, availability, and access controls.