Section 3.0.0

IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

• IOC-2.A.1: Personally identifiable information (PII) is information about an individual that identifies, links, relates, or describes them. Examples of PII include:

  • Social Security Number

  • Age

  • Race

  • Phone Number(s)

  • Medical Information

  • Financial Information

  • Biometric Data

• IOC-2.A.2: Search engines can record and maintain a history of searches made by users. 

• IOC-2.A.4: Devices, websites, and networks can collect information about a user’s location.

• IOC-2.A.5:  Technology enables the collection, use, and exploitation of information about, by, and for individuals, groups, and institutions.

• IOC-2.A.7:  Disparate personal data, such as geolocation, cookies, and browsing history, can be aggregated to create knowledge about an individual.

• IOC-2.A.8: PII and other information placed online can be used to enhance a user’s online experiences. 

• IOC-2.A.10: Commercial and governmental curation of information may be exploited if privacy and other protections are ignored.

• IOC-2.A.11: Information placed online can be used in ways that were not intended and that may have a harmful impact. For example, an email message may be forwarded, tweets can be retweeted, and social media posts can be viewed by potential employers.

• IOC-2.A.13: Once information is placed online, it is difficult to delete.

• IOC-2.A.15:  Information posted to social media services can be used by others. Combining information posted on social media and other sources can be used to deduce private information about you.

IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

• • • IOC-2.C.1: Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails.

    • IOC-2.C.2: Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.

    • IOC-2.C.4: A rogue access point is a wireless access point that gives unauthorized access to secure networks.

    • IOC-2.C.5: A malicious link can be disguised on a web page or in an email message. 

    • IOC-2.C.6: Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised. 

CRD-1:  Incorporating multiple perspectives through collaboration improves computing innovations as they are developed. 

• • • CRD-1.C: Demonstrate effective interpersonal skills during collaboration. 

CRD-2: Developers create and innovate using an iterative design process that is user-focused, that incorporates implementation/feedback cycles, and that leaves ample room for experimentation and risk-taking. 

• • • CRD-2.E.4: Students will actively engage in a  development process that is incremental by breaking down the problem into smaller pieces.

Programming plug in:

AAP-3: Programmers break down problems into smaller and more manageable pieces. By creating procedures and leveraging parameters, programmers generalize processes that can be reused. Procedures allow programmers to draw upon existing code that has already been tested, allowing them to write programs more quickly and with more confidence. 

• AAP-3.A: Students will write statements to call procedures.

• AAP-3.A: Students will determine the result or effect of a procedure call.

• AAP-3.D: Students will select appropriate libraries or existing code segments to use in creating new programs. 

• Students will determine and design an appropriate method or approach to achieve the purpose. (P1.B)

• IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

  • IOC-2.B.5: Encryption is the process of encoding data to prevent unauthorized access. Decryption is the process of decoding the data.

• IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

  • IOC-2.B.5: Encryption is the process of encoding data to prevent unauthorized access. Decryption is the process of decoding the data.

• IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

• • • IOC-2.B.7: Computer virus and malware scanning software can help protect a computing system against infection.

    • IOC-2.B.8: A computer virus is a malicious program that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer.

    • IOC-2.B.9: Malware is software intended to damage a computing system or to take partial control over its operation.

    • IOC-2.B.10: All real-world systems have errors or design flaws that can be exploited to compromise them. Regular software updates help fix errors that could compromise a computing system.

    • IOC-2.B.11: Users can control the permissions programs have for collecting user information. Users should review the permission settings of programs to protect their privacy.

    • IOC-2.C.7: Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.

• IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

  • IOC-2.C.1: Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails. 

  • IOC-2.C.2: Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information. 

  • IOC-2.C.3: Data sent over public networks can be intercepted, analyzed, and modified. One way that this can happen is through a rogue access point. 

  • IOC-2.C.4: A rogue access point is a wireless access point that gives unauthorized access to secure networks. 

  • IOC-2.C.5: A malicious link can be disguised on a web page or in an email message. 

  • IOC-2.C.6: Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised. 

  • IOC-2.C.7: Untrustworthy (often free) downloads from freeware or shareware sites can contain malware. 

• IOC-2: The use of computing innovations may involve risks to your personal safety and identity. 

• • • IOC-2.A: Describe the risks to privacy from collecting and storing personal data on a computer system. 

    • IOC-2.B: Explain how computing resources can be protected and can be misused. 

    • IOC-2.C: Explain how unauthorized access to computing resources is gained. 

• CRD-1:  Incorporating multiple perspectives through collaboration improves computing innovations as they are developed. 

  • • CRD-1.C: Demonstrate effective interpersonal skills during collaboration. 

    • CRD-2.E.4: Students will actively engage in a  development process that is incremental by breaking down the problem into smaller pieces.

Programming plug in:

• AAP-3: Programmers break down problems into smaller and more manageable pieces. By creating procedures and leveraging parameters, programmers generalize processes that can be reused. Procedures allow programmers to draw upon existing code that has already been tested, allowing them to write programs more quickly and with more confidence. 

  • • AAP-3.A: Students will write statements to call procedures.

    • AAP-3.A: Students will determine the result or effect of a procedure call.

    • AAP-3.D: Students will select appropriate libraries or existing code segments to use in creating new programs. 

CRD-1:  Incorporating multiple perspectives through collaboration improves computing innovations as they are developed. 

• • • CRD-1.C: Demonstrate effective interpersonal skills during collaboration. 

CRD-2: Developers create and innovate using an iterative design process that is user-focused, that incorporates implementation/feedback cycles, and that leaves ample room for experimentation and risk-taking. 

• CRD-2.E.4: Students will actively engage in a  development process that is incremental by breaking down the problem into smaller pieces.

• IOC-2.A: Describe the risks to privacy from collecting and storing personal data on a computer system. 

• IOC-2.A.1 Personally identifiable information (PII) is information about an individual that identifies, links, relates, or describes them. Examples of PII include: 

  • Social Security number 

  • age 

  • race 

  • phone number(s) 

  • medical information 

  • financial information

• IOC-2.A.2 Search engines can record and maintain a history of searches made by users.

•  IOC-2.A.3 Websites can record and maintain a history of individuals who have viewed their pages. 

• IOC-2.A.4 Devices, websites, and networks can collect information about a user’s location. 

• IOC-2.A.5 Technology enables the collection, use, and exploitation of information about, by, and for individuals, groups, and institutions.

• IOC-2.A.6 Search engines can use search history to suggest websites or for targeted marketing. 

• IOC-2.A.7 Disparate personal data, such as geolocation, cookies, and browsing history, can be aggregated to create knowledge about an individual. 

• IOC-2.A.8 PII and other information placed online can be used to enhance a user’s online experiences. 

• IOC-2.A.9 PII stored online can be used to simplify making online purchases. 

• IOC-2.A.10 Commercial and governmental curation of information may be exploited if privacy and other protections are ignored. 

• IOC-2.A.11 Information placed online can be used in ways that were not intended and that may have a harmful impact. For example, an email message may be forwarded, tweets can be retweeted, and social media posts can be viewed by potential employers. 

• IOC-2.A.12 PII can be used to stalk or steal the identity of a person or to aid in the planning of other criminal acts. 

• IOC-2.A.13 Once information is placed online, it is difficult to delete. 

• IOC-2.A.14 Programs can collect your location and record where you have been, how you got there, and how long you were at a given location. 

• IOC-2.A.15 Information posted to social media services can be used by others. Combining information posted on social media and other sources can be used to deduce private information about you.

• IOC-2.B: Explain how computing resources can be protected and can be misused. 

• IOC-2.B.1 Authentication measures protect devices and information from unauthorized access. Examples of authentication measures include strong passwords and multifactor authentication. 

• IOC-2.B.2 A strong password is something that is easy for a user to remember but would be difficult for someone else to guess based on knowledge of that user. 

• IOC-2.B.3 Multifactor authentication is a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism, typically in at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are). 

• IOC-2.B.4 Multifactor authentication requires at least two steps to unlock protected information; each step adds a new layer of security that must be broken to gain unauthorized access.

• IOC-2.B.5 Encryption is the process of encoding data to prevent unauthorized access. Decryption is the process of decoding the data. Two common encryption approaches are: 

  • Symmetric key encryption involves one key for both encryption and decryption. 

  • Public key encryption pairs a public key for encryption and a private key for decryption. The sender does not need the receiver’s private key to encrypt a message, but the receiver’s private key is required to decrypt the message. 

  •  EXCLUSIONSTATEMENT(EKIOC-2.B.5): Specific mathematical procedures for encryption and decryption are beyond the scope of this course and the AP Exam. 

• IOC-2.B.6 Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications and are based on a trust model. 

• IOC-2.B.7 Computer virus and malware scanning software can help protect a computing system against infection. 

• IOC-2.B.8 A computer virus is a malicious program that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer. 

• IOC-2.B.9 Malware is software intended to damage a computing system or to take partial control over its operation.

• IOC-2.B.10 All real-world systems have errors or design flaws that can be exploited to compromise them. Regular software updates help fix errors that could compromise a computing system. 

• IOC-2.B.11 Users can control the permissions programs have for collecting user information. Users should review the permission settings of programs to protect their privacy

• IOC-2.C: Explain how unauthorized access to computing resources is gained.  

• IOC-2.C.1 Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails. 

• IOC-2.C.2 Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.

• IOC-2.C.3 Data sent over public networks can be intercepted, analyzed, and modified. One way that this can happen is through a rogue access point. 

• IOC-2.C.4 A rogue access point is a wireless access point that gives unauthorized access to secure networks.

• IOC-2.C.5 A malicious link can be disguised on a web page or in an email message.

• IOC-2.C.6 Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised. 

• IOC-2.C.7 Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.

AAP-3: Programmers break down problems into smaller and more manageable pieces. By creating procedures and leveraging parameters, programmers generalize processes that can be reused. Procedures allow programmers to draw upon existing code that has already been tested, allowing them to write programs more quickly and with more confidence. 

• AAP-3.A: Students will write statements to call procedures.

• AAP-3.A: Students will determine the result or effect of a procedure call.

• AAP-3.D: Students will select appropriate libraries or existing code segments to use in creating new programs.