Appendix A: Research Timeline- Milestones

(1)

75

Appendix A: Research Timeline- Milestones

Item Feb 61ar Apr 11 fay Jun Jul Aug Sep Oct Nov Dec Jul

(2)

76

thesis

Zý'r, hAUh' ýi^LR'

24%

5 nf livi, T Y fl; EX

ýR VAi' 3^1: =h5

11 ý,

_ä

13%

hi El1tý SJ YýES : 'I, BLK: n' UhS _{ST; : )E.}

8%

_{tiT PnPEKS}

Submitted to Universiti Sains Islam Malaysia

©

Zhiwei, Yu, and Ji Zhongyuan. "A Survey on

the Evolution of Risk Evaluation for

Information

Systems Security", Energy

Procedia,

2012.

Zainal Fikri Zamzuri. "Computer Security

Threats Towards the E-Learning System

Assets". Communications in Computer and

Information Science, 2011

® _{ý_ilil! ii: (a}

,; LIi:. i'; ti; l' ý; c!. ý ir" _{_.} Urli.

©

sdiwc.

net

©

_esjournals.

_org

8%

1%

1 0iö

1%

1 1%

(3)

77

Appendix B: Questionnaire

My name is Mohamed Munser _{Saleh, a student at the Islamic Science}

University _{of Malaysia. I am currently pursuing a Master of Computer Science}

in Information _{and Security} Assurance. _{My research title is "Information}

Security _{Risk Assessment of E-learning} _{Systems: A Case Study on Global}

Open Access Learning System _{(G. O. A. L. S. ) in UniversitiSains} _Islam

Malaysia (USIM)". _{As far as any research is concerned, some findings are}

needed for it. The aim of this research is to examine the information _security

risk involving an e-learning system that have been implemented in USIM. I

hope you can read the questions below carefully and tick or fill the appropriate

answers which will help me in my research findings. Your suggestions and

cooperation are highly appreciated. Any enquires can be forwarded to this

email: mo mon53 n vahoo. com

Thank you.

Section A: Personal Information

This section is to gather personal information from the respondents. Please tick where appropriate.

Al. What is your gender? Male

Female

A2. What is your education level? Diploma

Bachelor degree Master degree

Doctorate Degree

Others (please specify):

A3. What is your position in the department?

(4)

78

Section B: Unauthorized release of information

This section is to gather information from respondents about security incidents involving "unauthorized release of information" that happens in G. O. A. L. S's usage.

Please tick for Yes/No/Not Sure in the box given below.

No. Security Incident Yes No Not Sure

BI _{Logon information of lecturers were intercepted and}

misused.

B2 Logon information _{of students were intercepted and} misused.

B3 _{Materials online were loaded by unauthorized persons.} B4 _{Materials online were accessed by unauthorized users.} B5 _{Materials online were phished by unauthorized persons.} B6 _{Students get unauthorized person's help during the}

writing of tests.

B7 _{People masquerade as students to answer tests on behalf} of such students.

B8 _{I Iackers managed to access the system.} B9 Crackers managed to destroy the system.

B10 _{Virus or Trojan managed to attack the system.}

Other security incidents involving "unauthorized release of information" (please specify):

(5)

79

Section C: Unauthorized modification of information

This section is to gather information from respondents about security incidents involving "unauthorized modification of information" that happens in G. O. A. L. S's usage.

No. _{Security Incident} _{Yes No} _{Not Sure}

Cl _{Materials online were changed by unauthorized}

person.

C2 _{Materials online were ruined.} C3 _{Materials online were lost.}

C4 _{Assignment sent by students was plagarised by} unauthorized person.

C5 _{Assignment sent by students was ruined.}

C6 _{Assignments sent by students were lost.}

C7 _{Student's marks were changed by unauthorized} person.

C8 _{Student's marks were ruined.}

C9 _{Student's marks were lost.}

CIO _Quiz/test _{content uploaded} _{by lecturer} _were changed.

Other security incidents involving "unauthorized modification of information"

(6)

80

Section D: Unauthorized denial of resource use

This section is to gather information from respondents about security incidents involving "unauthorized denial of resource use" that happens in G. O. A. L. S's usage.

No. Security Incident Yes No Not Sure

D1 _{Lecturers cannot access the system due to poor}

bandwidth.

D2 Students cannot access the system due to poor

bandwidth.

D3 _{Lecturers cannot access the system due to server} problem.

D4 _{Students cannot access the system due to server} problem.

D5 _{Lecturers could not log in to the system due to other} reasons.

D6 _{Students could not log in to the system due to other} reasons

D7 _{Lecturers get disconnected when uploading or} downloading materials in the system.

D8 _{Students get disconnected when accessing online} materials or conducting quiz/test.

D9 _{Lecturers could not upload or download files in the}

system.

D10 _{Students could not upload or download tiles in the}

system.

Other security incidents involving "unauthorized denial of resource use" (please

specify):

(7)

81

CI KYItli

_{a nuti,}

_{Imt u-41191I}

lncernatinnaljournal

_ot'Conputers

&F

Technology

14

.i

_IJBY.

RBlE41

_1t'S

_R£;

OF

E7

_`.

B! F15 FOR.

Author

_K,

Ir:

Y5

fOR.

WaIElzaR-1

; 1c;

_-

IIL

IL

ý cI! Iýk; hný nm, ulä+sýi ý ums,; ici. ýc: i, m'['x fºr+q

IM

_{PI Lit}

with

lk).

ý1,

I Atj1'11: _1'?

,k

I6)rmatkarý

, on

Tedtncrio*

inIr d

Mc. Cite

Factur,

acicrffic

Iý: an, ýuurýºais

;

ý

6iekfcId

_,

it

.

ticýrch

ne.

AcaderrilLmal_ti

I}atabm.

Haý

ki* 5ctwlu,

E4esomte.

EBSCD,

L'triirh

_Web,

_1!

_L'nýrrýih

scirntýiým5oas

(L'niy.

_of

31 Callrts).

_of

i1'

_1.4

_{Tnýbn+>>ýIýýnh}

I);

_ýiahaýý,

löýes>ýtioa>al

_satictý"

_of

,

týin

ýun

Pru I,

,;

[,

Ný

jounul

of

CDQlpU1(!

ul 1Cýt:

ý,

l KýR

Aadrmic

kin_

Jac

_(SfS

_iSEýý,

Jýilc, ký=

týt,

(8)

82

ýlFýý

ISSN 2277--13061

.4R E'V'iE'ýý OF 5Eýt, `RI TY' THREATS B`' ?:, 1E

I. 'lif"ýl:

T: ýOE RE- D IN TFE E

LEARNING

hlaharn$d Mi. rffer Saleh, l, FatMal: _hAtaM PIahK: LJ

FioctY d 5rimac and Tic. 'uicöwh Ll-irrrni! y Siam ö11m M, iaromw tli5tyj

err-alm

eA-.

#4&4

_{? *,}

ZM WAN

_HAqwiSm,

_tAl)",

Ur.

_1vii+

Abstract

Caip, ira hrr hssn _mrts" _pffid _{ar .. wye. yadtra} _{'l, q m ad w . trm aft In . ntl rn: a aiaashi} Yöas ind arnaah dssrusta, nravk Lz fadWA h=taa: soft, mmc: h ügsmta _{aziaafaCrg n wtagm} d p. owsA wd , ýaatiýa r. a ýw d arta svaL Cmrý ýýG yý _-Y*sr _{mob - hrat Rnr4mud} b Im pmt ncsv digs u: oa , xi Mwy, I=- wd awdaöka paxY aswnp Us r` rylna an+ tan rryrrtra Thar rfraö4pL aoebraly aat, izVma=trtz rin ýcAp we 5oad rravahm wt7oc mstrtg

tw aarty da; rl r. r t8 r: rAai

K&ymrd

raitamrt itih5 Giszirg @-. ctw

Council for Innovative Research

? eer A. eMe^: Resea -th ? ut. sh.. ýg S-r.: em

Jcurr: al:

Ir+TEFtS4tTx? _vAL._.lr7uFWL OF CDMPuTEFS & TECHNOLOGY

VOL 14, _No.11

ý5ý"ý-ý, rimý. m_ ýjrýnXnnlrc+ýr, rrud. cam

(9)

83

Appendix C: Brief Biodata

a) Name: MOHAMED MUNSER SALEH MANSOUR

b) Matric No. 3130152 c) Nationality: Libyan

d) Passport No: 206937

e) Qualification and University attended:

" Name of University: High Institute for Preparation of Trainers in Zleetin

" Degree: High Diploma.

" Specialization: Electronic Engineering: Division: Computer.

" Achievements: CGPA, 70.20 %, JayyidJiddan.

f) Work Experience:

" Computer technician and Trainer, from 2000 - 2012

g) Address:

" Malaysia

22-14 PERMAI PUTER JALAN 13 D

DESA PERMAI TAMAN DATO AHMAD RAZALI AMPANG 86000

SELANGOR.

" Libya

Tripoli - Al garbuli

h) Hp No. and Email Address

" G. S. M: (+6) 01114323768