Security of assessments/exams
Jun 14, 2021
Hello! We're looking into mitigating risk of cheating in our exams. We're approaching it from multiple angles, including test design (e.g. question pools, randomization, application-based questions, etc.), users "sharing" answers, etc.
My question for this group is more about how to mitigate exam cheating with the software and LMS connections. Say, for instance, if someone were to open up a debug window during an exam and search for the answers in the code. Or if someone with more extensive computer skills was able to manipulate the information that is sent back from the exam built in Storyline 3 or 360 to our LMS. (Both of which some of our testers claim they have been able to do.) Are there ways to reduce or eliminate the possibility of these types of things? Are there publish settings that work better than others for reducing risk this way?
Thanks!
1 Reply
Data is transmitted to the LMS via standard HTTP POST so anyone w/intermediate knowledge of the Developer tab in current browsers can "sniff" or watch the network communications. Specs like SCORM 2004, TinCan and xAPI aren't too difficult to decode from network traffic. I'm sure developers w/advanced coding skills could help you figure out a slightly stronger method, but you would need to proxy the receiver/server side to undo your security as well.