AC9TDI10P13

Elaborations

• AC9TDI10P13_E1using a data flow diagram to understand how private information moves through a system and when it would be the most likely target of a cyber attack, for example mapping how data moves between the user and server when using a web application, and identifying that sending the data in plaintext would make it susceptible to a man-in-the-middle attack
• AC9TDI10P13_E2exploring the impact of a cyber security threat by systematically following the steps involved in bypassing a known vulnerability in their own software, for example manually changing the value stored in a login cookie to that of another user to observe the impact of unauthorised access on the system
• AC9TDI10P13_E3explaining how techniques like prompt injection can change the intended behaviour of generative AI models; for example, carefully chosen inputs can circumvent any protections or limitations that may have been included in the design of the model