Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Management

Robot() - Instituto Tecnológico de Morelia

Information Function Audit
M.C. Juan Carlos Olivares Rojas
Department of Computer and System
Instituto Tecnológico de Morelia
jcolivar@itmorelia.edu.mx
19.72388 lat, -101.1848 long
Disclaimer
Some material in this presentation has been
obtained from various sources, each of which
has intellectual property, so in this presentation
will only have some rights reserved.
These slides are free, so you can add, modify,
and delete slides (including this one) and slide
content to suit your needs. They obviously
represent a lot of work on my part. In return for
use, I only ask the following: if you use these
slides (e.g., in a class) in substantially unaltered
form, that you mention their source.
Outline
Compilation of Organizational Information
Human Resources Assesment
Interviews with Informatic Personal
Budget and financial Situation.
Budgets
Financial and material Resources.
Objectives of the Session
• The students will know the basis of Informatic
Function Audit
Compilation of Organizational
Information
• It’s important for the correct management of
Auditing Process.
• Before of making a Report is necessary the
information that sustain the ideas. This
information is knowed such as Evidence.
• Remeber the first step is
organizational context of a Firm.
know
the
Compilation of Organizational
Information
• It’s important to manage an eficient way to
recollect information such as logs, databases,
control sheet and cross-documents.
• The retrieval information must be the most
quickly as posible.
• In the research process this activity is highlyconsumer of time (Theoretical Frame and
State-of-Art)
Human Resources Assesment
• This action is very important because some
firms have and excelente organization and
planning but in practice have a bad execution
and directions (CONTROL)
• There are two kinds of human resources
evalution:
• Activity and Resposability of a Employee in an
organization (For Example a Bad Director or
Boss).
Human Resources Assesment
• Assesment of Organization about their People
(asking about a good working conditions).
• One
technique
of
Human
Resources
Assesment is the elaboration and application of
questionaries.
• Questionaries are a good option when there are
not enough time, but are dificult because it
needs a correct design and processing.
Interviews with Informatic
Personal
• Interview is a vital process inside auditing.
• We must recollect and store this information
such as Evidence but in most of the time is
dificult because it’s not a legal process and
some Employee can’t or doesn’t like talking
about some topic in these circunstances.
• Interviews are dificult in design and application
but are crucial.
Interviews with Informatic
Personal
• Interviews provide the correct specification
about a process. Auditors could be aimed by
Personal in some process which are dficult to
understand.
• There are a lot of kinds of Interviews. The most
important thing in Interview Process is the
script. The interviewer should be and excelent
improviser and carismatic person.
Activity
• Example of Human Resource Assement*
• Make a control sheet (check list) indicating the
elements which are present.
• Compare the control list with the control sheet
and define what elements are present such as
Evidence
are
not
registred
in
the
Documentation.
• Pairs, thirds or quatrains (Delivery a Report)
Homework
• Make a Interview with some Person in Digital
way such as: audio (podcasting) and video over
Internet (videocasting).
• The interview must contain a script (duplex
way)
• It contains a Syndication RSS
• You can interview a classmate (pair) about their
future job.
Budget and Financial Situation
• Budget is an important element because
Auditors have some constraints, and the most
important is Financial.
• Ideally, the audit budget should be created after
the audit schedule is determined.
API BruteForce
• Develop a Java program which can access in a
System with Login Screen (Username and
Password).
• The user must indicate the initial point or area
of the first field. Must indicate the max length of
words (update it for variable length*)
• Probe it with a Real Program or Simulate
Program. If the screen changed the program
has
entered
(consider
a
delay
for
authentication).
API Brute Force
• Optional make a statistic module for calculating
iterations and time of obtaininig pasword.
• Optional Include a Search Dicctionary (depends
of Language).
Jawa.awt.Robot
M.C. Juan Carlos Olivares Rojas
Introducción
• La clase java.awt.Robot permite definir un
objeto que puede realizar acciones de
manera automatizada sobre la interfaz
gráfica del sistema.
• Cuenta en general con métodos para mover
el ratón, presionar botones del ratón,
presionar teclas, capturar imágenes, entre
otras funcionalidades.
Ejemplo
import java.awt.AWTException;
import java.awt.Robot;
import java.awt.event.InputEvent;
import java.awt.event.KeyEvent;
public class Aplicacion {
public static void main (String args []) {
Aplicacion(); }
new
Ejemplo
Aplicacion() {
try {
Robot robot = new Robot();
// Simula un click con el ratón
robot.mousePress(InputEvent.BUTTON1_MASK)
;
robot.mouseRelease(InputEvent.BUTTON1_M
ASK);
// Simula presionar una tecla
Ejemplo
robot.keyPress(KeyEvent.VK_O);
robot.keyRelease(KeyEvent.VK_O);
} catch (AWTException e) {
e.printStackTrace();
}
}
}
API
• La clase cuenta con dos constructores:
• Robot() sin argumentos crea un objeto
que opera en toda la pantalla.
• Robot(GraphicsDevice screen) Construye un
objeto Robot en las coordenadas indicadas.
• A continuación se describe cada uno de los
métodos de la clase.
API
• java.awt.image.BufferedImage
createScreenCapture(Rectangle s) Crea una
imagen de las coordenadas indicadas.
• void delay(int ms) El objeto se duerme un
tiempo especificado de ms milisegundos.
• int getAutoDelay() Obtiene el tiempo en que el
Robot se está durmiendo.
API
• Color getPixelColor(int x, int y) Reegresa el
color del punto señalado.
• boolean isAutowaitForIdle() Checa si el Robot
ejecuta waitForIdle() después de un evento.
• void keyPress(int keycode) Presiona una
tecla.
API
• void keyRelease(int
tecla.
keycode)
Libera
una
• void mouseMove(int x, int y) Mueve el puntero
del ratón a las coordenadas indicadas.
• void mousePress(int buttons) Presiona uno o
más botones del ratón.
API
• void mouseRelease(int buttons)
cuando se libera un botón del ratón.
Ocurre
• void mouseWheel(int wheelAmt)
cuando gira la rueda del ratón.
Ocurre
• void setAutoDelay(int ms) Configura el tiempo
de retardo que existe entre cada evento del
Robot.
API
• void
setAutowaitForIdle(boolean
isOn)
Configura el tiempo en que el Robot ejecuta un
waitForIdle().
• java.lang.String toString() Convierte el Robot
en una cadena de texto.
• void waitForIdle() Espera a que todos los
eventos de la cola de eventos hayan sido
despacahdos.
Brute Force Attack
• Moodle Case
• http://antares.itmorelia.edu.mx/~jcolivar/moodle
• Exist many user created by machines (spam)
• Solutions?
• What happend with Eco Server Audit Case?
Budgets
 The most
coordination.
important
thing
is
budget
 Budget is an important constraint tha auditor
should considered in the assesment. For
example a small ofice (PyME) doesn’t have
enough money to buy a Hardware Firewall and
the small company only implement a individual
Firewall through Operating System.
Financial and material
Resources.
• Those elements are important because we
need it for working in auditing.
• Material Resources used by an Auditor could
be: Papers Formats (collection), PDA, Mobile
Phone, Laptop or Notebook (paper).
• Depending of the information assest the tools
are variable for example a cable testing in
Computer Network Audits.
ERP Case
• Reading the papers “RECREATION, INC. AN
INFORMATION
TECHNOLOGY
RISK
ASSESSMENT
CASE
STUDYOF
ENTERPRISE RESOURCE PLANNING (ERP)
SYSTEMS” and IT Audit Basics Auditing
Security and Privacy in ERP Applications
• In 3-Person Teams redacts a Wiki (paper
format). The wiki must contain 5 good ideas
and 5 bad ideas.
• Homework: bring a cup of coffe, tomorrow
ERP Case
• Wiki Example
• Instituto Tecnologico de Morelia (P1)
• It’s a Institution of Technological Superior
Education founded in 1964 by Adolfo Lopez
Mateos. Its firts name was Inst. Tec. Regional
de Morelia. It’s the 12th Institute of Technology
• Actually has 9 Profesional Carrers: 7 engineers
and 2 3 Bachelors (1 in Distance Way).
Exam
• Finish the Planning and Organization of Audit
Project in ITM.
• The exam is individual and must include:
• WBS/ Time Matrix / Gantt Chart
• Estimation time, resources, cost (budget)
• Organization
• Indicate in complete form how will assesment
each information assest.
Exam
• Grading:
• Planning and Organization 50%
• Assesment Methodology 50%
• Deadline: Monday, March 30
• Document Printed
Rubric
• Una rúbrica es un elemento que nos permite
definir en forma tabular los requisitos que
debe tener un producto en general y
evaluarlos en base a un criterio determinado.
Ejemplo de Rúbrica
Actividad
• Definir una rúbrica para evaluar galletas de
chispas de chocolate, definir al menos 5
características, ubicar porcentajes a cada una.
• Distribuir la rúbrica a sus demás compañeros
para que puedan evaluar y sacar un promedio
de las especificaciones.
• Competencias a Desarrollar: Trabajo en
Equipo, Análisis y Síntesis, Evaluación
cuantitativa y cualitativa, Redacción.
References
• Senft, S. And Gallegos, F. (2008) Information
Technology Control and Audit, Third Edition,
CRC Press, United States
¿Preguntas?
Related documents
n m
n m
C U R R I C U L U M V I T A E
C U R R I C U L U M V I T A E
key composers styles medieval-baroque
key composers styles medieval-baroque
Í Taula de Continguts NDEX
Í Taula de Continguts NDEX
Ganar experiencia con
Ganar experiencia con
Seminario "Teoría de la información"
Seminario "Teoría de la información"
Download