Final Survey Design
Survey Design The design of our survey asking experts what they saw as the most critical security-related misconceptions held by novices was one of the most important aspects of this project. One possible approach would be to collect misconceptions from the literature and ask experts to rank them, but we felt it was important to avoid influencing what experts thought. As a result, we had to be careful to not ask leading questions or include examples of misconceptions that might sway the results. On the other hand, we felt that a single question, such as “What are common computer security mistakes you have observed?” would be too vague and might only generate a fraction of the responses from each participant. For example, an expert might think of a misconception they encounter daily, but might not have other misconceptions come to mind in other areas of security. Another issue we faced was that it is often easy for people to identify mistakes that they see, but can be difficult f