Supported Secure Browser Versions for Student Testing
The information in this subtopic provides an overview of secure browser versions and their use with computer-based assessments. The secure browser provides a secure, online testing environment in which a device is restricted from accessing prohibited computer applications (local or internet-based) or copying or sharing test data. The purposes of this environment are to maintain test security and provide a stable testing experience for students across multiple platforms.
This subsection contains instructions for downloading and installing the secure browser. The LEA or school information technology staff should ensure that the secure browser has been installed correctly on all computers and devices that will be used for student testing.
About the Secure Browser
All devices that students will use to access computer-based summative assessments must have a secure browser installed on that device. The secure browser prevents students from accessing another computer or internet application or copying test information. Students may also access interim assessments, practice tests, and training tests using the secure browser.
The secure browser is available for all major operating systems included in this guide. Technology coordinators with responsibility for managing a large number of machines across a school or LEA can, likely, use the same tools as those used currently to push the secure browser out to all the machines at scale. For example, the secure browser ships as an MSI package that enables use of MSIEXEC.
For iPads and Chromebooks, the SecureTestBrowser app is CAI’s mobile version of the secure browser. It is available in the Apple App Store to download and install; or in the Chrome Web Store through the Google Admin Console to download and install on a managed Chrome device. The first time this app is opened, it will ask the user to select from a list of organizations and states; California must be selected. The choice is saved and from then on, the mobile secure browser works just like the desktop version, allowing access to operational tests, practice tests, and the network diagnostic tool. Any mobile device management utility can be used to install the secure browser on multiple managed devices and to configure those devices.
Secure Browser Versions for Online Testing
Table 1 lists the secure browser version for each operating system. A secure browser must be downloaded and installed on each device used for student testing.
| Operating Systems | Secure Browser |
|---|---|
|
Windows
|
CA Secure Browser 16 |
|
Windows
|
Take a Test app |
|
macOS
|
CA Secure Browser 15, 16, and 16.5 |
| Linux Fedora 35–36 | CA Secure Browser 16 |
|
Linux Ubuntu
|
CA Secure Browser 16 |
|
iPadOS
|
SecureTestBrowser 9 |
|
ChromeOS
|
SecureTestBrowser 8 |
Steps to Support Testing Integrity
While the secure browser is an integral component of test security, test administrators and test examiners perform an equally important role in preserving test integrity. Test administrators and test examiners should be aware of requirements associated with closing external user applications, turning off background jobs, and testing on computers with dual monitors, and should employ the necessary precautions while administering computer-based assessments.
Close External User Applications
Prior to administering the computer-based assessments, all nonrequired applications on computers and devices should be closed. After closing these applications, the secure browser can be launched.
The secure browser will not work if the device detects that a forbidden application is running. For more information, refer to the Forbidden Application Detection subsection.
Turn Off Background Jobs
Ensure and verify that all background jobs, such as virus scans or software auto updates, are scheduled outside of scheduled testing days or time frames. For example, if testing takes place between 8 a.m. and 3 p.m., schedule background jobs (e.g., attendance and payroll jobs) outside of these hours.
Testing on Computers with Dual Monitors
Systems that use a dual-monitor setup typically display an application on one monitor screen while another application is accessible on the other screen. This typical dual-monitor setup is not allowed under normal circumstances for CAASPP and the ELPAC.
However, one-on-one testing is required for the Initial and Summative ELPAC in kindergarten through grade two, parts of the Initial ELPAC for grades three and above, all grade levels for ELPAC Speaking, and all alternate assessments in both the CAASPP and ELPAC administrations. These assessments may call for the test examiner to be close to the student for ease of use and access and to promote the validity of the assessment. In these cases, a dual-monitor configuration may be necessary. Another possible situation for dual-monitor use is when a test administrator or test examiner is administering a test via read-aloud and wants to have a duplicate screen to view exactly what the student is viewing for ease of reading aloud.
In these cases where dual monitors are allowed, monitors should be set up to “mirror” each other. One monitor is connected to the computer running the secure browser and the other is its duplicate. School technology coordinators can assist test administrators and test examiners in setting up the two monitors to ensure they mirror each other rather than operate as independent monitors.
In these cases, all security procedures must be followed, and the test must be administered in a secure environment, to prevent others from hearing the questions or viewing the screens for a student, test administrator, or test examiner. Refer to the Suggested Guidelines for Physically Distancing Test Administration document for suggested layouts.
Forbidden Application Detection
The Forbidden Application Detection feature automatically detects certain applications that are prohibited from running on a computer while the secure browser is open. The secure browser checks the applications currently running on a computer when it is launched. If a forbidden application is detected, the student is denied entry and receives a message indicating the open application. Similarly, if a forbidden application launches while the student is already logged on to an assessment—for example, if a scheduled task or background job begins (e.g., antivirus scans)—the student is automatically logged off and a message is displayed.
Proxy Settings for the Desktop Secure Browser
This section describes the commands for passing proxy settings to the secure browser, as well as how to implement those commands on the desktop computer.
Specifying a Proxy Server to Use with the Secure Browser
By default, the secure browser attempts to detect the settings for the network’s web proxy server. Users of web proxies should execute a proxy command one time from the command prompt; this command does not need to be added to the secure browser shortcut. Table 2 lists the form of the command for different settings and operating systems. To execute these commands from the command line, change to the directory containing the secure browser’s executable file.
| Description | System | Command |
|---|---|---|
| Use the secure browser without any proxy | Windows | CASecureBrowser.exe -proxy 0 https://ca.cambiumtds.com/student |
| Use the secure browser without any proxy | MacOS | ./CASecureBrowser -proxy 0 https://ca.cambiumtds.com/student |
| Use the secure browser without any proxy | Linux | ./CASecureBrowser.sh -proxy 0 https://ca.cambiumtds.com/student |
| Set the proxy for HTTP requests only | Windows | CASecureBrowser.exe -proxy 1:http:proxy.com:8080 https://ca.cambiumtds.com/student |
| Set the proxy for HTTP requests only | MacOS | ./CASecureBrowser -proxy 1:http:proxy.com:8080 https://ca.cambiumtds.com/student |
| Set the proxy for HTTP requests only | Linux | ./CASecureBrowser.sh -proxy 1:http:proxy.com:8080 https://ca.cambiumtds.com/student |
| Set the proxy for all protocols to mimic the “Use this proxy server for all protocols” of Firefox | Windows | CASecureBrowser.exe -proxy 1:*:proxy.com:8080 https://ca.cambiumtds.com/student |
| Set the proxy for all protocols to mimic the “Use this proxy server for all protocols” of Firefox | MacOS | ./CASecureBrowser -proxy 1:*:proxy.com:8080 https://ca.cambiumtds.com/student |
| Set the proxy for all protocols to mimic the “Use this proxy server for all protocols” of Firefox | Linux | ./CASecureBrowser.sh -proxy 1:*:proxy.com:8080 https://ca.cambiumtds.com/student |
| Specify the URL of the PAC file | Windows | CASecureBrowser.exe -proxy 2:proxy.com https://ca.cambiumtds.com/student |
| Specify the URL of the PAC file | MacOS | ./CASecureBrowser -proxy 2:proxy.com https://ca.cambiumtds.com/student |
| Specify the URL of the PAC file | Linux | ./CASecureBrowser.sh -proxy 2:proxy.com https://ca.cambiumtds.com/student |
| Auto detect proxy settings | Windows | CASecureBrowser.exe -proxy 4 https://ca.cambiumtds.com/student |
| Auto detect proxy settings | MacOS | ./CASecureBrowser -proxy 4 https://ca.cambiumtds.com/student |
| Auto detect proxy settings | Linux | ./CASecureBrowser.sh -proxy 4 https://ca.cambiumtds.com/student |
| Use the system proxy setting (default) | Windows | CASecureBrowser.exe -proxy 5 https://ca.cambiumtds.com/student |
| Use the system proxy setting (default) | MacOS | ./CASecureBrowser -proxy 5 https://ca.cambiumtds.com/student |
| Use the system proxy setting (default) | Linux | ./CASecureBrowser.sh -proxy 5 https://ca.cambiumtds.com/student |