Supported Secure Browser Versions for Student Testing

The information in this section provides an overview of secure browser versions and their use with computer-based assessments. The secure browser provides a secure, online testing environment in which a device is restricted from accessing prohibited computer applications (local or internet-based); or copying or sharing test data. The purposes of this environment are to maintain test security and provide a stable testing experience for students across multiple platforms.

The following subsections contain instructions for downloading and installing the secure browser. The LEA or school information technology staff should ensure that the secure browser has been installed correctly on all computers and devices that will be used for student testing.

About the Secure Browser

All devices that students will use to access computer-based summative assessments must have a secure browser installed on that device. The secure browser prevents students from accessing another computer or internet application or copying test information. Students may also access interim assessments, practice tests, and training tests using the secure browser.

The secure browser is available for all major operating systems included in this guide. Technology coordinators with responsibility for managing a large number of machines across a school or LEA can, likely, use the same tools as those used currently to push the secure browser out to all the machines at scale. For example, the secure browser ships as an MSI package that enables use of MSIEXEC.

For iPads and Chromebooks, the SecureTestBrowser app is CAI’s mobile version of the secure browser. It is available in the Apple App Store to download and install; or in the Chrome Web Store through the Google Admin Console to download and install on a managed Chrome device. The first time this app is opened, it will ask the user to select from a list of organizations and states; California must be selected. The choice is saved and from then on, the mobile secure browser works just like the desktop version, allowing access to assessments and the network diagnostic tool. Any mobile device management utility can be used to install the secure browser on multiple managed devices and to configure those devices.

Secure Browser Versions for Online Testing

Table 1 lists the secure browser version for each operating system. A secure browser must be downloaded and installed on each device used for student testing.

Table 1. Secure Browser by Operating System

Operating Systems Secure Browser

Windows

  • Windows 10, version 22H2
  • Windows 11, version 22H2
  • Windows 12 (upon release and acceptance)
  • Windows Server 2016 R2
CA Secure Browser 17

Windows

  • Version 10, 10 in S mode (Professional, Education, and Enterprise), version 22H2
Take a Test app

macOS

  • Version 12.6
  • Version 13.3
  • Version 14
  • Version 15 (upon release and acceptance)
CA Secure Browser 17
Linux Fedora 36–37 CA Secure Browser 17

Linux Ubuntu

  • Version 20.04 LTS (Gnome)
  • Version 22.04 LTS (Gnome)
CA Secure Browser 17

iPadOS

  • Version 16.4
  • Version 17.1
  • Version 18 (upon release and acceptance)
SecureTestBrowser 8

ChromeOS

  • Version 125 (Stable)
  • Version 120 (LTS)
  • Version 120 (LTC)
SecureTestBrowser 8

Steps to Support Testing Integrity

While the secure browser is an integral component of test security, test administrators and test examiners perform an equally important role in preserving testing integrity. Test administrators and test examiners should be aware of requirements associated with closing external user applications, turning off background jobs, and testing on computers with dual monitors, and should employ the necessary precautions while administering computer-based assessments.

Close External User Applications

Prior to administering the computer-based assessments, all nonrequired applications on computers and devices should be closed. After closing these applications, the secure browser can be launched.

The secure browser will not work if the device detects that a forbidden application is running. For more information, refer to the Forbidden Application Detection subsection.

Turn Off Background Jobs

Ensure and verify that all background jobs, such as virus scans or software auto updates, are scheduled outside of scheduled testing days or time frames. For example, if testing takes place between 8 a.m. and 3 p.m., schedule background jobs (such as attendance and payroll jobs) outside of these hours.

Testing on Computers with Dual Monitors

Systems that use a dual-monitor setup typically display an application on one monitor screen while another application is accessible on the other screen. This typical dual-monitor setup is not allowed under normal circumstances for CAASPP and the ELPAC.

However, one-on-one testing is required for the Initial ELPAC and Summative ELPAC in kindergarten through grade two, parts of the Initial ELPAC for grades three and above, all grade levels for ELPAC Speaking, and all alternate assessments in both the CAASPP and ELPAC administrations. These assessments may call for the test examiner to be close to the student for ease of use and access and to promote the validity of the assessment. In these cases, a dual-monitor configuration may be necessary. Another possible situation for dual-monitor use is when a test administrator or test examiner is administering a test via read-aloud and wants to have a duplicate screen to view exactly what the student is viewing for ease of reading aloud.

In these cases where dual monitors are allowed, monitors should be set up to “mirror” each other. One monitor is connected to the computer running the secure browser and the other is its duplicate. School technology coordinators can assist test administrators and test examiners in setting up the two monitors to ensure they mirror each other rather than operate as independent monitors.

In these cases, all security procedures must be followed, and the test must be administered in a secure environment, to prevent others from hearing the questions or viewing the screens for a student, test administrator, or test examiner. Refer to the Suggested Guidelines for Physically Distancing Test Administration document for suggested layouts.

Forbidden Application Detection

The Forbidden Application Detection feature automatically detects certain applications that are prohibited from running on a computer while the secure browser is open. The secure browser checks the applications currently running on a computer when it is launched. If a forbidden application is detected, the student is denied entry and receives a message indicating the open application. Similarly, if a forbidden application launches while the student is already logged on to an assessment—for example, if a scheduled task or background job begins (such as an antivirus scan)—the student is automatically logged off and a message is displayed.

Proxy Settings for the Desktop Secure Browser

This subsection describes the commands for passing proxy settings to the secure browser, as well as how to implement those commands on the desktop computer.

Specifying a Proxy Server to Use with the Secure Browser

By default, the secure browser attempts to detect the settings for the network’s web proxy server. Users of web proxies should execute a proxy command one time from the command prompt; this command does not need to be added to the secure browser shortcut. Table 2 lists the form of the command for different settings and operating systems. To execute these commands from the command line, change to the directory containing the secure browser’s executable file.

Table 2. Specifying Proxy Settings Using a Shortcut or the Command Line

Description System Command
Use the secure browser without any proxy Windows CASecureBrowser.exe -proxy 0 https://ca.cambiumtds.com/student
Use the secure browser without any proxy MacOS ./CASecureBrowser -proxy 0 https://ca.cambiumtds.com/student
Use the secure browser without any proxy Linux ./CASecureBrowser -proxy 0 https://ca.cambiumtds.com/student
Set the proxy for HTTP requests only Windows CASecureBrowser.exe -proxy 1:http:proxy.com:8080 https://ca.cambiumtds.com/student
Set the proxy for HTTP requests only MacOS ./CASecureBrowser -proxy 1:http:proxy.com:8080 https://ca.cambiumtds.com/student
Set the proxy for HTTP requests only Linux ./CASecureBrowser -proxy 1:http:proxy.com:8080 https://ca.cambiumtds.com/student
Set the proxy for all protocols to mimic the “Use this proxy server for all protocols” of Firefox Windows CASecureBrowser.exe -proxy 1:*:proxy.com:8080 https://ca.cambiumtds.com/student
Set the proxy for all protocols to mimic the “Use this proxy server for all protocols” of Firefox MacOS ./CASecureBrowser -proxy 1:*:proxy.com:8080 https://ca.cambiumtds.com/student
Set the proxy for all protocols to mimic the “Use this proxy server for all protocols” of Firefox Linux ./CASecureBrowser -proxy 1:*:proxy.com:8080 https://ca.cambiumtds.com/student
Specify the URL of the PAC file Windows CASecureBrowser.exe -proxy 2:proxy.com https://ca.cambiumtds.com/student
Specify the URL of the PAC file MacOS ./CASecureBrowser -proxy 2:proxy.com https://ca.cambiumtds.com/student
Specify the URL of the PAC file Linux ./CASecureBrowser -proxy 2:proxy.com https://ca.cambiumtds.com/student
Auto detect proxy settings Windows CASecureBrowser.exe -proxy 4 https://ca.cambiumtds.com/student
Auto detect proxy settings MacOS ./CASecureBrowser -proxy 4 https://ca.cambiumtds.com/student
Auto detect proxy settings Linux ./CASecureBrowser -proxy 4 https://ca.cambiumtds.com/student
Use the system proxy setting (default) Windows CASecureBrowser.exe -proxy 5 https://ca.cambiumtds.com/student
Use the system proxy setting (default) MacOS ./CASecureBrowser -proxy 5 https://ca.cambiumtds.com/student
Use the system proxy setting (default) Linux ./CASecureBrowser -proxy 5 https://ca.cambiumtds.com/student