Assignment 2: best coding practices cis 542 | CIS 542 Web Application Security | Strayer University
You have been promoted to manager for the e-Commerce site for the company you made up in Assignment 1. You are concerned about the recent SQL attack. Your team reacted to the situation by notifying you immediately. You and your team were successful in containing and correcting the issues that allowed the Website and database to be compromised by a SQL injection attack.
Knowing that many of the issues can be created by human error, you have decided to evaluate the processes your team uses when they code. As their leader, it is your responsibility to be current on all of the best secure coding practices. Your job is to create guidelines for best coding practices, which you will present to your team.
For Part I, you’re going to write a memo to the CEO and CSO documenting your guidelines based on your findings when you evaluated your company’s processes.
- Justify why it is less expensive to build secure software than to correct security issues after a breach.
- Outline the objectives and purpose of your company’s “best secure coding practices” and explain how it will influence your division.
- Evaluate which method of the secure software development life cycle will best serve your team and explain how you plan on implementing your thoughts into your existing processes.
- Identify three resources that can be used as “reference material” and act as a beginner’s guideline for new employees. Outline the importance of each resource and how each resource can assist new coders.
- Use at least four quality references in this assignment. Note: Wikipedia and similar websites do not qualify as quality references. Be sure to CITE your sources with complete functioning Web links. Test the links to ensure they work before submitting your paper
- Format your assignment according to the following formatting requirements:
- Typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page is not included in the required page length.
- Include a reference page. Citations and references must follow professional business language format.
- Part II: PowerPoint Presentation
Create a PowerPoint presentation for your team in which you:
- Outline the all of the major aspects of the Best Practice Coding guideline, including objectives, purpose, resources, and methodology. Note: Please include your fictional company’s name on each slide of your presentation. Remember, you’re planning on using this experience when you take what you’ve learned out into the real world.
- The specific course learning outcomes associated with this assignment are:
- Analyze common Website attacks, weaknesses, and security best practices.
- Describe the attributes and qualities of secure coding practices and the tools used to conduct security verification.
- Analyze the role and importance of quality assurance testing for Web applications using a security lifecycle.
- Use technology and information resources to research issues in securing Web-based applications.
- Write clearly and concisely about Web application security topics using proper writing mechanics and technical style conventions.
- Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.