Assignment: Best Coding Practices
You have been promoted to manager for the e-Commerce site for the company you made up in Assignment 1. You are concerned about the recent SQL attack. Your team reacted to the situation by notifying you immediately. You and your team were successful in containing and correcting the issues that allowed the Website and database to be compromised by a SQL injection attack.
Knowing that many of the issues can be created by human error, you have decided to evaluate the processes your team uses when they code. As their leader, it is your responsibility to be current on all of the best secure coding practices. Your job is to create guidelines for best coding practices, which you will present to your team.
For Part I, you’re going to write a memo to the CEO and CSO documenting your guidelines based on your findings when you evaluated your company’s processes.
Part II: PowerPoint Presentation
Create a PowerPoint presentation for your team in which you:
The specific course learning outcomes associated with this assignment are:
Note: Assignment will be check for plagiarism. Memo to CEO should be at least 4-5 pages long addressing questions 1, 2 and 3. At least one full page response/analysis required for each question. Objective should be to address each question conspicuously, accurately, and adequately. Please avoid brevity and conduct in-depth research. Minimum work may not earn maximum points.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.
Points: 215 |
Assignment 2: Best Coding Practices, Part I (Memo to CEO & CSO) |
|||
Criteria |
Unacceptable Below 70% F |
Fair 70-79% C |
Proficient 80-89% B |
Exemplary 90-100% A |
1. Justify why it is less expensive to build secure software than to correct security issues after a breach. Weight: 15% |
Did not submit or incompletely justified why it is less expensive to build secure software than to correct security issues after a breach. |
Partially justified why it is less expensive to build secure software than to correct security issues after a breach. |
Satisfactorily justified why it is less expensive to build secure software than to correct security issues after a breach. |
Thoroughly justified why it is less expensive to build secure software than to correct security issues after a breach. |
2. Outline the objectives and purpose of your company’s “best secure coding practices†and explain how it will influence your division. Weight: 20% |
Did not submit or incompletely outlined the objectives and purpose of your company’s “best secure coding practices†and did not explain how it will influence your division. |
Partially outlined the objectives and purpose of your company’s “best secure coding practices†and partially explained how it will influence your division. |
Satisfactorily outlined the objectives and purpose of your company’s “best secure coding practices†and satisfactorily explained how it will influence your division. |
Thoroughly outlined the objectives and purpose of your company’s “best secure coding practices†and thoroughly explained how it will influence your division. |
3. Evaluate which method of the secure software development life cycle will best serve your team and explain how you plan on implementing your thoughts into your existing processes. Weight: 20% |
Did not submit or incompletely evaluated which method of the secure software development life cycle will best serve your team and did not explain how you plan on implementing your thoughts into your existing processes. |
Partially evaluated which method of the secure software development life cycle will best serve your team and partially explained how you plan on implementing your thoughts into your existing processes. |
Satisfactorily evaluated which method of the secure software development life cycle will best serve your team and satisfactorily explained how you plan on implementing your thoughts into your existing processes. |
Thoroughly evaluated which method of the secure software development life cycle will best serve your team and thoroughly explained how you plan on implementing your thoughts into your existing processes. |
4. Identify three resources that can be used as “reference material†and act as a beginner’s guideline for new employees. Outline the importance of each resource and how each resource can assist new coders. Weight: 20% |
Did not submit or incompletely identified three resources that can be used as “reference material†and act as a beginner’s guideline for new employees. Did not outline the importance of each resource and how each resource can assist new coders. |
Partially identified three resources that can be used as “reference material†and act as a beginner’s guideline for new employees. Partially outlined the importance of each resource and how each resource can assist new coders. |
Satisfactorily identified three resources that can be used as “reference material†and act as a beginner’s guideline for new employees. Satisfactorily outlined the importance of each resource and how each resource can assist new coders. |
Thoroughly identified three resources that can be used as “reference material†and act as a beginner’s guideline for new employees. Thoroughly outlined the importance of each resource and how each resource can assist new coders. |
5. Provide four (4) quality references Weight: 5% |
No references provided. |
Does not meet the required number of references; some or all references poor quality choices. |
Meets number of required references; all references high quality choices. |
Exceeds number of required references; all references high quality choices. |
6. Clarity, writing mechanics, and formatting requirements Weight: 5% |
More than 6 errors present |
5-6 errors present |
3-4 errors present |
0-2 errors present |
Assignment 2: Best Coding Practices, Part II (PowerPoint Presentation) |
||||
Criteria |
Unacceptable Below 70% F |
Fair 70-79% C |
Proficient 80-89% B |
Exemplary 90-100% A |
7. Outline all of the major aspects of the Best Practice Coding guideline, including objectives, purpose, resources, and methodology. Note: Please include your fictional company’s name on each slide of your presentation. Weight: 10% |
Did not submit or incompletely outlined all of the major aspects of the Best Practice Coding guideline, including objectives, purpose, resources, and methodology. Did not include your fictional company’s name on each slide of your presentation. |
Partially outlined all of the major aspects of the Best Practice Coding guideline, including objectives, purpose, resources, and methodology. Partially included your fictional company’s name on each slide of your presentation. |
Satisfactorily outlined all of the major aspects of the Best Practice Coding guideline, including objectives, purpose, resources, and methodology. Included your fictional company’s name on each slide of your presentation. |
Thoroughly outlined all of the major aspects of the Best Practice Coding guideline, including objectives, purpose, resources, and methodology. Included your fictional company’s name on each slide of your presentation. |
6. Clarity, writing mechanics, and formatting requirements Weight: 5% |
More than 6 errors present |
5-6 errors present |
3-4 errors present |
0-2 errors present |