Skip to content

Activity 1 Questions

Jump to bottom
Wyatt Tauber edited this page Sep 20, 2019 · 12 revisions

  • What is the URL of your Github project?

    https://github.com/wwt9829/CSEC-380-Project

  • How did you breakup your projects and what are the security ramifications?

  • How did you choose to break down your Epic into various issues (tasks)?

    After reading the activity user story and goal, we created an issue for each actionable item or deliverable we thought necessary. This included making issues for items such as the UML diagrams, setting up continuous integration, and writing unit tests. Each team member was then assigned two to three tasks depending on their availability.

  • How long did you assign each sprint to be?

    Activities 1 and 2 were assigned to the same sprint as they both cover the configuration of services and the creation of documentation. This sprint (sprint #1) was assigned for a two-week period. Activities 3 and 4 were each assigned a sprint twice as long (4 weeks) to accomodate for the creation of most of the back and front ends of the website, as well as to allow adequate time for troubleshooting and design/security fixes if necessary. The implementations for each vulnerability were each assigned a 1-week sprint length as they are believed to be simpler to implement than the website itself.

  • Did you deviate from the Agile methodology at all? If yes, what is your reasoning for this?

    Typically Agile sprint lengths are the same (i.e. 2 weeks for each activity). However, we have a fixed size team and limited resources, so providing adequate time to implement the most complicated parts of the project were a priority. We believe the varying time length for each sprint will give us the opportunity to understand our abilities and development rate; we can then adjust the sprint length accordingly.

  • How do you ensure that after each issue/milestone that security has been verified? How would you identify such issues in an ideal environment?

    In addition to writing unit tests to check for desired operations and check against undesired operations (such as vulnerabilities introduced inadvertently), we will use Codacy to provide additional code coverage, security, and style tests.

footer

Clone this wiki locally