An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC.
Which of the following activities MUST be mandated to ensure code quality from a security perspective? (Select TWO).
A . Static and dynamic analysis is run as part of integration
B . Security standards and training is performed as part of the project
C . Daily stand-up meetings are held to ensure security requirements are understood
D . For each major iteration penetration testing is performed
E . Security requirements are story boarded and make it into the build
F . A security design is performed at the end of the requirements phase
Answer: A, D