You have refactored your legacy Java application into a three-tiered architecture. Your Security
Audit group is concerned that your architecture may be vulnerable to security threats in the
separate tiers. Which two methods can you use to reduce those threats? (Choose two.)
A.
Programmatic security in the EJB Entities
B.
Intercepting Filters between the view and the controller
C.
Intercepting Filters between the controller and the model
D.
Role-based security for the EJBs in the deployment descriptor