The web pages in a system are carefully designed so that links to security-sensitive URLs are not
available in pages offered to untrusted users. Which statement is true?
A.
The system security is adequately protected by this approach.
B.
Every security-sensitive target must be additionally protected using the declarative security
model.
C.
The system security is adequately protected by this approach provided only POST requests
are accepted by the server.
D.
The system security is adequately protected by this approach, but security must be carefully
maintained.