Brokers at a firm currently use a two-tier application to execute stock transactions on behalf of
their customers. Business components within the application enforce a number of complex
business rules that ensure that stock transactions are executed properly. Management has
decided that clients should be able to execute their own transactions to streamline operations.
Management also wants clients to run the same existing two-tier application from their home
computers. They have hired you to advise them on how to proceed to ensure that no illegal stock
transactions are executed once the application is available directly to clients. Which two
recommendations should you give to this brokerage firm? (Choose two.)
A.
The code already checks for correct execution so they can deliver the application to clients
“as is.”
B.
Checks for correctness should be rewritten as database constraints because the application
running on the client might be modified.
C.
The application should be re-architected as a three-tier solution. That way, validation checks
can be moved to a server-side business tier, which remains trustworthy.
D.
The application should be obfuscated before it is delivered to the client. That way, clients
cannot modify it. Therefore, the validation checks currently implemented will remain
trustworthy.