Which of the following actions should you take to test the security of your Web application?
A. Set the secure flag on session ID cookies.
B. Use policy mechanisms.
C. Use a simple and positive model at every layer.
D. Use your browser to forge unauthorized requests.
E. None of the other choices
