1. Client-server architecture may potentially involve a variety of hardware, systems software, and application software from many vendors. The best way to protect a client-server system from unauthorized access is through

A A combination of application and general access control techniques

B Use of a commercially available authentication system

C Encryption of all network traffic

D Thorough testing and evaluation of remote procedure calls.

A correct Security is more difficult to achieve in a client-server system than in a mainframe environment. The system has numerous access points, and users have many chances to alter data.

Thus, application controls must be combined with general access controls to protect the system.

B incorrectAuthentication systems are only a part of the solution.

C incorrectEncryption affects only general access control techniques.

D incorrect Testing and evaluation of RPC’s may be only a small part of an overall security review.

A company with several hundred stores has a network for the stores to transmit sales data to headquarters.The network is also used for