QUESTION 35

Given the annotation for MyServlet:
@WebServlet{"/abc")
@ServletSecurity (value=@HttpConstraint)
public class Myservlet extends Httpservlet {
Which two are true? (Choose two)
A. No protection of user data must be performed by the transport.
B. All user data must be encrypted by the transport.
C. Access is to be denied independent of authentication state and identity.
D. Only authenticated users are to be permitted.
E. Access is to be permitted independent of authentication state and identity.

Correct Answer: AE