Question 1 of 24

Design and implement MVC controllers and actions

You have a set of requirements that expects a particular action to be accessed only through HTTPS by an authenticated user. What is the best way to meet these requirements?

Use the Authorize attribute before the RequireHttps filter.
Use Authorize alone; you do not need to use RequireHttps separately if you already have Authorize, because using Authorize implies the use of HTTPS.
Use a custom action filter that combines the check for HTTPS and the check for authentication into a single filter.
Use the RequireHttps attribute before the Authorize filter.