Question 1 of 24

Design and implement MVC controllers and actions

You have a set of requirements that expects a particular action to be accessed only through HTTPS by an authenticated user. What is the best way to meet these requirements?

Use Authorize alone; you do not need to use RequireHttps separately if you already have Authorize, because using Authorize implies the use of HTTPS.
Use the RequireHttps attribute before the Authorize filter.
Use the Authorize attribute before the RequireHttps filter.
Use a custom action filter that combines the check for HTTPS and the check for authentication into a single filter.