You are designing a testing methodology for an ASP.NET MVC 2 Web application. You have the following application testing requirements:
– Verify that security issues are identified as early within the request as possible.
– Verify that the effectiveness of input corruption is minimized.
You need to meet the application testing requirements.
Which methodology should you recommend?

A.
Design tests against the model.

B.
Design tests against the controllers.

C.
Design tests against the client browser.

D.
Design tests against the data access layer.

Explanation:
all security issue need to applied to actions of controller