Which is the BEST configuration option to protect internal users from malicious Java code, without
stripping Java scripts?

A.
Use the URI resource to block Java code

B.
Use CVP in the URI resource to block Java code

C.
Use the URI resource to strip applet tags

D.
Use the URI resource to strip ActiveX tags

Explanation: