An information system owner has supplied a new requirement to the development team that calls
for increased non-repudiation within the application. After undergoing several audits, the owner
determined that current levels of non-repudiation were insufficient. Which of the following
capabilities would be MOST appropriate to consider implementing is response to the new
requirement?

A.
Transitive trust

B.
Symmetric encryption

C.
Two-factor authentication

D.
Digital signatures

E.
One-time passwords