Edward is responsible for web application security at a large insurance company. One of the applications that he is particularly concerned about is used by insurance adjusters in the field. He wants to have strong authentication methods to mitigate misuse of the application. What would be his best choice?

The correct answer is to assign digital certificates to the authorized users and to use these to authenticate them when logging in. This is an effective way to ensure that only authorized users can access the application. Although the remaining options are all good security measures, they are not the best way to authenticate the client and prevent unauthorized access to the application.