Which two actions protect a resource file from direct HTTP access within a web application？（）

• A、Placing it in the /secure directory
• B、Placing it in the /WEB-INF directory
• C、Placing it in the /META-INF/secure directory
• D、Creating a  element within the deployment descriptor