A large law firm is migrating all of its systems to the cloud to meet growing business needs. The firm wants to reduce IT staff while maintaining day-to-day operations, such as user provisioning, folder management, and permissions. Which of the following MUST the cloud provider and cloud customer implement to ensure user non-repudiation?
A. Server certificate
B. Client-to-site VPN
C. Two-factor authentication
D. Single sign-on