Which of the following statements are correct regarding positive and negative security models? (Choose 2)
A. Positive security model allows all transactions by default.
B. Negative security model denies all transactions by default.
C. Negative security model allows all transactions by default and rejects only transactions that contain attacks.
D. Positive security model denies all transactions by default and uses rules that allow only those transactions that are considered safe and valid.