1 => C. Believe it or not, but the majority of SQL data attacks come from malicious insiders harboring ill will toward the company.
3 => A. You can modify table access commands through the use of permissions.
SHORT ANSWER
1. In addition of limiting database access to a few trusted IP addresses, there must be some check on the user's identity as well. So, create individual user accounts. While the sharing of accounts is possible, it is important for each user to maintain his/her own account. This way, unauthorized use can be easily traced to the culprit and proper disciplinary action taken. Each user will need to present a valid username and password to the system, and have the correct access rights/privileges to be able to access the database itself.
2. The four points of interest introduced are: