Your network contains a server that runs Windows Server 2008 R2. The server is configured as an   enterprise root certification authority (CA).   You have a Web site that uses x.509 certificates for authentication. The Web site is configured to use a   many-to-one mapping.   You revoke a certificate issued to an external partner.   You need to prevent the external partner from accessing the Web site.  What should you do（）

• A、Run certutil.exe -crl.
• B、Run certutil.exe -delkey.
• C、From Active Directory Users and Computers， modify the membership of the IIS_IUSRS group.
• D、From Active Directory Users and Computers， modify the Contact object for the external partner.