Your company has a server that runs Windows Server 2008. Certification Services is configured as a stand-alone Certification Authority （CA） on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform（）

• A、Configure auditing in the Certification Services snap-in.
• B、Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32% /CertSrv directory.
• C、Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.
• D、Enable the Audit object access setting in the Local Security Policy for the Certification Services server.