Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate  Services （AD CS） is configured as a standalone Certification Authority （CA） on the server. You  need to audit changes to the CA configuration settings and the CA security settings.     Which two tasks should you perform（）

• A、Configure auditing in the Certification Authority snap-in.
• B、Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32%/CertSrv dire
• C、Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.
• D、Enable the Audit object access setting in the Local Security Policy for the Active Directory Certificate Services