You are the senior systems engineer for your company. The network consists of a single Active Directory domain.  All servers run Windows Server 2003. Client computers in the sales department run Windows NT Workstation 4.0 with the Active Directory Client Extensions software installed. All other client computers run Windows XP Professional. All servers are located in an organizational unit （OU） named Servers. All client computers are located in an OU named Desktops.   Four servers contain confidential company information that is used by users in either the finance department or the research department. Users in the sales department also store files and applications on these servers. The company’s written security policy states that for auditing purposes， all network connections to these resources must require authentication at the protocol level. The written security policy also states that all network connections to these resources must be encrypted. The company budget does not allow for the purchase of any new hardware or software. The applications and data located on these servers may not be moved to any other server in the network.   You define and assign the appropriate permissions to ensure that only authorized users can access the resources on the servers.   You now need to ensure that all connections made to these servers by the users in the finance department and in the research department meet the security guidelines stated by the written security policy. You also need to ensure that all users in the sales department can continue to access their resources.   Which two actions should you take？（）

• A、 Create a new Group Policy object （GPO） and link it to the Servers OU. Enable the Secure Server （Require Security） IPSec policy in the GPO.
• B、 Create a new Group Policy object （GPO） and link it to the Servers OU. Enable the Server （Request Security） IPSec policy in the GPO.
• C、 Create a new Group Policy object （GPO） and link it to the Desktops OU. Enable the Client （Respond only） IPSec policy in the GPO.
• D、 Create a new Group Policy object （GPO）. Edit the GPO to enable the Registry Policy Processing option and the IP Security Policy Processing option. Copy the GPO files to the Netlogon shared folder.
• E、 Use System Policy Editor to open the System.adm file and enable the Registry Policy Processing option and the IP Security Policy Processing option. Save the system policy as NTConfig.pol.