You are a network administrator for The network consists of a single Active Directory domain named. The domain contains two Windows Server 2003 terminal servers that host applications that are used by company employees. An organization unit (OU) named TerminalServers contains only the computer accounts for these two Terminal servers. A Group Policy object (GPO) named TSPolicy is linked to the TerminalServers OU, and you have been granted the right to modify the GPO. Users should use the terminal servers to run only authorized applications. A custom financial application suite is currently the only allowed application. The financial application suite is installed in the folder C:/Program Files/MT Apps. The financial application suite contains many executable files. Users must also be able to use Internet Explorer to access a browser-based application on the company intranet. The browser-based application makes extensive use of unsigned ActiveX components. The financial application suite and the browser-based application are frequently updates with patches or new versions. You need to configure the terminal servers to prevent users from running unauthorized applications. You plan to configure software restriction policies in the TSPolicy GPO. To reduce administrative overhead, you want to create a solution that can be implemented once, without requiring constant reconfiguration. Which three actions should you perform to configure software restriction polices?（） (Each correct answer presents part of the solution. Choose three)

• A、Set the default security level to Disallowed.
• B、Set the default security level to Unrestricted.
• C、Create a new certificate rule.
• D、Create a new hash rule.
• E、Create a new Internet zone rule.
• F、Create a new path rule.