Your company has an Active Directory domain.  You install an Enterprise Root certification authority （CA） on a member server named Server1.  You need to ensure that only the Security Manager is authorized to revoke certificates that are  supplied by Server1.     What should you do（）

• A、Remove the Request Certificates permission from the Domain Users group.
• B、Remove the Request Certificates permission from the Authenticated Users group.
• C、Assign the Allow - Manage CA permission to only the Security Manager user account.
• D、Assign the Allow - Issue and Manage Certificates permission to only the Security Manager user account.