You are a security administrator for your company. The network consists of two Active Directory forests.    The first forest is named tailspintoys.com and contains domain controllers that run either  Windows Server 2003 or Windows 2000 Server. The second forest is named wingtiptoys.com and contains domain controllers that run Windows Server 2003. No trust relationships areestablished.    A certification authority （CA） running Windows Server 2003 Certificate Services is deployed and all computers are issued a Computer certificate. A Windows Server 2003 computer named  Server1 is a member of the wingtiptoys.com Active Directory domain. Server1 provides users in both domains access to a payroll application. You decide to implement IPSec to encrypt the  payroll application data during transmission. You configure a custom IPSec policy named Payroll App on Server1 using the rules shown in the exhibit. （Click the Exhibit button.）    You configure an IPSec default Client policy on the client computers in both Active Directory domains. During testing， you notice that client computers in the wingtiptoys.com Active Directory domain use IPSec when communicating with Server1. However， client computers in the tailspintoys.com Active Directory domain cannot communicate with Server1.    You need to enable all client computers to use IPSec when communicating with Server1.  What should you do？（）

• A、 Modify the custom Payroll App policy by adding the certificate authentication type to the existing rules on Server1.
• B、 Use the custom Payroll App policy and issue an IPSec certificate from the internal CA to Server1.
• C、 Unassign the custom Payroll App policy and assign the default Server policy on Server1.
• D、 Unassign the custom Payroll App policy and assign the default Secure Server policy on Server1.