Your network consists of four Active directory domains named East, West, North, and South. The North domain is the forest root domain. All domain controllers run Windows Server 2008 R2.
Department managers use a sales reporting application on a server named SalesServer1 in the East domain. A domain local group named SalesAppEast in the East domain has access to the application.
Each domain has a global group named LocalManagers that contains all managers from the corresponding domain. All global groups are added to the SalesAppEast domain local group.
You need to ensure that any unauthorized member added to SalesAppEast is automatically removed.
What should you do?
A. Deny the Modify permission for the SalesAppEast domain local group.
B. Create a Group Policy object (GPO). Configure the GPO to restrict group membership to the SalesAppEast group and link the GPO to the East domain.
C. Create a Group Policy object (GPO). Configure the GPO to restrict group membership to the LocalManagers group and link the GPO to the North domain.
D. Create a Group Policy object (GPO). Configure the GPO to restrict group membership to the LocalManagers group and link the GPO to the North, South, and West domains.
