You have two DNS servers named Server1 and Server2.
All client computers run Windows 10 and are configured to use Server1 for DNS name resolution.
Server2 hosts a primary zone named contoso.com.
Your network recently experienced several DNS spoofing attacks on the contoso.com zone.
You need to prevent further attacks from succeeding.
What should you do on Server2?
A. Sign the contoso.com zone.
B. Configure Response Rate Limiting (RRL).
C. Configure DNS-based Authentication of Named Entities (DANE) for the contoso.com zone.
D. Configure the contoso.com zone to be Active Directory-integrated.
