Your company has one main office and 10 branch offices.
The network consists of one Active Directory domain.
All domain controllers run Windows Server 2008 and are located in the main office.
You plan to deploy one Windows Server 2008 domain controller in each branch office.
You need to recommend a security solution for the branch office domain controllers. The solution must prevent unauthorized users from copying the Active Directory database from a branch office domain controller by starting the server from an alternate startup disk.
What should you recommend on each branch office domain controller?
A. Enable the secure server IPsec policy.
B. Enable the read-only domain controller (RODC) option.
C. Enable Windows BitLocker Drive Encryption (BitLocker).
D. Enable an Encrypting File System (EFS) encryption on the %Systemroot%NTDS folder.
