Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The Audit account management policy setting and Audit directory services access setting are enabled for the entire domain. You need to ensure that changes made to Active Directory objects can be logged. The logged changes must include the old and new values of any attributes. What should you do()
A. Enable the Audit account management policy in the Default Domain Controller Policy.
B. Run auditpol.exe and then configure the Security settings of the Domain Controllers O
C. Run auditpol.exe and then enable the Audit directory service access setting in the Default Domain policy.
D. From the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory service changes.