You are a security administrator for your company. The company consists of two divisions. One division is named Coho Winery and is located in San Francisco. The other division is named Coho Vineyard and is located in Paris. Each division is connected to the lnternet by a 1. 544 Mbps WAN connection.

Coho Winery consists of a single Active Directory forest named cohowinery.com. All servers run Windows Server 2003. All client computers run Windows XP Professional. Coho Winery has a Microsoft SQL Server 2000 database that contains customer information. The SQL Server 2000 database is hosted on a Windows Server 2003 computer named Server1.

Coho Vineyard consists of a single Active Directory forest named cohovineyard.com. All servers run Windows 2000 Server. All client computers run Windows 2000 Professional or Windows NT Workstation. All computers run the latest service packs.

To enable data replication, you configure a new Windows Server 2003 computer named Server2 in the cohovineyard.com forest. You install SQL Server 2000 on Server2. Your database administrator configures the database on Server1 to replicate to Server2 every night.

Management reports that a competitor acquired confidential customer data. You determine that the competitor intercepted customer data as it replicated from Server1 to Server2. You decide to use IPSec to protect customer data as it replicates.

You need to configure an IPSec policy to protect customer data as it replicates. What should you do?

A.
Configure the IPSec policy to use Authentication Header (AH) in transport mode with Kerberos authentication.

B.
Configure the IPSec policy to use Encapsulating Security Payload (ESP) with certificate-based authentication in tunnel mode.

C.
Configure the IPSec policy to use Authentication Header (AH) with certificate-based authentication in transport mode.

D.
Configure the IPSec policy to use Encapsulating Security Payload (ESP) with Kerberos authentication in tunnel mode.