You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.

Administrators in your company use scripts to perform administrative tasks when they troubleshoot problems on client computers. They connect to the Telnet service on client computers when they run these scripts. For security reasons, All Telnet traffic is encrypted by using an IPSec policy. In addition, the Telnet service is configured for manual startup on all client computers. Administrators manually start and stop the Telnet service when they perform administrative tasks. Administrators report that they sometimes cannot start the Telnet service on client computers. You examine several client computers and discover that the Telnet service is disabled.

You need to ensure that administrators can troubleshoot problems on client computers at all times. What should you do?

A.
Use a Restricted Groups policy in a new Group Policy object (GPO) to add the Domain Admins group to the Power Users group on each client computer.

B.
Use a Restricted Groups policy in a new Group Policy object (GPO) to ensure that the Power Users group on each client computer contains no members.

C.
Use a System Services policy in a new Group Policy object (GPO) to ensure that only Domain Admins can manage the Telnet service.

D.
Use an Administrative Template setting to prevent local users from starting the Services snap-in.