You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.

Your company hosts Web applications for customers. Each customer is a company that has multiple employees who require access to the Web applications. Each customer has one Web application. Each Web application is configured as a virtual directory. You configure a user account for each customer. You assign this account permission to read the virtual directory that contains the customer’s Web application. You need to ensure that employees can access only their company’s Web application.

You must accomplish this task without requiring customers to disclose passwords. What should you do?

A.
Configure anonymous access for each virtual directory. Configure each virtual directory to use the customer’s assigned user account. Leave the password assigned to the user account blank.

B.
Configure Microsoft .NET Passport authentication for each virtual directory. Instruct each employee of each customer that requires access to the Web site to enroll for a new .NET Passport.

C.
Configure a certification authority (CA). Issue certificates to each employee of each customer that requires access to the Web site. Configure many-to-one certificate mapping.

D.
Acquire a Server Authentication digital certificate from a public certification authority (CA). Configure the Web server to use this certificate and to require SSL. Distribute a copy of the Server Authentication certificate to each employee of each customer that requires access to the Web site.