Your company has a main office and a branch office.
The network contains an Active Directory domain.
The main office contains a writable domain controller named DC1. The branch office
contains a read- only domain controller (RODC) named DC2.
You discover that the password of an administrator named Admin1 is cached on DC2.
You need to prevent Admin1’s password from being cached on DC2.
What should you do?

A.
Modify the NTDS Site Settings.

B.
Modify the properties of the domain.

C.
Create a Password Setting object (PSO).

D.
Modify the properties of DC2’s computer account.

Explanation:
http://technet.microsoft.com/en-us/library/rodc-guidance-for-administering-the-passwordreplication-policy%28v=ws.10%29.aspx
Administering the Password Replication Policy
This topic describes the steps for viewing, configuring, and monitoring the Password
Replication Policy (PRP) and password caching for read-only domain controllers (RODCs).
Viewing the PRP You can view the PRP in a graphical user interface (GUI) by using the
Active Directory Users and Computers snap-in or in a Command Prompt window by using
the Repadmin tool. The following procedures describe how to view the PRP.
To view the PRP using Active Directory Users and Computers
1. Open Active Directory Users and Computers. To open Active Directory Users and
Computers, click Start.
In Start Search, type dsa.msc, and then press ENTER.
2. Ensure that you are connected to the correct domain. To connect to the appropriate
domain, in the details pane, right-click the Active Directory Users and Computers object, and
then click Change Domain. 3. Expand Domain Controllers, right-click the RODC account
object for which you want to modify the PRP, and then click Properties.
4. Click the Password Replication Policy tab. An example is shown in the following
illustration.