Your company has an Active Directory directory service domain. All servers run Windows Server 2003. The company has multiple branch offices. Each branch office has a single domain controller.

You cannot physically secure the branch office domain controllers. A legacy application requires the use of LAN Manager authentication. You need to protect the Active Directory database from cryptographic attack, while maintaining legacy application compatibility and allowing non-administrators to restart servers.

What should you do?

A.
Require that account passwords use 10 characters.

B.
Require that account passwords use 14 characters.

C.
Require Syskey Mode 1 on all branch office domain controllers.

D.
Require Syskey Mode 2 on all branch office domain controllers.