You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003.
The company’s written security policy states that security patches must be manually installed on servers by administrators. You need to configure the network to comply with the written security policy.
You need to maintain security patches by using the minimum amount of administrative effort. What should you do?

A.
Create a new organizational unit (OU) to contain all server computers.
Create a new Group Policy object (GPO) and link it to the OU.
Configure the GPO to disable Automatic Updates. Allow only administrators to start Automatic Updates.

B.
Create a new organizational unit (OU) to contain all server computers.
Create a new Group Policy object (GPO) and link it to the OU.
Configure the GPO to automatically download updates and notify when they are ready to be installed.

C.
Create a new organizational unit (OU) named Admins to contain all administrators.
Create a second OU named Servers to contain all server computers. Create a new Group Policy object (GPO) and link it to the Admins OU.
Configure the GPO to disable Automatic Updates.

D.
Modify the Default Domain Policy Group Policy object (GPO) to disable Windows Update and to disable Automatic Updates.
Create a new organizational unit (OU) named Admins.
Place all administrator accounts in the Admins OU. Block GPO inheritance on the Admins OU.