Your role of Network Administrator at ABC.com includes the management of the Active Directory
Domain Services (AD DS) domain named ABC.com. The network includes servers that run
Windows Server 2012.
An organizational unit named ClientComputers contains the user accounts of all client computers.
An organizational unit named AllUsers contains the user accounts of all users.
The network includes a Remote Desktop Services (RDS) infrastructure. The RDS infrastructure
includes a Remote Desktop Services (RDS) session collection that provides access to RDS
sessions for all company users. Users are able to copy files from their RDS session to their client
computers.
Sales users often work away from the office. When the Sales users are away from the office, they
can connect to RDS sessions via a Remote Desktop Gateway (RD Gateway) server. All Sales
users are members of a global security group named SalesGroup. The Sales users often connect
to RDS sessions from their home computers or computers at customer sites.
A new company security policy states that Sales users should not be able to copy files from their

RDS sessions to their home computers or computers at customer sites. Other users should
continue to be able to copy files from their RDS session to their client computers.
What should you do to comply with the new company security policy?

A.
You should modify the properties of the Remote Desktop Services (RDS) Collection.

B.
You should link a Group Policy object (GPO) to the AllUsers OU and configure security filtering
on the GPO.

C.
You should modify the Remote Desktop connection authorization policies (RD CAPs) on the
Remote Desktop Gateway.

D.
You should modify the Remote Desktop resource authorization policies (RD RAPs) on the
Remote Desktop Gateway.