Your network contains an Active Directory forest.
The forest contains multiple sites.
You need to enable universal group membership caching for a site.
What should you do?

A.
From Active Directory Sites and Services, modify the NTDS Settings.

B.
From Active Directory Sites and Services, modify the NTDS Site Settings.

C.
From Active Directory Users and Computers, modifythe properties of all universal groups used in thesite.

D.
From Active Directory Users and Computers, modifythe computer objects for the domain controllers inthe
site.

Explanation:
http://technet.microsoft.com/en-us/library/cc816797%28v=ws.10%29.aspx
Enabling Universal Group Membership Caching in a Site
In a multidomain forest, when a user logs on to a domain, a global catalog server must be contacted to
determine the universal group memberships of the user. A universal group can contain users from other
domains, and it can be applied to access control lists (ACLs) on objects in all domains in the forest.Therefore,
universal group memberships must be ascertained at domain logon so that the user has appropriate access in
the domain and in other domains during the logon session. Only global catalog servers store the memberships
of all universal groups in the forest.
If a global catalog server is not available in the site when a user logs on to a domain, the domain controller
must contact a global catalog server in another site.
In multidomain forests where remote sites do not have a global catalog server, the need to contact a global
catalog server over a potentially slow wide are network (WAN) connection can be problematic and a usercan
potentially be unable to log on to the domain if a global catalog server is not available. You can enable
Universal Group Membership Caching on domain controllers that are running Windows Server 2008 so that
when the domain controller contacts a global catalog server for the user’s initial domain logon, the domain
controller retrieves universal group memberships for the user. On subsequent logon requests by the same
user, the domain controller uses cached universal group memberships and does not have to contact a global
catalog server.
To complete this task, perform the following procedure:
http://technet.microsoft.com/en-us/library/cc816928%28v=ws.10%29.aspx
Enable Universal Group Membership Caching in a Site
1. Open Active Directory Sites and Services: On the Start menu, point to Administrative Tools,and then
click Active Directory Sites and Services.
2. In the console tree, expand Sites, and then click the site in which you want to enable UniversalGroup
Membership Caching.
3. In the details pane, right-click theNTDS Site Settingsobject, and then click Properties.
4. Under Universal Group Membership Caching, select Enable Universal Group Membership Caching.
5. In the Refresh cache from list, click the site that you want the domain controller to contact when the
Universal Group membership cache must be updated, and then click OK.