Your company has a single Active Directory directory service domain. All servers in the environment run Windows Server 2003. You are designing the baseline image for new member servers. You need to ensure that all passwords for user accounts that are stored on the new member servers are protected by using strong encryption. Your solution must ensure that decryption is not possible without two-factor authentication.

What should you do?

A.
Set Store passwords using reversible encryption to Enabled in the Local Security Policy on each server.

B.
Set Store passwords using reversible encryption to Disabled in the Local Security Policy on each server.

C.
Encrypt the Security Account Manager (SAM) database by using Syskey.

D.
Encrypt the Security Account Manager (SAM) database by using the Encrypting File System (EFS).