What should you create?

Your network contains an Active Directory forest. The forest contains two domains named contoso.com and
fabrikam.com. The functional level of the forest is Windows Server 2003.
You have a domain outside the forest named adatum.com.
You need to configure an access solution to meet the following requirements:
– Users in adatum.com must be able to access resources in contoso.com.
– Users in adatum.com must be prevented from accessing resources in fabrikam.com.
– Users in both contoso.com and fabrikam.com must be prevented from accessing resources in adatum.com.
What should you create?

A.
a one-way external trust from adatum.com to fabrikam.com

B.
a one-way realm trust from fabrikam.com to adatum.com

C.
a one-way realm trust from adatum.com to fabrikam.com

D.
a one-way external trust from fabrikam.com to adatum.com

Explanation:
A:
Aone-way trust is a unidirectional authentication path that is created between two domains. This means that
in a one-way trust between Domain A and Domain B, users in Domain A can access resources in Domain
B:
However, users in Domain B cannot access resources in Domain A. This would allow adatum.com users
access to contoso which is desired.
B:
This would allow contoso.com users access to adatum which must be prevented and used for non windows
realm to AD.
C:
This would allow adatum.com users access to contoso which is desired but realm trust types are used for
non windows realm to AD.
D:
This would allow adatum users access to contoso which must be prevented and You need to make trust
relationship where domaincontoso.com trusts adatum.com.
NOTE: On exam thedomain names were changed, so understand the question well
http://
technet.microsoft.com/en-us/library/cc728024(v=ws.10).aspx