HOTSPOT
Your network contains an Active Directory domain named contoso.com. All servers run Windows
Server 2012 R2.
You need to audit successful and failed attempts to read data from USB drives on the servers.
Which two objects should you configure? To answer, select the appropriate two objects in the
answer area.
Answer: 
Explanation:
Handle Manipulation
This policy setting allows you to audit events generated when a handle to an object is opened or closed. Only objects with a matching system access control list (SACL) generate security audit events.
If you configure this policy setting, an audit event is generated when a handle is manipulated. Success audits record successful attempts and Failure audits record unsuccessful attempts.
If you do not configure this policy setting, no audit event is generated when a handle is manipulated.
Note: Events in this subcategory generate events only for object types where the corresponding Object Access subcategory is enabled. For example, if File system object access is enabled, handle manipulation security audit events are generated. If Registry object access is not enabled, handle manipulation security audit events will not be generated.
Removable storage
This policy setting allows you to audit user attempts to access file system objects on a removable storage device. A security audit event is generated only for all objects for all types of access requested.
If you configure this policy setting, an audit event is generated each time an account accesses a file system object on a removable storage. Success audits record successful attempts and Failure audits record unsuccessful attempts.
If you do not configure this policy setting, no audit event is generated when an account accesses a file system object on a removable storage.
The answer is right.
This article explains it exactly:
Monitor the Use of Removable Storage Devices
https://technet.microsoft.com/en-us/library/jj574128.aspx