You need to ensure that the adatum.com users can access the resources in all of the domains in the forest

Your network contains an Active Directory forest named contoso.com.
The forest contains three domains. All domain controllers run Windows Server 2012 R2. The forest
has a two-way realm trust to a Kerberos realm named adatum.com.
You discover that users in adatum.com can only access resources in the root domain of
contoso.com.
You need to ensure that the adatum.com users can access the resources in all of the domains in
the forest.
What should you do in the forest?

A.
Delete the realm trust and create a forest trust.

B.
Delete the realm trust and create three external trusts.

C.
Modify the incoming realm trust.

D.
Modify the outgoing realm trust.

Explanation:
* A one-way, outgoing realm trust allows resources in your Windows Server domain (the domain
that you are logged on to at the time that you run the New Trust Wizard) to be accessed by users
in the Kerberos realm.
* You can establish a realm trust between any non-Windows Kerberos version 5 (V5) realm and
an Active Directory domain. This trust relationship allows cross-platform interoperability with
security services that are based on other versions of the Kerberos V5 protocol, for example, UNIX
and MIT implementations. Realm trusts can switch from nontransitive to transitive and back.
Realm trusts can also be either one-way or two-way.