Which approach should you recommend?

An application will be deployed in a SharePoint 2010 server farm that is managed by department-level site
collection administrators.
You need to design this application to meet all the following requirements:
The application must contain a custom Web Part that accesses the object model at the farm level.
.The application must be available anywhere in the farm as more departments require the functionality.
.The site collection administrator in each department must be able to activate the application without the
help of the farm administrator.
.The level of access to the SharePoint 2010 object model must be limited. Which approach should you recommend?

A.
Create the Web Part as part of a feature in a sandboxed solution.
Then deploy it with a farm-level scope.

B.
Create the Web Part as part of a feature in a sandboxed solution.
Then deploy it by assigning a resource quota

C.
Create the Web Part as part of a feature.
Then deploy it to the bin directory of the Web application of each department.
Specify and deploy a Custom Access Security policy defining the security limitations of the Web Part.

D.
Create the Web Part as part of a feature.
Then deploy it to the bin directory of the Web application of each department.
Delegate authority to modify the security in the Web application web.config file to the site collection administrator of each department.