Your company has a Microsoft Exchange Server 2007 Service Pack 1 (SP1) environment with Standard client access licenses (CALs) installed. Employees have Windows Mobile 6.5 devices. You manage the devices by using Microsoft Exchange ActiveSync. You configure an Exchange ActiveSync policy to allow only signed applications to run on the Windows Mobile devices. Employees are still able to run unsigned applications on their Windows Mobile devices. You need to ensure that employees cannot run unsigned applications on their Windows Mobile devices.
What should you do?
A.
Upgrade to Enterprise CALs.
B.
Add all unsigned applications to the Exchange ActiveSync policy.
C.
Deploy a code-signing certificate to each Windows Mobile device.
D.
Reapply the Exchange ActiveSync policy to each Windows Mobile device.