Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2008 R2 and are configured as DNS servers. All client computers run Windows 7.
You create a new zone named secure.contoso.com and configure the zone to use DNSSEC. You need
to ensure that all client computers verify whether the name and address information of
secure.contoso.com is validated by the DNS servers. What should you configure from Group Policy?
A.
an IPSec Security policy
B.
the DNS Client settings
C.
the Public Key policies
D.
a Name Resolution Policy rule
Explanation:
http://technet.microsoft.com/en-us/library/ee649182(WS.10).aspx
D