Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.)
A.
Publish the code signing template.
B.
Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.
C.
Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.
D.
Modify the security settings on the template to allow only administrators to request code signing certificates.