Your company has two Active Directory forests as shown in the following table.
Forest name Forest functional level Domain(s)
contoso.com Windows Server 2008 contoso.com
fabrikam.com Windows Server 2008 fabrikam.com eng.fabrikam.com The forests are connected by using a two-way forest trust. Each trust direction is configured with forest-wide authentication. The new security policy of the company prohibits users from the eng.fabrikam.com domain to access resources in the contoso.com domain. You need to configure the forest trust to meet the new security policy requirement.
What should you do?
A.
Delete the outgoing forest trust in the contoso.com domain.
B.
Delete the incoming forest trust in the contoso.com domain.
C.
Change the properties of the existing incoming forest trust in the contoso.com domain from Forest-wide authentication to Selective authentication.
D.
Change the properties of the existing outgoing forest trust in the contoso.com domain to exclude *.eng.fabrikam.com from the Name Suffix Routing trust properties.