Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2. The servers for the sites are configured as shown in the following table.
Server1 hosts a standard primary zone for contoso.com. Server2 hosts a secondary zone for contoso.com.
You need to ensure that all DNS replication traffic between Server1 and Server2 is encrypted.
What should you do?
A.
On Server1, configure DNSSEC for the contoso.com zone.
B.
On Server1, convert the contoso.com zone to an Active Directory-integrated zone.
C.
On each server, create connection security rules.
D.
On each server, enable Encrypting File System (EFS) encryption for the contoso.com.dns file.