Which two actions should you perform?

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All
servers runs Windows Server 2012 R2. The domain contains two domain controllers named DC1 and
DC2.Both domain controllers are virtual machines on a Hyper-V host.
You plan to create a cloned domain controller named DC3 from an image of DC1.
You need to ensure that you can clone DC1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.
Add the computer account of DC3 to the Cloneable Domain Controllers group.

B.
Modify the contents of the DefaultDCCIoneAllowList.xml file on DC1.

C.
Run the Enable-AdOptionalFeaturecmdlet.

D.
Create a DCCIoneConfig.xml file on DC1.

E.
Add the computer account of DC1 to the Cloneable Domain Controllers group.

Explanation:
Cloneable Domain Controllers Group (located in the Users container).Membership in this group dictates
whether a DC can or cannot be cloned. This group has some permissions set on the domain head that should
not be removed. Removing these permissions will cause cloning to fail. Also, as a best practice, DCs shouldn’t
be added to the group until you plan to clone and DCs should be removed from the group once cloning is
complete. Cloned DCs will also end up in the Cloneable Domain Controllers group.
DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it
boots. This includes network settings, DNS, WINS, AD site name, new DC name and more.