Your company has an Active Directory domain. The company runs Terminal Services.  Standard users who connect to the Terminal Server are in the TSUsers organizational unit （OU）. Administrative users are in the TSAdmins OU. No other users connect to the Terminal Server.  You need to ensure that only members of the TSAdmins OU can run the Remote Desktop Protocol files. What should you do？（）

• A、Create a Group Policy object （GPO） that configures the Allow .rdp files from unknown publishers policy setting in the Remote Desktop Client Connection template to Disabled. Apply the GPO to the TSUsers OU.
• B、Create a Group Policy object （GPO） that configures the Allow .rdp files from valid publishers and users default .rdp settings policy setting in the Remote Desktop Client Connection template to Disabled. Apply the GPO to the TSUsers OU.
• C、Create a Group Policy object （GPO） that configures the Allow .rdp files from valid publishers and users default .rdp settings policy setting in the Remote Desktop Client Connection template to Enabled. Apply the GPO to the TSAdmins OU.
• D、Create a Group Policy object （GPO） that configures the Specify SHA1 thumbprints of certificates representing trusted .rdp publishers policy setting in the Remote Desktop Client Connection template to Enabled. Apply the GPO to the TSAdmins OU.