问题：

[多选] Your company has a single active directory domain. All servers run windows server 2008. The company network has servers that perform as web servers. All confidential files are located on a server named FSS1. The company security policy states that all confidential data must be transmitted in the most secure manner. When you monitor the network you notice that the confidential files stored on FSS1 server are being transmitted over the network without encryption. You need to ensure that encryption is always used when the confidential files on the FSS1 server are transmitted over the network. What are two possible ways to achieve this goal? （）

A . Deactivate all LM and NTLM authentication methods on FSS1 server.
B . Use IIS to publish the confidential files, activate SSL on the IIS server, and then open the files as a web folder.
C . Use IPsec encryption between the FSS1 server and the computers of the users who need to access the confidential files.
D . Use the server message block (SMB) signing between the FSS1 serve and the computers of the users who want to access the confidential files.
E . Activate offline files for the confidential files that are stored on the FSS1 server. In the folder advanced properties box, select the encrypt contents to secure data option.