You manage a single domain named

widgets.com.

Organizational units $($OUS$)$ have been created for each company department. User and computer accounts have been moved into their corresponding ous. Members of the Directors OU want to enforce longer passwords than are required for the rest of the users.

You define a new granular password policy with the required settings. All users in the Directors OU are currently members of the DirectorsGG group, which is a global security group in that OU$.$ You apply the new password policy to that group. Matt Barnes is the chief financial officer, and he would like his account to have even stricter password policies than are required for other members in the Directors OU$.$

What should you do$?$

Create a granular password policy for Matt. Apply the new policy directly to Matt's user account.

Edit the existing password policy. Define exceptions for the required settings. Apply the exceptions to Matt's user account.

Create a granular password policy for Matt. Apply the new policy directly to Matt's user account. Remove Matt from the DirectorsGG group.

Create a granular password policy for Matt. Create a new group, make Matt a member of that group, and then apply the new policy directly to the new group. Make sure the new policy has a higher precedence value than the value for the existing policy.