Store passwords encrypted and log all administrator access to password files; for ActiveDirectory, use whole disk encryption on domain controllers that are not in a secure location.See also: Level 2, Level 3, Level 4, SA7, Servers A