Security of windows 2000
...ct international security standards. Windows 2000 has met the standards set by the US Governments C2 Security Standards. In fact Microsoft, and to a lesser extent Novell, tout C2 as a selling point for its network operating systems C2 Security Standards Although originally intended for military applications, C2 has always been a public document. Some businesses and computer vendors have adopted C2--any rating below C2 has little security--as their security standard C2 has the following characteristics: · The system must have good documentation at both the user and administration level and have documentation on security testing. · The system must authenticate all users as unique individuals. · The system must not allow objects to be reused or recovered once deleted. · The system administrator must audit all security events. · The system must protect all objects and processes from all others. Most corporations agree that these features are necessary. Where and how businesses implement these security features is part of a well-planned security policy based on real business data and accounting. Due to meeting these strict standards Microsoft can tout their 2000 version of their Windows family of operating systems as a fortress of a system. Security Tools Available Some tools it uses are a) Requiring users to log on to their own computers Although Windows 2000 is not the first of the Windows family to introduce password protection for logging on to the system. Windows 98 allowed a user to assign a password for logging on to his/her profile on the system. The innovative thing is that Windows 2000 is the first member of the family to make this password protection mandatory it also does not suffer from the same fallacy that 98 suffered from. In other words, you cannot just press the escape key and bypass the logon security procedures. b) 100% Protected Mode Windows 98 and 95 you could still use some old real – mode drivers for your favourite peripheral. This meant that the drivers could talk directly to the PC hardware thus causing crashes and errors that often beset other users. Windows 2000 however is more stable and as such more secure as it only operates in protected mode. This now means that drivers have to go through the operating system (or more accurately the Hardware Abstraction Layer HAL, in the operating system) in order to talk to the hardware. c) Defines user rights that control user's actions The administrator or the person in charge of a Windows 2000 based network can for the first time in the windows family assign strict user accounts while maintaining the flexibility and ease in maintaining it. Administrators can use the Computer Management tool to: Create a user account Specify the general level of access for that user Assign that user to a group for the assignment of permissions Set the permissions for that user/ group d) User file and printer permissions to control access Administrators can also add an extra layer of security by adding permissions to specific files and folders. This can be used to restric...