ABSTRACT
The Windows NT operating system offers substantial security and audit features that have earned it the C2 evaluation for auditing and authentication from the National Computer Security Center (NCSC). The features described in this chapter should be implemented according to the policies and standards of the organization. Windows NT uses a client/server architecture in which clients and servers are grouped together to form domains. Each domain contains one or more servers, shares common databases and security policies, and has a unique name. How the domains interact should be determined before the operating system is installed. The trust relationships among these domains must be based on the business needs of the organization in conjunction with its security policies.
