Chapter 1. Introduction
On This Page
Welcome to the Microsoft Windows 2000 Evaluated Configuration Administrator's Guide. This document provides sufficient guidance to allow an administrator to securely operate Windows 2000 in accordance with the requirements stated in the Windows 2000 Common Criteria Security Target (ST).
The Windows 2000 Common Criteria Security Target, henceforth referred to as the Windows 2000 ST, provides a set of security requirements taken from the Common Criteria (CC) for Information Technology Security Evaluation. The Windows 2000 product was evaluated against the Windows 2000 ST and found to satisfy the ST requirements.
This document is targeted at the administrator and provides a description of how to perform the administrative security functions needed to securely operate Windows 2000 in accordance with the ST requirements.
This document assumes the administrator is familiar with the security features of the Windows 2000 product. To administer a Windows 2000 computer or system, one should be familiar with the product documentation for the operating system such as the Microsoft Windows 2000 Resource Kit.
This document has the following chapters:
Chapter 1, "Introduction", introduces the purpose and structure of the document and the assumptions of the audience.
Chapter 2, "Security Administration", describes the Evaluated Configuration and provides an overview of the security functionality.
Chapter 3, "Administering Windows 2000 in a Secure Manner", provides a description of each of the security functions that must be performed by the administrator to securely operate the system in accordance with the requirements stated in the Security Target.
Chapter 4, "External Security Measures", describes any measures that should be addressed by the Windows 2000 environment which require the administrator's attention.
Chapter 5, "Acronyms"
Chapter 6, "References"
Throughout the document, the following conventions are followed:
Warnings: warnings are provided to make the administrator aware of cautions they should take to ensure the system is secure. Warnings are identified with the bolded word Warning (e.g. Warning: ").
Note: Text that is important for the administrator to take notice of is identified with a bolded word "Note" (e.g. Note).
Evaluated Configuration: used to refer to the configuration of Windows 2000 that was evaluated and determined to meet the Windows 2000 ST.
Windows 2000 Security Policies
Creating and Maintaining User and Group Accounts
Domains and Trust Relationships
Active Directory Sites and Services
Protection of TSF
Defining and Managing Security Templates
October 4, 2002
One Microsoft Way
Redmond, WA 98052-6399
Science Applications International Corporation
7125 Gateway Drive
Columbia, MD 21046
With special acknowledgement to the Windows 2000 Resource Kit, Microsoft Press