The Windows 2000 Target of Evaluation (TOE) is a general-purpose network operating system that provides controlled access between subjects and user data objects. Windows 2000 has a broad set of security capabilities including: single network logon; access control and data encryption; extensive security audit collection; and Light-weight Directory Access Protocol (LDAP) directory-based resource management. The Windows 2000 TOE provides the following security services: user data protection; audit; identification and authentication; security management; protection of the TOE Security Functions (TSF); resource quotas; and TOE access banners. The Windows 2000 security policies provide network-wide controlled access protection (access control), encrypted data/key protection and encrypted file protection. These policies enforce access limitations between individual users and data objects. The TOE is capable of auditing security relevant events that occur within a Windows 2000 network. All these security controls require users to identify themselves and be authenticated prior to using any node on the network.
DSD only approves the use of EFS for the protection of information up to and including the security classification of RESTRICTED and X-IN-CONFIDENCE (excluding CABINET-IN-CONFIDENCE).
Microsoft Legal Notice
©2009 Microsoft Corporation. All rights reserved.
Microsoft, Windows are trademarks of the Microsoft group of companies.