C2-level Security

The following list includes some of the most important requirements of C2-level security, as defined by the U.S. Department of Defense:

  • It must be possible to control access to a resource by granting or denying access to individual users or named groups of users.
  • Memory must be protected so that its contents cannot be read after a process frees it. Similarly, a secure file system, such as NTFS, must protect deleted files from being read.
  • Users must identify themselves in a unique manner, such as by password, when they log on. All auditable actions must identify the user performing the action.
  • System administrators must be able to audit security-related events. However, access to the security-related events audit data must be limited to authorized administrators.
  • The system must be protected from external interference or tampering, such as modification of the running system or of system files stored on disk.