September 23, 2004 at 10:42 am
When is c2 audit mode considered appropriate?
September 23, 2004 at 11:30 am
The biggest advantage with c2 mode is that SQL Server will stop if for some reason(drive filling up) SQL server cannot write to the trace file. This is something which might be helpful if your application has a stringent requirement of auditing all the events.
September 24, 2004 at 3:11 am
C2 audit mode is based in the C2 definition in the US DOD 5200.28 standard. This standard is now obsolete and has been replaced be a security evaluation system called 'Common Criteria'. C2 audit mode does not fit cleanly into any of the CEM Evaluation Levels.
It could therefore be difficult to build a business case to use C2 audit mode, as its foundations are no longer considered good practice by security practitioners. If your organisation has determined that it needs to implement the Bell-La Padula security model used in the 5200.28 standard, then C2 may be appropriate for you. Otherwise it has increasingle little relevance to today's businesses.
Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.
When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply