The National Computer Security Center (NCSC) evaluation process does a good job of ensuring that Windows NT can properly enforce your security policy, but it does not dictate what your security policy must be. There are many features of Windows NT that need to be considered when determining how to use the computer within your specific environment. What level of auditing will you require? How should your files be protected to ensure that only the right people can access them? What applications should you allow people to run? Should you use a network? If so, what level of physical isolation of the actual network cable is needed?
To address the environmental aspects of a computing environment, the NCSC has produced a document called Introduction to Certification and Accreditation. In this document "certification" is described as a plan to use computer systems in a specific environment, and "accreditation" is the evaluation of that plan by administrative authorities. It is this certification plan, and the subsequent accreditation procedure, that balances the sensitivity of the data being protected against the environmental risks present in the way the computing systems are used. For example, a certification plan for a university computing lab might require that computers be configured to prevent starting from a floppy disk, to minimize the risk of infection by virus or Trojan Horse programs. In a top-secret Defense Department development lab, it might be necessary to have a fiber-optic LAN to prevent generation of electronic emissions. A good certification plan covers all aspects of security, from backup/recovery mechanisms to the Marine guards standing at the front door of your building.
If you need to set up a C2-certifiable system, contact the Microsoft Federal Office for a copy of "Microsoft Report on C2 Evaluation of Windows NT." This document lists the hardware configurations in which Windows NT has been evaluated; the list is updated as more configurations are tested. The document also specifies the set of features that were implemented for C2 evaluation, so that you can duplicate them if necessary for your own C2-certifiable system. These features are essentially those recommended for high-level security in this document.
For your C2 certification, you will need to choose the combination of security features described in this document, in the Windows NT documentation, and in the Windows NT Resource Kit that fits your particular combination of resources, personnel, work flow, and perceived risks. You might also want to study Appendix D, "Security In a Software Development Environment," especially if you are using custom or in-house software. This appendix also provides information on managing and interpreting the security log, and technical details on special-case auditing (for example, auditing base objects).