System Integrity and Auditing

System integrity ensures that the software and hardware responsible for enforcing the system’s security cannot themselves be compromised by regular users or their programs. Unlike many desktop operating systems, Windows NT is built around a security kernel that ultimately protects the system itself. The security kernel also enforces the access controls that protect all sensitive files and data outside the kernel, making the protection complete. System integrity is the foundation upon which all other security protections rely.

The importance of an audit trail, a tamper-proof record of security-related events, speaks for itself. Windows NT has a rich auditing system, and many applications produce security logs particular to their services.