UCF STIG Viewer Logo

ECTB-1 Audit Trail Backup


The audit records are backed up not less than weekly onto a different system or media than the system being audited.

MAC / CONF Impact Subject Area
Medium Enclave Computing Environment


Loss of important information/work is a risk if back-ups are not performed regularly.  Performing back-ups daily or at least weekly enhances the integrity and availability of information.

1. A back-up plan shall be established, documented, and implemented for all systems recording audit records within your C&A boundary.
2. The audit records shall be backed-up not less than weekly, and if possible, the back-up process should be automated.
3. The back-ups shall be saved to a different system or saved on a different media (e.g., disk, CD, tape) than the system being audited.


  • CJCSM 6510.01, Defense-in-Depth: Information Assurance (IA) and Computer Network Defense (CND), 25 March 2003
  • NIST SP 800-12, An Introduction to Computer Security: The NIST Handbook, October 1995
  • NSA Guide to Securing Windows 2000 – Policy Toolsets, 05 March 2003
  • NSA Guide to Securing Windows XP, 22 October 2004
  • DISA Unix STIG, Version 4, Release 4, 15 September 2003
  • DISA Solaris Security Checklist, 20 January 2004
  • DISA UNISYS STIG, 22 July 2003
  • NSA Windows 2000 Security Recommendations Guide 16 January 2004
  • NSA Windows NT Security Recommendations Guide 18 September 2001
  • DISA Database STIG, Version 7, Release 1, 29 October 2004