Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must conduct automated backups of application-level information contained in the application server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35254 | SRG-APP-000146-AS-000099 | SV-46541r1_rule | Medium |
| Description |
|---|
| Information system backup is a critical step in maintaining data assurance and availability. Application-level information includes all data relevant to the successful recovery of the application domain. Backups shall be consistent with organizational recovery time and recovery point objectives. The application server must provide the capability to back up the application domains and application related configuration information. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43609r1_chk ) |
|---|
| Review the AS configuration and organizational policy to determine backup strategy. Backups must be consistent with recovery time and recovery point objectives. If application level data are not backed up on an automated basis, this is a finding. |
| Fix Text (F-39787r1_fix) |
|---|
| Implement automated application-level backup strategy. |