Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must back up application server configuration data on an automated basis.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35257 | SRG-APP-000146-AS-000100 | SV-46544r1_rule | Medium |
| Description |
|---|
| Information system backup is a critical step in maintaining data assurance and availability. Application server configuration information includes all data relevant to the successful recovery of the application server itself. Backups shall be consistent with organizational recovery time and recovery point objectives. The application server must be configured to automatically invoke backups of the application server configuration information. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43625r1_chk ) |
|---|
| Review the AS configuration and organizational policy to determine backup strategy. Backups must be consistent with recovery time and recovery point objectives. If application server configuration data are not backed up on an automated basis, this is a finding. |
| Fix Text (F-39803r1_fix) |
|---|
| Implement automated system level backup strategy and include AS configuration data. |