The DBMS must support the requirement to back up audit data and records onto a different system or media than the system being audited on an organization defined frequency.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32401	SRG-APP-000125-DB-000170	SV-42738r1_rule		Medium

Description
Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained.

STIG	Date
Database Security Requirements Guide	2012-07-02

Details

Check Text ( C-40843r1_chk )
Review DBMS vendor documentation to determine whether the DBMS software supports the requirement to back up audit data and records onto a different system or media than the system being audited on an organization defined frequency. This can include a SIEM solution or other log management product. If the DBMS does not allow audit data and records to be backed up onto a different system or media, this is a finding.

Check Text ( C-40843r1_chk )

Review DBMS vendor documentation to determine whether the DBMS software supports the requirement to back up audit data and records onto a different system or media than the system being audited on an organization defined frequency. This can include a SIEM solution or other log management product. If the DBMS does not allow audit data and records to be backed up onto a different system or media, this is a finding.

Fix Text (F-36316r1_fix)
Utilize DBMS software that supports the ability to back up audit data and records onto a different system or media than the system being audited on an organization defined frequency.