UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

DBMS must conduct backups of system-level information per organization defined frequency that is consistent with recovery time and recovery point objectives.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32436 SRG-APP-000146-DB-000099 SV-42773r1_rule Medium
Description
Information system backup is a critical step in maintaining data assurance and availability. System-level information includes: system-state information, operating system and application software, and licenses. Backups shall be consistent with organizational recovery time and recovery point objectives. Databases that do not backup information regularly risk the loss of that information in the event of a system failure. Most databases contain functionality to allow regular backups, it is important that this functionality is enabled and configured correctly to prevent data loss.
STIG Date
Database Security Requirements Guide 2012-07-02

Details

Check Text ( C-40878r2_chk )
Review DBMS backup configuration to determine that system level data is backed up in according with organization defined frequency. If the system level data of the DBMS is not backed up to the organization defined frequency, this is a finding.
Fix Text (F-36351r2_fix)
Utilize a DBMS or third party product, to meet the requirement, of backing up system data according to the organization defined frequency.