The operating system must off-load audit records onto a different system or media from the system being audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-203701 | SRG-OS-000342-GPOS-00133 | SV-203701r379693_rule | Medium |
| Description |
|---|
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. |
| STIG | Date |
|---|---|
| General Purpose Operating System Security Requirements Guide | 2022-06-06 |
Details
| Check Text ( C-3826r375050_chk ) |
|---|
| Verify the operating system off-loads audit records onto a different system or media from the system being audited. If it does not, this is a finding. |
| Fix Text (F-3826r375051_fix) |
|---|
| Configure the operating system to off-load audit records onto a different system or media from the system being audited. |