The IDPS must support organizational requirements to conduct backups of information system documentation including security related documentation per organizationally defined frequency that is consistent with recovery time and recovery point object
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000137-IDPS-000129 | SRG-NET-000137-IDPS-000129 | SRG-NET-000137-IDPS-000129_rule | Low |
| Description |
|---|
| System information contained on an IDPS contains default and customized attributes as well as software required for the execution and operation of the device. If this information becomes corrupted by hardware failures or by a malicious user, it must be restored immediately to ensure network availability. Backing up this information is a critical step for data recovery. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43262_chk ) |
|---|
| Verify IDPS information system and security-related documentation stored on the IDPS management console are included in backup job. Verify this information is backed up in accordance with an organizationally defined schedule. Verify the backup job is scheduled to perform automatically without system administrator intervention. Verify the backup is configured to a different system or off-line media. If user account information is not backed up periodically to a different system or off-line media, this is a finding. |
| Fix Text (F-43262_fix) |
|---|
| Configure a backup job to automatically backup IDPS information system and security-related documentation stored on the IDPS management console on a schedule identified by the DAA or designated representative. Verify the backup is configured to direct the sensor log files to a different system or off-line media. |