Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-225309 | WN12-AU-000203-02 | SV-225309r569185_rule | Medium |
Description |
---|
Protection of log data includes assuring the log data is not accidentally lost or deleted. Audit information stored in one location is vulnerable to accidental or incidental deletion or alteration. |
STIG | Date |
---|---|
Microsoft Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide | 2020-10-15 |
Check Text ( C-27008r471269_chk ) |
---|
Verify the operating system, at a minimum, off-loads audit records of interconnected systems in real time and off-loads standalone systems weekly. If it does not, this is a finding. |
Fix Text (F-26996r471270_fix) |
---|
Configure the operating system to, at a minimum, off-load audit records of interconnected systems in real time and off-load standalone systems weekly. |