The operating system must back up audit records on an organization defined frequency onto a different system or media than the system being audited.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33207	SRG-OS-000215-NA	SV-43608r1_rule		Medium

Description
Protection of log data includes assuring the log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited, on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained. Rationale for non-applicability: Combined consideration of storage resource constraints and the required relationship between auditing, logging, and back-end MDM servers this functionality is more appropriately required of the back-end MDM server.

Description

Protection of log data includes assuring the log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited, on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained. Rationale for non-applicability: Combined consideration of storage resource constraints and the required relationship between auditing, logging, and back-end MDM servers this functionality is more appropriately required of the back-end MDM server.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41471r2_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-37111r3_fix)
The requirement is NA. No fix is required.