The network device must backup system level audit event log records on an organizationally defined frequency onto a different system or media.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000105-NDM-000070 | SRG-NET-000105-NDM-000070 | SRG-NET-000105-NDM-000070_rule | Low |
| Description |
|---|
| Auditing and logging are key components of any security architecture. Logging the actions of specific events provides a means to investigate an attack, recognize resource utilization or capacity thresholds, or to simply identify an improperly configured network device. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000105-NDM-000070_chk ) |
|---|
| Verify the network device performs backup of system level audit event log records to separate repository. If the network device does not perform backups of system level audit event log records to a separate repository, this is a finding. |
| Fix Text (F-SRG-NET-000105-NDM-000070_fix) |
|---|
| Configure the network device to perform backups of system level audit event log records to a separate repository. |