Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network device must back up audit records at least every seven days onto a different system or system component than the system or component being audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-55209 | SRG-APP-000125-NDM-000241 | SV-69455r1_rule | Medium |
| Description |
|---|
| Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited helps to assure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2017-07-07 |
Details
| Check Text ( C-55831r1_chk ) |
|---|
| Determine if the network device backs up audit records at least every seven days onto a different system or system component than the system or component being audited. This requirement may be verified by configuration review. This requirement can be met by use of a syslog/audit log server if the device is configured to send logs to that server. Backup requirements would be levied on the target server but are not a part of this check. If the network device does not back up audit records at least every seven days onto a different system or system component than the system or component being audited, this is a finding. |
| Fix Text (F-60075r1_fix) |
|---|
| Configure the network device to back up audit records at least every seven days onto a different system or system component than the system or component being audited. |