UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must back up audit records at least every seven days onto a different system or system component than the system or component being audited.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55209 SRG-APP-000125-NDM-000241 SV-69455r1_rule Medium
Description
Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited helps to assure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records.
STIG Date
Network Device Management Security Requirements Guide 2017-07-07

Details

Check Text ( C-55831r1_chk )
Determine if the network device backs up audit records at least every seven days onto a different system or system component than the system or component being audited. This requirement may be verified by configuration review. This requirement can be met by use of a syslog/audit log server if the device is configured to send logs to that server. Backup requirements would be levied on the target server but are not a part of this check. If the network device does not back up audit records at least every seven days onto a different system or system component than the system or component being audited, this is a finding.
Fix Text (F-60075r1_fix)
Configure the network device to back up audit records at least every seven days onto a different system or system component than the system or component being audited.