UCF STIG Viewer Logo

The DBMS must support the requirement to back up audit data and records onto a different system or media than the system being audited on an organization-defined frequency.


Overview

Finding ID Version Rule ID IA Controls Severity
V-61665 O121-C2-010000 SV-76155r1_rule Medium
Description
Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto media separate from the system being audited on an organizational-defined frequency helps to assure, in the event of a catastrophic system failure, the audit records will be retained.
STIG Date
Oracle Database 12c Security Technical Implementation Guide 2019-09-26

Details

Check Text ( C-62537r1_chk )
Check with the database administrator, storage administrator or system administrator, as applicable at the site, to verify that Oracle is configured EITHER to perform backups of the audit data specifically, OR, with appropriate permissions granted, to permit a third-party tool to do so. Test the backup process. Test the restore process (using a non-production system as the target).

If Oracle is not so configured, this is a finding.

If the test run of the backup and restore fails, this is a finding.
Fix Text (F-67579r1_fix)
Utilize DBMS features or other software that supports the ability to back up audit data and records onto a system or media different from the system being audited on an organization-defined frequency.

EITHER use Oracle features (such as Backup or Data Pump) to perform backups of the audit data specifically, OR grant appropriate permissions to permit a third-party tool to do so.