The UEM server must back up audit records at least every seven days onto a log management server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-234347 | SRG-APP-000125-UEM-000074 | SV-234347r617355_rule | Medium |
| Description |
|---|
| Protection of log data includes ensuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an organizationally defined frequency helps ensure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records. This requirement only applies to applications that have a native backup capability for audit records. Operating system backup requirements cover applications that do not provide native backup functions. Satisfies:FAU_STG_EXT.1.1, FMT_SMF.1.1(2) Refinement b |
| STIG | Date |
|---|---|
| Unified Endpoint Management Server Security Requirements Guide | 2020-12-14 |
Details
| Check Text ( C-37532r614051_chk ) |
|---|
| Verify the UEM server backs up audit records at least every seven days onto a log management server. If the UEM server does not back up audit records at least every seven days onto a log management server, this is a finding. |
| Fix Text (F-37497r614052_fix) |
|---|
| Configure the UEM server to back up audit records at least every seven days onto a log management server. |