Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-15853 | ESX0540 | SV-16794r1_rule | CODP-1 CODP-2 CODP-3 | Medium |
Description |
---|
Disaster and recovery plans should be drafted and exercised in accordance with the MAC level of the system/Enclave as defined by the DoDI 85002. Disaster plans provide for the resumption of mission or business essential functions. A disaster plan must exist that provides for the resumption of mission or business essential functions within the specified period of time depending on MAC level. (Disaster recovery procedures include business recovery plans, system contingency plans, facility disaster recovery plans, and plan acceptance). |
STIG | Date |
---|---|
VMware ESX 3 Policy | 2016-05-03 |
Check Text ( C-16202r1_chk ) |
---|
Request a copy of the disaster recovery plan from the IAO/SA. Review the plan to verify that the ESX Server, management applications, virtual machines, and all necessary system peripherals are included in the plan. If the plan does not include the virtual infrastructure or is incomplete, this is a finding. |
Fix Text (F-15807r1_fix) |
---|
Add the virtual infrastructure to the disaster recovery plan. |