Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-14226 | 1.032 | SV-32275r1_rule | ECRR-1 | Medium |
Description |
---|
This check verifies that Audit logs are archived to ensure data is not being lost. Audit logs are retained for at least 1 year, with systems containing source and methods intelligence (SAMI) retained for 5 years in accordance with DoD policy. |
STIG | Date |
---|---|
Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide | 2013-03-14 |
Check Text ( C-32925r1_chk ) |
---|
Interview the SA to determine the process for archiving audit logs. Audit logs will be retained for at least 1 year; on systems containing sources and methods intelligence (SAMI) logs will be retained for 5 years. |
Fix Text (F-29052r1_fix) |
---|
Define a process for archiving audit logs as required in accordance with DoD policy. |