The operating system must, at a minimum, off-load audit records of interconnected systems in real time and off-load standalone systems weekly.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-57719 | WN12-AU-000203-02 | SV-72133r1_rule | Medium |
| Description |
|---|
| Protection of log data includes assuring the log data is not accidentally lost or deleted. Audit information stored in one location is vulnerable to accidental or incidental deletion or alteration. |
| STIG | Date |
|---|---|
| Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide | 2020-06-16 |
Details
| Check Text ( C-58511r2_chk ) |
|---|
| Verify the operating system, at a minimum, off-loads audit records of interconnected systems in real time and off-loads standalone systems weekly. If it does not, this is a finding. |
| Fix Text (F-62925r1_fix) |
|---|
| Configure the operating system to, at a minimum, off-load audit records of interconnected systems in real time and off-load standalone systems weekly. |