STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server system backups must be retained for a minimum of 5 years for SAML and a minimum of 7 days for on media capable of guaranteeing file integrity for a minimum of five years (SAML) and 7 days (non-SAML).

DISA Rule

SV-95841r2_rule

Vulnerability Number

V-81127

Group Title

SRG-APP-000125-AU-000310

Rule Version

SRG-APP-000125-AU-000310

Severity

CAT III

CCI(s)

• CCI-000167 - The organization retains audit records for an organization-defined time period to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.
• CCI-001348 - The information system backs up audit records on an organization-defined frequency onto a different system or system component than the system or component being audited.

Weight

10

Fix Recommendation

Configure the Central Log Server system to back up to media capable of guaranteeing file integrity for a minimum of five years.

Check Contents

Examine the configuration.

Verify the Central Log Server system is backed up to media capable of guaranteeing file integrity for a minimum of five years.

If the Central Log Server system backups are not stored on appropriate media capable of guaranteeing file integrity for a minimum of five years, this is a finding.

Vulnerability Number

V-81127

Documentable

False

Rule Version

SRG-APP-000125-AU-000310

Severity Override Guidance

Examine the configuration.

Verify the Central Log Server system is backed up to media capable of guaranteeing file integrity for a minimum of five years.

If the Central Log Server system backups are not stored on appropriate media capable of guaranteeing file integrity for a minimum of five years, this is a finding.

Check Content Reference

M

Target Key

3395

Comments