Title

The Central Log Server system backups must be retained for a minimum of 5 years for SAMI (Sources and Methods Information) and a minimum of 7 days for non-SAMI on media capable of guaranteeing file integrity for the minimum applicable information retention period. (Cat III impact)

Discussion

If backups are not properly processed, protected, and stored on appropriate media, recovery from a system failure or implementation of a contingency plan would not include the data necessary to fully recover in the time required to ensure continued mission support.

Check Content

Review the SSP, backup media documentation, and system backup configuration. Verify the Central Log Server system is backed up to media capable of guaranteeing file integrity for a minimum of five years. If the Central Log Server does not retain backups for a minimum of five years for SAMI and a minimum of seven days for non-SAMI, this is a finding. If the Central Log Server system backups are not stored on appropriate media capable of guaranteeing file integrity for a minimum of five years for systems retaining SAMI, this is a finding.

Fix Text

Configure the Central Log Server to retain backups of system information for a minimum of five years for SAMI and a minimum of seven days for non-SAMI. Select backup media that guarantees file integrity for a minimum of five years for systems retaining SAMI. Document the required retention period in the SSP.

Additional Identifiers

Rule ID: SV-206459r864172_rule

Vulnerability ID: V-206459

Group Title: SRG-APP-000125

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.