Title

In the event of a system failure, the operating system must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. (Cat II impact)

Discussion

Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes.

Check Content

Verify, in the event of a system failure, the operating system preserves any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. If it does not, this is a finding.

Fix Text

Configure the operating system to preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes, in the event of a system failure.

Additional Identifiers

Rule ID: SV-203677r379318_rule

Vulnerability ID: V-203677

Group Title: SRG-OS-000269

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.