An error occurred:

Check: SRG-OS-000479-GPOS-00224

General Purpose Operating System SRG: SRG-OS-000479-GPOS-00224 (in versions v2 r7 through v1 r4)

Title

The operating system must, at a minimum, off-load audit data from interconnected systems in real time and off-load audit data from standalone systems weekly. (Cat II impact)

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

Check Content

Verify the operating system, at a minimum, off-loads interconnected systems in real time and off-loads standalone systems weekly. If it does not, this is a finding.

Fix Text

Configure the operating system to, at a minimum, off-load interconnected systems in real time and off-load standalone systems weekly.

Additional Identifiers

Rule ID: SV-203777r851831_rule

Vulnerability ID: V-203777

Group Title: SRG-OS-000479

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001851

The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-4 (1)

Transfer To Alternate Storage