Check: SOL-11.1-090070
Solaris 11 SPARC STIG:
SOL-11.1-090070
(in versions v2 r10 through v1 r10)
Title
The operating system must conduct backups of operating system documentation including security-related documentation per organization-defined frequency to conduct backups that is consistent with recovery time and recovery point objectives. (Cat II impact)
Discussion
Operating system backup is a critical step in maintaining data assurance and availability. System documentation is data generated for/by the host (such as logs) and/or administrative users. Backups shall be consistent with organizational recovery time and recovery point objectives.
Check Content
The operations staff shall ensure that proper backups are created, tested, and archived. Ask the operator for documentation on the backup procedures implemented. If the backup procedures are not documented then this is a finding.
Fix Text
The operations staff shall install, configure, test, and verify operating system backup software. Additionally, all backup procedures must be documented.
Additional Identifiers
Rule ID: SV-216463r603267_rule
Vulnerability ID: V-216463
Group Title: SRG-OS-000480
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-000539 |
The organization conducts backups of information system documentation, including security-related documentation, per an organization-defined frequency that is consistent with recovery time and recovery point objectives. |