Check: WN12-AU-000201
Windows 2012 IAVM:
WN12-AU-000201
(in version v1 r30)
Title
Audit data must be retained for at least one year. (Cat II impact)
Discussion
Audit records are essential for investigating system activity after the fact. Retention periods for audit data are determined based on the sensitivity of the data handled by the system.
Check Content
Determine whether audit data is retained for at least one year. If the audit data is not retained for at least a year, this is a finding.
Fix Text
Ensure the audit data is retained for at least a year.
Additional Identifiers
Rule ID:
Vulnerability ID: V-36671
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |