Microsoft Windows Server 2012/2012 R2 Member Server STIG:
(in versions v3 r7 through v2 r7)
Backups of system-level information must be protected. (Cat III impact)
A system backup will usually include sensitive information such as user accounts that could be used in an attack. As a valuable system resource, the system backup must be protected and stored in a physically secure location.
Determine if system-level information backups are protected from destruction and stored in a physically secure location. If they are not, this is a finding.
Ensure system-level information backups are stored in a secure location and protected from destruction.
Rule ID: SV-225253r569185_rule
Vulnerability ID: V-225253
Group Title: SRG-OS-000185-GPOS-00079
The organization implements the security configuration settings.