Title

System information backups are not created, updated, and protected according to DISA requirements. (Cat III impact)

Discussion

Recovery of a damaged or compromised system in a timely basis is difficult without a system information backup. A system backup will usually include sensitive information such as user accounts that could be used in an attack. As a valuable system resource, the system backup should be protected and stored in a physically secure location.

Check Content

Interview the SA to determine if system recovery backup procedures are in place that comply with DoD requirements. Any of the following would be a finding: •The site does not maintain emergency system recovery data. •The emergency system recovery data is not protected from destruction and stored in a locked storage container. •The emergency system recovery data has not been updated following the last system modification.

Fix Text

Implement data backup procedures that comply with DoD requirements.

Additional Identifiers

Rule ID: SV-29624r1_rule

Vulnerability ID: V-1076

Group Title: System Recovery Backups

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.