The operating system must, at a minimum, off-load audit data from interconnected systems in real time and off-load audit data from standalone systems weekly.

STIG ID: SRG-OS-000479-GPOS-00224  |  SRG: SRG-OS-000479 |  Severity: medium |  CCI: CCI-001851 |  Vulnerability Id: V-203777 | 

Vulnerability Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration.

Off-loading is a common process in information systems with limited audit storage capacity.

Check

Verify the operating system, at a minimum, off-loads interconnected systems in real time and off-loads standalone systems weekly. If it does not, this is a finding.

Fix

Configure the operating system to, at a minimum, off-load interconnected systems in real time and off-load standalone systems weekly.