The operating system must off-load audit records onto a different system or media from the system being audited.

STIG ID: SRG-OS-000342-GPOS-00133  |  SRG: SRG-OS-000342 |  Severity: medium |  CCI: CCI-001851 |  Vulnerability Id: V-203701 | 

Vulnerability Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration.

Off-loading is a common process in information systems with limited audit storage capacity.

Check

Verify the operating system off-loads audit records onto a different system or media from the system being audited. If it does not, this is a finding.

Fix

Configure the operating system to off-load audit records onto a different system or media from the system being audited.