CA VM:Secure product audit records must offload audit records to a different system or media.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-237938 | SRG-OS-000342-GPOS-00133 | IBMZ-VM-000940 | SV-237938r851946_rule | 2022-08-31 | 2 |
Description
Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
Off-loading is a common process in information systems with limited audit storage capacity.
ℹ️ Check
If there is no documented process for audit offload, this is a finding.
Examine the documented user process for audit record offload.
If the procedure does not offload to a different system or media, this is a finding.
✔️ Fix
Develop a user written procedure to offload audit records to a different system or media.