Windows Server 2019 audit records must be backed up to a different system or media than the system being audited.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-205799 | SRG-OS-000342-GPOS-00133 | WN19-AU-000010 | SV-205799r958754_rule | 2025-05-23 | 3 |
| Description |
|---|
| Protection of log data includes assuring the log data is not accidentally lost or deleted. Audit information stored in one location is vulnerable to accidental or incidental deletion or alteration. |
| ℹ️ Check |
|---|
| Determine if a process to back up log data to a different system or media than the system being audited has been implemented. If it has not, this is a finding. |
| ✔️ Fix |
|---|
| Establish and implement a process for backing up log data to another system or media other than the system being audited. |