Information
This policy setting ensures that audit records are backed up to a different system or media than the system being audited.
Rationale:
Protection of log data includes assuring the log data is not accidentally lost or deleted. Audit information stored in one location is vulnerable to accidental or incidental deletion or alteration.
Impact:
A secondary system that has enough resources to store large amounts of log data will be needed.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Establish and implement a process for backing up log data to another system or media other than the system being audited.
Default Value:
N/A
Additional Information:
Microsoft Windows Server 2016 Security Technical Implementation Guide:
Version 2, Release 2, Benchmark Date: May 04, 2021
Vul ID: V-224875
Rule ID: SV-224875r569186_rule
STIG ID: WN16-AU-000010
Severity: CAT II