1.013 - System information backups are not created, updated, and protected according to DISA requirements.

Information

Recovery of a damaged or compromised system in a timely basis is difficult without a system information backup. A system backup will usually include sensitive information such as user accounts that could be used in an attack. As a valuable system resource, the system backup should be protected and stored in a physically secure location.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Implement data backup procedures that comply with DoD requirements.

See Also

http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|III, CCI|CCI-000366, Rule-ID|SV-29626r1_rule, STIG-ID|1.013, Vuln-ID|V-1076

Plugin: Windows

Control ID: 9a286c21c5632e8a93e7cc5c66dbdf6e7da14620e1aab32d69765b90572db5f3