CA VM:Secure product audit records must offload audit records to a different system or media.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-237938 | SRG-OS-000342-GPOS-00133 | IBMZ-VM-000940 | SV-237938r851946_rule | 2022-08-31 | 2 |
| Description |
|---|
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. |
| ℹ️ Check |
|---|
| If there is no documented process for audit offload, this is a finding. Examine the documented user process for audit record offload. If the procedure does not offload to a different system or media, this is a finding. |
| ✔️ Fix |
|---|
| Develop a user written procedure to offload audit records to a different system or media. |