Documentation - V-222481

V-222481

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must off-load audit records onto a different system or media than the system being audited.

Description

<VulnDiscussion>Information stored in one location is vulnerable to accidental or incidental deletion or alteration. In addition, attackers often manipulate logs to hide or obfuscate their activity. The goal is to off-load application logs to a separate server as quickly and efficiently as possible so as to mitigate these risks. A centralized logging solution offering applications an enterprise designed and managed logging capability which is the desired solution. However, when a centraliz...

Fix Text (Documentation Requirement)

Configure the application to off-load audit records onto a different system as per approved schedule.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel