The operating system must offload audit records onto a different system or media from the system being audited.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-203701	SRG-OS-000342-GPOS-00133	SV-203701r958754_rule		Low

Description

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

STIG	Date
General Purpose Operating System Security Requirements Guide	2024-12-04

Details

Check Text (C-3826r375050_chk)

Verify the operating system off-loads audit records onto a different system or media from the system being audited. If it does not, this is a finding.

Fix Text (F-3826r375051_fix)

Configure the operating system to off-load audit records onto a different system or media from the system being audited.