DISA STIGS Viewer

The operating system must conduct backups of operating system documentation including security-related documentation per organization-defined frequency to conduct backups that is consistent with recovery time and recovery point objectives.

Overview

Finding ID Version Rule ID IA Controls Severity
V-216227 SOL-11.1-090070 SV-216227r959010_rule   Medium
Description
Operating system backup is a critical step in maintaining data assurance and availability. System documentation is data generated for/by the host (such as logs) and/or administrative users. Backups shall be consistent with organizational recovery time and recovery point objectives.
STIG Date
Solaris 11 X86 Security Technical Implementation Guide 2025-05-05

Details

Check Text (C-17465r373063_chk)
The operations staff shall ensure that proper backups are created, tested, and archived.

Ask the operator for documentation on the backup procedures implemented.

If the backup procedures are not documented then this is a finding.
Fix Text (F-17463r373064_fix)
The operations staff shall install, configure, test, and verify operating system backup software.

Additionally, all backup procedures must be documented.