The UEM server must, at a minimum, off-load audit logs of interconnected systems in real time and off-load standalone systems weekly.

An XCCDF Rule

Description

<VulnDiscussion>Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. Satisfies:FMT_SMF.1.1(2) c.8, FAU_STG_EXT.1.1(1) Reference:PP-MDM-411054</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-234665r961860_rule
Severity: Medium
References: CCI-001851
Updated: 18 days ago

Configure the UEM server to, at a minimum, off-load audit logs of interconnected systems in real time and off-load standalone systems weekly.

The UEM server must, at a minimum, off-load audit logs of interconnected systems in real time and off-load standalone systems weekly.

Description

Remediation - Manual Procedure