The application must support the requirement to back up audit data and records onto a different system or media than the system being audited on an organization-defined frequency.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35365	SRG-APP-000125-MAPP-NA	SV-46652r1_rule		Medium

Description
Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained. Rationale for non-applicability: This control is required in the MDM SRG. Mobile applications can leverage the audit review, analysis, and reporting tools of centralized logging systems.

Description

Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained. Rationale for non-applicability: This control is required in the MDM SRG. Mobile applications can leverage the audit review, analysis, and reporting tools of centralized logging systems.

STIG	Date
Mobile Application Security Requirements Guide	2013-01-04

Details

Check Text ( C-43731r1_chk )
This requirement is NA for the MAPP SRG.

Fix Text (F-39913r1_fix)
The requirement is NA. No fix is required.