Windows Server 2019 audit records must be backed up to a different system or media than the system being audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-205799 | WN19-AU-000010 | SV-205799r958754_rule | CCI-001851 | medium |
| Description | ||||
| Protection of log data includes assuring the log data is not accidentally lost or deleted. Audit information stored in one location is vulnerable to accidental or incidental deletion or alteration. | ||||
| STIG | Date | |||
| Microsoft Windows Server 2019 Security Technical Implementation Guide | 2025-05-23 | |||
Details
Check Text (C-205799r958754_chk)
Determine if a process to back up log data to a different system or media than the system being audited has been implemented.
If it has not, this is a finding.
Fix Text (F-6064r355760_fix)
Establish and implement a process for backing up log data to another system or media other than the system being audited.