Details

Recovery of a damaged or compromised system in a timely basis is difficult without a system information backup. A system backup will usually include sensitive information such as user accounts that could be used in an attack. As a valuable system resource, the system backup should be protected and stored in a physically secure location.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Implement data backup procedures that comply with DoD requirements.

Supportive Information

The following resource is also helpful.

• http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-6b.
• CAT|III
• CCI|CCI-000366
• Rule-ID|SV-29626r1_rule
• STIG-ID|1.013
• Vuln-ID|V-1076

Source

• Tenable.com/audits