Details
Problems with backup procedures or backup media may not be discovered until after a recovery is needed. Testing and verification of procedures provides the opportunity to discover oversights, conflicts, or other issues in the backup procedures or use of media designed to be used.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Design, document and implement backup testing and recovery verification procedures for the DBMS host and all individual database instances and either include or note the name, location, version and current revision date of any external documentation in the System Security Plan.
Include any requirements for documenting database backup and recovery testing and verification activities in the procedures.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Contingency Planning.This control applies to the following type of system Windows.
References
- 800-53|CP-9
- CAT|II
- Rule-ID|SV-24608r1_rule
- STIG-ID|DG0020-ORACLE11
- Vuln-ID|V-15129