ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Active Directory Checklist, V1R1.2 Field Security Operations<br />
22 September 2006 Defense Information Systems Agency<br />
DS05.0280 Synch\Maint Audit Data Retention<br />
STIG ID \ V-Key DS05.0280 \ V0011766<br />
Severity Cat III<br />
Short Name Synch\Maint Audit Data Retention<br />
IA Controls ECRR-1<br />
MAC /Conf 1-CSP, 2-CSP, 3-CSP<br />
References AD STIG 2.3.3.5<br />
Long Name: Audit data from a synch\maint implementation is not retained for at least one<br />
year.<br />
Checks:<br />
Note: This check is Not Applicable if the audit data is collected in a Windows Event<br />
Log. [Windows audit retention is reviewed in the Windows Checklist.]<br />
• Interview the Application SA.<br />
• Obtain a copy of the site’s policy that addresses audit data retention.<br />
• Check that the policy addresses the retention requirement for the audit data from a<br />
synch\maint implementation.<br />
Alternatively review logs or other evidence that indicates audit data retention.<br />
• If the audit data is not retained for at least one year, then this is a Finding.<br />
UNCLASSIFIED<br />
3-18