DoD STIGs – V-32436


Title: DBMS must conduct backups of system-level information per organization defined frequency that is consistent with recovery time and recovery point objectives.

Vulnerability ID: V-32436


IA Controls: None

Severity: medium

Description: Information system backup is a critical step in maintaining data assurance and availability.

System-level information includes: system-state information, operating system and application software, and licenses.

Backups shall be consistent with organizational recovery time and recovery point objectives.

Databases that do not backup information regularly risk the loss of that information in the event of a system failure. Most databases contain functionality to allow regular backups, it is important that this functionality is enabled and configured correctly to prevent data loss.

Check Text: Review DBMS backup configuration to determine that system level data is backed up in according with organization defined frequency. If the system level data of the DBMS is not backed up to the organization defined frequency, this is a finding.

Fix Text: Utilize a DBMS or third party product, to meet the requirement, of backing up system data according to the organization defined frequency.


Interpreting V-32436:

Coming Soon!

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.