STIGQter STIGQter: STIG Summary: Active Directory Domain Security Technical Implementation Guide (STIG) Version: 2 Release: 13 Benchmark Date: 26 Apr 2019:

Active Directory implementation information must be added to the organization contingency plan where the Risk Management Framework categorization for Availability is moderate or high.

DISA Rule

SV-30995r4_rule

Vulnerability Number

V-8525

Group Title

Directory Service Architecture DR Documentation

Rule Version

DS00.6120_AD

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Update the disaster recovery plans to include the AD hierarchy structure for domains with an Availability categorization of moderate or high.

Check Contents

Determine the Availability categorization information for the domain.
If the Availability categorization of the domain is low, this is NA.
If the Availability categorization of the domain is moderate or high, verify the organization's disaster recovery plans includes documentation on the AD hierarchy (forest, tree and domain structure).
(A chart showing forest hierarchy and domain names is the minimum suggested.)

If the disaster recovery plans do not include directory hierarchy information, this is a finding.

Vulnerability Number

V-8525

Documentable

False

Rule Version

DS00.6120_AD

Severity Override Guidance

Determine the Availability categorization information for the domain.
If the Availability categorization of the domain is low, this is NA.
If the Availability categorization of the domain is moderate or high, verify the organization's disaster recovery plans includes documentation on the AD hierarchy (forest, tree and domain structure).
(A chart showing forest hierarchy and domain names is the minimum suggested.)

If the disaster recovery plans do not include directory hierarchy information, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

870

Comments