STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← SC-24 — Fail in Known State

CCI-001665

Definition

Preserve organization-defined system state information in the event of a system failure.

Parent Control

SC-24Fail in Known StateSystem and Communications Protection

Linked STIG Checks (67)

V-274000CAT IIAmazon Linux 2023 systemd-journald service must be enabled.Amazon Linux 2023 Security Technical Implementation Guide V-268107CAT IINixOS must have the packages required for offloading audit logs installed and running.Anduril NixOS Security Technical Implementation Guide V-204962CAT IIIn the event of a system failure of the ALG function, the ALG must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.Application Layer Gateway Security Requirements Guide V-222586CAT IIIn the event of a system failure, applications must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Application Security and Development Security Technical Implementation Guide V-237323CAT IThe ArcGIS Server must provide audit record generation capability for DoD-defined auditable events within all application components.ArcGIS for Server 10.3 Security Technical Implementation Guide V-272371CAT IIA BIND 9.x server implementation must be configured to allow DNS administrators to audit all DNS server components based on selectable event criteria and produce audit records within all DNS server components that contain information for failed security verification tests, information to establish the outcome and source of the events, any information necessary to determine cause of failure, and any information necessary to return to operations with least disruption to mission processes.BIND 9.x Security Technical Implementation Guide V-251616CAT IIIIDMS executing in a local mode batch environment must be able to manually recover or restore database areas affected by failed transactions.CA IDMS Security Technical Implementation Guide V-219160CAT IIThe Ubuntu operating system must be configured to preserve log records from failure events.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238353CAT IIThe Ubuntu operating system must be configured to preserve log records from failure events.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260588CAT IIUbuntu 22.04 LTS must be configured to preserve log records from failure events.Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-270653CAT IIUbuntu 24.04 LTS must be configured to preserve log records from failure events.Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide V-269428CAT IIAlmaLinux OS 9 systemd-journald service must be enabled.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-233123CAT IIThe container platform must preserve any information necessary to determine the cause of the disruption or failure.Container Platform Security Requirements Guide V-206569CAT IIIn the event of a system failure, the DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Database Security Requirements Guide V-205186CAT IIIn the event of a system failure, the DNS server implementation must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Domain Name System (DNS) Security Requirements Guide V-224177CAT IIIn the event of a system failure, the DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide V-259969CAT IIIn the event of a device failure, Enterprise Voice, Video, and Messaging Endpoints must preserve any information necessary to determine cause of failure and return to operations with least disruption to service.Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide V-260018CAT IIIn the event of a system failure, Enterprise Voice, Video, and Messaging Session Managers must be configured to preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide V-206698CAT IIIn the event of a system failure of the firewall function, the firewall must be configured to save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.Firewall Security Requirements Guide V-203677CAT IIIn the event of a system failure, the operating system must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.General Purpose Operating System Security Requirements Guide V-215407CAT IIIn the event of a system failure, AIX must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.IBM AIX 7.x Security Technical Implementation Guide V-213705CAT IIIn the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.IBM DB2 V10.5 LUW Security Technical Implementation Guide V-65239CAT IIIn the event of a system failure of the DataPower Gateway function, the DataPower Gateway must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.IBM DataPower ALG Security Technical Implementation Guide V-223546CAT IIIBM z/OS must specify SMF data options to assure appropriate activation.IBM z/OS ACF2 Security Technical Implementation Guide V-223769CAT IIIBM z/OS must specify SMF data options to assure appropriate activation.IBM z/OS RACF Security Technical Implementation Guide V-224001CAT IIIBM z/OS must specify SMF data options to ensure appropriate activation.IBM z/OS TSS Security Technical Implementation Guide V-214177CAT IIIn the event of a system failure, The Infoblox system must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Infoblox 7.x DNS Security Technical Implementation Guide V-233920CAT IIIn the event of a system failure, the Infoblox system must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Infoblox 8.x DNS Security Technical Implementation Guide V-34750CAT IIIn the event of a failure of the IDPS function, the IDPS must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-206885CAT IIIn the event of a failure of the IDPS function, the IDPS must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.Intrusion Detection and Prevention Systems Security Requirements Guide V-213773CAT IIIn the event of a system failure, SQL Server must preserve any information necessary to return to operations with least disruption to mission processes.MS SQL Server 2014 Database Security Technical Implementation Guide V-213910CAT IIIn the event of a system failure, hardware loss or disk failure, SQL Server must be able to restore necessary databases with least disruption to mission processes.MS SQL Server 2016 Database Security Technical Implementation Guide V-205519CAT IIIn the event of application failure, Mainframe Products must preserve any information necessary to determine the cause of failure and any information necessary to return to operations with the least disruption to mission processes.Mainframe Product Security Requirements Guide V-253709CAT IIIn the event of a system failure, MariaDB must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.MariaDB Enterprise 10.x Security Technical Implementation Guide V-271168CAT IIIn the event of a system failure, hardware loss or disk failure, SQL Server must be able to restore necessary databases with least disruption to mission processes.Microsoft SQL Server 2022 Database Security Technical Implementation Guide V-259412CAT IIIn the event of a system failure, the Windows DNS Server must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide V-260932CAT IIMKE must preserve any information necessary to determine the cause of the disruption or failure.Mirantis Kubernetes Engine Security Technical Implementation Guide V-221177CAT IIMongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide V-252141CAT IIMongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide V-219780CAT IIThe DBMS must preserve any organization-defined system state information in the event of a system failure.Oracle Database 11.2g Security Technical Implementation Guide V-220296CAT IIThe DBMS must preserve any organization-defined system state information in the event of a system failure.Oracle Database 12c Security Technical Implementation Guide V-270573CAT IIOracle Database must preserve any organization-defined system state information in the event of a system failure.Oracle Database 19c Security Technical Implementation Guide V-248628CAT IIOL 8 must disable kernel dumps unless needed.Oracle Linux 8 Security Technical Implementation Guide V-271739CAT IIOL 9 systemd-journald service must be enabled.Oracle Linux 9 Security Technical Implementation Guide V-281096CAT IIRHEL 10 must enable the systemd-journald service.Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281322CAT IIRHEL 10 must disable the kdump service.Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-257783CAT IIRHEL 9 systemd-journald service must be enabled.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-251241CAT IIIn the event of a system failure, Redis Enterprise DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Redis Enterprise 6.x Security Technical Implementation Guide V-275675CAT IIUbuntu OS must be configured to preserve log records from failure events.Riverbed NetIM OS Security Technical Implementation Guide V-206725CAT IIThe SDN controllers must be configured as a cluster in active/active or active/passive mode to preserve any information necessary to determine cause of a system failure and to maintain network operations with least disruption to workload processes and flows.SDN Controller Security Requirements Guide V-279187CAT IIIn the event of a system failure of the ALG function, the Edge SWG must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.Symantec Edge SWG ALG Security Technical Implementation Guide V-241061CAT IITanium must be configured in a High-Availability (HA) setup to ensure minimal loss of data and minimal disruption to mission processes in the event of a system failure.Tanium 7.0 Security Technical Implementation Guide V-234120CAT IIThe Tanium application must be configured in a High-Availability (HA) setup to ensure minimal loss of data and minimal disruption to mission processes in the event of a system failure.Tanium 7.3 Security Technical Implementation Guide V-254918CAT IIThe Tanium Server and Client applications must have logging enabled.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-253785CAT IIThe Tanium Server and Client applications must have logging enabled.Tanium 7.x Security Technical Implementation Guide V-252927CAT IIThe TOSS operating system must be configured to preserve log records from failure events.Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-282545CAT IIThe TOSS 5 systemd-journald service must be enabled.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-234410CAT IIIn the event of a system failure, the UEM server must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Unified Endpoint Management Server Security Requirements Guide V-240300CAT IIThe vRA PostgreSQL database must complete writing log entries prior to returning results.VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide V-239799CAT IIIn the event of a system failure, the vROps PostgreSQL DB must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide V-251729CAT IIIThe NSX-T Distributed Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).VMware NSX-T Distributed Firewall Security Technical Implementation Guide V-251734CAT IIThe NSX-T Controller must be configured as a cluster in active/active mode to preserve any information necessary to determine cause of a system failure and to maintain network operations with least disruption to workload processes and flows.VMware NSX-T SDN Controller Security Technical Implementation Guide V-251765CAT IIThe NSX-T Tier-1 Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).VMware NSX-T Tier 1 Gateway Firewall Security Technical Implementation Guide V-251740CAT IIThe NSX-T Tier-1 Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).VMware NSX-T Tier-0 Gateway Firewall Security Technical Implementation Guide V-256604CAT IIVMware Postgres must write log entries to disk prior to returning operation success or failure.VMware vSphere 7.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide V-259179CAT IIThe vCenter PostgreSQL service must write log entries to disk prior to returning operation success or failure.VMware vSphere 8.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide V-207426CAT IIIn the event of a system failure, the VMM must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.Virtual Machine Manager Security Requirements Guide