← Back to General Purpose Operating System Security Requirements Guide

V-203711

CAT II (Medium)

The operating system must, for networked systems, compare internal information system clocks at least every 24 hours with an authoritative time source.

Rule ID

SV-203711r1038944_rule

STIG

General Purpose Operating System Security Requirements Guide

Version

V3R3

CCIs

CCI-004923

Discussion

Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate. Synchronizing internal information system clocks provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network. Organizations should consider endpoints that may not have regular access to the authoritative time server (e.g., mobile, teleworking, and tactical endpoints).

Check Content

Verify the operating system, for networked systems, compares internal information system clocks at least every 24 hours with an authoritative time source. 

If it does not, this is a finding.

Fix Text

Configure the operating system to, for networked systems, compare internal information system clocks at least every 24 hours with an authoritative time source.