Rule ID
SV-269533r1050416_rule
Version
V1R6
Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate. Synchronizing internal information system clocks provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network. Organizations should consider endpoints that may not have regular access to the authoritative time server (e.g., mobile, teleworking, and tactical endpoints). Satisfies: SRG-OS-000355-GPOS-00143, SRG-OS-000359-GPOS-00146
Verify the chronyd service is active with the following command: $ systemctl is-active chronyd active If the chronyd service is not active, this is a finding.
To enable the chronyd service run the following command: $ systemctl enable --now chronyd