UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The application server must synchronize system clocks within and between systems or system components.


Overview

Finding ID Version Rule ID IA Controls Severity
V-263556 SRG-APP-000920-AS-000320 SV-263556r981720_rule Medium
Description
Time synchronization of system clocks is essential for the correct execution of many system services, including identification and authentication processes that involve certificates and time-of-day restrictions as part of access control. Denial of service or failure to deny expired credentials may result without properly synchronized clocks within and between systems and system components. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. The granularity of time measurements refers to the degree of synchronization between system clocks and reference clocks, such as clocks synchronizing within hundreds of milliseconds or tens of milliseconds. Organizations may define different time granularities for system components. Time service can be critical to other security capabilities such as access control and identification and authentication depending on the nature of the mechanisms used to support the capabilities.
STIG Date
Application Server Security Requirements Guide 2024-05-28

Details

Check Text ( C-67456r981718_chk )
Verify the application server synchronizes system clocks within and between systems or system components.

If the application server does not synchronize system clocks within and between systems or system components, this is a finding.
Fix Text (F-67364r981719_fix)
Configure the application server to synchronize system clocks within and between systems or system components.