The mobile operating system must use internal system clocks to generate timestamps for audit records.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32971	SRG-OS-000055-MOS-000025	SV-43369r1_rule		Low

Description
Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Timestamps generated by the information system shall include both date and time. The time may be expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. The internal system clock is an acceptable source to ensure consistency of time across functions that use time to generate audit records.

Description

Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Timestamps generated by the information system shall include both date and time. The time may be expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC. The internal system clock is an acceptable source to ensure consistency of time across functions that use time to generate audit records.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41271r1_chk )
Examine the mobile operating system configuration to determine if the internal system clock is used to generate timestamps for audit records. If the internal system clock is not used to generate timestamps for audit records, this is a finding.

Fix Text (F-36885r1_fix)
Configure the operating system to use internal system clocks to generate timestamps for audit records.