Check: CACI-ND-000001
Cisco ACI NDM STIG:
CACI-ND-000001
(in version v1 r2)
Title
The Cisco ACI must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). (Cat II impact)
Discussion
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in UTC or local time with an offset from UTC.
Check Content
1. Navigate to System >> Settings. 2. In the Navigation pane, click "Date and Time". 3. Verify UTC is selected. If the Cisco ACI is not configured to use the UTC time zone, this is a finding.
Fix Text
Configure NTP servers to provide UTC time. 1. Navigate to System >> Settings. 2. In the Navigation pane, click "Date and Time". 3. In the Work pane, choose "Display Format, then click "UTC". 4. Click "Update".
Additional Identifiers
Rule ID: SV-271916r1168349_rule
Vulnerability ID: V-271916
Group Title: SRG-APP-000374-NDM-000299
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001890 |
Record time stamps for audit records that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp. |
Controls
| Number | Title |
|---|---|
| AU-8 |
Time Stamps |