Check: CACI-ND-000001
Cisco ACI NDM STIG:
CACI-ND-000001
(in version v1 r1)
Title
The Cisco ACI must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). (Cat II impact)
Discussion
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in UTC or local time with an offset from UTC.
Check Content
1. Navigate to System>> System Setting. 2. In the Navigation pane, click "Date and Time". 3. Verify UTC is selected. If the Cisco ACI is not configured to use the UTC time zone, this is a finding.
Fix Text
Configure NTP servers to provide UTC time. 1. Navigate to System >> System Setting. 2. In the Navigation pane, click "Date and Time". 3. In the Work pane, choose "Display Format, then click "UTC". 4. Click "Update".
Additional Identifiers
Rule ID: SV-271916r1114201_rule
Vulnerability ID: V-271916
Group Title: SRG-APP-000374-NDM-000299
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001890 |
Record time stamps for audit records that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp. |
Controls
| Number | Title |
|---|---|
| AU-8 |
Time Stamps |