Check: CISC-ND-001040
Cisco IOS XR Router NDM STIG:
CISC-ND-001040
(in versions v2 r5 through v1 r1)
Title
The Cisco router must record time stamps for audit records that meet a granularity of one second for a minimum degree of precision. (Cat II impact)
Discussion
Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the application include date and time. Granularity of time measurements refers to the degree of synchronization between information system clocks and reference clocks.
Check Content
Review the Cisco router configuration to verify that it is compliant with this requirement as shown in the example below. hostname R3 service timestamps log datetime localtime If the router is not configured to record time stamps that meet a granularity of one second, this is a finding.
Fix Text
Configure the Cisco router to record time stamps that meet a granularity of one second as shown in the example below. RP/0/0/CPU0:R3(config)#service timestamps log datetime localtime
Additional Identifiers
Rule ID: SV-216536r879748_rule
Vulnerability ID: V-216536
Group Title: SRG-APP-000375-NDM-000300
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001889 |
The information system records time stamps for audit records that meet organization-defined granularity of time measurement. |
Controls
Number | Title |
---|---|
AU-8 |
Time Stamps |