Navigate

Check: CSCO-NM-000240

Cisco ISE NDM STIG: CSCO-NM-000240 (in versions v2 r2 through v1 r1)

Title

The Cisco ISE must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). (Cat II impact)

Discussion

If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT).

Check Content

1. View the clock setting. show clock 2. Verify the clock is set to use UTC. If the Cisco ISE does not use UTC, this is a finding.

Fix Text

Change the clock to UTC using the CLI. clock timezone UTC

Additional Identifiers

Rule ID: SV-242630r961443_rule

Vulnerability ID: V-242630

Group Title: SRG-APP-000374-NDM-000299

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001890	Record time stamps for audit records that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AU-8	Time Stamps