Title

A secure time server must be referenced. (Cat III impact)

Discussion

Correct date and time settings are required for authentication protocols, like Kerberos. Incorrect date and time settings can cause security issues. Date and time preferences can be used to set the date and time based on a Network Time Protocol (NTP) server. If you require automatic date and time, use a trusted, internal NTP server.

Check Content

1. Open System Preferences->Date & Time Panel. 2. Ensure "Set date & time automatically" is selected. 3. In the box for the time server, ensure the URL is entered along with either the address of a valid federal government NTP server or address of a local domain controller.

Fix Text

1. Open System Preferences> Date & Time Panel. 2. Select "Set date & time automatically". 3. In the box for the time server, type either the URL or IP address of a valid federal government NTP server or local domain controller.

Additional Identifiers

Rule ID: SV-38530r1_rule

Vulnerability ID: V-25297

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.