Automation Controller must compare internal application server clocks at least every 24 hours with an authoritative time source.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-256909 | APAS-AT-000093 | SV-256909r902297_rule | Medium |
| Description |
|---|
| When conducting forensic analysis and investigating system events, it is critical that timestamps accurately reflect the time of application events. If timestamps are not deemed to be accurate, the integrity of the forensic analysis and the associated determinations are at stake. This leaves the organization and the system vulnerable to intrusions. Satisfies: SRG-APP-000371-AS-000077, SRG-APP-000372-AS-000212 |
| STIG | Date |
|---|---|
| Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide | 2023-08-29 |
Details
| Check Text ( C-60584r902295_chk ) |
|---|
| As a system administrator for each Automation Controller host, ensure the NTP client is configured to synchronize to an organizationally defined NTP server: chronyc sources If the Automation Controller host is not configured to use an organizationally defined NTP server, this is a finding. Ensure the NTP time synchronization is operational: chronyc activity | head -n 1 | grep "200 OK" >/dev/null || echo "FAILED" sudo systemctl is-active chrony > /dev/null|| echo "FAILED" If "FAILED" is displayed, this is a finding. |
| Fix Text (F-60526r902296_fix) |
|---|
| As a system administrator, for each Automation Controller host, configure the NTP client to synchronize to an organizationally defined NTP server: vi /etc/chrony.conf Restart the Automation Controller host: $ shutdown -r |