STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must synchronize internal application server clocks to an authoritative time source when the time difference is greater than the organization-defined time period.

DISA Rule

SV-204793r508029_rule

Vulnerability Number

V-204793

Group Title

SRG-APP-000372

Rule Version

SRG-APP-000372-AS-000212

Severity

CAT II

CCI(s)

• CCI-002046 - The information system synchronizes the internal system clocks to the authoritative time source when the time difference is greater than the organization-defined time period.

Weight

10

Fix Recommendation

Configure the application server to reset internal information system clocks when the time difference is greater than a defined time period with the authoritative time source.

Check Contents

Review application server documentation and configuration to determine if the application server is configured to reset internal information clocks when the difference is greater than a defined threshold with an authoritative time source.

If the application server cannot synchronize internal application server clocks to the authoritative time source when the time difference is greater than the organization-defined time period, this is a finding.

Vulnerability Number

V-204793

Documentable

False

Rule Version

SRG-APP-000372-AS-000212

Severity Override Guidance

Review application server documentation and configuration to determine if the application server is configured to reset internal information clocks when the difference is greater than a defined threshold with an authoritative time source.

If the application server cannot synchronize internal application server clocks to the authoritative time source when the time difference is greater than the organization-defined time period, this is a finding.

Check Content Reference

M

Target Key

2900

Comments