STIGQter: STIG Summary: Apple OS X 10.14 (Mojave) Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS).

DISA Rule

SV-209533r610285_rule

Vulnerability Number

V-209533

Group Title

SRG-OS-000355-GPOS-00143

Rule Version

AOSX-14-000014

Severity

CAT II

CCI(s)

• CCI-002046 - The information system synchronizes the internal system clocks to the authoritative time source when the time difference is greater than the organization-defined time period.
• CCI-001891 - The information system compares internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.

Weight

10

Fix Recommendation

To enable the TIMED service, run the following command:

/usr/bin/sudo systemsetup -setusingnetworktime on

To configure a time server, use the following command:
/usr/bin/sudo systemsetup -setnetworktimeserver "server"

Check Contents

The TIMED (NTP replacement in Mojave) service must be enabled on all networked systems. To check if the service is running, use the following command:

sudo systemsetup -getusingnetworktime

If the following in not returned, this is a finding:
Network Time: On

To verify that an authorized Time Server is configured, run the following command:
systemsetup -getnetworktimeserver

Only approved time servers should be configured for use.

If no server is configured, or if an unapproved time server is in use, this is a finding.

Vulnerability Number

V-209533

Documentable

False

Rule Version

AOSX-14-000014

Severity Override Guidance

The TIMED (NTP replacement in Mojave) service must be enabled on all networked systems. To check if the service is running, use the following command:

sudo systemsetup -getusingnetworktime

If the following in not returned, this is a finding:
Network Time: On

To verify that an authorized Time Server is configured, run the following command:
systemsetup -getnetworktimeserver

Only approved time servers should be configured for use.

If no server is configured, or if an unapproved time server is in use, this is a finding.

Check Content Reference

M

Target Key

2930

Comments