STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The applications must use internal system clocks to generate time stamps for audit records.

DISA Rule

SV-222497r508029_rule

Vulnerability Number

V-222497

Group Title

SRG-APP-000116

Rule Version

APSC-DV-001250

Severity

CAT II

CCI(s)

CCI-000159 - The information system uses internal system clocks to generate time stamps for audit records.

Weight

Fix Recommendation

Configure the application to use the hosting systems internal clock for audit record generation.

Check Contents

Review the system documentation and interview the application administrator for details regarding application architecture and logging configuration.

Identify the application components and the logs associated with the components.

Ensure the time written into the logs coincides with the OS timeclock.

Access random audit records and review the most recent logs.

Access the system OS hosting the application and use the related OS commands to determine the time of the system.

Perform an action in the application that causes a log event to be written and review the log to ensure the system times and the application log times correlate; compensating for any time delays that may have occurred between running the OS time command and running the application action.

If the application doesn't use the internal system clocks to generate time stamps for the audit event logs, this is a finding.

The applications must use internal system clocks to generate time stamps for audit records.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments