STIGQter: STIG Summary: Apple OS X 10.15 (Catalina) Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 23 Apr 2021:

The macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS).

DISA Rule

SV-225128r610901_rule

Vulnerability Number

V-225128

Group Title

SRG-OS-000355-GPOS-00143

Rule Version

AOSX-15-000014

Severity

CAT II

CCI(s)

• CCI-001891 - The information system compares internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.
• CCI-002046 - The information system synchronizes the internal system clocks to the authoritative time source when the time difference is greater than the organization-defined time period.

Weight

10

Fix Recommendation

To enable the TIMED service, run the following command:

/usr/bin/sudo systemsetup -setusingnetworktime on

To configure a time server, use the following command:

/usr/bin/sudo systemsetup -setnetworktimeserver "server"

Check Contents

The TIMED (NTP replacement in Mojave) service must be enabled on all networked systems. To check if the service is running, use the following command:

# sudo systemsetup -getusingnetworktime

If the following in not returned, this is a finding:
Network Time: On

To verify that an authorized Time Server is configured, run the following command:
# sudo systemsetup -getnetworktimeserver

Only approved time servers should be configured for use.

If no server is configured, or if an unapproved time server is in use, this is a finding.

Vulnerability Number

V-225128

Documentable

False

Rule Version

AOSX-15-000014

Severity Override Guidance

The TIMED (NTP replacement in Mojave) service must be enabled on all networked systems. To check if the service is running, use the following command:

# sudo systemsetup -getusingnetworktime

If the following in not returned, this is a finding:
Network Time: On

To verify that an authorized Time Server is configured, run the following command:
# sudo systemsetup -getnetworktimeserver

Only approved time servers should be configured for use.

If no server is configured, or if an unapproved time server is in use, this is a finding.

Check Content Reference

M

Target Key

4212

Comments