STIGQter STIGQter: STIG Summary: Apple macOS 11 (Big Sur) Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS).

DISA Rule

SV-230753r599842_rule

Vulnerability Number

V-230753

Group Title

SRG-OS-000355-GPOS-00143

Rule Version

APPL-11-000014

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

To enable the TIMED service, run the following command:

/usr/bin/sudo systemsetup -setusingnetworktime on

To configure a time server, use the following command:

/usr/bin/sudo systemsetup -setnetworktimeserver "server"

Check Contents

The TIMED (NTP replacement in Big Sur) service must be enabled on all networked systems. To check if the service is running, use the following command:

sudo systemsetup -getusingnetworktime

If the following in not returned, this is a finding:
Network Time: On

To verify that an authorized Time Server is configured, run the following command:
sudo systemsetup -getnetworktimeserver

Only approved time servers should be configured for use.

If no server is configured, or if an unapproved time server is in use, this is a finding.

Vulnerability Number

V-230753

Documentable

False

Rule Version

APPL-11-000014

Severity Override Guidance

The TIMED (NTP replacement in Big Sur) service must be enabled on all networked systems. To check if the service is running, use the following command:

sudo systemsetup -getusingnetworktime

If the following in not returned, this is a finding:
Network Time: On

To verify that an authorized Time Server is configured, run the following command:
sudo systemsetup -getnetworktimeserver

Only approved time servers should be configured for use.

If no server is configured, or if an unapproved time server is in use, this is a finding.

Check Content Reference

M

Target Key

5246

Comments