STIGQter STIGQter: STIG Summary: ForeScout CounterACT NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

CounterACT must compare internal information systems clocks at least every 24 hours with an authoritative time server.

DISA Rule

SV-90947r1_rule

Vulnerability Number

V-76259

Group Title

SRG-APP-000371-NDM-000296

Rule Version

CACT-NM-000036

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure CounterACT to compare internal information system clocks at least every 24 hours with an authoritative time server.

1. Open an SSH session and authenticate to CounterACT command line.
2. Configure the NTP servers with the command "fstool ntp setup <ip address>".

Check Contents

Check the network device configuration to determine if the device compares internal information system clocks at least every 24 hours with an authoritative time server.

1. Open an SSH session and authenticate to the CounterACT command line.
2. Verify the configured NTP servers with the command "fstool ntp".
3. Run the "date" command to look at the current system time compared to the known good, Network Time Protocol (NTP) server time.

If the device does not compare internal information system clocks at least every 24 hours, this is a finding.

Vulnerability Number

V-76259

Documentable

False

Rule Version

CACT-NM-000036

Severity Override Guidance

Check the network device configuration to determine if the device compares internal information system clocks at least every 24 hours with an authoritative time server.

1. Open an SSH session and authenticate to the CounterACT command line.
2. Verify the configured NTP servers with the command "fstool ntp".
3. Run the "date" command to look at the current system time compared to the known good, Network Time Protocol (NTP) server time.

If the device does not compare internal information system clocks at least every 24 hours, this is a finding.

Check Content Reference

M

Target Key

3225

Comments