CMMC v2.11 Practices

AU.L2-3.3.7  

Reference: CMMC v2.11

Family: AU

Level Introduced: 2

Title: Authoritative Time Source

Practice:
Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.

Further Discussion:
Each system must synchronize its time with a central time server to ensure that all systems are recording audit logs using the same time source. Reviewing audit logs from multiple systems can be a difficult task if time is not synchronized. Systems can be synchronized to a network device or directory service or configured manually.

Example
You are setting up several new computers on your company’s network, which contains CUI. You update the time settings on each machine to use the same authoritative time server on the internet [b,c]. When you review audit logs, all your machines will have synchronized time, which aids in any potential security investigations.

Potential Assessment Considerations
• Can the records’ time stamps map to Coordinated Universal Time (UTC), compare system clocks with authoritative Network Time Protocol (NTP) servers, and synchronize system clocks when the time difference is greater than 1 second [c]?
• Does the system synchronize internal system clocks on a defined frequency [c]?

This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.

This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.

Source: CMMC v2.11