mirror of
https://github.com/usnistgov/macos_security.git
synced 2026-03-04 09:13:19 +00:00
42 lines
1022 B
YAML
42 lines
1022 B
YAML
id: sysprefs_time_server_enforce
|
|
title: "Enable macOS Time Synchronization Daemon (timed)"
|
|
discussion: |
|
|
The timed service _MUST_ be enabled on all networked systems and configured to set time automatically from the approved time server.
|
|
|
|
This rule ensures the uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.
|
|
check: |
|
|
/usr/bin/profiles -P -o stdout | /usr/bin/grep -c 'TMAutomaticTimeOnlyEnabled = 1'
|
|
result:
|
|
integer: 1
|
|
fix: |
|
|
This is implemented by a Configuration Profile.
|
|
references:
|
|
cce:
|
|
- CCE-84847-3
|
|
cci:
|
|
- CCI-001891
|
|
- CCI-002046
|
|
800-53r4:
|
|
- AU-8(1)
|
|
srg:
|
|
- SRG-OS-000355-GPOS-00143
|
|
- SRG-OS-000356-GPOS-00144
|
|
disa_stig:
|
|
- AOSX-14-000014
|
|
800-171r2:
|
|
- 3.3.7
|
|
macOS:
|
|
- "10.15"
|
|
tags:
|
|
- 800-171
|
|
- cnssi-1253
|
|
- fisma-moderate
|
|
- fisma-high
|
|
- STIG
|
|
mobileconfig: true
|
|
mobileconfig_info:
|
|
com.apple.ManagedClient.preferences:
|
|
com.apple.timed:
|
|
TMAutomaticTimeOnlyEnabled: true
|
|
|