The macOS system must enforce time synchronization.

STIG ID: APPL-14-000014  |  SRG: SRG-OS-000355-GPOS-00143 | Severity: medium |  CCI: CCI-001891,CCI-002046

Vulnerability Discussion

Time synchronization must be enforced on all networked systems.

This rule ensures the uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.

Satisfies: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144

Check

Verify the macOS system is configured to enforce time synchronization with the following command:

/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.timed')\
.objectForKey('TMAutomaticTimeOnlyEnabled').js
EOS

If the result is not "true", this is a finding.

Fix

Configure the macOS system to enforce time synchronization by installing the "com.apple.timed" configuration profile.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.