nerdexam
Exams210-255Questions#60
Cisco

210-255 · Question #60

210-255 Question #60: Real Exam Question with Answer & Explanation

The correct answer is C: to construct an accurate timeline of events when responding to an incident. Clock synchronization via NTP is a security control because it enables accurate log correlation and timeline reconstruction across systems during incident response.

Question

From a security perspective, why is it important to employ a clock synchronization protocol on a network?

Options

  • Aso that everyone knows the local time
  • Bto ensure employees adhere to work schedule
  • Cto construct an accurate timeline of events when responding to an incident
  • Dto guarantee that updates are pushed out according to schedule

Explanation

Clock synchronization via NTP is a security control because it enables accurate log correlation and timeline reconstruction across systems during incident response.

Common mistakes.

  • A. Knowing the local time is a user convenience feature and has no bearing on security posture or incident handling capability.
  • B. Employee schedule adherence is an HR management concern and is entirely unrelated to the security function of clock synchronization protocols.
  • D. Update scheduling is governed by patch management software and policies, not dependent on clock synchronization as a security control.

Concept tested. NTP clock synchronization for incident response forensics

Reference. https://csrc.nist.gov/publications/detail/sp/800-92/final

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-255 Practice