210-255 · Question #60
From a security perspective, why is it important to employ a clock synchronization protocol on a network?
The correct answer is C. to construct an accurate timeline of events when responding to an incident. Clock synchronization via NTP is a security control because it enables accurate log correlation and timeline reconstruction across systems during incident response.
Question
From a security perspective, why is it important to employ a clock synchronization protocol on a network?
Options
- Aso that everyone knows the local time
- Bto ensure employees adhere to work schedule
- Cto construct an accurate timeline of events when responding to an incident
- Dto guarantee that updates are pushed out according to schedule
How the community answered
(26 responses)- B4% (1)
- C92% (24)
- D4% (1)
Why each option
Clock synchronization via NTP is a security control because it enables accurate log correlation and timeline reconstruction across systems during incident response.
Knowing the local time is a user convenience feature and has no bearing on security posture or incident handling capability.
Employee schedule adherence is an HR management concern and is entirely unrelated to the security function of clock synchronization protocols.
NTP ensures all devices share a consistent clock, which is essential for correlating log entries across multiple systems during incident response. Without synchronized timestamps, reconstructing an accurate sequence of events is unreliable, making forensic analysis and attacker attribution difficult or impossible.
Update scheduling is governed by patch management software and policies, not dependent on clock synchronization as a security control.
Concept tested: NTP clock synchronization for incident response forensics
Source: https://csrc.nist.gov/publications/detail/sp/800-92/final
Topics
Community Discussion
No community discussion yet for this question.