nerdexam
Cisco

210-255 · Question #60

From a security perspective, why is it important to employ a clock synchronization protocol on a network?

The correct answer is C. to construct an accurate timeline of events when responding to an incident. Clock synchronization via NTP is a security control because it enables accurate log correlation and timeline reconstruction across systems during incident response.

Security Policies and Procedures

Question

From a security perspective, why is it important to employ a clock synchronization protocol on a network?

Options

  • Aso that everyone knows the local time
  • Bto ensure employees adhere to work schedule
  • Cto construct an accurate timeline of events when responding to an incident
  • Dto guarantee that updates are pushed out according to schedule

How the community answered

(26 responses)
  • B
    4% (1)
  • C
    92% (24)
  • D
    4% (1)

Why each option

Clock synchronization via NTP is a security control because it enables accurate log correlation and timeline reconstruction across systems during incident response.

Aso that everyone knows the local time

Knowing the local time is a user convenience feature and has no bearing on security posture or incident handling capability.

Bto ensure employees adhere to work schedule

Employee schedule adherence is an HR management concern and is entirely unrelated to the security function of clock synchronization protocols.

Cto construct an accurate timeline of events when responding to an incidentCorrect

NTP ensures all devices share a consistent clock, which is essential for correlating log entries across multiple systems during incident response. Without synchronized timestamps, reconstructing an accurate sequence of events is unreliable, making forensic analysis and attacker attribution difficult or impossible.

Dto guarantee that updates are pushed out according to schedule

Update scheduling is governed by patch management software and policies, not dependent on clock synchronization as a security control.

Concept tested: NTP clock synchronization for incident response forensics

Source: https://csrc.nist.gov/publications/detail/sp/800-92/final

Topics

#NTP#clock synchronization#log correlation#incident response timeline

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice