Description: System time should be synchronized between all systems in an environment. This is typically done by establishing an authoritative time server or set of servers and having all systems synchronize their clocks to them. Rationale: Time synchronization is important to support time sensitive security mechanisms like Kerberos and also ensures log files have consistent time records across the enterprise, which aids in forensic investigations. Audit: On physical systems or virtual systems where host based time synchronization is not available verify that chrony is installed. Run the following command to verify that chrony # rpm -q chrony chrony- On virtual systems where host based time synchronization is available consult your virtualization software documentation and verify that host based synchronization is in use. Remediation: On physical systems or virtual systems where host based time synchronization is not available install chrony: Run the folloing command to install chrony: # dnf install chrony On virtual systems where host based time synchronization is available consult your virtualization software documentation and setup host based synchronization. Notes: systemd-timesyncd is part of systemd. Some versions of systemd have been compiled without systemd-timesycnd. On these distributions, chrony or NTP should be used instead of systemd-timesycnd

[chrony]

On physical systems or virtual systems where host based time synchronization is not available install chrony: Run the folloing command to install chrony: # dnf install chrony On virtual systems where host based time synchronization is available consult your virtualization software documentation and setup host based synchronization.