Which of the following best explains why configuring Network Time Protocol (NTP) on all servers is critical for security operations in a distributed environment?
It ensures that log timestamps are consistent, enabling accurate event correlation during incident response.
It increases available network bandwidth by optimizing packet size.
It compresses log files before they are forwarded to the SIEM, reducing storage usage.
It prevents user password expiration, reducing help-desk ticket volume.
Consistent time provided by NTP ensures that log timestamps from different systems line up correctly, allowing security tools and analysts to reconstruct an accurate timeline of events during incident response. Without synchronized clocks, log entries may appear out of sequence, making correlation and root-cause analysis far more difficult. The other options describe benefits (increased bandwidth, log compression, preventing password expiration) that NTP does not provide.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Network Time Protocol (NTP)?
Open an interactive chat with Bash
Why is synchronized time important for log correlation?
Open an interactive chat with Bash
What are some potential issues caused by unsynchronized clocks on a network?