Which of the following best explains why configuring Network Time Protocol (NTP) on all servers is critical for security operations in a distributed environment?
It increases available network bandwidth by optimizing packet size.
It prevents user password expiration, reducing help-desk ticket volume.
It compresses log files before they are forwarded to the SIEM, reducing storage usage.
It ensures that log timestamps are consistent, enabling accurate event correlation during incident response.
Consistent time provided by NTP ensures that log timestamps from different systems line up correctly, allowing security tools and analysts to reconstruct an accurate timeline of events during incident response. Without synchronized clocks, log entries may appear out of sequence, making correlation and root-cause analysis far more difficult. The other options describe benefits (increased bandwidth, log compression, preventing password expiration) that NTP does not provide.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is timestamp synchronization so important for incident response?
Open an interactive chat with Bash
What is Network Time Protocol (NTP) and how does it work?
Open an interactive chat with Bash
What are the risks of not using NTP in a distributed environment?