ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization runs web applications on Amazon EC2 instances that forward operating-system and application logs to a central SIEM. During an incident response exercise, analysts discovered that events from different servers were difficult to correlate because their timestamps differed by several minutes. Which system-level logging configuration change on each instance will most effectively prevent this issue in the future?
Encrypt the local /var/log directory with a file-system encryption utility to prevent unauthorized access.
Enable log rotation to archive local log files once they reach a predefined size threshold.
Configure each instance to use a trusted NTP source and enforce automatic time synchronization at regular intervals.
Increase the log level to verbose so that additional context is captured for every event.
Accurate time is essential for meaningful log analysis. If each server's clock drifts independently, the timestamps written to local log files will be inconsistent, making sequence reconstruction and correlation across multiple hosts unreliable. Enabling the chrony or NTP client to synchronize every instance's system clock with an authoritative time source (for example, Amazon Time Sync Service or pool.ntp.org) keeps timestamps consistent. Log rotation, increased verbosity, or local disk encryption improve storage and security but do not address the fundamental problem of skewed time stamps that caused the analysts' difficulty. Therefore, configuring automated clock synchronization with a trusted NTP service is the most effective corrective action.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is NTP important for log synchronization?
Open an interactive chat with Bash
What alternatives exist to NTP for time synchronization?
Open an interactive chat with Bash
How does Amazon Time Sync Service work with EC2 instances?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .