| Testing Procedure | How Sheriff CSM Delivers | Sheriff CSM Instructions | Sheriff CSM Documentation |
| 10.4 Examine configuration standards and processes to verify that time-synchronization technology is implemented and kept current per PCI DSS Requirements 6.1 and 6.2. | Using Asset Discovery scan in Sheriff CSM confirms whether NTP is running on server. | Run an Asset Scan to verify presence of NTP service. | Running Asset Scans |
|
10.4.1.b Observe the time-related system-parameter settings for a sample of system components to verify: • Only the designated central time server(s) receives time signals from external sources, and time signals from external sources are based on International Atomic Time or UTC. • Where there is more than one designated time server, the designated central time server(s) peer with one another to keep accurate time. • Systems receive time only from designated central time server(s). | The Vulnerability Scan in Sheriff CSM can test system configuration settings to confirm that an NTP server has been configured. | Run a Vulnerability Scan to verify NTP settings are correct. | Performing Vulnerability Scans |
| 10.4.2.b Examine system configurations, time synchronization settings and logs, and processes to verify that any changes to time settings on critical systems are logged, monitored, and reviewed. | The Vulnerability Scan in Sheriff CSM can test system configuration settings to confirm that an NTP server has been configured. | Run Vulnerability Scan to verify NTP settings are correct. | Performing Vulnerability Scans |
| 10.5.5 Examine system settings, monitored files, and results from monitoring activities to verify the use of file-integrity monitoring or change-detection software on logs. | Sheriff CSM provides File Integrity Monitoring (FIM)through Sheriff HIDS. | Configure HIDS in Sheriff CSM to perform File Integrity Monitoring. | File Integrity Monitoring |