Exam SY0-501 topic 1 question 530 discussion

Very simple explanation: Stratum is the distance you are from a reference clock. So a Stratum 0 device would be the reference clock and a Stratum 1 device would reference the Stratum 0 clock. Stratum 2 clocks reference Stratum 1 clocks, and so on. Therefore, the most secure method of time synchronization within this global organization is to set up a Stratum 0 clock internally and reference that clock, making any device referencing the Stratum 0 device a Stratum 1 device. As a reminder, NTP uses UDP port 123.

C and D are the same

Where is this in any SEC+ 501 material???

network+ question

The word stratum is not anywhere on Gibson's 501 book

This place is where the blind come to lead the blind….. You CANNOT synchronize to stratum 0 over a network. NTP servers cannot advertise themselves as stratum 0. A packet with stratum field set to 0 in a packet indicates an UNSPECIFIED or INVALID stratum. You can read the RFC yourself (https://tools.ietf.org/html/rfc5905 [see pg. 24]) or you can just circle jerk the incorrect answers. A computer that directly connects to a stratum 0 (ie. a stratum 1) CAN advertise time over a network which is why stratum 1 devices are referred to as “primary time servers”. Now ... options C and D are the same. Clearly one is supposed to be “internal” and the other “external”. The answer should be “The server should connect to internal Stratum 1 NTP servers for synchronization”

https://timetoolsltd.com/ntp/what-is-a-stratum-1-time-server/

Always and always and always sync your devices to an internal NTP server.

Stratum 0 devices cannot distribute time over a network, so you need a Stratum 1 time server to distribute time across Stratum 2 devices in your network. Unfortunately, the question doesn't give an internal Stratum 1 server as an option. Hence we have to assume the server in the question is the time server itself and that it needs to connect to an external Stratum 0 NTP server to obtain the time. Hence the answer is A. http://manuals.spectracom.com/SS/Content/_Global/Topics/NTP/NTP_Stratums.htm

In translation, the MOST safe NTP server is having your own in-network (internal) reference clock (stratum 0) interconnected globally, which means B is the answer.

A. The question states: "servers in a global organization", implies some of the servers are external (global). So external Stratum 0 NTP is probably necessary. The NTP Stratum model is a representation of the hierarchy of time servers in an NTP network, where the Stratum level (0-15) indicates the device's distance to the reference clock. Stratum 0 means a device is directly connected to e.g., a GPS antenna.

Answer is B: ..best practices for configuring your own NTP server ... 1) Use Public NTP for external hosts. 2) Configure your own Internal NTP hierarchical service for your network. It is possible to purchase Stratum 1 or Stratum 0 NTP appliances to use internally for less than the cost of a typical server. By setting up an internal NTP service on the latest revision of stable code and standardizing its use, the viability of time-based network attacks or processes that are dependent on time are harder to co-opt. The identification of the order of events in a compromise becomes easier because the times in the logs can now be systems of record. For law enforcement and other investigative agencies, accurate NTP services can be very constructive in evaluating evidence and sequencing a chain of events. https://insights.sei.cmu.edu/sei_blog/2017/04/best-practices-for-ntp-services.html