GEN000500 - GUI desktops provided by the system must lock after 15 idle minutes and the must require users to re-authenticate to unlock.

Information

If graphical desktop sessions do not lock the session after 15 minutes of inactivity, requiring re-authentication to resume operations, the system or individual data could be compromised by an alert intruder who could exploit the oversight. This requirement applies to graphical desktop environments provided by the system to locally attached displays and input devices, as well as, to graphical desktop environments provided to remote systems, including thin clients.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Consult vendor documentation to determine the settings required for the system to lock graphical desktop environments. Configure the system to lock graphical desktop environments after 15 minutes of inactivity and require re-authentication to resume operations.

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-11a., CAT|II, CCI|CCI-000057, Group-ID|V-4083, Rule-ID|SV-39096r1_rule, STIG-ID|GEN000500, Vuln-ID|V-4083

Plugin: Unix

Control ID: 5a4ad0f8a58a901a2041aae66ed7ccf33786b56b9b017ae3396749369c102a8f