CCI|CCI-000057

Title

The information system initiates a session lock after the organization-defined time period of inactivity.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.8.9 Ensure GNOME Screensaver period of inactivity is configuredUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.10 Ensure screensaver lock-enabled is setUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.11 Ensure overriding the screensaver lock-delay setting is preventedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.12 Ensure session idle-delay settings is enforcedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.13 Ensure GNOME Idle activation is setUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.14 Ensure the screensaver idle-activation-enabled settingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.15 Ensure GNOME Lock Delay is configuredUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.006 - The system configuration is not set with a password-protected screen saver. - ScreenSaveActiveWindowsDISA Windows Vista STIG v6r41
5.006 - The system configuration is not set with a password-protected screen saver. - ScreenSaverIsSecureWindowsDISA Windows Vista STIG v6r41
5.006 - The system configuration is not set with a password-protected screen saver. - ScreenSaveTimeOutWindowsDISA Windows Vista STIG v6r41
AIX7-00-003000 - AIX must automatically lock after 15 minutes of inactivity in the CDE Graphical desktop environment - lockTimeoutUnixDISA STIG AIX 7.x v2r5
AIX7-00-003000 - AIX must automatically lock after 15 minutes of inactivity in the CDE Graphical desktop environment - saverTimeoutUnixDISA STIG AIX 7.x v2r5
AOSX-13-000010 - The macOS system must initiate a session lock after a 15-minute period of inactivity.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity.UnixDISA STIG Apple macOS 11 v1r6
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enforce Screen Saver TimeoutUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enforce Screen Saver TimeoutUnixNIST macOS Catalina v1.5.0 - All Profiles
Configuring an automatic logout for idle sessions - Configuration utilityF5Tenable F5 BIG-IP Best Practice Audit
Configuring an automatic logout for idle sessions - Console SessionsF5Tenable F5 BIG-IP Best Practice Audit
Configuring an automatic logout for idle sessions - SSHF5Tenable F5 BIG-IP Best Practice Audit
Configuring an automatic logout for idle sessions - TMSHF5Tenable F5 BIG-IP Best Practice Audit
DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - lifetime_minutesUnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - renewal_threshold_minutesUnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
F5BI-DM-000007 - The BIG-IP appliance must be configured to initiate a session lock after a 10-minute period of inactivity.F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
F5BI-LT-000141 - The BIG-IP Core implementation must be configured to initiate a session lock after a 15-minute period of inactivity when users are connected to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - *lockUnixDISA STIG Solaris 10 SPARC v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - *lockUnixDISA STIG Solaris 10 X86 v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - *timeoutUnixDISA STIG Solaris 10 SPARC v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - *timeoutUnixDISA STIG Solaris 10 X86 v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - dtsession*lockTimeoutUnixDISA STIG Solaris 10 SPARC v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - dtsession*lockTimeoutUnixDISA STIG Solaris 10 X86 v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - user lockUnixDISA STIG Solaris 10 SPARC v2r2
GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment - user lockUnixDISA STIG Solaris 10 X86 v2r2
GEN000500 - GUI desktops provided by the system must lock after 15 idle minutes and the must require users to re-authenticate to unlock.UnixDISA STIG AIX 6.1 v1r14