CCI|CCI-000058

Title

The information system provides the capability for users to directly initiate session lock mechanisms.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-001100 - AIX must be configured to allow users to directly initiate a session lock for all connection types - /usr/bin/lockUnixDISA STIG AIX 7.x v2r5
AIX7-00-001100 - AIX must be configured to allow users to directly initiate a session lock for all connection types - /usr/bin/X11/xlockUnixDISA STIG AIX 7.x v2r5
AOSX-13-030014 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple macOS 11 v1r6
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
F5BI-LT-000143 - The BIG-IP Core implementation providing user access control intermediary services must provide the capability for users to directly initiate a session lock.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
OL6-00-000071 - The system must be configured so all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.UnixDISA STIG Oracle Linux 6 v2r6
OL6-00-000508 - The system must allow locking of graphical desktop sessions.UnixDISA STIG Oracle Linux 6 v2r6
OL07-00-010060 - The Oracle Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.UnixDISA Oracle Linux 7 STIG v2r7
OL08-00-020030 - OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for graphical user sessions.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020039 - OL 8 must have the tmux package installed.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020040 - OL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020041 - OL 8 must ensure session control is automatically started at shell initialization - processUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020041 - OL 8 must ensure session control is automatically started at shell initialization - tmux scriptUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020042 - OL 8 must prevent users from disabling session control mechanisms.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020043 - OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for command line sessions.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020050 - OL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.UnixDISA Oracle Linux 8 STIG v1r2
RHEL-06-000508 - The system must allow locking of graphical desktop sessions.UnixDISA Red Hat Enterprise Linux 6 STIG v2r2
SLES-12-010060 - The SUSE operating system must be able to lock the graphical user interface (GUI).UnixDISA SLES 12 STIG v2r6
SLES-12-010070 - The SUSE operating system must utilize vlock to allow for session locking.UnixDISA SLES 12 STIG v2r6
SLES-15-010100 - The SUSE operating system must be able to lock the graphical user interface (GUI).UnixDISA SLES 15 STIG v1r6
SLES-15-010110 - The SUSE operating system must utilize vlock to allow for session locking.UnixDISA SLES 15 STIG v1r6
SOL-11.1-040460 - The operating system must provide the capability for users to directly initiate session lock mechanisms.UnixDISA STIG Solaris 11 X86 v2r6
SOL-11.1-040460 - The operating system must provide the capability for users to directly initiate session lock mechanisms.UnixDISA STIG Solaris 11 SPARC v2r6
UBTU-16-010050 - All users must be able to directly initiate a session lock for all connection types.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010403 - The Ubuntu operating system must be configured for users to directly initiate a session lock for all connection types.UnixDISA STIG Ubuntu 18.04 LTS v2r7
UBTU-20-010005 - The Ubuntu operating system must allow users to directly initiate a session lock for all connection types.UnixDISA STIG Ubuntu 20.04 LTS v1r4