CCI|CCI-000058

Title

The information system provides the capability for users to directly initiate session lock mechanisms.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-001100 - AIX must be configured to allow users to directly initiate a session lock for all connection types.UnixDISA STIG AIX 7.x v3r1
AOSX-13-030014 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple macOS 11 v1r8
APPL-12-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-000005 - The macOS system must be configured to lock the user session when a smart token is removed.UnixDISA STIG Apple macOS 13 v1r4
APPL-14-000005 - The macOS system must configure user session lock when a smart token is removed.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Configure User Session Lock When a Smart Token is RemovedUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
OL6-00-000508 - The system must allow locking of graphical desktop sessions.UnixDISA STIG Oracle Linux 6 v2r7
OL07-00-010060 - The Oracle Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.UnixDISA Oracle Linux 7 STIG v2r14
OL08-00-020030 - OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for graphical user sessions.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020039 - OL 8 must have the tmux package installed.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020040 - OL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020041 - OL 8 must ensure session control is automatically started at shell initialization.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020042 - OL 8 must prevent users from disabling session control mechanisms.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020043 - OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for command line sessions.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020050 - OL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.UnixDISA Oracle Linux 8 STIG v2r2
RHEL-06-000508 - The system must allow locking of graphical desktop sessions.UnixDISA Red Hat Enterprise Linux 6 STIG v2r2
RHEL-09-271045 - RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-271050 - RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-271055 - RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-271060 - RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
SLES-12-010060 - The SUSE operating system must be able to lock the graphical user interface (GUI).UnixDISA SLES 12 STIG v2r13
SLES-12-010070 - The SUSE operating system must utilize vlock to allow for session locking.UnixDISA SLES 12 STIG v2r13
SLES-15-010100 - The SUSE operating system must be able to lock the graphical user interface (GUI).UnixDISA SLES 15 STIG v2r2
SLES-15-010110 - The SUSE operating system must utilize vlock to allow for session locking.UnixDISA SLES 15 STIG v2r2
UBTU-16-010050 - All users must be able to directly initiate a session lock for all connection types.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010403 - The Ubuntu operating system must be configured for users to directly initiate a session lock for all connection types.UnixDISA STIG Ubuntu 18.04 LTS v2r15