Theme

CCI|CCI-001133

Title

The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2009

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
3.074 - The system is not configured to force users to log off when their allowed logon hours expire.	Windows	DISA Windows Vista STIG v6r41
4.006 - Users must be forcibly disconnected when their logon hours expire.	Windows	DISA Windows Vista STIG v6r41
4.028 - The amount of idle time required before suspending a session must be properly set.	Windows	DISA Windows Vista STIG v6r41
5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMax	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveInterval	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.4 Ensure default user shell timeout is configured	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.046 - Terminal Services is not configured to set a time limit for disconnected sessions.	Windows	DISA Windows Vista STIG v6r41
5.047 - Terminal Services idle session time limit does not meet the requirement.	Windows	DISA Windows Vista STIG v6r41
AIX7-00-002105 - AIX must config the SSH idle timeout interval - ClientAliveCountMax	Unix	DISA STIG AIX 7.x v2r6
AIX7-00-002105 - AIX must config the SSH idle timeout interval - ClientAliveInterval	Unix	DISA STIG AIX 7.x v2r6
AIX7-00-003003 - AIX must set inactivity time-out on login sessions and terminate all login sessions after 10 minutes of inactivity - TIMEOUT	Unix	DISA STIG AIX 7.x v2r6
AIX7-00-003003 - AIX must set inactivity time-out on login sessions and terminate all login sessions after 10 minutes of inactivity - TMOUT	Unix	DISA STIG AIX 7.x v2r6
AOSX-13-000720 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000721 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000722 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0.	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less.	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.	Unix	DISA STIG Apple macOS 11 v1r6
APPL-11-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.	Unix	DISA STIG Apple macOS 11 v1r5
APPL-11-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0.	Unix	DISA STIG Apple macOS 11 v1r5
APPL-11-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0.	Unix	DISA STIG Apple macOS 11 v1r6
APPL-11-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less.	Unix	DISA STIG Apple macOS 11 v1r6
APPL-11-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less.	Unix	DISA STIG Apple macOS 11 v1r5
APPL-12-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.	Unix	DISA STIG Apple macOS 12 v1r4
APPL-12-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0.	Unix	DISA STIG Apple macOS 12 v1r4
APPL-12-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less.	Unix	DISA STIG Apple macOS 12 v1r4
Big Sur - Configure SSHD ClientAliveInterval option set to 900 or less	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Set Login Grace Time to 30 or Less	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Set SSHD Active Client Alive Maximum to Zero	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - exec-timeout	Cisco	DISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - exec-timeout	Cisco	DISA STIG Cisco IOS Router NDM v2r4
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server	Cisco	DISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server	Cisco	DISA STIG Cisco IOS Router NDM v2r4
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http timeout-policy	Cisco	DISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http timeout-policy	Cisco	DISA STIG Cisco IOS Router NDM v2r4
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line console	Cisco	DISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line default	Cisco	DISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server	Cisco	DISA STIG Cisco IOS XE Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server	Cisco	DISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http timeout	Cisco	DISA STIG Cisco IOS XE Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http timeout	Cisco	DISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line con	Cisco	DISA STIG Cisco IOS XE Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line con	Cisco	DISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line con	Cisco	DISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line vty	Cisco	DISA STIG Cisco IOS XE Switch NDM v2r4
CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - line vty	Cisco	DISA STIG Cisco NX-OS Switch NDM v2r3