Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-003627
CCI
CCI|CCI-003627
Title
Disable accounts when the accounts have expired.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.40 UBTU-24-200260
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.78 UBTU-22-411035
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.274 RHEL-09-411050
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
APPL-14-003080 The macOS system must disable accounts after 35 days of inactivity.
Unix
DISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-15-003080 - The macOS system must disable accounts after 35 days of inactivity.
Unix
DISA Apple macOS 15 (Sequoia) STIG v1r4
JUEX-NM-000640 - The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.
Juniper
DISA Juniper EX Series Network Device Management v2r3
JUSX-DM-000095 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access.
Juniper
DISA Juniper SRX Services Gateway NDM v3r3
O19C-00-018700 - Oracle Database must disable accounts when the accounts have expired.
OracleDB
DISA Oracle Database 19c STIG v1r1 Database
OL07-00-010310 - The Oracle Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires - individuals, groups, roles, and devices if the password expires.
Unix
DISA Oracle Linux 7 STIG v3r3
OL08-00-020260 - The OL 8 system-auth file must disable access to the system for account identifiers (individuals, groups, roles, and devices) with 35 days of inactivity.
Unix
DISA Oracle Linux 8 STIG v2r5
OL08-00-020261 - The OL 8 password-auth file must disable access to the system for account identifiers (individuals, groups, roles, and devices) with 35 days of inactivity.
Unix
DISA Oracle Linux 8 STIG v2r5
OL09-00-003065 - OL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.
Unix
DISA Oracle Linux 9 STIG v1r2
RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
Unix
DISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-09-411050 - RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.
Unix
DISA Red Hat Enterprise Linux 9 STIG v2r4
SLES-12-010340 - The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.
Unix
DISA SLES 12 STIG v3r3
SLES-15-020050 - The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.
Unix
DISA SUSE Linux Enterprise Server 15 STIG v2r5
SOL-11.1-040280 - User accounts must be locked after 35 days of inactivity.
Unix
DISA Solaris 11 SPARC STIG v3r3
SOL-11.1-040280 - User accounts must be locked after 35 days of inactivity.
Unix
DISA Solaris 11 X86 STIG v3r3
UBTU-20-010409 - The Ubuntu operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.
Unix
DISA Canonical Ubuntu 20.04 LTS STIG v2r3
UBTU-22-411035 - Ubuntu 22.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.
Unix
DISA Canonical Ubuntu 22.04 LTS STIG v2r5
UBTU-24-200260 - Ubuntu 24.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.
Unix
DISA Canonical Ubuntu 24.04 LTS STIG v1r2
VCSA-80-000059 - The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.
VMware
DISA VMware vSphere 8.0 vCenter STIG v2r2
WN10-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity.
Windows
DISA Microsoft Windows 10 STIG v3r4
WN11-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity.
Windows
DISA Microsoft Windows 11 STIG v2r4
WN19-00-000190 - Windows Server 2019 outdated or unused accounts must be removed or disabled.
Windows
DISA Microsoft Windows Server 2019 STIG v3r4
WN22-00-000190 - Windows Server 2022 outdated or unused accounts must be removed or disabled.
Windows
DISA Microsoft Windows Server 2022 STIG v2r5