Capacity
CCI-000058
The information system provides the capability for users to directly initiate session lock mechanisms.
15
Rule
Severity: Medium
Enable GNOME3 Screensaver Lock After Idle Period
5
Rule
Severity: Medium
Install the screen Package
7
Rule
Severity: Medium
Enable the GNOME3 Screen Locking On Smartcard Removal
9
Rule
Severity: Medium
Install the tmux Package
8
Rule
Severity: Medium
Support session locking with tmux
3
Rule
Severity: Medium
Support session locking with tmux (not enforcing)
8
Rule
Severity: Medium
Configure the tmux Lock Command
8
Rule
Severity: Low
Prevent user from disabling the screen lock
4
Rule
Severity: Medium
Check that vlock is installed to allow session locking
1
Rule
Severity: Medium
The ALG providing user access control intermediary services must provide the capability for users to directly initiate a session lock.
1
Rule
Severity: Medium
The Mainframe Product must provide the capability for users to directly initiate a session lock.
1
Rule
Severity: Medium
The network device must be configured to enable network administrators to directly initiate a session lock.
1
Rule
Severity: Medium
Nutanix AOS must disconnect a session after 15 minutes of idle time for all connection types.
1
Rule
Severity: Medium
Multi-factor authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
1
Rule
Severity: Medium
The MDM server must provide the capability for users to directly initiate a session lock.
4
Rule
Severity: Medium
The macOS system must be configured to lock the user session when a smart token is removed.
2
Rule
Severity: Medium
The macOS system must configure user session lock when a smart token is removed.
1
Rule
Severity: Medium
The Ubuntu operating system must be configured for users to directly initiate a session lock for all connection types.
2
Rule
Severity: Medium
The Ubuntu operating system must allow users to directly initiate a session lock for all connection types.
1
Rule
Severity: Medium
The operating system must provide the capability for users to directly initiate a session lock for all connection types.
2
Rule
Severity: Medium
AIX must be configured to allow users to directly initiate a session lock for all connection types.
1
Rule
Severity: Medium
IBM z/OS must employ a session manager configured for users to directly initiate a session lock for all connection types.
1
Rule
Severity: Medium
IBM z/OS must employ a session manager for users to directly initiate a session lock for all connection types.
1
Rule
Severity: Medium
IBM z/OS must employ a session for users to directly initiate a session lock for all connection types.
2
Rule
Severity: Medium
The Oracle Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.
2
Rule
Severity: Medium
OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for graphical user sessions.
2
Rule
Severity: Medium
OL 8 must have the tmux package installed.
2
Rule
Severity: Medium
OL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
2
Rule
Severity: Medium
OL 8 must ensure session control is automatically started at shell initialization.
2
Rule
Severity: Low
OL 8 must prevent users from disabling session control mechanisms.
2
Rule
Severity: Medium
OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for command line sessions.
2
Rule
Severity: Medium
OL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
4
Rule
Severity: Medium
The SUSE operating system must be able to lock the graphical user interface (GUI).
4
Rule
Severity: Low
The SUSE operating system must utilize vlock to allow for session locking.
2
Rule
Severity: Medium
RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed.
2
Rule
Severity: Medium
RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action.
2
Rule
Severity: Medium
RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
2
Rule
Severity: Medium
RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
1
Rule
Severity: Medium
RHEL 9 must have the tmux package installed.
2
Rule
Severity: Medium
The operating system must provide the capability for users to directly initiate session lock mechanisms.
1
Rule
Severity: Medium
The VMM must provide the capability for users to directly initiate a session lock.
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must allow users to directly initiate a session lock for all connection types.
1
Rule
Severity: Medium
SLEM 5 must use vlock to allow for session locking.
1
Rule
Severity: Medium
Multifactor authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules