Skip to content
Catalogs
XCCDF
Network Device Management Security Requirements Guide
SRG-APP-000005
The network device must retain the session lock until the administrator reestablishes access using established identification and authentication procedures.
The network device must retain the session lock until the administrator reestablishes access using established identification and authentication procedures. An XCCDF Rule
The network device must retain the session lock until the administrator reestablishes access using established identification and authentication procedures.
Medium Severity
<VulnDiscussion>A session lock is a temporary network device or administrator-initiated action taken when the administrator stops work but does not log out of the network device. Once invoked, the session lock shall remain in place until the administrator re-authenticates. No other system activity aside from re-authentication shall unlock the management session.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>