The terminal or workstation must lock out after a maximum of 15 minutes of inactivity, requiring the account password to resume.
An XCCDF Rule
Description
<VulnDiscussion>If the system, workstation, or terminal does not lock the session after more than15 minutes of inactivity, requiring a password to resume operations, the system or individual data could be compromised by an alert intruder who could exploit the oversight.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Systems Programmer</Responsibility><IAControls>PESL-1</IAControls>
- ID
- SV-30029r2_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
The System Administrator will display the User Properties window and will ensure that the Verify timeout minutes are set to a maximum of 15.