The terminal or workstation must lock out after a maximum of 15 minutes of inactivity, requiring the account password to resume.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-24361 | HMC0150 | SV-30029r2_rule | PESL-1 | Medium |
| Description |
|---|
| If the system, workstation, or terminal does not lock the session after more than15 minutes of inactivity, requiring a password to resume operations, the system or individual data could be compromised by an alert intruder who could exploit the oversight. |
| STIG | Date |
|---|---|
| IBM Hardware Management Console (HMC) STIG | 2017-09-28 |
Details
| Check Text ( C-29864r1_chk ) |
|---|
| Have the System Administrator display the User Properties window on the Hardware Management Console and check that the timeout minutes are set to a maximum of 15. If the Verify Timeout minutes are set to more than 15, then this is a FINDING. |
| Fix Text (F-26748r1_fix) |
|---|
| The System Administrator will display the User Properties window and will ensure that the Verify timeout minutes are set to a maximum of 15. |