Tanium Operating System (TanOS) must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254859 | TANS-OS-000735 | SV-254859r866118_rule | Medium |
| Description |
|---|
| Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i.e., network disconnect). A logical session (for local, network, and remote access) is initiated whenever a user (or process acting on behalf of a user) accesses an organizational information system. Such user sessions can be terminated (and thus terminate user access) without terminating network sessions. |
| STIG | Date |
|---|---|
| Tanium 7.x Operating System on TanOS Security Technical Implementation Guide | 2022-10-31 |
Details
| Check Text ( C-58472r866116_chk ) |
|---|
| 1. Sign in to the TanOS console as a user with the tanadmin role. 2. Enter "A" to go to the "Appliance Configuration" menu. 3. Enter "A" to go to the "Security" menu. 4. Enter "X" to go to the "Advanced Security" menu. 5. Enter "5" to go to "Set Menu Timeout". 6. See the current setting for timeout, if this does not match the organizationally defined standard, this is a finding. |
| Fix Text (F-58416r866117_fix) |
|---|
| 1. Sign in to the TanOS console as a user with the tanadmin role. 2. Enter "A" to go to the "Appliance Configuration" menu. 3. Enter "A" to go to the "" menu. 4. Enter "X" to go to the "Advanced Security" menu. 5. Enter "5" to go to "Set Menu Timeout". 6. Enter the correct Timeout in seconds, and then press "Enter" to set the setting. |