SRG-OS-000028-GPOS-00009 Controls

STIG ID Version Title Product
APPL-14-000001 V1R2 The macOS system must prevent Apple Watch from terminating a session lock.
APPL-14-000002 V1R2 The macOS system must enforce screen saver password.
APPL-14-000003 V1R2 The macOS system must enforce session lock no more than five seconds after screen saver is started.
APPL-14-002090 V1R2 The macOS system must disable TouchID for unlocking the device.
SLES-12-010060 V2R11 The SUSE operating system must be able to lock the graphical user interface (GUI).
SLES-12-010070 V2R11 The SUSE operating system must utilize vlock to allow for session locking.
RHEL-08-020030 V1R3 RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
RHEL-08-020040 V1R3 RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
RHEL-08-020041 V1R3 RHEL 8 must ensure session control is automatically started at shell initialization.
RHEL-08-020042 V1R3 RHEL 8 must prevent users from disabling session control mechanisms.
RHEL-08-020050 V1R3 RHEL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
RHEL-08-020039 V1R3 RHEL 8 must have the tmux package installed.
UBTU-20-010004 V1R12 The Ubuntu operating system must retain a user's session lock until that user reestablishes access using established identification and authentication procedures.
SLES-15-010100 V1R12 The SUSE operating system must be able to lock the graphical user interface (GUI).
SLES-15-010110 V1R12 The SUSE operating system must utilize vlock to allow for session locking.
WN11-CC-000365 V2R2 Windows 11 must be configured to prevent Windows apps from being activated by voice while the system is locked.
WN10-CC-000365 V3R2 Windows 10 must be configured to prevent Windows apps from being activated by voice while the system is locked.
WN19-SO-000120 V3R2 Windows Server 2019 machine inactivity limit must be set to 15 minutes or less, locking the system with the screen saver.
UBTU-22-271020 V2R2 Ubuntu 22.04 LTS must retain a user's session lock until that user reestablishes access using established identification and authentication procedures.
WN22-SO-000120 V1R4 Windows Server 2022 machine inactivity limit must be set to 15 minutes or less, locking the system with the screen saver.
RHEL-07-010060 V3R6 The Red Hat Enterprise Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.
RHEL-09-271045 V1R3 RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed.
RHEL-09-271050 V1R3 RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action.
RHEL-09-271055 V1R3 RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
RHEL-09-271060 V1R3 RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
RHEL-09-412020 V1R3 RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
OL08-00-020030 V1R3 OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for graphical user sessions.
OL08-00-020039 V1R3 OL 8 must have the tmux package installed.
OL08-00-020040 V1R3 OL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
OL08-00-020041 V1R3 OL 8 must ensure session control is automatically started at shell initialization.
OL08-00-020042 V1R3 OL 8 must prevent users from disabling session control mechanisms.
OL08-00-020043 V1R3 OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for command line sessions.
OL08-00-020050 V1R3 OL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
UBTU-18-010401 V2R11 The Ubuntu operating system must retain a users session lock until that user reestablishes access using established identification and authentication procedures.
OL07-00-010060 V2R11 The Oracle Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.