Check: SRG-OS-000480-GPOS-00229
General Purpose Operating System SRG:
SRG-OS-000480-GPOS-00229
(in versions v3 r1 through v1 r6)
Title
The operating system must not allow an unattended or automatic logon to the system. (Cat I impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
If the operating system provides a public access service, such as a kiosk, this is not applicable. Verify the operating system does not allow an unattended or automatic logon to the system. If it does, this is a finding. Automatic logon as an authorized user allows access to any user with physical access to the operating system.
Fix Text
If the operating system provides a public access service, such as a kiosk, this is not applicable. Configure the operating system to not allow an unattended or automatic logon to the system. Automatic logon as an authorized user allows access to any user with physical access to the operating system.
Additional Identifiers
Rule ID: SV-203782r991591_rule
Vulnerability ID: V-203782
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |